$ rpki-client -vvf rpki.apnic.net/member_repository/A91A3E3F/FBDFFEC0768611EDA6CB3F41C4F9AE02/E6EB68347F4F11EDBD813D85C4F9AE02.roa File: E6EB68347F4F11EDBD813D85C4F9AE02.roa (raw, json) Hash identifier: pq5PnlojK/GAJppMbTHRBS7cpCdExCrMiIQ6oauUaFM= Subject key identifier: AC:BB:3E:A4:7B:6D:A6:0C:F0:D1:CF:60:DA:4A:09:5B:14:D4:3E:89 Certificate issuer: /CN=A91A3E3F/serialNumber=59DDC3969B9863CFB5A15528AA4A391AF2337F43 Certificate serial: 0197 Authority key identifier: 59:DD:C3:96:9B:98:63:CF:B5:A1:55:28:AA:4A:39:1A:F2:33:7F:43 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Wd3DlpuYY8-1oVUoqko5GvIzf0M.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A3E3F/FBDFFEC0768611EDA6CB3F41C4F9AE02/E6EB68347F4F11EDBD813D85C4F9AE02.roa Signing time: Sun 15 Dec 2024 02:25:47 +0000 ROA not before: Sun 15 Dec 2024 02:25:47 +0000 ROA not after: Sat 31 Jan 2026 00:00:00 +0000 asID: 8075 IP address blocks: 111.221.16.0/21 maxlen: 21 111.221.24.0/22 maxlen: 22 111.221.29.0/24 maxlen: 24 111.221.30.0/23 maxlen: 23 111.221.64.0/18 maxlen: 24 202.89.224.0/21 maxlen: 24 2001:df0:7::/48 maxlen: 48 2001:df0:d7::/48 maxlen: 48 2001:df0:d8::/48 maxlen: 48 2001:df0:d9::/48 maxlen: 48 2404:f800::/32 maxlen: 32 2404:f801:8030::/48 maxlen: 48 2404:f802::/31 maxlen: 31 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A3E3F/FBDFFEC0768611EDA6CB3F41C4F9AE02/Wd3DlpuYY8-1oVUoqko5GvIzf0M.crl rsync://rpki.apnic.net/member_repository/A91A3E3F/FBDFFEC0768611EDA6CB3F41C4F9AE02/Wd3DlpuYY8-1oVUoqko5GvIzf0M.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Wd3DlpuYY8-1oVUoqko5GvIzf0M.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 10 Apr 2025 02:29:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 407 (0x197) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A3E3F Validity Not Before: Dec 15 02:25:47 2024 GMT Not After : Jan 31 00:00:00 2026 GMT Subject: CN=675e3e2a-0e12 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:02:43:ba:70:50:44:9e:e4:03:9c:30:46:3b: 32:6a:dc:02:bf:7a:f7:6d:bc:e4:20:4c:44:16:ec: 46:f3:15:0a:ae:05:69:12:34:a0:da:ff:c6:6d:34: a1:0a:02:e2:69:df:f9:8d:a7:67:d5:c6:26:68:14: b1:87:07:bc:6f:96:ae:77:db:95:65:35:da:21:d1: b2:ba:11:9e:b1:25:f3:30:93:ad:80:3a:40:c5:ff: 55:4d:c1:b7:83:aa:c5:05:71:b6:c6:ff:0b:43:44: 03:c2:63:e3:a0:3f:85:33:ef:3c:e4:7b:24:a2:6c: 94:9c:0e:a3:16:10:60:cf:81:af:ac:ed:d2:16:ac: a7:4f:db:52:cd:63:61:ad:0b:f3:ce:29:d5:2a:28: 82:1e:f6:d4:d2:f9:24:d2:c3:46:fc:f5:41:41:eb: 40:92:69:32:04:e3:6c:32:c0:23:99:45:fc:a4:b4: b9:32:a9:89:c1:9b:07:a6:f9:60:99:f9:10:0a:37: ca:ec:cb:22:d6:fb:6b:b0:b5:5f:3b:31:b0:da:e1: b0:dd:45:e5:8f:92:b3:f4:41:d0:12:4d:93:ad:60: 49:c8:ae:bf:f0:37:d3:77:f8:57:ad:64:cb:25:ef: 0c:83:3d:eb:cf:81:a0:c6:7d:b2:71:e0:8d:5b:75: ef:d5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AC:BB:3E:A4:7B:6D:A6:0C:F0:D1:CF:60:DA:4A:09:5B:14:D4:3E:89 X509v3 Authority Key Identifier: keyid:59:DD:C3:96:9B:98:63:CF:B5:A1:55:28:AA:4A:39:1A:F2:33:7F:43 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A3E3F/FBDFFEC0768611EDA6CB3F41C4F9AE02/Wd3DlpuYY8-1oVUoqko5GvIzf0M.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Wd3DlpuYY8-1oVUoqko5GvIzf0M.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A3E3F/FBDFFEC0768611EDA6CB3F41C4F9AE02/E6EB68347F4F11EDBD813D85C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 111.221.16.0-111.221.27.255 111.221.29.0-111.221.31.255 111.221.64.0/18 202.89.224.0/21 IPv6: 2001:df0:7::/48 2001:df0:d7::-2001:df0:d9:ffff:ffff:ffff:ffff:ffff 2404:f800::/32 2404:f801:8030::/48 2404:f802::/31 Signature Algorithm: sha256WithRSAEncryption 86:7e:d0:a0:01:70:07:12:0d:e3:87:67:54:07:30:9d:0c:db: 2a:63:3c:be:5b:d5:57:e7:d0:83:13:3d:bd:20:88:37:a8:bf: ee:b5:e6:35:dd:e9:da:dd:55:ef:55:33:27:94:e7:4e:02:db: dc:50:4a:d0:be:08:e8:6e:cf:f6:07:ed:3c:57:48:f2:69:52: f5:20:b2:83:f4:bf:0f:b1:4f:37:2c:13:54:f5:e6:85:0c:2c: 01:46:3f:16:78:bd:0f:7a:e8:de:2c:4b:4f:5e:78:a2:c3:da: 94:6f:ff:46:5a:85:e7:90:3d:14:b7:63:4f:40:59:61:dc:31: ef:3b:0a:0d:c0:c1:7b:f9:bf:b9:95:96:ce:b2:64:f0:ab:19: 83:ee:d1:1a:9d:9a:8f:9d:88:81:c8:79:82:1e:93:f9:b9:ab: d0:b1:45:a8:9c:ea:d1:72:b6:d9:f0:d7:e5:5c:c8:79:df:d7: 51:96:43:15:5d:05:14:3d:d9:fd:84:59:72:92:ab:09:b4:1a: 63:a2:68:98:d2:f7:18:3c:20:96:4b:49:6a:7a:37:8d:44:6c: 18:40:11:85:1d:20:2c:77:34:d6:a9:5a:1d:63:a2:c0:67:7b: 77:58:b4:3f:f0:3c:ea:04:ee:4e:5c:9e:b6:c4:0c:52:c0:db: 6b:62:d9:1b -----BEGIN CERTIFICATE----- MIIFzzCCBLegAwIBAgICAZcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTNFM0YxMTAvBgNVBAUTKDU5RERDMzk2OUI5ODYzQ0ZCNUExNTUyOEFBNEEzOTFB RjIzMzdGNDMwHhcNMjQxMjE1MDIyNTQ3WhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NzVlM2UyYS0wZTEyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwgJDunBQRJ7kA5wwRjsyatwCv3r3bbzkIExEFuxG8xUKrgVpEjSg2v/GbTSh CgLiad/5jadn1cYmaBSxhwe8b5aud9uVZTXaIdGyuhGesSXzMJOtgDpAxf9VTcG3 g6rFBXG2xv8LQ0QDwmPjoD+FM+885HskomyUnA6jFhBgz4GvrO3SFqynT9tSzWNh rQvzzinVKiiCHvbU0vkk0sNG/PVBQetAkmkyBONsMsAjmUX8pLS5MqmJwZsHpvlg mfkQCjfK7Msi1vtrsLVfOzGw2uGw3UXlj5Kz9EHQEk2TrWBJyK6/8DfTd/hXrWTL Je8Mgz3rz4Ggxn2yceCNW3Xv1QIDAQABo4IC8zCCAu8wHQYDVR0OBBYEFKy7PqR7 baYM8NHPYNpKCVsU1D6JMB8GA1UdIwQYMBaAFFndw5abmGPPtaFVKKpKORryM39D MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBM0UzRi9GQkRGRkVDMDc2 ODYxMUVEQTZDQjNGNDFDNEY5QUUwMi9XZDNEbHB1WVk4LTFvVlVvcWtvNUd2SXpm ME0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1dkM0RscHVZWTgtMW9WVW9xa281R3ZJemYwTS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QTNFM0YvRkJERkZFQzA3Njg2MTFFREE2Q0IzRjQxQzRGOUFFMDIvRTZFQjY4MzQ3 RjRGMTFFREJEODEzRDg1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwfQYIKwYBBQUHAQcBAf8E bjBsMC4EAgABMCgwDAMEBG/dEAMEAm/dGDAMAwQAb90dAwQFb90AAwQGb91AAwQD ylngMDoEAgACMDQDBwAgAQ3wAAcwEgMHACABDfAA1wMHASABDfAA2AMFACQE+AAD BwAkBPgBgDADBQEkBPgCMA0GCSqGSIb3DQEBCwUAA4IBAQCGftCgAXAHEg3jh2dU BzCdDNsqYzy+W9VX59CDEz29IIg3qL/uteY13ena3VXvVTMnlOdOAtvcUErQvgjo bs/2B+08V0jyaVL1ILKD9L8PsU83LBNU9eaFDCwBRj8WeL0PeujeLEtPXniiw9qU b/9GWoXnkD0Ut2NPQFlh3DHvOwoNwMF7+b+5lZbOsmTwqxmD7tEanZqPnYiByHmC HpP5uavQsUWonOrRcrbZ8NflXMh539dRlkMVXQUUPdn9hFlykqsJtBpjomiY0vcY PCCWS0lqejeNRGwYQBGFHSAsdzTWqVodY6LAZ3t3WLQ/8DzqBO5OXJ62xAxSwNtr Ytkb -----END CERTIFICATE-----Generated at Sat Apr 5 00:22:37 2025 by rpki-client