$ rpki-client -vvf rpki.apnic.net/member_repository/A91B1FA8/E861FD3AAFD911E8B2ED4C7FC4F9AE02/40366CF0F8C811EBB7BFD243C4F9AE02.roa File: 40366CF0F8C811EBB7BFD243C4F9AE02.roa (raw, json) Hash identifier: YO0KSyMg3rhBagYoGztB5o5uMcRrrSiw068DI4yqRmI= Subject key identifier: 38:C9:86:B5:BD:96:72:36:F3:FC:A8:47:4D:B5:EF:65:75:A5:73:48 Certificate issuer: /CN=A91B1FA8/serialNumber=1C4E9F3F800505A40BA165B6C020405A22C64B3B Certificate serial: 133F Authority key identifier: 1C:4E:9F:3F:80:05:05:A4:0B:A1:65:B6:C0:20:40:5A:22:C6:4B:3B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HE6fP4AFBaQLoWW2wCBAWiLGSzs.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B1FA8/E861FD3AAFD911E8B2ED4C7FC4F9AE02/40366CF0F8C811EBB7BFD243C4F9AE02.roa Signing time: Tue 04 Mar 2025 17:45:00 +0000 ROA not before: Tue 04 Mar 2025 17:45:00 +0000 ROA not after: Fri 01 May 2026 00:00:00 +0000 asID: 55002 IP address blocks: 2403:5800:e000::/36 maxlen: 37 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B1FA8/E861FD3AAFD911E8B2ED4C7FC4F9AE02/HE6fP4AFBaQLoWW2wCBAWiLGSzs.crl rsync://rpki.apnic.net/member_repository/A91B1FA8/E861FD3AAFD911E8B2ED4C7FC4F9AE02/HE6fP4AFBaQLoWW2wCBAWiLGSzs.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HE6fP4AFBaQLoWW2wCBAWiLGSzs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 19 Mar 2025 17:00:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4927 (0x133f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B1FA8 Validity Not Before: Mar 4 17:45:00 2025 GMT Not After : May 1 00:00:00 2026 GMT Subject: CN=67c73c1c-807b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:4a:92:e7:7a:e6:e7:f6:62:d2:39:03:89:85: cc:a6:48:d8:e7:90:ac:48:8b:b5:d8:62:fc:84:02: a3:b0:05:0a:f4:9c:a0:f6:a4:91:82:a7:34:49:9f: 7f:4d:57:b3:17:0e:ea:ef:9c:ec:58:3d:a0:dc:b5: 50:8d:1c:e2:2b:3f:40:ce:8d:dc:2b:22:a7:60:00: 05:3c:0d:77:68:bc:85:5c:76:00:49:1d:2f:1a:9e: f1:d1:a9:9c:72:bf:8d:42:96:07:d4:b6:ac:f3:d4: a7:9e:09:44:80:96:eb:5a:69:62:5a:3d:32:8c:18: 20:2b:8b:e5:fe:f3:99:59:f0:2f:1f:0f:dd:82:9b: 52:8e:36:d3:4e:66:03:2b:39:06:1d:76:5d:75:24: 02:9b:33:86:00:ec:9f:c6:92:a2:d4:13:b6:6e:2d: 7a:cb:dd:ed:2a:05:db:b5:29:6f:38:33:ab:2f:fb: 7c:51:a2:9b:e0:21:3d:53:6a:ca:71:53:9a:43:b4: 91:8e:59:88:df:9a:d5:90:73:c9:71:af:ba:f2:e3: 78:c5:7c:18:fe:74:7b:a8:4d:f7:22:36:69:95:09: 50:64:ac:8d:3b:34:7f:99:9e:ca:31:91:5b:03:03: 28:b5:89:21:be:67:a8:83:1c:92:37:37:3b:51:3e: 78:4d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 38:C9:86:B5:BD:96:72:36:F3:FC:A8:47:4D:B5:EF:65:75:A5:73:48 X509v3 Authority Key Identifier: keyid:1C:4E:9F:3F:80:05:05:A4:0B:A1:65:B6:C0:20:40:5A:22:C6:4B:3B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B1FA8/E861FD3AAFD911E8B2ED4C7FC4F9AE02/HE6fP4AFBaQLoWW2wCBAWiLGSzs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HE6fP4AFBaQLoWW2wCBAWiLGSzs.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B1FA8/E861FD3AAFD911E8B2ED4C7FC4F9AE02/40366CF0F8C811EBB7BFD243C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv6: 2403:5800:e000::/36 Signature Algorithm: sha256WithRSAEncryption 4e:12:27:9d:f4:04:6c:b4:13:7f:26:d7:a2:25:0d:09:7c:7f: 51:a0:44:7b:d8:35:11:28:91:2d:e9:9a:66:d2:21:9b:ac:84: 66:29:69:bd:c7:20:38:71:2b:6a:c7:f9:57:51:1b:69:df:4d: 67:ea:2a:c0:31:7c:6b:b2:f5:07:af:22:9c:7d:93:68:2a:8f: 56:34:32:ff:43:9a:45:60:74:5f:a4:e3:3a:ad:f3:43:c3:f4: ce:36:96:aa:03:d4:48:9e:6e:00:9b:fe:b1:6d:43:83:94:d8: 6f:ec:2d:8b:1f:36:41:37:ee:d5:8a:6e:66:91:d2:5e:f6:4a: a2:1a:c5:93:03:8c:49:75:51:ea:e7:19:eb:11:21:80:3d:db: a3:20:e7:b9:fe:ca:15:11:b9:e9:0c:c9:23:15:e7:e3:19:52: 28:bc:94:3c:5e:b2:d2:e9:e5:6a:c5:c9:47:58:43:0e:6d:11: c4:eb:b7:9d:62:88:df:9c:55:f4:72:60:ca:9e:29:e1:fb:bb: 54:ac:1b:62:7c:cf:8a:c5:86:90:15:d2:06:1f:c7:fe:9b:ef: 6c:17:17:92:4b:8a:29:5c:44:f7:60:15:e6:e0:2b:a7:da:f1: 44:87:f5:54:32:d8:3b:5d:7f:f5:4a:0b:6c:3a:e5:45:6d:6c: dd:7b:69:03 -----BEGIN CERTIFICATE----- MIIFczCCBFugAwIBAgICEz8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjFGQTgxMTAvBgNVBAUTKDFDNEU5RjNGODAwNTA1QTQwQkExNjVCNkMwMjA0MDVB MjJDNjRCM0IwHhcNMjUwMzA0MTc0NTAwWhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD VQQDEw02N2M3M2MxYy04MDdiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEApkqS53rm5/Zi0jkDiYXMpkjY55CsSIu12GL8hAKjsAUK9Jyg9qSRgqc0SZ9/ TVezFw7q75zsWD2g3LVQjRziKz9Azo3cKyKnYAAFPA13aLyFXHYASR0vGp7x0amc cr+NQpYH1Las89SnnglEgJbrWmliWj0yjBggK4vl/vOZWfAvHw/dgptSjjbTTmYD KzkGHXZddSQCmzOGAOyfxpKi1BO2bi16y93tKgXbtSlvODOrL/t8UaKb4CE9U2rK cVOaQ7SRjlmI35rVkHPJca+68uN4xXwY/nR7qE33IjZplQlQZKyNOzR/mZ7KMZFb AwMotYkhvmeogxySNzc7UT54TQIDAQABo4IClzCCApMwHQYDVR0OBBYEFDjJhrW9 lnI28/yoR02172V1pXNIMB8GA1UdIwQYMBaAFBxOnz+ABQWkC6FltsAgQFoixks7 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCMUZBOC9FODYxRkQzQUFG RDkxMUU4QjJFRDRDN0ZDNEY5QUUwMi9IRTZmUDRBRkJhUUxvV1cyd0NCQVdpTEdT enMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0hFNmZQNEFGQmFRTG9XVzJ3Q0JBV2lMR1N6cy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QjFGQTgvRTg2MUZEM0FBRkQ5MTFFOEIyRUQ0QzdGQzRGOUFFMDIvNDAzNjZDRjBG OEM4MTFFQkI3QkZEMjQzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIQYIKwYBBQUHAQcBAf8E EjAQMA4EAgACMAgDBgQkA1gA4DANBgkqhkiG9w0BAQsFAAOCAQEAThInnfQEbLQT fybXoiUNCXx/UaBEe9g1ESiRLemaZtIhm6yEZilpvccgOHErasf5V1Ebad9NZ+oq wDF8a7L1B68inH2TaCqPVjQy/0OaRWB0X6TjOq3zQ8P0zjaWqgPUSJ5uAJv+sW1D g5TYb+wtix82QTfu1YpuZpHSXvZKohrFkwOMSXVR6ucZ6xEhgD3boyDnuf7KFRG5 6QzJIxXn4xlSKLyUPF6y0unlasXJR1hDDm0RxOu3nWKI35xV9HJgyp4p4fu7VKwb YnzPisWGkBXSBh/H/pvvbBcXkkuKKVxE92AV5uArp9rxRIf1VDLYO11/9UoLbDrl RW1s3XtpAw== -----END CERTIFICATE-----Generated at Thu Mar 13 21:56:59 2025 by rpki-client