$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6304/19E4DF06DB0711EC9922D70FC4F9AE02/DDBFCC3E74D011EDBF68684EC4F9AE02.roa File: DDBFCC3E74D011EDBF68684EC4F9AE02.roa (raw, json) Hash identifier: wX0YxkF7ON0zYa1p4IQNaF8/BCzewXN48sfueo8kyHM= Subject key identifier: D2:C3:7E:97:6A:29:69:1A:6C:6C:26:9F:62:26:36:17:32:35:AA:9D Certificate issuer: /CN=A91E6304/serialNumber=2596AED0C0CB3BCFE31804B239CF4657712E276A Certificate serial: 031D Authority key identifier: 25:96:AE:D0:C0:CB:3B:CF:E3:18:04:B2:39:CF:46:57:71:2E:27:6A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JZau0MDLO8_jGASyOc9GV3EuJ2o.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E6304/19E4DF06DB0711EC9922D70FC4F9AE02/DDBFCC3E74D011EDBF68684EC4F9AE02.roa Signing time: Tue 18 Feb 2025 17:27:31 +0000 ROA not before: Tue 18 Feb 2025 17:27:31 +0000 ROA not after: Tue 30 Dec 2025 00:00:00 +0000 asID: 31898 IP address blocks: 2407:30c0:200::/48 maxlen: 48 2407:30c0:201::/48 maxlen: 48 2407:30c0:202::/48 maxlen: 48 2407:30c0:203::/48 maxlen: 48 2407:30c0:204::/48 maxlen: 48 2407:30c0:205::/48 maxlen: 48 2407:30c0:206::/48 maxlen: 48 2407:30c0:207::/48 maxlen: 48 2407:30c0:208::/48 maxlen: 48 2407:30c0:209::/48 maxlen: 48 2407:30c0:20a::/48 maxlen: 48 2407:30c0:20b::/48 maxlen: 48 2407:30c0:20c::/48 maxlen: 48 2407:30c0:20d::/48 maxlen: 48 2407:30c0:20e::/48 maxlen: 48 2407:30c0:20f::/48 maxlen: 48 2407:30c0:211::/48 maxlen: 48 2407:30c0:212::/48 maxlen: 48 2407:30c0:213::/48 maxlen: 48 2407:30c0:214::/48 maxlen: 48 2407:30c0:215::/48 maxlen: 48 2407:30c0:216::/48 maxlen: 48 2407:30c0:217::/48 maxlen: 48 2407:30c0:218::/48 maxlen: 48 2407:30c0:219::/48 maxlen: 48 2407:30c0:21a::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E6304/19E4DF06DB0711EC9922D70FC4F9AE02/JZau0MDLO8_jGASyOc9GV3EuJ2o.crl rsync://rpki.apnic.net/member_repository/A91E6304/19E4DF06DB0711EC9922D70FC4F9AE02/JZau0MDLO8_jGASyOc9GV3EuJ2o.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JZau0MDLO8_jGASyOc9GV3EuJ2o.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 12 Apr 2025 01:30:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 797 (0x31d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E6304 Validity Not Before: Feb 18 17:27:31 2025 GMT Not After : Dec 30 00:00:00 2025 GMT Subject: CN=67b4c303-8b2a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:18:f1:a8:68:30:9f:53:3c:b0:a7:42:d3:f5: 59:ef:d9:25:82:3e:62:fc:c9:20:74:8b:0e:71:87: b4:f9:b5:9a:48:93:d6:c6:da:b9:33:7a:51:51:8c: b8:f2:c6:75:25:0f:72:d6:d1:72:4d:d6:27:13:82: a9:5b:be:cc:38:1d:3c:e0:c8:a5:07:ec:82:9e:d5: 48:df:a2:cc:e5:db:99:6b:8d:4e:58:e1:70:e1:f4: 3d:fc:dc:2c:c6:d2:04:d4:70:0f:3b:25:b4:3f:83: b7:04:06:1d:85:dc:e2:55:a0:89:33:68:5d:bf:d6: 89:94:44:49:c6:a3:67:91:af:81:e9:0b:54:bf:0c: be:ae:74:f3:77:95:02:79:ba:03:a7:bf:70:6f:7e: 89:c5:5c:9e:70:9c:fe:2e:af:73:25:77:7e:94:a3: 32:ec:c4:21:dc:92:47:2d:43:9c:ef:a2:44:0e:ea: 7a:6a:e7:02:14:04:da:45:49:fd:41:94:c1:0b:1f: f3:e8:b2:b3:0e:96:12:62:07:94:4e:f1:c6:5f:a6: d9:28:e8:69:5b:14:27:04:7d:bc:1d:f0:f5:5e:2b: 96:4e:6b:36:5e:5c:80:23:28:da:19:bc:fc:3d:cc: 5c:7b:ba:b5:ec:b3:72:37:72:3f:04:fd:cd:7b:3b: 04:ab Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D2:C3:7E:97:6A:29:69:1A:6C:6C:26:9F:62:26:36:17:32:35:AA:9D X509v3 Authority Key Identifier: keyid:25:96:AE:D0:C0:CB:3B:CF:E3:18:04:B2:39:CF:46:57:71:2E:27:6A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E6304/19E4DF06DB0711EC9922D70FC4F9AE02/JZau0MDLO8_jGASyOc9GV3EuJ2o.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JZau0MDLO8_jGASyOc9GV3EuJ2o.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6304/19E4DF06DB0711EC9922D70FC4F9AE02/DDBFCC3E74D011EDBF68684EC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv6: 2407:30c0:200::/44 2407:30c0:211::-2407:30c0:21a:ffff:ffff:ffff:ffff:ffff Signature Algorithm: sha256WithRSAEncryption 6f:e7:d6:95:f5:93:fd:67:bc:40:54:c6:66:bd:7d:85:40:a2: ef:b8:97:c1:ae:68:06:3c:32:e5:eb:bf:e2:de:ea:88:8d:d3: 02:92:24:36:8f:c6:95:66:c4:61:e3:1e:c6:b0:c5:0e:5f:ee: 42:25:da:f0:0f:26:6e:b3:3e:94:69:3d:1f:b3:07:7b:8c:93: 3f:1a:17:b2:17:bc:28:97:26:dd:18:f2:16:a2:18:ed:a8:80: 92:58:a5:21:ef:13:0d:d7:79:77:35:ab:4d:6d:22:c1:21:b2: fb:94:c5:fb:f6:b4:76:20:73:61:48:63:fa:61:b9:fd:48:3a: cd:ea:fb:b9:00:63:f4:39:4f:a5:f8:64:af:2a:10:f4:5b:75: b8:56:d3:88:db:33:2a:d0:7e:b2:cb:9d:eb:74:bf:91:91:ee: 78:f5:1b:b1:ed:c8:2f:a6:0b:69:22:dd:9f:6a:4f:12:c1:72: 69:32:68:15:9a:2d:6d:aa:89:a9:13:c5:7a:ef:85:fb:8e:0d: 11:bd:4b:e0:49:1b:06:91:83:cc:f7:0a:ad:fb:02:d8:a0:2b: 17:83:30:98:9e:0e:92:e4:a3:93:02:e9:76:c1:a5:6c:60:45: dc:ec:16:78:bf:6c:5c:ac:b0:34:2f:c0:b4:64:be:be:b0:f0: fc:08:3b:56 -----BEGIN CERTIFICATE----- MIIFiDCCBHCgAwIBAgICAx0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTYzMDQxMTAvBgNVBAUTKDI1OTZBRUQwQzBDQjNCQ0ZFMzE4MDRCMjM5Q0Y0NjU3 NzEyRTI3NkEwHhcNMjUwMjE4MTcyNzMxWhcNMjUxMjMwMDAwMDAwWjAYMRYwFAYD VQQDEw02N2I0YzMwMy04YjJhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA1xjxqGgwn1M8sKdC0/VZ79klgj5i/MkgdIsOcYe0+bWaSJPWxtq5M3pRUYy4 8sZ1JQ9y1tFyTdYnE4KpW77MOB084MilB+yCntVI36LM5duZa41OWOFw4fQ9/Nws xtIE1HAPOyW0P4O3BAYdhdziVaCJM2hdv9aJlERJxqNnka+B6QtUvwy+rnTzd5UC eboDp79wb36JxVyecJz+Lq9zJXd+lKMy7MQh3JJHLUOc76JEDup6aucCFATaRUn9 QZTBCx/z6LKzDpYSYgeUTvHGX6bZKOhpWxQnBH28HfD1XiuWTms2XlyAIyjaGbz8 Pcxce7q17LNyN3I/BP3NezsEqwIDAQABo4ICrDCCAqgwHQYDVR0OBBYEFNLDfpdq KWkabGwmn2ImNhcyNaqdMB8GA1UdIwQYMBaAFCWWrtDAyzvP4xgEsjnPRldxLidq MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNjMwNC8xOUU0REYwNkRC MDcxMUVDOTkyMkQ3MEZDNEY5QUUwMi9KWmF1ME1ETE84X2pHQVN5T2M5R1YzRXVK Mm8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0paYXUwTURMTzhfakdBU3lPYzlHVjNFdUoyby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RTYzMDQvMTlFNERGMDZEQjA3MTFFQzk5MjJENzBGQzRGOUFFMDIvRERCRkNDM0U3 NEQwMTFFREJGNjg2ODRFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNgYIKwYBBQUHAQcBAf8E JzAlMCMEAgACMB0DBwQkBzDAAgAwEgMHACQHMMACEQMHACQHMMACGjANBgkqhkiG 9w0BAQsFAAOCAQEAb+fWlfWT/We8QFTGZr19hUCi77iXwa5oBjwy5eu/4t7qiI3T ApIkNo/GlWbEYeMexrDFDl/uQiXa8A8mbrM+lGk9H7MHe4yTPxoXshe8KJcm3Rjy FqIY7aiAklilIe8TDdd5dzWrTW0iwSGy+5TF+/a0diBzYUhj+mG5/Ug6zer7uQBj 9DlPpfhkryoQ9Ft1uFbTiNszKtB+ssud63S/kZHuePUbse3IL6YLaSLdn2pPEsFy aTJoFZotbaqJqRPFeu+F+44NEb1L4EkbBpGDzPcKrfsC2KArF4MwmJ4OkuSjkwLp dsGlbGBF3OwWeL9sXKywNC/AtGS+vrDw/Ag7Vg== -----END CERTIFICATE-----Generated at Sat Apr 5 12:34:38 2025 by rpki-client