$ rpki-client -vvf rpki.apnic.net/member_repository/A91E8DF5/31E0F16AF96011EF9D679C7AC4F9AE02/8F9B067EF96011EF89D9E37DC4F9AE02.roa File: 8F9B067EF96011EF89D9E37DC4F9AE02.roa (raw, json) Hash identifier: 4xicYTfIpBlcbT4bo30LC6Nm4HBJiuCMbWamLoO1Mxw= Subject key identifier: 4F:74:DA:D9:47:48:A5:96:09:CE:31:2D:EA:A7:1C:41:94:91:33:FC Certificate issuer: /CN=A91E8DF5/serialNumber=C6F758ECDDC4C9B0F72F065C35AD54697432711B Certificate serial: 05 Authority key identifier: C6:F7:58:EC:DD:C4:C9:B0:F7:2F:06:5C:35:AD:54:69:74:32:71:1B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xvdY7N3EybD3LwZcNa1UaXQycRs.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E8DF5/31E0F16AF96011EF9D679C7AC4F9AE02/8F9B067EF96011EF89D9E37DC4F9AE02.roa Signing time: Wed 05 Mar 2025 01:24:19 +0000 ROA not before: Wed 05 Mar 2025 01:24:19 +0000 ROA not after: Wed 30 Jul 2025 00:00:00 +0000 asID: 32595 IP address blocks: 2001:df2:45c0::/47 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E8DF5/31E0F16AF96011EF9D679C7AC4F9AE02/xvdY7N3EybD3LwZcNa1UaXQycRs.crl rsync://rpki.apnic.net/member_repository/A91E8DF5/31E0F16AF96011EF9D679C7AC4F9AE02/xvdY7N3EybD3LwZcNa1UaXQycRs.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xvdY7N3EybD3LwZcNa1UaXQycRs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 18 Mar 2025 07:19:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5 (0x5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E8DF5 Validity Not Before: Mar 5 01:24:19 2025 GMT Not After : Jul 30 00:00:00 2025 GMT Subject: CN=67c7a7c3-ea96 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:d5:da:89:d8:82:72:7e:fc:0d:88:22:78:56: 90:b4:69:cf:c5:5a:44:4d:dd:01:05:c3:60:72:3f: ab:71:bc:1b:60:59:57:1a:f8:20:5a:15:f5:76:2c: ef:21:82:14:d7:f1:18:c0:67:8d:d0:74:30:be:c7: f6:e7:94:3c:38:5a:17:25:58:fd:92:ad:e3:45:00: c2:4e:38:1a:ff:87:ce:9a:a4:24:4d:ec:2d:e7:7c: c7:ec:8e:5a:04:c2:d5:3a:69:f4:d3:ca:c1:58:fa: ab:8b:31:8d:48:98:25:14:f4:1e:7d:b0:47:29:7b: 77:b9:51:80:2e:7d:3f:2a:47:c1:15:00:a3:19:bd: 2e:3b:fc:09:b9:ee:66:86:5e:15:9b:86:e8:b5:fc: 43:2d:fa:c3:90:cd:f8:d6:2e:15:08:59:ec:bc:4a: b4:b7:81:e6:73:76:f0:34:dc:b5:40:b4:22:57:61: 37:e4:dd:65:67:64:f8:9f:f1:7f:78:3e:79:b0:66: 7e:fb:7f:ac:17:16:b1:2e:fd:46:00:b4:09:3c:90: e7:fd:a1:62:ba:61:a6:7e:ae:c2:f6:d6:7f:99:b4: 20:d3:a3:34:57:82:36:bb:7f:e2:58:fa:2a:55:c2: 8f:51:bc:d9:73:80:af:36:ad:29:05:ed:68:58:41: e8:95 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4F:74:DA:D9:47:48:A5:96:09:CE:31:2D:EA:A7:1C:41:94:91:33:FC X509v3 Authority Key Identifier: keyid:C6:F7:58:EC:DD:C4:C9:B0:F7:2F:06:5C:35:AD:54:69:74:32:71:1B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E8DF5/31E0F16AF96011EF9D679C7AC4F9AE02/xvdY7N3EybD3LwZcNa1UaXQycRs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xvdY7N3EybD3LwZcNa1UaXQycRs.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E8DF5/31E0F16AF96011EF9D679C7AC4F9AE02/8F9B067EF96011EF89D9E37DC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv6: 2001:df2:45c0::/47 Signature Algorithm: sha256WithRSAEncryption 98:df:52:bf:61:db:52:22:0f:ba:1c:9b:2e:47:03:49:a5:98: be:dd:0c:6d:7e:12:08:8a:54:30:96:02:da:5a:39:56:ae:47: 4c:77:96:7e:98:8a:52:d4:89:96:20:c2:e8:3d:b4:0e:ee:c3: b0:93:8d:83:b4:6b:ce:99:62:03:31:91:42:f7:44:ad:0b:e4: ca:6e:65:df:0a:2e:40:27:6d:cc:10:ec:7b:34:64:65:c3:fe: c0:8f:66:ad:e0:f0:aa:1e:3c:28:82:76:b2:d7:f3:f0:2b:41: f4:07:95:6b:a1:e4:1d:e2:86:e6:42:a0:0e:63:2d:de:08:c9: e9:98:81:78:b9:54:e3:28:87:21:e5:26:87:70:38:85:ee:cb: 25:cc:ef:91:9d:37:1b:3c:1f:b6:80:14:24:f5:0b:e1:f4:d7: 9d:bc:87:2d:5a:d8:94:0f:62:35:2c:73:76:00:7a:99:b8:01: fe:48:db:0d:86:44:44:36:79:a3:d8:4e:eb:c3:e9:17:a8:41: 13:ed:ad:c3:25:fa:94:a3:1c:54:31:35:5f:4c:90:30:f8:81: ac:33:b2:d2:d0:85:7c:c3:6e:8b:5e:bf:1b:26:a5:f7:0b:2c: f3:d1:bf:ea:f2:c4:8d:25:a0:84:2c:66:88:7a:0a:b4:cf:85: c9:32:b2:36 -----BEGIN CERTIFICATE----- MIIFczCCBFugAwIBAgIBBTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFF OERGNTExMC8GA1UEBRMoQzZGNzU4RUNEREM0QzlCMEY3MkYwNjVDMzVBRDU0Njk3 NDMyNzExQjAeFw0yNTAzMDUwMTI0MTlaFw0yNTA3MzAwMDAwMDBaMBgxFjAUBgNV BAMTDTY3YzdhN2MzLWVhOTYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQC51dqJ2IJyfvwNiCJ4VpC0ac/FWkRN3QEFw2ByP6txvBtgWVca+CBaFfV2LO8h ghTX8RjAZ43QdDC+x/bnlDw4WhclWP2SreNFAMJOOBr/h86apCRN7C3nfMfsjloE wtU6afTTysFY+quLMY1ImCUU9B59sEcpe3e5UYAufT8qR8EVAKMZvS47/Am57maG XhWbhui1/EMt+sOQzfjWLhUIWey8SrS3geZzdvA03LVAtCJXYTfk3WVnZPif8X94 PnmwZn77f6wXFrEu/UYAtAk8kOf9oWK6YaZ+rsL21n+ZtCDTozRXgja7f+JY+ipV wo9RvNlzgK82rSkF7WhYQeiVAgMBAAGjggKYMIIClDAdBgNVHQ4EFgQUT3Ta2UdI pZYJzjEt6qccQZSRM/wwHwYDVR0jBBgwFoAUxvdY7N3EybD3LwZcNa1UaXQycRsw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUU4REY1LzMxRTBGMTZBRjk2 MDExRUY5RDY3OUM3QUM0RjlBRTAyL3h2ZFk3TjNFeWJEM0x3WmNOYTFVYVhReWNS cy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIveHZkWTdOM0V5YkQzTHdaY05hMVVhWFF5Y1JzLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF OERGNS8zMUUwRjE2QUY5NjAxMUVGOUQ2NzlDN0FDNEY5QUUwMi84RjlCMDY3RUY5 NjAxMUVGODlEOUUzN0RDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAiBggrBgEFBQcBBwEB/wQT MBEwDwQCAAIwCQMHASABDfJFwDANBgkqhkiG9w0BAQsFAAOCAQEAmN9Sv2HbUiIP uhybLkcDSaWYvt0MbX4SCIpUMJYC2lo5Vq5HTHeWfpiKUtSJliDC6D20Du7DsJON g7RrzpliAzGRQvdErQvkym5l3wouQCdtzBDsezRkZcP+wI9mreDwqh48KIJ2stfz 8CtB9AeVa6HkHeKG5kKgDmMt3gjJ6ZiBeLlU4yiHIeUmh3A4he7LJczvkZ03Gzwf toAUJPUL4fTXnbyHLVrYlA9iNSxzdgB6mbgB/kjbDYZERDZ5o9hO68PpF6hBE+2t wyX6lKMcVDE1X0yQMPiBrDOy0tCFfMNui16/Gyal9wss89G/6vLEjSWghCxmiHoK tM+FyTKyNg== -----END CERTIFICATE-----Generated at Thu Mar 13 06:32:39 2025 by rpki-client