$ rpki-client -vvf rpki.apnic.net/member_repository/A917ED5C/B56422D0860811EA92999571C4F9AE02/2BF73076743511EFA2B5387BC4F9AE02.roa File: 2BF73076743511EFA2B5387BC4F9AE02.roa (raw, json) Hash identifier: fn1jqjxqCh737pM4aqILOr2DLnAcEUyiofuRC8Tjc3s= Subject key identifier: 0D:D1:C3:AE:2A:28:B8:A1:DC:EB:75:2B:94:DF:2A:DA:32:0C:6D:6E Certificate issuer: /CN=A917ED5C/serialNumber=6FD2E1FE04EAFF9027CE5313150BE84DE11CA1A5 Certificate serial: 0EC3 Authority key identifier: 6F:D2:E1:FE:04:EA:FF:90:27:CE:53:13:15:0B:E8:4D:E1:1C:A1:A5 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/b9Lh_gTq_5AnzlMTFQvoTeEcoaU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917ED5C/B56422D0860811EA92999571C4F9AE02/2BF73076743511EFA2B5387BC4F9AE02.roa Signing time: Thu 22 May 2025 20:07:23 +0000 ROA not before: Thu 22 May 2025 20:07:23 +0000 ROA not after: Thu 30 Jul 2026 00:00:00 +0000 asID: 151814 IP address blocks: 2406:840:9400::/40 maxlen: 48 2406:840:c600::/40 maxlen: 48 2406:840:e400::/40 maxlen: 48 2406:840:f500::/40 maxlen: 48 2406:840:fec0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917ED5C/B56422D0860811EA92999571C4F9AE02/b9Lh_gTq_5AnzlMTFQvoTeEcoaU.crl rsync://rpki.apnic.net/member_repository/A917ED5C/B56422D0860811EA92999571C4F9AE02/b9Lh_gTq_5AnzlMTFQvoTeEcoaU.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/b9Lh_gTq_5AnzlMTFQvoTeEcoaU.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 09 Jun 2025 20:11:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3779 (0xec3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917ED5C, serialNumber=6FD2E1FE04EAFF9027CE5313150BE84DE11CA1A5 Validity Not Before: May 22 20:07:23 2025 GMT Not After : Jul 30 00:00:00 2026 GMT Subject: CN=682f83fb-9381 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:b9:83:e6:0d:6e:14:a2:41:4a:bb:34:4a:22: c6:b5:cd:89:9a:d8:b0:98:16:fc:28:b2:1e:bb:55: 39:17:28:55:fd:96:af:93:05:15:15:99:de:ab:8b: 54:aa:5e:09:6f:5c:b1:18:eb:b2:5f:8c:d9:b8:0a: a4:1a:df:1b:91:40:7a:cc:8d:c6:88:6a:89:99:64: 87:44:26:7f:9e:33:21:e7:26:19:69:b2:9d:41:46: 4d:0d:0a:8c:7c:bb:ae:c2:4d:6c:29:15:b9:16:1a: 5f:1d:63:1b:0b:7d:51:8b:e3:d5:3f:8a:82:e1:c1: d6:ca:a3:1d:b1:1c:14:70:5e:d4:48:6f:38:70:d0: b7:30:7f:65:1b:ec:ae:03:9f:d3:a7:77:3f:09:9d: bc:77:51:ee:d7:59:5a:fb:9d:90:ea:5a:af:d8:45: 60:00:06:a0:e4:ca:70:98:b4:7c:51:0f:2b:1b:79: b8:dc:ed:bc:89:c0:b0:0a:21:4f:21:d3:47:f4:27: cb:88:b1:67:29:7f:d7:6c:38:8c:1a:2d:e4:4c:99: 84:7d:eb:d4:a6:f5:c0:72:f2:b1:76:a9:37:b7:a7: 6b:99:f9:37:80:80:e6:90:ef:47:a1:dd:9e:4c:04: 43:74:49:46:01:f1:07:a5:3e:5f:05:52:66:95:a8: df:a9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0D:D1:C3:AE:2A:28:B8:A1:DC:EB:75:2B:94:DF:2A:DA:32:0C:6D:6E X509v3 Authority Key Identifier: keyid:6F:D2:E1:FE:04:EA:FF:90:27:CE:53:13:15:0B:E8:4D:E1:1C:A1:A5 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917ED5C/B56422D0860811EA92999571C4F9AE02/b9Lh_gTq_5AnzlMTFQvoTeEcoaU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/b9Lh_gTq_5AnzlMTFQvoTeEcoaU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917ED5C/B56422D0860811EA92999571C4F9AE02/2BF73076743511EFA2B5387BC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv6: 2406:840:9400::/40 2406:840:c600::/40 2406:840:e400::/40 2406:840:f500::/40 2406:840:fec0::/48 Signature Algorithm: sha256WithRSAEncryption 24:10:cd:29:fd:8a:b1:42:30:e8:b6:bb:37:29:e4:39:a3:c1: cb:ee:df:cc:07:70:cb:2c:ed:04:e1:64:4d:af:91:46:cf:ca: 31:5f:05:4f:a2:51:d6:e7:cc:f3:be:a5:ab:78:fd:a1:fb:90: 2f:82:02:48:96:eb:1c:9a:e8:20:ed:58:c6:0e:44:bf:c1:20: b2:3d:e6:30:fb:03:e5:c6:1e:ec:88:81:57:2f:dc:e2:b4:3f: 6e:27:eb:70:7b:40:f4:b3:36:e0:39:d5:4d:3f:ec:fa:67:41: 86:21:80:7f:5f:1e:4b:9c:c2:e4:75:20:ce:43:bc:86:78:4f: 15:ed:a9:17:f2:b3:c3:e9:24:7b:39:e1:c7:a3:ea:3e:c3:82: 58:bc:9d:c6:31:91:c5:48:ce:89:48:60:f6:00:f5:05:0d:e0: a4:55:2c:3a:25:2c:4c:60:42:31:b5:1f:4e:76:95:74:ba:cc: 59:bf:9d:a3:7f:76:a3:0f:5e:28:c8:17:09:46:b5:78:7b:15: d9:cf:ab:d0:4e:cf:c8:01:f1:36:7f:21:de:fa:ba:bc:35:29: f5:a3:04:62:0b:8a:c2:f7:eb:2a:47:cf:ed:c5:d9:a7:c8:1b: b0:da:0a:4c:23:f2:14:16:02:b6:92:d8:4d:3a:82:5b:2b:ea: d1:a4:76:f0 -----BEGIN CERTIFICATE----- MIIFlDCCBHygAwIBAgICDsMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0VENUMxMTAvBgNVBAUTKDZGRDJFMUZFMDRFQUZGOTAyN0NFNTMxMzE1MEJFODRE RTExQ0ExQTUwHhcNMjUwNTIyMjAwNzIzWhcNMjYwNzMwMDAwMDAwWjAYMRYwFAYD VQQDEw02ODJmODNmYi05MzgxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA17mD5g1uFKJBSrs0SiLGtc2JmtiwmBb8KLIeu1U5FyhV/ZavkwUVFZneq4tU ql4Jb1yxGOuyX4zZuAqkGt8bkUB6zI3GiGqJmWSHRCZ/njMh5yYZabKdQUZNDQqM fLuuwk1sKRW5FhpfHWMbC31Ri+PVP4qC4cHWyqMdsRwUcF7USG84cNC3MH9lG+yu A5/Tp3c/CZ28d1Hu11la+52Q6lqv2EVgAAag5MpwmLR8UQ8rG3m43O28icCwCiFP IdNH9CfLiLFnKX/XbDiMGi3kTJmEfevUpvXAcvKxdqk3t6drmfk3gIDmkO9Hod2e TARDdElGAfEHpT5fBVJmlajfqQIDAQABo4ICuDCCArQwHQYDVR0OBBYEFA3Rw64q KLih3Ot1K5TfKtoyDG1uMB8GA1UdIwQYMBaAFG/S4f4E6v+QJ85TExUL6E3hHKGl MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3RUQ1Qy9CNTY0MjJEMDg2 MDgxMUVBOTI5OTk1NzFDNEY5QUUwMi9iOUxoX2dUcV81QW56bE1URlF2b1RlRWNv YVUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2I5TGhfZ1RxXzVBbnpsTVRGUXZvVGVFY29hVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx N0VENUMvQjU2NDIyRDA4NjA4MTFFQTkyOTk5NTcxQzRGOUFFMDIvMkJGNzMwNzY3 NDM1MTFFRkEyQjUzODdCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQgYIKwYBBQUHAQcBAf8E MzAxMC8EAgACMCkDBgAkBghAlAMGACQGCEDGAwYAJAYIQOQDBgAkBghA9QMHACQG CED+wDANBgkqhkiG9w0BAQsFAAOCAQEAJBDNKf2KsUIw6La7NynkOaPBy+7fzAdw yyztBOFkTa+RRs/KMV8FT6JR1ufM876lq3j9ofuQL4ICSJbrHJroIO1Yxg5Ev8Eg sj3mMPsD5cYe7IiBVy/c4rQ/bifrcHtA9LM24DnVTT/s+mdBhiGAf18eS5zC5HUg zkO8hnhPFe2pF/Kzw+kkeznhx6PqPsOCWLydxjGRxUjOiUhg9gD1BQ3gpFUsOiUs TGBCMbUfTnaVdLrMWb+do392ow9eKMgXCUa1eHsV2c+r0E7PyAHxNn8h3vq6vDUp 9aMEYguKwvfrKkfP7cXZp8gbsNoKTCPyFBYCtpLYTTqCWyvq0aR28A== -----END CERTIFICATE-----Generated at Tue Jun 3 23:55:44 2025 by rpki-client