$ rpki-client -vvf rpki.apnic.net/member_repository/A917ED5C/B56422D0860811EA92999571C4F9AE02/672D5E3EDAFE11EE986FFF5BC4F9AE02.roa File: 672D5E3EDAFE11EE986FFF5BC4F9AE02.roa (raw, json) Hash identifier: D08NLXKbQpHWqaARYRATkQAsooDO3vyNlwYLuFKd5gE= Subject key identifier: 9C:AC:0E:B6:1F:25:C5:17:6D:29:14:91:64:DC:D9:8F:C3:4F:35:FF Certificate issuer: /CN=A917ED5C/serialNumber=6FD2E1FE04EAFF9027CE5313150BE84DE11CA1A5 Certificate serial: 0EC8 Authority key identifier: 6F:D2:E1:FE:04:EA:FF:90:27:CE:53:13:15:0B:E8:4D:E1:1C:A1:A5 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/b9Lh_gTq_5AnzlMTFQvoTeEcoaU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917ED5C/B56422D0860811EA92999571C4F9AE02/672D5E3EDAFE11EE986FFF5BC4F9AE02.roa Signing time: Thu 22 May 2025 20:07:27 +0000 ROA not before: Thu 22 May 2025 20:07:27 +0000 ROA not after: Thu 30 Jul 2026 00:00:00 +0000 asID: 152631 IP address blocks: 2406:840:9c00::/40 maxlen: 48 2406:840:c800::/40 maxlen: 48 2406:840:ce00::/40 maxlen: 48 2406:840:fb00::/40 maxlen: 48 2406:840:fecb::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917ED5C/B56422D0860811EA92999571C4F9AE02/b9Lh_gTq_5AnzlMTFQvoTeEcoaU.crl rsync://rpki.apnic.net/member_repository/A917ED5C/B56422D0860811EA92999571C4F9AE02/b9Lh_gTq_5AnzlMTFQvoTeEcoaU.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/b9Lh_gTq_5AnzlMTFQvoTeEcoaU.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 09 Jun 2025 20:11:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3784 (0xec8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917ED5C, serialNumber=6FD2E1FE04EAFF9027CE5313150BE84DE11CA1A5 Validity Not Before: May 22 20:07:27 2025 GMT Not After : Jul 30 00:00:00 2026 GMT Subject: CN=682f83ff-9797 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:43:44:a3:8f:53:25:9b:ce:db:f4:91:d2:18: be:2a:df:a3:7f:a8:a4:68:3d:51:13:be:cd:45:ef: 42:65:36:50:f7:cd:09:4b:a3:7c:fd:a7:1d:f1:a6: 7c:ce:53:d4:79:a5:62:f3:56:ec:3d:f3:11:ca:e6: 48:33:12:d2:7e:92:0f:de:d4:f9:42:7e:5f:f5:bc: 9a:3f:d2:7b:ab:8d:ea:10:0d:1d:91:09:1d:7f:d5: 4b:aa:a8:15:d8:aa:ff:8c:bb:94:32:55:0f:a5:d6: 34:f5:b5:84:08:60:0c:e2:37:ec:bd:63:f9:3f:a9: a2:1b:99:ed:66:1c:d9:5f:d3:b7:3c:05:f4:d2:d6: 7f:27:05:e0:1f:10:57:6f:85:53:d3:a9:0c:a4:12: bf:f2:60:35:8b:1f:18:b1:ee:85:0d:43:64:37:f8: c9:db:ad:cc:9b:44:d4:ac:35:fb:83:2b:8b:78:1f: 67:5a:51:b0:fa:b8:35:8f:99:33:b9:89:0f:68:fc: 0a:6e:01:09:11:83:4f:e0:68:33:a6:54:40:59:7d: 96:0d:91:75:81:6e:70:ee:27:ba:6e:5a:9f:c9:8d: fa:0c:cd:22:3d:5c:f5:ba:65:48:21:d8:ba:02:c8: 18:9e:79:21:96:f1:a5:4f:5d:47:ee:40:a4:d4:76: 6c:5b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9C:AC:0E:B6:1F:25:C5:17:6D:29:14:91:64:DC:D9:8F:C3:4F:35:FF X509v3 Authority Key Identifier: keyid:6F:D2:E1:FE:04:EA:FF:90:27:CE:53:13:15:0B:E8:4D:E1:1C:A1:A5 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917ED5C/B56422D0860811EA92999571C4F9AE02/b9Lh_gTq_5AnzlMTFQvoTeEcoaU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/b9Lh_gTq_5AnzlMTFQvoTeEcoaU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917ED5C/B56422D0860811EA92999571C4F9AE02/672D5E3EDAFE11EE986FFF5BC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv6: 2406:840:9c00::/40 2406:840:c800::/40 2406:840:ce00::/40 2406:840:fb00::/40 2406:840:fecb::/48 Signature Algorithm: sha256WithRSAEncryption 7f:f7:3d:1a:a7:a7:e9:21:fd:55:fd:17:46:47:ff:79:52:80: 1b:49:ad:c4:ef:fa:36:51:3b:e8:03:5a:2b:8e:b1:5a:aa:c9: d4:ff:85:d0:db:a1:b4:ee:33:d0:f1:06:0c:0d:a0:8b:13:d2: 63:7a:1b:7c:0b:d9:1d:6d:58:7c:19:e8:81:9d:06:6b:af:3c: 5c:3a:5c:fe:a3:6b:12:55:bf:48:11:2b:e2:54:7b:bf:94:2e: 1c:10:2c:0e:b9:80:39:04:27:37:15:4a:1e:5f:e5:19:42:c3: 40:a1:e0:99:50:9f:70:d4:53:66:7d:3b:69:a5:3f:4e:38:40: 75:ba:93:71:ee:31:2a:9b:10:41:a6:2a:fa:d4:0a:b4:5a:69: e1:a8:1c:69:5d:3e:15:f1:c1:5d:65:da:e8:c9:44:c9:e7:ff: 8b:cf:f7:d2:3c:d9:84:fd:2e:fd:cf:7d:e8:9e:d9:6d:f6:aa: 95:7b:09:71:d8:fa:f6:23:d3:7b:02:7f:12:23:b0:0a:d0:e7: f8:2c:27:67:83:87:0e:0b:99:01:2f:57:08:ef:51:56:07:ed: 02:66:81:ab:4f:e8:e7:75:a1:b9:49:40:68:23:a4:cc:d4:89: 26:a8:6e:73:5b:6f:98:28:86:6e:e4:d4:a4:90:ed:eb:a6:86: fe:a2:7f:ea -----BEGIN CERTIFICATE----- MIIFlDCCBHygAwIBAgICDsgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0VENUMxMTAvBgNVBAUTKDZGRDJFMUZFMDRFQUZGOTAyN0NFNTMxMzE1MEJFODRE RTExQ0ExQTUwHhcNMjUwNTIyMjAwNzI3WhcNMjYwNzMwMDAwMDAwWjAYMRYwFAYD VQQDEw02ODJmODNmZi05Nzk3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAx0NEo49TJZvO2/SR0hi+Kt+jf6ikaD1RE77NRe9CZTZQ980JS6N8/acd8aZ8 zlPUeaVi81bsPfMRyuZIMxLSfpIP3tT5Qn5f9byaP9J7q43qEA0dkQkdf9VLqqgV 2Kr/jLuUMlUPpdY09bWECGAM4jfsvWP5P6miG5ntZhzZX9O3PAX00tZ/JwXgHxBX b4VT06kMpBK/8mA1ix8Yse6FDUNkN/jJ263Mm0TUrDX7gyuLeB9nWlGw+rg1j5kz uYkPaPwKbgEJEYNP4GgzplRAWX2WDZF1gW5w7ie6blqfyY36DM0iPVz1umVIIdi6 AsgYnnkhlvGlT11H7kCk1HZsWwIDAQABo4ICuDCCArQwHQYDVR0OBBYEFJysDrYf JcUXbSkUkWTc2Y/DTzX/MB8GA1UdIwQYMBaAFG/S4f4E6v+QJ85TExUL6E3hHKGl MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3RUQ1Qy9CNTY0MjJEMDg2 MDgxMUVBOTI5OTk1NzFDNEY5QUUwMi9iOUxoX2dUcV81QW56bE1URlF2b1RlRWNv YVUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2I5TGhfZ1RxXzVBbnpsTVRGUXZvVGVFY29hVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx N0VENUMvQjU2NDIyRDA4NjA4MTFFQTkyOTk5NTcxQzRGOUFFMDIvNjcyRDVFM0VE QUZFMTFFRTk4NkZGRjVCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQgYIKwYBBQUHAQcBAf8E MzAxMC8EAgACMCkDBgAkBghAnAMGACQGCEDIAwYAJAYIQM4DBgAkBghA+wMHACQG CED+yzANBgkqhkiG9w0BAQsFAAOCAQEAf/c9Gqen6SH9Vf0XRkf/eVKAG0mtxO/6 NlE76ANaK46xWqrJ1P+F0NuhtO4z0PEGDA2gixPSY3obfAvZHW1YfBnogZ0Ga688 XDpc/qNrElW/SBEr4lR7v5QuHBAsDrmAOQQnNxVKHl/lGULDQKHgmVCfcNRTZn07 aaU/TjhAdbqTce4xKpsQQaYq+tQKtFpp4agcaV0+FfHBXWXa6MlEyef/i8/30jzZ hP0u/c996J7ZbfaqlXsJcdj69iPTewJ/EiOwCtDn+CwnZ4OHDguZAS9XCO9RVgft AmaBq0/o53WhuUlAaCOkzNSJJqhuc1tvmCiGbuTUpJDt66aG/qJ/6g== -----END CERTIFICATE-----Generated at Tue Jun 3 23:49:17 2025 by rpki-client