$ rpki-client -vvf rpki.apnic.net/member_repository/A91ACD72/4576A672261211ECB9319942C4F9AE02/1CD7BEFC4D0E11EEA09FBF12C4F9AE02.roa File: 1CD7BEFC4D0E11EEA09FBF12C4F9AE02.roa (raw, json) Hash identifier: ZVXIXb68LMeIyoHASYy5oVFyflHWdmoVD7FAYMUQOp4= Subject key identifier: C4:73:66:F0:60:63:78:6E:47:1D:AE:45:66:07:5A:C1:19:A6:06:58 Certificate issuer: /CN=A91ACD72/serialNumber=2C19175325A5F36C0BB58F92119E65820C8FD57B Certificate serial: 04E0 Authority key identifier: 2C:19:17:53:25:A5:F3:6C:0B:B5:8F:92:11:9E:65:82:0C:8F:D5:7B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LBkXUyWl82wLtY-SEZ5lggyP1Xs.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91ACD72/4576A672261211ECB9319942C4F9AE02/1CD7BEFC4D0E11EEA09FBF12C4F9AE02.roa Signing time: Sat 28 Dec 2024 23:32:30 +0000 ROA not before: Sat 28 Dec 2024 23:32:30 +0000 ROA not after: Mon 02 Mar 2026 00:00:00 +0000 asID: 216458 IP address blocks: 117.55.206.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91ACD72/4576A672261211ECB9319942C4F9AE02/LBkXUyWl82wLtY-SEZ5lggyP1Xs.crl rsync://rpki.apnic.net/member_repository/A91ACD72/4576A672261211ECB9319942C4F9AE02/LBkXUyWl82wLtY-SEZ5lggyP1Xs.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LBkXUyWl82wLtY-SEZ5lggyP1Xs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 15 Apr 2025 23:37:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1248 (0x4e0) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91ACD72 Validity Not Before: Dec 28 23:32:30 2024 GMT Not After : Mar 2 00:00:00 2026 GMT Subject: CN=67708a8e-9df7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:fc:9c:96:03:fc:cc:fd:34:80:17:cb:14:70: 89:cf:f1:b4:1d:5e:06:6e:7b:67:54:f5:02:92:b1: 91:0d:fe:1f:0b:01:1a:4a:19:38:1b:e1:b2:a4:95: 55:ff:ad:a6:fd:4c:18:29:96:06:f0:14:6c:be:0d: 02:a0:d0:a2:20:b7:80:9c:ac:14:81:68:9f:ef:4a: 5c:c5:08:79:67:ed:d3:0d:b6:1d:70:24:00:6d:a4: 1c:9a:dd:50:23:79:ad:84:98:61:7b:b6:24:db:4c: 88:be:9f:a6:11:56:62:2a:b5:05:65:56:5d:82:7c: 22:af:e6:cb:dd:42:1a:76:cd:04:cc:b7:72:35:34: ed:f8:fc:79:aa:c0:8e:db:7a:65:76:ab:19:f6:0d: 1d:eb:e1:5b:74:fc:dc:c8:d0:fa:4e:9f:7d:98:6f: 2c:73:5f:4e:e4:65:75:6e:14:1e:8f:e7:dd:04:2d: 70:b7:23:7b:84:a1:16:8f:41:e3:eb:a9:4f:f9:c1: c2:85:29:79:c7:68:d0:47:38:d7:7f:16:bc:9b:c4: 54:17:4b:cb:c7:90:09:57:49:5e:4b:7a:90:a0:4e: 82:2b:7e:6b:ee:3f:41:91:21:56:0a:70:c0:13:79: b0:a1:27:6e:6d:15:1b:ae:ae:40:dc:d1:74:e9:c3: 42:c5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C4:73:66:F0:60:63:78:6E:47:1D:AE:45:66:07:5A:C1:19:A6:06:58 X509v3 Authority Key Identifier: keyid:2C:19:17:53:25:A5:F3:6C:0B:B5:8F:92:11:9E:65:82:0C:8F:D5:7B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91ACD72/4576A672261211ECB9319942C4F9AE02/LBkXUyWl82wLtY-SEZ5lggyP1Xs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LBkXUyWl82wLtY-SEZ5lggyP1Xs.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91ACD72/4576A672261211ECB9319942C4F9AE02/1CD7BEFC4D0E11EEA09FBF12C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 117.55.206.0/23 Signature Algorithm: sha256WithRSAEncryption 6c:a7:52:8c:bc:93:49:a1:9b:5b:57:25:f4:79:6f:24:34:e0: 74:1c:fb:e0:36:21:4b:36:79:47:55:c1:83:d1:66:3c:01:1f: 72:fd:1e:55:1f:fa:60:64:21:c2:01:12:32:9c:7f:8c:b2:ff: 9e:f0:23:a8:fc:08:2d:71:5a:03:a9:1b:74:ad:04:83:fa:8b: bf:fd:ba:1b:ba:fe:73:8e:fb:1a:07:a6:6b:1e:b6:80:3c:4e: d1:5e:bf:8f:c2:00:a6:98:9d:12:9e:39:19:7c:0b:f4:c8:9f: f8:41:5b:40:10:6a:ed:aa:3e:26:16:0c:f4:03:54:dc:9a:7b: 46:71:03:91:e3:a4:e2:20:7c:23:2a:e6:d5:e9:ca:03:80:27: 83:bc:b7:64:f6:06:54:05:f0:a4:8c:c8:fa:cb:65:e0:d5:57: 72:04:57:2d:b5:d1:13:2a:65:cd:24:12:e8:16:32:22:b1:a8: 34:89:78:a7:2d:7b:c7:f0:e2:c0:05:b7:2c:c9:03:65:ce:38: eb:94:0f:e4:eb:12:fb:af:0c:86:b8:3d:d1:b4:c1:cd:dd:13: c3:51:60:ce:d1:4a:4b:b8:af:fe:f9:61:b7:ed:92:f3:e5:5c: aa:63:95:4f:1c:1d:21:57:ef:5b:e4:10:af:86:be:06:c2:16: 35:c4:ff:80 -----BEGIN CERTIFICATE----- MIIFcTCCBFmgAwIBAgICBOAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QUNENzIxMTAvBgNVBAUTKDJDMTkxNzUzMjVBNUYzNkMwQkI1OEY5MjExOUU2NTgy MEM4RkQ1N0IwHhcNMjQxMjI4MjMzMjMwWhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD VQQDEw02NzcwOGE4ZS05ZGY3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAt/yclgP8zP00gBfLFHCJz/G0HV4GbntnVPUCkrGRDf4fCwEaShk4G+GypJVV /62m/UwYKZYG8BRsvg0CoNCiILeAnKwUgWif70pcxQh5Z+3TDbYdcCQAbaQcmt1Q I3mthJhhe7Yk20yIvp+mEVZiKrUFZVZdgnwir+bL3UIads0EzLdyNTTt+Px5qsCO 23pldqsZ9g0d6+FbdPzcyND6Tp99mG8sc19O5GV1bhQej+fdBC1wtyN7hKEWj0Hj 66lP+cHChSl5x2jQRzjXfxa8m8RUF0vLx5AJV0leS3qQoE6CK35r7j9BkSFWCnDA E3mwoSdubRUbrq5A3NF06cNCxQIDAQABo4IClTCCApEwHQYDVR0OBBYEFMRzZvBg Y3huRx2uRWYHWsEZpgZYMB8GA1UdIwQYMBaAFCwZF1MlpfNsC7WPkhGeZYIMj9V7 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBQ0Q3Mi80NTc2QTY3MjI2 MTIxMUVDQjkzMTk5NDJDNEY5QUUwMi9MQmtYVXlXbDgyd0x0WS1TRVo1bGdneVAx WHMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0xCa1hVeVdsODJ3THRZLVNFWjVsZ2d5UDFYcy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QUNENzIvNDU3NkE2NzIyNjEyMTFFQ0I5MzE5OTQyQzRGOUFFMDIvMUNEN0JFRkM0 RDBFMTFFRUEwOUZCRjEyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E EDAOMAwEAgABMAYDBAF1N84wDQYJKoZIhvcNAQELBQADggEBAGynUoy8k0mhm1tX JfR5byQ04HQc++A2IUs2eUdVwYPRZjwBH3L9HlUf+mBkIcIBEjKcf4yy/57wI6j8 CC1xWgOpG3StBIP6i7/9uhu6/nOO+xoHpmsetoA8TtFev4/CAKaYnRKeORl8C/TI n/hBW0AQau2qPiYWDPQDVNyae0ZxA5HjpOIgfCMq5tXpygOAJ4O8t2T2BlQF8KSM yPrLZeDVV3IEVy210RMqZc0kEugWMiKxqDSJeKcte8fw4sAFtyzJA2XOOOuUD+Tr EvuvDIa4PdG0wc3dE8NRYM7RSku4r/75YbftkvPlXKpjlU8cHSFX71vkEK+GvgbC FjXE/4A= -----END CERTIFICATE-----Generated at Fri Apr 11 10:02:44 2025 by rpki-client