$ rpki-client -vvf rpki.apnic.net/member_repository/A917E678/BEB333FA225111EAB2CB8469C4F9AE02/69FDEAC6645511EFB98C143DC4F9AE02.roa File: 69FDEAC6645511EFB98C143DC4F9AE02.roa (raw, json) Hash identifier: NGxmbMIv3Jo6GohNdhpTu9H0Oo/Rl07KFseAe1bybGk= Subject key identifier: 17:83:79:5E:F3:44:84:D5:58:6A:99:E0:54:B4:B8:DD:D4:86:AA:7A Certificate issuer: /CN=A917E678/serialNumber=FF3341972DD8A1F6871EDE869A3A1DD92528AEB6 Certificate serial: 0C98 Authority key identifier: FF:33:41:97:2D:D8:A1:F6:87:1E:DE:86:9A:3A:1D:D9:25:28:AE:B6 Authority info access: rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/_zNBly3YofaHHt6Gmjod2SUorrY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917E678/BEB333FA225111EAB2CB8469C4F9AE02/69FDEAC6645511EFB98C143DC4F9AE02.roa Signing time: Fri 28 Feb 2025 06:30:02 +0000 ROA not before: Fri 28 Feb 2025 06:30:02 +0000 ROA not after: Tue 30 Sep 2025 00:00:00 +0000 asID: 141180 IP address blocks: 87.119.2.0/24 maxlen: 24 87.119.3.0/24 maxlen: 24 87.119.4.0/24 maxlen: 24 87.119.5.0/24 maxlen: 24 87.119.6.0/24 maxlen: 24 87.119.7.0/24 maxlen: 24 87.119.8.0/24 maxlen: 24 87.119.10.0/24 maxlen: 24 87.119.11.0/24 maxlen: 24 87.119.13.0/24 maxlen: 24 87.119.14.0/24 maxlen: 24 87.119.15.0/24 maxlen: 24 87.119.16.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917E678/BEB333FA225111EAB2CB8469C4F9AE02/_zNBly3YofaHHt6Gmjod2SUorrY.crl rsync://rpki.apnic.net/member_repository/A917E678/BEB333FA225111EAB2CB8469C4F9AE02/_zNBly3YofaHHt6Gmjod2SUorrY.mft rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/_zNBly3YofaHHt6Gmjod2SUorrY.cer rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.crl rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 19 Mar 2025 16:52:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3224 (0xc98) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917E678 Validity Not Before: Feb 28 06:30:02 2025 GMT Not After : Sep 30 00:00:00 2025 GMT Subject: CN=67c157ea-5e3f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:a7:4b:3a:5c:52:b9:be:e2:b9:48:9b:5e:a1: e0:96:f8:ae:d9:e6:36:ca:f9:6a:16:b7:ff:43:5d: 8c:fd:0f:43:ac:12:38:ed:86:fa:91:87:c1:96:83: 00:07:f9:07:81:51:60:32:6c:86:d2:fd:56:2f:63: 7c:07:eb:14:b6:54:69:7b:61:ec:ba:7e:c1:c3:cb: d8:de:76:1a:90:7a:4f:57:49:62:74:35:d8:02:9e: ca:ef:5a:cf:b5:ac:5e:80:f3:d5:7a:b7:1a:a4:73: 07:a6:76:5e:76:9c:30:da:84:d4:d9:06:69:4e:49: 80:bd:19:be:dd:32:f5:cc:cf:51:40:17:e0:67:b4: 84:9c:48:29:33:df:28:05:49:a0:3d:e5:95:5c:d6: 19:98:2c:60:e2:91:23:14:61:8c:fa:e9:a5:fe:d1: 73:0e:ca:0d:db:25:57:a3:01:ae:a4:bb:12:4a:f2: b3:0e:67:44:cc:56:6d:48:0f:4e:98:47:d1:d3:11: ca:f9:31:f2:1a:0d:1c:f7:00:ab:8d:9d:00:c3:c9: 68:76:d9:f8:0f:8a:2d:dd:39:e9:06:12:87:3c:e6: 85:ac:4d:90:98:85:fe:31:be:2c:8c:b7:27:89:d5: ad:ae:d5:5d:23:79:8d:c5:10:aa:55:2d:2b:e3:91: 18:53 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 17:83:79:5E:F3:44:84:D5:58:6A:99:E0:54:B4:B8:DD:D4:86:AA:7A X509v3 Authority Key Identifier: keyid:FF:33:41:97:2D:D8:A1:F6:87:1E:DE:86:9A:3A:1D:D9:25:28:AE:B6 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917E678/BEB333FA225111EAB2CB8469C4F9AE02/_zNBly3YofaHHt6Gmjod2SUorrY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/_zNBly3YofaHHt6Gmjod2SUorrY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917E678/BEB333FA225111EAB2CB8469C4F9AE02/69FDEAC6645511EFB98C143DC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 87.119.2.0-87.119.8.255 87.119.10.0/23 87.119.13.0-87.119.16.255 Signature Algorithm: sha256WithRSAEncryption 86:8f:03:23:24:c4:ce:24:ed:43:98:35:51:ff:c7:04:f4:2f: 75:29:ab:4b:a0:ef:ab:09:95:dd:27:f7:8c:9a:90:b2:01:e9: 2c:0e:eb:84:43:f4:b1:be:61:38:80:d0:9a:86:d9:e5:9a:7b: 43:19:ef:60:65:ea:6b:7b:a9:1e:a7:cb:ee:ba:bb:54:df:92: 10:cf:d5:09:87:5c:f4:77:6c:57:e6:0a:61:a1:6b:48:91:e1: 66:cd:44:52:41:fb:75:09:85:d2:c4:53:01:29:05:6f:06:f8: d4:3d:25:79:7e:88:fb:b7:45:02:98:7c:3a:42:7a:9f:0e:65: 90:30:8d:58:7c:73:be:d4:f0:26:75:23:50:6c:e6:8f:bf:e8: 36:1c:51:99:67:7e:2e:be:0e:b3:11:f2:74:0a:ee:4f:02:9f: 5d:11:a6:e3:d2:95:eb:cf:b0:2e:c4:7c:ee:00:30:26:f1:1f: 2e:f3:77:5b:d1:e3:3f:28:fa:04:aa:69:12:f9:29:70:5f:3d: c6:41:04:56:a7:8a:b3:f9:fb:3b:eb:4b:45:30:ea:0f:f3:17: 0b:0c:b0:e5:4f:d3:ba:dd:aa:00:f4:f5:5c:41:fb:44:3a:61: e8:a0:94:be:3d:03:a5:89:a5:dd:97:df:b5:29:ea:82:e0:6a: fa:db:fe:c2 -----BEGIN CERTIFICATE----- MIIFjTCCBHWgAwIBAgICDJgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0U2NzgxMTAvBgNVBAUTKEZGMzM0MTk3MkREOEExRjY4NzFFREU4NjlBM0ExREQ5 MjUyOEFFQjYwHhcNMjUwMjI4MDYzMDAyWhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD VQQDEw02N2MxNTdlYS01ZTNmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAy6dLOlxSub7iuUibXqHglviu2eY2yvlqFrf/Q12M/Q9DrBI47Yb6kYfBloMA B/kHgVFgMmyG0v1WL2N8B+sUtlRpe2Hsun7Bw8vY3nYakHpPV0lidDXYAp7K71rP taxegPPVercapHMHpnZedpww2oTU2QZpTkmAvRm+3TL1zM9RQBfgZ7SEnEgpM98o BUmgPeWVXNYZmCxg4pEjFGGM+uml/tFzDsoN2yVXowGupLsSSvKzDmdEzFZtSA9O mEfR0xHK+THyGg0c9wCrjZ0Aw8lodtn4D4ot3TnpBhKHPOaFrE2QmIX+Mb4sjLcn idWtrtVdI3mNxRCqVS0r45EYUwIDAQABo4ICsTCCAq0wHQYDVR0OBBYEFBeDeV7z RITVWGqZ4FS0uN3Uhqp6MB8GA1UdIwQYMBaAFP8zQZct2KH2hx7ehpo6HdklKK62 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3RTY3OC9CRUIzMzNGQTIy NTExMUVBQjJDQjg0NjlDNEY5QUUwMi9fek5CbHkzWW9mYUhIdDZHbWpvZDJTVW9y clkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzMjJBNUY0MUQ2NjExRTJBM0YyN0Y3Qzcy RkQxRkYyL196TkJseTNZb2ZhSEh0Nkdtam9kMlNVb3JyWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx N0U2NzgvQkVCMzMzRkEyMjUxMTFFQUIyQ0I4NDY5QzRGOUFFMDIvNjlGREVBQzY2 NDU1MTFFRkI5OEMxNDNEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOwYIKwYBBQUHAQcBAf8E LDAqMCgEAgABMCIwDAMEAVd3AgMEAFd3CAMEAVd3CjAMAwQAV3cNAwQAV3cQMA0G CSqGSIb3DQEBCwUAA4IBAQCGjwMjJMTOJO1DmDVR/8cE9C91KatLoO+rCZXdJ/eM mpCyAeksDuuEQ/SxvmE4gNCahtnlmntDGe9gZepre6kep8vuurtU35IQz9UJh1z0 d2xX5gphoWtIkeFmzURSQft1CYXSxFMBKQVvBvjUPSV5foj7t0UCmHw6QnqfDmWQ MI1YfHO+1PAmdSNQbOaPv+g2HFGZZ34uvg6zEfJ0Cu5PAp9dEabj0pXrz7AuxHzu ADAm8R8u83db0eM/KPoEqmkS+SlwXz3GQQRWp4qz+fs760tFMOoP8xcLDLDlT9O6 3aoA9PVcQftEOmHooJS+PQOliaXdl9+1KeqC4Gr62/7C -----END CERTIFICATE-----Generated at Thu Mar 13 21:51:45 2025 by rpki-client