$ rpki-client -vvf rpki.apnic.net/member_repository/A91D17F2/4C88A7A0FDFE11E9BD667D1FC4F9AE02/56B11920B64911EFBDB0DF37C4F9AE02.roa File: 56B11920B64911EFBDB0DF37C4F9AE02.roa (raw, json) Hash identifier: XCT7tuDg7rRdggBIsYIkP0xUcz1gGkq6RdReIlG+HqU= Subject key identifier: A7:14:21:78:53:BA:EE:04:6D:C9:52:DD:AF:D2:7C:75:AF:23:49:F1 Certificate issuer: /CN=A91D17F2/serialNumber=5486376B05B8A2552329E361BD725C77E1F8D0C9 Certificate serial: 0CF1 Authority key identifier: 54:86:37:6B:05:B8:A2:55:23:29:E3:61:BD:72:5C:77:E1:F8:D0:C9 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VIY3awW4olUjKeNhvXJcd-H40Mk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D17F2/4C88A7A0FDFE11E9BD667D1FC4F9AE02/56B11920B64911EFBDB0DF37C4F9AE02.roa Signing time: Wed 08 Jan 2025 18:37:07 +0000 ROA not before: Wed 08 Jan 2025 18:37:07 +0000 ROA not after: Tue 31 Mar 2026 00:00:00 +0000 asID: 197450 IP address blocks: 59.152.60.0/24 maxlen: 24 59.152.61.0/24 maxlen: 24 59.152.62.0/24 maxlen: 24 59.152.63.0/24 maxlen: 24 103.205.180.0/24 maxlen: 24 103.205.181.0/24 maxlen: 24 103.205.182.0/24 maxlen: 24 103.205.183.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D17F2/4C88A7A0FDFE11E9BD667D1FC4F9AE02/VIY3awW4olUjKeNhvXJcd-H40Mk.crl rsync://rpki.apnic.net/member_repository/A91D17F2/4C88A7A0FDFE11E9BD667D1FC4F9AE02/VIY3awW4olUjKeNhvXJcd-H40Mk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VIY3awW4olUjKeNhvXJcd-H40Mk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 21 Feb 2025 05:15:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3313 (0xcf1) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D17F2 Validity Not Before: Jan 8 18:37:07 2025 GMT Not After : Mar 31 00:00:00 2026 GMT Subject: CN=677ec5d3-f4ad Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:e3:0a:a5:4d:44:48:94:a9:ba:dc:a0:7d:75: ee:16:05:eb:c7:b7:07:e0:25:3b:3d:99:15:b0:35: 62:b8:55:f9:93:93:f6:bd:79:a4:15:56:ea:d4:f2: 2a:84:91:17:09:bc:90:1a:55:9c:be:6c:4e:52:25: 44:8c:53:2d:1c:44:6c:83:fe:9e:22:71:e0:98:64: 24:ef:3e:fb:bb:63:4d:29:42:6d:18:f2:9d:19:64: 95:81:12:7a:a1:27:21:c7:ff:5f:7f:ca:03:43:8e: 20:2d:ac:8f:68:47:c8:ef:9e:96:ea:dc:3a:e1:55: ac:0f:cc:97:13:6b:ff:a2:55:f7:de:b9:ea:55:64: 98:52:f4:f7:b4:ea:42:40:76:ce:6c:fb:a4:6c:c5: 32:51:84:dd:31:c5:51:75:95:a2:89:dc:25:d7:44: 73:13:e0:f9:8e:5e:fc:59:90:e7:0c:9d:71:82:20: f2:59:43:9f:fc:e4:03:99:a6:19:49:4c:c0:b8:7d: 21:17:6c:03:17:df:6b:2a:f8:0e:76:54:ab:2e:16: e5:0a:f7:a4:a7:df:1e:2d:a4:43:d3:53:80:8f:9f: 2e:45:75:30:48:8a:8b:a9:33:d5:77:38:d4:d3:31: 7b:a3:19:9e:8e:41:d1:a4:cb:8c:95:2b:0f:f5:b2: 76:49 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A7:14:21:78:53:BA:EE:04:6D:C9:52:DD:AF:D2:7C:75:AF:23:49:F1 X509v3 Authority Key Identifier: keyid:54:86:37:6B:05:B8:A2:55:23:29:E3:61:BD:72:5C:77:E1:F8:D0:C9 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D17F2/4C88A7A0FDFE11E9BD667D1FC4F9AE02/VIY3awW4olUjKeNhvXJcd-H40Mk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VIY3awW4olUjKeNhvXJcd-H40Mk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D17F2/4C88A7A0FDFE11E9BD667D1FC4F9AE02/56B11920B64911EFBDB0DF37C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 59.152.60.0/22 103.205.180.0/22 Signature Algorithm: sha256WithRSAEncryption 86:71:24:0c:c9:4c:0b:4f:3b:4c:ec:74:b4:4d:e3:b0:04:12: b6:17:f6:8f:a3:34:bc:89:01:6b:37:af:79:c3:1d:e9:f7:3c: c3:16:22:53:fa:28:b3:a6:2a:ae:cb:9a:8d:e7:71:4f:54:9d: 3f:ef:8d:88:ae:da:ee:81:ab:a5:ce:0a:71:19:9f:b8:a2:bb: a4:27:af:8e:7f:c2:29:11:82:51:bb:72:45:0c:28:2e:df:5d: 5f:af:26:f8:b9:01:ea:25:84:f6:e3:5f:73:0c:7f:17:5b:f7: 02:ee:60:f7:cd:26:20:92:83:8e:58:48:64:aa:34:fd:dc:40: e8:fc:5f:db:32:e8:65:6c:67:a4:90:2e:4e:77:fc:4c:ad:76: 12:6a:f5:09:50:47:70:0b:cd:a3:90:f6:4a:97:0f:8e:95:c4: e4:8c:c5:a2:f8:f7:16:a9:ff:75:2c:fd:f2:d7:f2:98:4e:fb: 34:96:10:14:59:35:eb:17:15:c2:0f:49:57:9d:ed:ae:4f:3b: b5:69:2e:2f:22:a6:29:99:e1:be:8c:70:58:8f:87:38:db:be: fa:70:a6:c1:91:c0:5d:1e:32:d2:9f:54:dc:2d:1f:4a:26:76: d5:2e:f7:68:27:84:84:5e:30:96:fc:25:d1:69:e7:31:73:3a: 5b:6a:b6:35 -----BEGIN CERTIFICATE----- MIIFdzCCBF+gAwIBAgICDPEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDE3RjIxMTAvBgNVBAUTKDU0ODYzNzZCMDVCOEEyNTUyMzI5RTM2MUJENzI1Qzc3 RTFGOEQwQzkwHhcNMjUwMTA4MTgzNzA3WhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NzdlYzVkMy1mNGFkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAyOMKpU1ESJSputygfXXuFgXrx7cH4CU7PZkVsDViuFX5k5P2vXmkFVbq1PIq hJEXCbyQGlWcvmxOUiVEjFMtHERsg/6eInHgmGQk7z77u2NNKUJtGPKdGWSVgRJ6 oSchx/9ff8oDQ44gLayPaEfI756W6tw64VWsD8yXE2v/olX33rnqVWSYUvT3tOpC QHbObPukbMUyUYTdMcVRdZWiidwl10RzE+D5jl78WZDnDJ1xgiDyWUOf/OQDmaYZ SUzAuH0hF2wDF99rKvgOdlSrLhblCvekp98eLaRD01OAj58uRXUwSIqLqTPVdzjU 0zF7oxmejkHRpMuMlSsP9bJ2SQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFKcUIXhT uu4EbclS3a/SfHWvI0nxMB8GA1UdIwQYMBaAFFSGN2sFuKJVIynjYb1yXHfh+NDJ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEMTdGMi80Qzg4QTdBMEZE RkUxMUU5QkQ2NjdEMUZDNEY5QUUwMi9WSVkzYXdXNG9sVWpLZU5odlhKY2QtSDQw TWsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1ZJWTNhd1c0b2xVaktlTmh2WEpjZC1INDBNay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RDE3RjIvNEM4OEE3QTBGREZFMTFFOUJENjY3RDFGQzRGOUFFMDIvNTZCMTE5MjBC NjQ5MTFFRkJEQjBERjM3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E FjAUMBIEAgABMAwDBAI7mDwDBAJnzbQwDQYJKoZIhvcNAQELBQADggEBAIZxJAzJ TAtPO0zsdLRN47AEErYX9o+jNLyJAWs3r3nDHen3PMMWIlP6KLOmKq7Lmo3ncU9U nT/vjYiu2u6Bq6XOCnEZn7iiu6Qnr45/wikRglG7ckUMKC7fXV+vJvi5AeolhPbj X3MMfxdb9wLuYPfNJiCSg45YSGSqNP3cQOj8X9sy6GVsZ6SQLk53/EytdhJq9QlQ R3ALzaOQ9kqXD46VxOSMxaL49xap/3Us/fLX8phO+zSWEBRZNesXFcIPSVed7a5P O7VpLi8ipimZ4b6McFiPhzjbvvpwpsGRwF0eMtKfVNwtH0omdtUu92gnhIReMJb8 JdFp5zFzOltqtjU= -----END CERTIFICATE-----Generated at Wed Feb 19 22:30:53 2025 by rpki-client