$ rpki-client -vvf rpki.apnic.net/member_repository/A91E8C90/2D1BEBE41D9511E288E6B3FA08B02CD2/EFF618B85C7311EF9CC47281C4F9AE02.roa File: EFF618B85C7311EF9CC47281C4F9AE02.roa (raw, json) Hash identifier: Pf2MnnhmDrIwYiVJrAMzmgmX91XwAMLmBq+CMRQ9ITg= Subject key identifier: 83:0F:CA:BB:50:77:24:34:5D:15:CD:56:2F:0D:DA:E8:EA:6D:D4:89 Certificate issuer: /CN=A91E8C90/serialNumber=58A196A7BF06F2E16E909D277141BA44911F1F4F Certificate serial: 358D Authority key identifier: 58:A1:96:A7:BF:06:F2:E1:6E:90:9D:27:71:41:BA:44:91:1F:1F:4F Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WKGWp78G8uFukJ0ncUG6RJEfH08.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E8C90/2D1BEBE41D9511E288E6B3FA08B02CD2/EFF618B85C7311EF9CC47281C4F9AE02.roa Signing time: Fri 17 Jan 2025 11:46:12 +0000 ROA not before: Fri 17 Jan 2025 11:46:12 +0000 ROA not after: Mon 01 Dec 2025 00:00:00 +0000 asID: 14618 IP address blocks: 117.121.247.0/24 maxlen: 24 182.54.239.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E8C90/2D1BEBE41D9511E288E6B3FA08B02CD2/WKGWp78G8uFukJ0ncUG6RJEfH08.crl rsync://rpki.apnic.net/member_repository/A91E8C90/2D1BEBE41D9511E288E6B3FA08B02CD2/WKGWp78G8uFukJ0ncUG6RJEfH08.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WKGWp78G8uFukJ0ncUG6RJEfH08.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 21 Feb 2025 05:15:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13709 (0x358d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E8C90 Validity Not Before: Jan 17 11:46:12 2025 GMT Not After : Dec 1 00:00:00 2025 GMT Subject: CN=678a4304-0c71 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:b9:f4:4d:db:eb:1c:cf:ef:8e:c5:db:30:d8: 7f:14:d2:30:ca:2d:0c:db:60:41:09:c8:ae:8b:81: 2c:08:37:eb:e8:69:25:66:ca:d3:15:0e:68:73:65: 83:d7:44:f5:d6:16:ea:ac:c2:ef:33:e1:54:90:a2: ed:ed:7d:0e:72:74:47:c6:e6:67:6d:60:39:5a:ee: b5:1a:db:95:94:84:62:5d:fd:16:78:1e:ca:64:ec: c7:9b:97:1b:06:3b:9d:28:53:08:d3:f6:c2:3a:3b: 0a:3a:48:b5:cf:81:08:6d:78:ba:be:2b:05:da:80: f5:8c:34:d4:b1:02:24:5c:f5:d4:f5:14:9f:8e:a5: aa:fc:82:cd:32:0f:61:b7:72:63:9c:e9:50:f2:cd: 34:82:70:5b:bf:b8:6c:62:84:15:22:30:d8:1b:39: 1f:b5:ff:16:c1:4b:8a:da:e6:76:ba:4f:0a:d1:7c: 28:52:f9:df:85:23:18:c4:33:75:d1:db:58:b9:a5: e9:18:16:1a:fb:48:6d:4e:55:9c:9f:6b:da:b1:c1: 3a:2e:ad:32:77:3a:11:ab:55:ad:fc:f9:6e:96:5f: 45:d7:e0:00:a1:2d:46:32:51:c7:79:77:8e:ac:fd: 48:df:67:11:65:f7:aa:1e:d0:60:73:8f:a2:05:70: 44:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 83:0F:CA:BB:50:77:24:34:5D:15:CD:56:2F:0D:DA:E8:EA:6D:D4:89 X509v3 Authority Key Identifier: keyid:58:A1:96:A7:BF:06:F2:E1:6E:90:9D:27:71:41:BA:44:91:1F:1F:4F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E8C90/2D1BEBE41D9511E288E6B3FA08B02CD2/WKGWp78G8uFukJ0ncUG6RJEfH08.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WKGWp78G8uFukJ0ncUG6RJEfH08.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E8C90/2D1BEBE41D9511E288E6B3FA08B02CD2/EFF618B85C7311EF9CC47281C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 117.121.247.0/24 182.54.239.0/24 Signature Algorithm: sha256WithRSAEncryption 0a:29:7e:1f:1d:cd:c6:b1:af:90:9f:49:61:90:b2:99:57:8d: 98:8b:8c:40:e1:a2:ec:c5:c5:4a:85:0c:4d:da:94:e4:7f:12: 9a:07:47:45:26:d4:ab:f2:6e:f0:16:3f:ea:92:6f:f8:5c:ab: 79:5e:dc:15:93:af:b4:0e:31:8b:b6:ff:9e:20:0a:a3:9c:46: 2e:6e:a9:01:d4:0a:41:8b:05:f7:13:80:95:88:64:ee:4a:20: fd:3c:90:c1:d0:1e:ea:58:02:35:f3:a3:18:1e:91:20:17:b5: dc:41:37:c0:46:52:b4:9a:6e:b7:51:be:e6:a9:95:fc:4f:eb: 7a:d9:73:4b:33:05:56:a2:92:8b:5f:ff:c4:f6:ae:97:73:64: f7:e8:44:67:40:51:33:88:a2:43:f0:d1:13:2d:27:2f:e2:c1: c6:48:40:94:ab:47:48:d2:45:08:23:df:0a:e1:c6:0a:53:b7: a7:eb:24:29:7c:7a:ca:9b:f4:1b:fb:b7:88:51:0e:58:23:7f: b6:58:dc:d2:36:4b:dc:64:85:ee:05:3f:15:e1:05:92:d3:a9: 15:15:8e:90:95:78:c5:8d:9a:f8:f8:4d:61:61:ff:a7:3e:bb: 73:70:48:a2:f2:7a:dd:29:8e:5a:3a:08:4b:b3:02:ec:0e:17: a1:b6:1d:e3 -----BEGIN CERTIFICATE----- MIIFdzCCBF+gAwIBAgICNY0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RThDOTAxMTAvBgNVBAUTKDU4QTE5NkE3QkYwNkYyRTE2RTkwOUQyNzcxNDFCQTQ0 OTExRjFGNEYwHhcNMjUwMTE3MTE0NjEyWhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD VQQDEw02NzhhNDMwNC0wYzcxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAsrn0TdvrHM/vjsXbMNh/FNIwyi0M22BBCciui4EsCDfr6GklZsrTFQ5oc2WD 10T11hbqrMLvM+FUkKLt7X0OcnRHxuZnbWA5Wu61GtuVlIRiXf0WeB7KZOzHm5cb BjudKFMI0/bCOjsKOki1z4EIbXi6visF2oD1jDTUsQIkXPXU9RSfjqWq/ILNMg9h t3JjnOlQ8s00gnBbv7hsYoQVIjDYGzkftf8WwUuK2uZ2uk8K0XwoUvnfhSMYxDN1 0dtYuaXpGBYa+0htTlWcn2vascE6Lq0ydzoRq1Wt/Plull9F1+AAoS1GMlHHeXeO rP1I32cRZfeqHtBgc4+iBXBEKwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFIMPyrtQ dyQ0XRXNVi8N2ujqbdSJMB8GA1UdIwQYMBaAFFihlqe/BvLhbpCdJ3FBukSRHx9P MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFOEM5MC8yRDFCRUJFNDFE OTUxMUUyODhFNkIzRkEwOEIwMkNEMi9XS0dXcDc4Rzh1RnVrSjBuY1VHNlJKRWZI MDguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1dLR1dwNzhHOHVGdWtKMG5jVUc2UkpFZkgwOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RThDOTAvMkQxQkVCRTQxRDk1MTFFMjg4RTZCM0ZBMDhCMDJDRDIvRUZGNjE4Qjg1 QzczMTFFRjlDQzQ3MjgxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E FjAUMBIEAgABMAwDBAB1efcDBAC2Nu8wDQYJKoZIhvcNAQELBQADggEBAAopfh8d zcaxr5CfSWGQsplXjZiLjEDhouzFxUqFDE3alOR/EpoHR0Um1KvybvAWP+qSb/hc q3le3BWTr7QOMYu2/54gCqOcRi5uqQHUCkGLBfcTgJWIZO5KIP08kMHQHupYAjXz oxgekSAXtdxBN8BGUrSabrdRvuaplfxP63rZc0szBVaikotf/8T2rpdzZPfoRGdA UTOIokPw0RMtJy/iwcZIQJSrR0jSRQgj3wrhxgpTt6frJCl8esqb9Bv7t4hRDlgj f7ZY3NI2S9xkhe4FPxXhBZLTqRUVjpCVeMWNmvj4TWFh/6c+u3NwSKLyet0pjlo6 CEuzAuwOF6G2HeM= -----END CERTIFICATE-----Generated at Sun Feb 16 15:19:36 2025 by rpki-client