$ rpki-client -vvf rpki.apnic.net/member_repository/A914781A/D52142701D9B11E2B821FD8908B02CD2/D99C6B9853BE11EF819E6347C4F9AE02.roa File: D99C6B9853BE11EF819E6347C4F9AE02.roa (raw, json) Hash identifier: u1prFwX1LNVmQojB0Ndofd4nLR+dhdwZrSqGwPIqegE= Subject key identifier: 87:AB:F4:CD:99:80:EF:80:E7:84:21:E9:CE:3E:4C:57:54:EA:A2:E3 Certificate issuer: /CN=A914781A/serialNumber=4D723955243AE88D552439AF8E4E0A09C8F6590D Certificate serial: 34F7 Authority key identifier: 4D:72:39:55:24:3A:E8:8D:55:24:39:AF:8E:4E:0A:09:C8:F6:59:0D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TXI5VSQ66I1VJDmvjk4KCcj2WQ0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A914781A/D52142701D9B11E2B821FD8908B02CD2/D99C6B9853BE11EF819E6347C4F9AE02.roa Signing time: Fri 09 May 2025 04:03:17 +0000 ROA not before: Fri 09 May 2025 04:03:17 +0000 ROA not after: Fri 01 May 2026 00:00:00 +0000 asID: 7616 IP address blocks: 203.130.128.0/19 maxlen: 20 203.130.146.0/24 maxlen: 24 203.147.16.0/20 maxlen: 21 203.147.31.0/24 maxlen: 24 203.147.32.0/20 maxlen: 21 203.147.42.0/24 maxlen: 24 203.147.48.0/20 maxlen: 20 203.147.54.0/24 maxlen: 24 203.156.18.0/24 maxlen: 24 203.156.48.0/20 maxlen: 20 203.156.64.0/20 maxlen: 20 203.156.80.0/20 maxlen: 20 203.156.95.0/24 maxlen: 24 203.156.128.0/18 maxlen: 20 203.156.146.0/24 maxlen: 24 203.156.147.0/24 maxlen: 24 203.156.148.0/24 maxlen: 24 203.156.149.0/24 maxlen: 24 203.156.150.0/24 maxlen: 24 203.156.152.0/21 maxlen: 21 203.156.152.0/24 maxlen: 24 2403:bf00::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A914781A/D52142701D9B11E2B821FD8908B02CD2/TXI5VSQ66I1VJDmvjk4KCcj2WQ0.crl rsync://rpki.apnic.net/member_repository/A914781A/D52142701D9B11E2B821FD8908B02CD2/TXI5VSQ66I1VJDmvjk4KCcj2WQ0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TXI5VSQ66I1VJDmvjk4KCcj2WQ0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 19 May 2025 14:56:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13559 (0x34f7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A914781A, serialNumber=4D723955243AE88D552439AF8E4E0A09C8F6590D Validity Not Before: May 9 04:03:17 2025 GMT Not After : May 1 00:00:00 2026 GMT Subject: CN=681d7e85-4dde Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e6:e9:a5:f9:97:89:2b:ad:9c:8c:a1:aa:72:28: c9:04:a3:c6:46:4c:7b:07:3d:55:e1:fe:06:cc:c9: fc:40:1a:d5:5d:ad:b9:a8:1c:32:11:c6:e6:6d:11: 1e:f9:b9:0e:10:03:d3:58:ff:7a:97:c1:ff:ab:81: 83:72:7a:6e:a0:be:48:f5:f9:cc:da:af:05:80:36: 1b:2c:5c:bf:5a:de:2b:04:76:77:8a:d1:a0:b9:9c: c7:78:3f:c1:d1:bd:48:05:0d:1e:dd:ae:55:e1:6d: 16:5a:3e:02:32:97:1e:5a:05:45:1c:75:82:d9:f5: d1:66:c3:0c:1a:6c:e9:2d:71:59:27:56:66:09:07: ca:62:ce:fc:e1:be:d7:96:f7:95:ad:8e:6b:e4:bf: 63:64:7a:b2:0f:b5:0c:da:20:67:27:d5:80:99:d4: 51:0d:f0:8a:eb:c0:f1:19:e2:3f:27:9d:93:03:96: c4:21:a9:45:18:21:7c:9b:9b:c3:58:65:db:dd:77: be:d2:76:d8:9f:e7:a6:48:f7:d7:1a:de:b9:6a:76: b2:06:13:25:6b:4c:ee:3f:0d:18:1d:c8:ca:b5:42: 0b:e3:d2:53:fd:54:54:e5:25:ed:7a:9d:66:9f:8b: 77:5c:a4:25:a3:9b:dc:75:b6:4f:69:37:a2:b4:e8: 15:7d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 87:AB:F4:CD:99:80:EF:80:E7:84:21:E9:CE:3E:4C:57:54:EA:A2:E3 X509v3 Authority Key Identifier: keyid:4D:72:39:55:24:3A:E8:8D:55:24:39:AF:8E:4E:0A:09:C8:F6:59:0D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A914781A/D52142701D9B11E2B821FD8908B02CD2/TXI5VSQ66I1VJDmvjk4KCcj2WQ0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TXI5VSQ66I1VJDmvjk4KCcj2WQ0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914781A/D52142701D9B11E2B821FD8908B02CD2/D99C6B9853BE11EF819E6347C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 203.130.128.0/19 203.147.16.0-203.147.63.255 203.156.18.0/24 203.156.48.0-203.156.95.255 203.156.128.0/18 IPv6: 2403:bf00::/32 Signature Algorithm: sha256WithRSAEncryption bc:84:26:c3:df:dd:c9:c6:a0:55:f1:82:2c:06:f9:7c:81:e2: ac:4a:82:ba:b8:88:d4:cc:c5:ef:77:77:98:47:08:e1:88:a4: 14:19:21:b9:13:98:a3:0f:f5:f7:27:5d:27:fc:61:68:52:a7: 4b:ba:57:c2:15:03:60:51:c4:65:93:27:75:c8:03:46:45:7b: 64:fe:e1:9b:ca:62:14:1f:a4:68:f0:91:7a:6c:fe:5c:d2:e2: f9:23:a6:a3:fd:2e:1c:61:b2:b3:c8:c2:f3:9f:d9:c5:af:8a: ae:8d:10:e4:c7:a0:93:1d:32:72:94:ae:a3:1e:a7:2a:98:d6: 39:a6:bb:94:ba:56:2a:c2:42:75:a4:1d:1a:0c:1e:b1:61:56: c2:68:88:21:79:28:0c:22:41:5d:34:19:88:97:4a:94:dc:78: 42:d0:15:52:cf:07:fd:d4:34:02:53:ac:04:a9:66:a8:3e:f6: 9f:90:15:ac:8f:10:7b:b6:9e:64:59:39:c9:73:2d:9d:2f:b2: 3c:86:c5:1f:09:dc:d3:3e:d1:aa:12:60:52:d1:7a:99:34:4a: 9d:c0:b2:9f:05:42:11:8c:29:37:28:d9:a4:7d:37:df:6f:5a: f7:cd:23:c4:d6:ed:fa:e9:6c:ee:25:ad:b3:f1:e3:bf:af:4a: 80:2e:e5:c4 -----BEGIN CERTIFICATE----- MIIFqDCCBJCgAwIBAgICNPcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDc4MUExMTAvBgNVBAUTKDRENzIzOTU1MjQzQUU4OEQ1NTI0MzlBRjhFNEUwQTA5 QzhGNjU5MEQwHhcNMjUwNTA5MDQwMzE3WhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD VQQDEw02ODFkN2U4NS00ZGRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA5uml+ZeJK62cjKGqcijJBKPGRkx7Bz1V4f4GzMn8QBrVXa25qBwyEcbmbREe +bkOEAPTWP96l8H/q4GDcnpuoL5I9fnM2q8FgDYbLFy/Wt4rBHZ3itGguZzHeD/B 0b1IBQ0e3a5V4W0WWj4CMpceWgVFHHWC2fXRZsMMGmzpLXFZJ1ZmCQfKYs784b7X lveVrY5r5L9jZHqyD7UM2iBnJ9WAmdRRDfCK68DxGeI/J52TA5bEIalFGCF8m5vD WGXb3Xe+0nbYn+emSPfXGt65anayBhMla0zuPw0YHcjKtUIL49JT/VRU5SXtep1m n4t3XKQlo5vcdbZPaTeitOgVfQIDAQABo4ICzDCCAsgwHQYDVR0OBBYEFIer9M2Z gO+A54Qh6c4+TFdU6qLjMB8GA1UdIwQYMBaAFE1yOVUkOuiNVSQ5r45OCgnI9lkN MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0NzgxQS9ENTIxNDI3MDFE OUIxMUUyQjgyMUZEODkwOEIwMkNEMi9UWEk1VlNRNjZJMVZKRG12ams0S0NjajJX UTAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1RYSTVWU1E2NkkxVkpEbXZqazRLQ2NqMldRMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NDc4MUEvRDUyMTQyNzAxRDlCMTFFMkI4MjFGRDg5MDhCMDJDRDIvRDk5QzZCOTg1 M0JFMTFFRjgxOUU2MzQ3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwVgYIKwYBBQUHAQcBAf8E RzBFMDQEAgABMC4DBAXLgoAwDAMEBMuTEAMEBsuTAAMEAMucEjAMAwQEy5wwAwQF y5xAAwQGy5yAMA0EAgACMAcDBQAkA78AMA0GCSqGSIb3DQEBCwUAA4IBAQC8hCbD 393JxqBV8YIsBvl8geKsSoK6uIjUzMXvd3eYRwjhiKQUGSG5E5ijD/X3J10n/GFo UqdLulfCFQNgUcRlkyd1yANGRXtk/uGbymIUH6Ro8JF6bP5c0uL5I6aj/S4cYbKz yMLzn9nFr4qujRDkx6CTHTJylK6jHqcqmNY5pruUulYqwkJ1pB0aDB6xYVbCaIgh eSgMIkFdNBmIl0qU3HhC0BVSzwf91DQCU6wEqWaoPvafkBWsjxB7tp5kWTnJcy2d L7I8hsUfCdzTPtGqEmBS0XqZNEqdwLKfBUIRjCk3KNmkfTffb1r3zSPE1u366Wzu Ja2z8eO/r0qALuXE -----END CERTIFICATE-----Generated at Tue May 13 02:39:23 2025 by rpki-client