$ rpki-client -vvf rpki.apnic.net/member_repository/A91CB4E9/D386134440EE11F09E93351CC4F9AE02/539EAC9440EF11F08CFAFB1CC4F9AE02.roa File: 539EAC9440EF11F08CFAFB1CC4F9AE02.roa (raw, json) Hash identifier: WcSNu1HK0gGCU7aORSHhSulUdwLctmKgMDS1dq0RYbQ= Subject key identifier: 24:D5:F4:00:1A:61:DF:DD:46:0D:58:B6:E0:0C:8B:DE:F9:57:8A:C0 Certificate issuer: /CN=A91CB4E9/serialNumber=50AE716F3D36B9BEEAE27F10068F9E36A233AB91 Certificate serial: 02 Authority key identifier: 50:AE:71:6F:3D:36:B9:BE:EA:E2:7F:10:06:8F:9E:36:A2:33:AB:91 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UK5xbz02ub7q4n8QBo-eNqIzq5E.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CB4E9/D386134440EE11F09E93351CC4F9AE02/539EAC9440EF11F08CFAFB1CC4F9AE02.roa Signing time: Wed 04 Jun 2025 02:55:09 +0000 ROA not before: Wed 04 Jun 2025 02:55:09 +0000 ROA not after: Tue 31 Mar 2026 00:00:00 +0000 asID: 16509 IP address blocks: 202.49.204.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CB4E9/D386134440EE11F09E93351CC4F9AE02/UK5xbz02ub7q4n8QBo-eNqIzq5E.crl rsync://rpki.apnic.net/member_repository/A91CB4E9/D386134440EE11F09E93351CC4F9AE02/UK5xbz02ub7q4n8QBo-eNqIzq5E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UK5xbz02ub7q4n8QBo-eNqIzq5E.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 06 Jul 2025 07:05:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2 (0x2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CB4E9, serialNumber=50AE716F3D36B9BEEAE27F10068F9E36A233AB91 Validity Not Before: Jun 4 02:55:09 2025 GMT Not After : Mar 31 00:00:00 2026 GMT Subject: CN=683fb58d-f05c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:91:49:88:a0:2c:3a:f6:ae:64:aa:88:46:d3: 16:da:e0:8a:66:69:3a:91:e5:8b:d8:c9:e0:1f:70: ea:52:d3:79:8b:af:3b:62:93:74:92:aa:bb:47:c0: 4f:bd:8f:d3:2c:36:4c:4a:1e:dd:77:10:53:81:d5: bc:25:09:f6:bd:1e:3a:4e:c3:3f:44:98:9a:91:09: af:90:c8:a7:f1:20:59:0c:2f:44:35:f9:3f:15:72: f4:50:82:2a:c8:77:81:fb:1f:9d:18:c9:d9:98:4d: 80:21:6e:81:09:9b:e2:d1:6f:7b:90:73:ff:c6:5a: f4:a4:2f:eb:09:9c:2e:6b:a6:54:22:07:9b:b8:39: cc:ef:d7:7e:e0:13:20:de:78:36:e1:36:99:5f:b8: 0a:ba:b0:6c:9a:c5:13:78:89:fe:b7:64:9a:67:86: 04:cc:0b:c8:71:0a:1a:b3:76:4c:1f:0c:c0:bd:c8: f3:94:d2:2b:95:61:07:df:38:ee:60:aa:a3:05:38: fe:a4:c5:14:da:01:9f:b9:60:10:cb:79:26:60:4f: 5b:86:4d:b9:d3:46:c1:3a:af:69:ea:69:9f:01:1e: 66:52:a0:61:3f:96:0c:58:0a:0a:77:16:fe:1f:d2: 88:03:73:e9:a4:aa:fc:33:75:78:44:cd:f2:9a:15: 7b:1f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 24:D5:F4:00:1A:61:DF:DD:46:0D:58:B6:E0:0C:8B:DE:F9:57:8A:C0 X509v3 Authority Key Identifier: keyid:50:AE:71:6F:3D:36:B9:BE:EA:E2:7F:10:06:8F:9E:36:A2:33:AB:91 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CB4E9/D386134440EE11F09E93351CC4F9AE02/UK5xbz02ub7q4n8QBo-eNqIzq5E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UK5xbz02ub7q4n8QBo-eNqIzq5E.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CB4E9/D386134440EE11F09E93351CC4F9AE02/539EAC9440EF11F08CFAFB1CC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 202.49.204.0/24 Signature Algorithm: sha256WithRSAEncryption 50:27:31:a4:f9:e5:bf:40:7a:7e:7d:8f:cd:09:5a:3f:76:d3: 66:78:71:98:25:ac:d0:6d:f6:25:3b:e6:d1:bb:7c:4e:38:f9: d2:b9:5e:be:8a:96:f4:12:4d:1a:ed:9f:3c:da:b5:98:46:d7: 79:55:59:75:1c:b0:fe:1d:fd:53:10:00:d3:eb:7d:65:47:06: de:df:c3:12:85:b6:7c:e1:92:18:94:8d:a1:c5:03:78:46:88: bb:5a:77:2e:58:f2:4e:44:42:fa:86:22:8b:8f:25:b3:50:d6: 6e:27:bb:ba:6f:ff:66:13:b2:fa:0d:15:0e:da:68:a0:3a:27: 9e:3d:6f:34:da:fd:69:00:b8:b0:11:91:ba:86:6a:03:75:17: 1c:4e:51:ce:ba:c6:62:5b:82:21:a3:28:71:94:9b:ad:ba:f7: 92:4c:b4:7f:10:8e:96:fd:b8:2c:70:da:bf:2a:80:ea:0f:27: 04:76:a4:f8:a8:db:81:dc:73:fb:d6:b2:8c:4c:3d:69:5d:1d: ce:02:15:b9:ee:0b:c1:e3:ea:0e:a9:5d:a4:0d:98:27:7e:6c: 88:6f:a1:2a:92:45:81:72:65:52:64:2d:eb:ce:8c:19:f2:d4: ab:ef:e5:f2:68:9b:d4:b7:15:ba:ba:be:a3:ca:39:fb:e1:eb: 8c:05:53:a7 -----BEGIN CERTIFICATE----- MIIFcDCCBFigAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFD QjRFOTExMC8GA1UEBRMoNTBBRTcxNkYzRDM2QjlCRUVBRTI3RjEwMDY4RjlFMzZB MjMzQUI5MTAeFw0yNTA2MDQwMjU1MDlaFw0yNjAzMzEwMDAwMDBaMBgxFjAUBgNV BAMTDTY4M2ZiNThkLWYwNWMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQClkUmIoCw69q5kqohG0xba4IpmaTqR5YvYyeAfcOpS03mLrztik3SSqrtHwE+9 j9MsNkxKHt13EFOB1bwlCfa9HjpOwz9EmJqRCa+QyKfxIFkML0Q1+T8VcvRQgirI d4H7H50YydmYTYAhboEJm+LRb3uQc//GWvSkL+sJnC5rplQiB5u4Oczv137gEyDe eDbhNplfuAq6sGyaxRN4if63ZJpnhgTMC8hxChqzdkwfDMC9yPOU0iuVYQffOO5g qqMFOP6kxRTaAZ+5YBDLeSZgT1uGTbnTRsE6r2nqaZ8BHmZSoGE/lgxYCgp3Fv4f 0ogDc+mkqvwzdXhEzfKaFXsfAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUJNX0ABph 391GDVi24AyL3vlXisAwHwYDVR0jBBgwFoAUUK5xbz02ub7q4n8QBo+eNqIzq5Ew DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUNCNEU5L0QzODYxMzQ0NDBF RTExRjA5RTkzMzUxQ0M0RjlBRTAyL1VLNXhiejAydWI3cTRuOFFCby1lTnFJenE1 RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvVUs1eGJ6MDJ1YjdxNG44UUJvLWVOcUl6cTVFLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD QjRFOS9EMzg2MTM0NDQwRUUxMUYwOUU5MzM1MUNDNEY5QUUwMi81MzlFQUM5NDQw RUYxMUYwOENGQUZCMUNDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ MA4wDAQCAAEwBgMEAMoxzDANBgkqhkiG9w0BAQsFAAOCAQEAUCcxpPnlv0B6fn2P zQlaP3bTZnhxmCWs0G32JTvm0bt8Tjj50rlevoqW9BJNGu2fPNq1mEbXeVVZdRyw /h39UxAA0+t9ZUcG3t/DEoW2fOGSGJSNocUDeEaIu1p3LljyTkRC+oYii48ls1DW bie7um//ZhOy+g0VDtpooDonnj1vNNr9aQC4sBGRuoZqA3UXHE5RzrrGYluCIaMo cZSbrbr3kky0fxCOlv24LHDavyqA6g8nBHak+Kjbgdxz+9ayjEw9aV0dzgIVue4L wePqDqldpA2YJ35siG+hKpJFgXJlUmQt686MGfLUq+/l8mib1LcVurq+o8o5++Hr jAVTpw== -----END CERTIFICATE-----Generated at Tue Jul 1 01:22:34 2025 by rpki-client