$ rpki-client -vvf rpki.apnic.net/member_repository/A91A560A/B9953DBA1D8A11E2A387D0E408B02CD2/3B8DEC18F67C11EFA12FD55AC4F9AE02.roa File: 3B8DEC18F67C11EFA12FD55AC4F9AE02.roa (raw, json) Hash identifier: nh94eTTHYj6LF33H1WS71VdzV0Cak2sfzem+EZwjKa8= Subject key identifier: B6:B1:24:BF:99:E5:DD:39:8E:0C:8C:70:0C:2D:FD:F4:6C:11:1B:E3 Certificate issuer: /CN=A91A560A/serialNumber=86DB57E690F7D309293A28BA7C55FB8AF37D5DBD Certificate serial: 3649 Authority key identifier: 86:DB:57:E6:90:F7:D3:09:29:3A:28:BA:7C:55:FB:8A:F3:7D:5D:BD Authority info access: rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/httX5pD30wkpOii6fFX7ivN9Xb0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A560A/B9953DBA1D8A11E2A387D0E408B02CD2/3B8DEC18F67C11EFA12FD55AC4F9AE02.roa Signing time: Sat 01 Mar 2025 09:04:51 +0000 ROA not before: Sat 01 Mar 2025 09:04:51 +0000 ROA not after: Fri 31 Oct 2025 00:00:00 +0000 asID: 140766 IP address blocks: 109.237.64.0/21 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A560A/B9953DBA1D8A11E2A387D0E408B02CD2/httX5pD30wkpOii6fFX7ivN9Xb0.crl rsync://rpki.apnic.net/member_repository/A91A560A/B9953DBA1D8A11E2A387D0E408B02CD2/httX5pD30wkpOii6fFX7ivN9Xb0.mft rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/httX5pD30wkpOii6fFX7ivN9Xb0.cer rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.crl rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 11 Apr 2025 14:33:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13897 (0x3649) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A560A Validity Not Before: Mar 1 09:04:51 2025 GMT Not After : Oct 31 00:00:00 2025 GMT Subject: CN=67c2cdb3-39c0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:df:5c:66:50:2c:3f:98:05:28:de:be:94:62:ad: 90:aa:ff:c9:62:c0:87:12:66:6b:79:94:f6:73:22: 18:ea:27:67:15:70:7d:43:a0:fb:c3:78:b6:a2:b2: d7:23:69:71:5b:e0:ab:1b:db:fb:c4:e1:42:e9:61: 5e:ef:f2:f9:4c:ad:1d:ed:4c:bc:a8:be:03:a2:69: a7:47:ee:df:c2:a5:34:fd:21:f0:94:5c:da:92:6d: 33:c8:35:02:fd:91:04:23:1b:3a:a4:57:87:e4:44: f6:cf:11:f4:7b:06:20:0f:8e:61:c8:17:29:f7:72: be:10:b5:84:8f:23:7b:13:44:ca:bb:60:8c:d7:8b: f7:ba:c2:b3:62:8d:5d:62:a9:45:3c:c8:b7:70:c2: 9f:53:32:31:78:d5:27:2d:b4:06:54:92:25:f2:94: 94:e4:95:26:68:ce:69:87:3d:b3:68:d4:20:ac:bb: a8:ff:ca:ec:b3:b5:15:1a:a0:11:bd:c9:4d:ad:93: 7e:fc:78:09:ae:f7:5b:43:f0:e7:81:2f:36:09:fe: d8:15:65:20:3e:4d:4a:8c:b7:c8:26:3d:82:44:ae: f1:3b:40:cc:0b:43:c3:a5:34:ad:b1:0a:21:cd:ec: b2:ac:bb:29:a8:8f:51:0e:2b:d2:78:bc:08:b0:85: 8f:8f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B6:B1:24:BF:99:E5:DD:39:8E:0C:8C:70:0C:2D:FD:F4:6C:11:1B:E3 X509v3 Authority Key Identifier: keyid:86:DB:57:E6:90:F7:D3:09:29:3A:28:BA:7C:55:FB:8A:F3:7D:5D:BD X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A560A/B9953DBA1D8A11E2A387D0E408B02CD2/httX5pD30wkpOii6fFX7ivN9Xb0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/httX5pD30wkpOii6fFX7ivN9Xb0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A560A/B9953DBA1D8A11E2A387D0E408B02CD2/3B8DEC18F67C11EFA12FD55AC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 109.237.64.0/21 Signature Algorithm: sha256WithRSAEncryption c1:14:5a:70:93:92:26:e2:80:0f:85:b7:51:ac:71:98:88:49: f8:04:b1:31:5e:a8:50:f8:a6:70:fc:9c:c5:58:68:42:a9:da: ab:70:30:58:8e:33:99:9d:d8:98:82:3f:8a:c4:ee:76:eb:fb: 38:cd:46:85:7f:e4:fa:f3:80:9c:fb:6f:9b:b8:34:82:b4:aa: ce:9b:f2:cf:53:d3:e1:b8:c1:16:ec:b3:8a:fd:1c:b5:78:09: f3:37:4e:4a:93:4b:78:3b:a0:c9:d6:9f:b8:54:c6:60:f3:e7: d1:6c:78:6f:67:f7:48:c5:a7:de:7a:bd:de:91:51:7d:5f:b8: d7:8c:ea:d2:4f:43:ca:af:cd:74:d0:ca:87:1a:e9:94:14:9d: 80:75:c5:d1:39:14:cf:91:a3:e9:17:cf:33:8b:32:2e:44:61: a8:18:ea:6f:e3:16:9e:c5:34:c3:e4:6d:3d:46:15:ad:bc:a6: 78:d3:1e:1f:6a:14:fc:48:c3:bd:1b:51:b6:c1:d1:43:50:c8: c5:f0:0d:84:c6:a9:7f:7d:f1:9d:03:90:bd:2e:91:a3:1c:bd: ad:7f:06:44:fc:5a:ce:9f:a1:4f:8a:7f:de:d4:e6:9b:5b:79: 54:8e:0a:45:22:12:43:19:36:fd:40:41:a3:e5:4c:f5:7c:bc: 38:7a:74:71 -----BEGIN CERTIFICATE----- MIIFcTCCBFmgAwIBAgICNkkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTU2MEExMTAvBgNVBAUTKDg2REI1N0U2OTBGN0QzMDkyOTNBMjhCQTdDNTVGQjhB RjM3RDVEQkQwHhcNMjUwMzAxMDkwNDUxWhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD VQQDEw02N2MyY2RiMy0zOWMwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA31xmUCw/mAUo3r6UYq2Qqv/JYsCHEmZreZT2cyIY6idnFXB9Q6D7w3i2orLX I2lxW+CrG9v7xOFC6WFe7/L5TK0d7Uy8qL4DommnR+7fwqU0/SHwlFzakm0zyDUC /ZEEIxs6pFeH5ET2zxH0ewYgD45hyBcp93K+ELWEjyN7E0TKu2CM14v3usKzYo1d YqlFPMi3cMKfUzIxeNUnLbQGVJIl8pSU5JUmaM5phz2zaNQgrLuo/8rss7UVGqAR vclNrZN+/HgJrvdbQ/DngS82Cf7YFWUgPk1KjLfIJj2CRK7xO0DMC0PDpTStsQoh zeyyrLspqI9RDivSeLwIsIWPjwIDAQABo4IClTCCApEwHQYDVR0OBBYEFLaxJL+Z 5d05jgyMcAwt/fRsERvjMB8GA1UdIwQYMBaAFIbbV+aQ99MJKToounxV+4rzfV29 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTYwQS9COTk1M0RCQTFE OEExMUUyQTM4N0QwRTQwOEIwMkNEMi9odHRYNXBEMzB3a3BPaWk2ZkZYN2l2TjlY YjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzMjJBNUY0MUQ2NjExRTJBM0YyN0Y3Qzcy RkQxRkYyL2h0dFg1cEQzMHdrcE9paTZmRlg3aXZOOVhiMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QTU2MEEvQjk5NTNEQkExRDhBMTFFMkEzODdEMEU0MDhCMDJDRDIvM0I4REVDMThG NjdDMTFFRkExMkZENTVBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E EDAOMAwEAgABMAYDBANt7UAwDQYJKoZIhvcNAQELBQADggEBAMEUWnCTkibigA+F t1GscZiISfgEsTFeqFD4pnD8nMVYaEKp2qtwMFiOM5md2JiCP4rE7nbr+zjNRoV/ 5PrzgJz7b5u4NIK0qs6b8s9T0+G4wRbss4r9HLV4CfM3TkqTS3g7oMnWn7hUxmDz 59FseG9n90jFp956vd6RUX1fuNeM6tJPQ8qvzXTQyoca6ZQUnYB1xdE5FM+Ro+kX zzOLMi5EYagY6m/jFp7FNMPkbT1GFa28pnjTHh9qFPxIw70bUbbB0UNQyMXwDYTG qX998Z0DkL0ukaMcva1/BkT8Ws6foU+Kf97U5ptbeVSOCkUiEkMZNv1AQaPlTPV8 vDh6dHE= -----END CERTIFICATE-----Generated at Sun Apr 6 01:20:18 2025 by rpki-client