$ rpki-client -vvf rpki.apnic.net/member_repository/A91A3E3F/305EB8767CDB11EDAB844C19C4F9AE02/0DCBAC3863C111EE9A8AA77AC4F9AE02.roa File: 0DCBAC3863C111EE9A8AA77AC4F9AE02.roa (raw, json) Hash identifier: inCWlFg4eyi3SZb4mhg7QgWhnaX3zI3I9iGqmhoauLc= Subject key identifier: 5D:71:5F:74:DA:46:8B:56:40:BA:50:A1:C1:5D:C1:C7:A6:CB:6A:A0 Certificate issuer: /CN=A91A3E3F/serialNumber=943D3E10B8BBE138B47734554B69053110D45BE3 Certificate serial: 0190 Authority key identifier: 94:3D:3E:10:B8:BB:E1:38:B4:77:34:55:4B:69:05:31:10:D4:5B:E3 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/lD0-ELi74Ti0dzRVS2kFMRDUW-M.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A3E3F/305EB8767CDB11EDAB844C19C4F9AE02/0DCBAC3863C111EE9A8AA77AC4F9AE02.roa Signing time: Sun 15 Dec 2024 02:25:51 +0000 ROA not before: Sun 15 Dec 2024 02:25:51 +0000 ROA not after: Sat 31 Jan 2026 00:00:00 +0000 asID: 8075 IP address blocks: 128.94.0.0/16 maxlen: 16 135.149.0.0/16 maxlen: 16 138.239.0.0/16 maxlen: 16 147.145.0.0/16 maxlen: 16 148.7.0.0/16 maxlen: 16 155.62.0.0/16 maxlen: 16 158.23.0.0/16 maxlen: 16 158.158.0.0/16 maxlen: 16 167.105.0.0/16 maxlen: 16 167.220.240.0/22 maxlen: 24 169.138.0.0/16 maxlen: 16 170.165.0.0/16 maxlen: 16 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A3E3F/305EB8767CDB11EDAB844C19C4F9AE02/lD0-ELi74Ti0dzRVS2kFMRDUW-M.crl rsync://rpki.apnic.net/member_repository/A91A3E3F/305EB8767CDB11EDAB844C19C4F9AE02/lD0-ELi74Ti0dzRVS2kFMRDUW-M.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/lD0-ELi74Ti0dzRVS2kFMRDUW-M.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 10 Apr 2025 02:29:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 400 (0x190) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A3E3F Validity Not Before: Dec 15 02:25:51 2024 GMT Not After : Jan 31 00:00:00 2026 GMT Subject: CN=675e3e2e-84f4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:df:4e:34:6b:b2:41:1c:71:e2:2b:52:77:8d:f4: d9:a1:9d:ba:e6:b3:e5:f5:56:01:9b:2d:d3:39:1a: 0c:b0:3d:a7:12:b8:32:56:9a:af:a2:7d:19:df:3c: 6f:d5:5e:ed:83:e1:23:0d:c5:70:da:e0:08:5a:4c: 6b:11:ae:1e:80:34:5a:37:02:7c:0e:e8:d3:85:ef: e1:cf:86:ce:06:56:5f:e1:d6:09:a8:ef:c7:59:c4: 5b:15:06:8c:7f:21:09:b2:00:19:d8:23:7d:cc:23: 89:b4:79:63:82:6b:59:8f:7d:04:4f:bb:1f:42:65: 2a:1d:c1:99:e0:35:c6:40:78:be:12:9a:9e:52:87: 93:d9:66:6c:50:72:2a:a6:95:01:c6:33:66:d8:0b: 43:e1:10:fc:a5:6c:cf:01:57:08:b3:2e:80:69:bc: 23:77:22:1e:bb:0c:1b:b8:09:64:05:1e:bc:a6:ec: d7:86:56:84:b8:35:99:54:e7:e9:cb:c8:1d:64:49: b0:14:d3:5d:49:10:7b:a3:22:be:c2:c0:f8:59:7b: 8c:3a:d1:cb:96:1d:a7:d9:68:f2:47:b0:69:16:21: 4d:1a:1f:fc:a1:0e:0b:71:e0:39:b4:08:9a:b6:f9: 3c:24:0b:1e:41:32:b5:12:8e:d2:e9:31:ec:7e:f9: 12:c3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5D:71:5F:74:DA:46:8B:56:40:BA:50:A1:C1:5D:C1:C7:A6:CB:6A:A0 X509v3 Authority Key Identifier: keyid:94:3D:3E:10:B8:BB:E1:38:B4:77:34:55:4B:69:05:31:10:D4:5B:E3 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A3E3F/305EB8767CDB11EDAB844C19C4F9AE02/lD0-ELi74Ti0dzRVS2kFMRDUW-M.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/lD0-ELi74Ti0dzRVS2kFMRDUW-M.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A3E3F/305EB8767CDB11EDAB844C19C4F9AE02/0DCBAC3863C111EE9A8AA77AC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 128.94.0.0/16 135.149.0.0/16 138.239.0.0/16 147.145.0.0/16 148.7.0.0/16 155.62.0.0/16 158.23.0.0/16 158.158.0.0/16 167.105.0.0/16 167.220.240.0/22 169.138.0.0/16 170.165.0.0/16 Signature Algorithm: sha256WithRSAEncryption 55:28:c2:6a:9f:3c:b5:99:a1:bb:c3:60:d6:74:ac:e0:82:10: c9:b3:82:82:37:06:60:65:23:ec:96:4d:3a:98:00:b9:70:e6: 4f:05:38:ce:03:f6:ea:e7:29:83:43:dd:36:f2:90:0c:94:88: 6a:62:f5:47:53:d4:e6:fd:ae:4d:7c:4d:c0:b1:d8:b6:f3:db: a0:4d:bb:5e:10:72:e5:54:25:be:aa:33:0f:92:96:24:29:0c: fe:26:83:e7:47:11:22:4a:8a:fe:3a:04:16:4f:d6:8b:c6:5b: 33:fb:4c:60:86:56:fd:fa:cb:cc:cc:7e:7a:1b:03:27:b2:f1: 88:c9:b6:80:46:21:e6:30:81:68:d8:40:6f:86:ba:2d:f6:44: 9e:dc:8d:07:c8:8a:9e:af:3b:e3:ca:69:28:21:bf:3f:3a:29: 08:2b:cb:f6:05:e4:4a:bb:3b:a4:72:f0:5b:f5:98:14:42:dd: de:4b:89:da:f0:d0:84:b1:55:8d:d2:d7:28:5d:c6:e0:4c:74: f8:68:4c:38:fc:aa:3d:fe:4b:fe:46:8f:29:7a:65:90:c4:8f: 7f:77:cb:2b:2a:46:d1:85:72:b4:41:7f:79:2b:0c:16:95:9e: 30:1a:18:4a:2d:87:6f:3c:fe:19:e2:a5:a3:fd:db:00:7d:46: 13:c5:0b:d2 -----BEGIN CERTIFICATE----- MIIFqDCCBJCgAwIBAgICAZAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTNFM0YxMTAvBgNVBAUTKDk0M0QzRTEwQjhCQkUxMzhCNDc3MzQ1NTRCNjkwNTMx MTBENDVCRTMwHhcNMjQxMjE1MDIyNTUxWhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NzVlM2UyZS04NGY0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA3040a7JBHHHiK1J3jfTZoZ265rPl9VYBmy3TORoMsD2nErgyVpqvon0Z3zxv 1V7tg+EjDcVw2uAIWkxrEa4egDRaNwJ8DujThe/hz4bOBlZf4dYJqO/HWcRbFQaM fyEJsgAZ2CN9zCOJtHljgmtZj30ET7sfQmUqHcGZ4DXGQHi+EpqeUoeT2WZsUHIq ppUBxjNm2AtD4RD8pWzPAVcIsy6AabwjdyIeuwwbuAlkBR68puzXhlaEuDWZVOfp y8gdZEmwFNNdSRB7oyK+wsD4WXuMOtHLlh2n2WjyR7BpFiFNGh/8oQ4LceA5tAia tvk8JAseQTK1Eo7S6THsfvkSwwIDAQABo4ICzDCCAsgwHQYDVR0OBBYEFF1xX3Ta RotWQLpQocFdwcemy2qgMB8GA1UdIwQYMBaAFJQ9PhC4u+E4tHc0VUtpBTEQ1Fvj MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBM0UzRi8zMDVFQjg3NjdD REIxMUVEQUI4NDRDMTlDNEY5QUUwMi9sRDAtRUxpNzRUaTBkelJWUzJrRk1SRFVX LU0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL2xEMC1FTGk3NFRpMGR6UlZTMmtGTVJEVVctTS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QTNFM0YvMzA1RUI4NzY3Q0RCMTFFREFCODQ0QzE5QzRGOUFFMDIvMERDQkFDMzg2 M0MxMTFFRTlBOEFBNzdBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwVgYIKwYBBQUHAQcBAf8E RzBFMEMEAgABMD0DAwCAXgMDAIeVAwMAiu8DAwCTkQMDAJQHAwMAmz4DAwCeFwMD AJ6eAwMAp2kDBAKn3PADAwCpigMDAKqlMA0GCSqGSIb3DQEBCwUAA4IBAQBVKMJq nzy1maG7w2DWdKzgghDJs4KCNwZgZSPslk06mAC5cOZPBTjOA/bq5ymDQ9028pAM lIhqYvVHU9Tm/a5NfE3Asdi289ugTbteEHLlVCW+qjMPkpYkKQz+JoPnRxEiSor+ OgQWT9aLxlsz+0xghlb9+svMzH56GwMnsvGIybaARiHmMIFo2EBvhrot9kSe3I0H yIqerzvjymkoIb8/OikIK8v2BeRKuzukcvBb9ZgUQt3eS4na8NCEsVWN0tcoXcbg THT4aEw4/Ko9/kv+Ro8pemWQxI9/d8srKkbRhXK0QX95KwwWlZ4wGhhKLYdvPP4Z 4qWj/dsAfUYTxQvS -----END CERTIFICATE-----Generated at Fri Apr 4 19:47:09 2025 by rpki-client