$ rpki-client -vvf rpki.apnic.net/member_repository/A9190CC3/24B8E258EE7C11EE9F290E80C4F9AE02/88FD3F60EE7D11EE8868470EC4F9AE02.roa File: 88FD3F60EE7D11EE8868470EC4F9AE02.roa (raw, json) Hash identifier: zOrZe+jWeFBIsL39iLL8vvCILEMIHLBZ3vsTVrAh2HY= Subject key identifier: 7D:91:04:4F:35:22:C3:F9:03:58:FD:55:57:0B:1E:19:A5:FC:21:37 Certificate issuer: /CN=A9190CC3/serialNumber=F413F51D87BBFF4B0A41072187476EBE07D361BF Certificate serial: CD Authority key identifier: F4:13:F5:1D:87:BB:FF:4B:0A:41:07:21:87:47:6E:BE:07:D3:61:BF Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9BP1HYe7_0sKQQchh0duvgfTYb8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9190CC3/24B8E258EE7C11EE9F290E80C4F9AE02/88FD3F60EE7D11EE8868470EC4F9AE02.roa Signing time: Thu 01 May 2025 04:42:07 +0000 ROA not before: Thu 01 May 2025 04:42:07 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 152674 IP address blocks: 203.28.252.0/24 maxlen: 24 203.28.253.0/24 maxlen: 24 2001:df3:9fc0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9190CC3/24B8E258EE7C11EE9F290E80C4F9AE02/9BP1HYe7_0sKQQchh0duvgfTYb8.crl rsync://rpki.apnic.net/member_repository/A9190CC3/24B8E258EE7C11EE9F290E80C4F9AE02/9BP1HYe7_0sKQQchh0duvgfTYb8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9BP1HYe7_0sKQQchh0duvgfTYb8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 22 May 2025 04:57:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 205 (0xcd) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9190CC3, serialNumber=F413F51D87BBFF4B0A41072187476EBE07D361BF Validity Not Before: May 1 04:42:07 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=6812fb9f-e5b8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:24:4d:d8:24:b5:61:fb:e6:53:e6:ce:93:6f: 58:1f:72:7f:3e:66:40:d5:d5:fb:9c:5c:97:52:ed: 15:38:aa:75:26:b9:a5:65:25:58:7e:0f:99:56:52: 16:a1:51:84:8f:b3:7a:c7:22:af:f3:4e:71:82:9d: c3:83:8c:0c:db:3d:29:18:b3:8b:8b:f6:6e:c8:69: bb:ce:cd:79:ef:3d:c7:d9:4a:8a:b2:06:ca:ae:72: 65:ba:2e:f4:e7:c5:c0:76:d8:c6:02:59:3e:0d:de: 3e:43:e7:18:4a:b2:7b:a9:d4:58:8c:e0:a2:2c:7d: d4:d2:6e:da:de:7b:2f:e3:33:db:da:53:40:4f:56: a3:92:c0:07:4b:71:23:43:c6:0c:53:81:55:77:ec: f2:2e:69:2a:ea:68:d9:86:70:c7:53:e0:96:61:85: 0a:b3:69:d0:1d:44:ca:d6:d4:a0:bf:a9:a8:15:dc: 09:7f:b0:89:55:39:f8:01:af:a0:ff:ff:b7:fa:39: 17:92:e3:46:52:af:40:16:dd:0e:20:66:77:bd:4e: 69:6c:d3:e0:c0:78:1f:e0:13:f0:92:5e:16:34:f6: 38:2d:f7:7b:3b:b6:a8:a2:38:64:22:f7:fe:c6:03: eb:30:d4:97:b3:96:f8:4d:69:17:7d:ef:57:ae:9e: 23:99 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7D:91:04:4F:35:22:C3:F9:03:58:FD:55:57:0B:1E:19:A5:FC:21:37 X509v3 Authority Key Identifier: keyid:F4:13:F5:1D:87:BB:FF:4B:0A:41:07:21:87:47:6E:BE:07:D3:61:BF X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9190CC3/24B8E258EE7C11EE9F290E80C4F9AE02/9BP1HYe7_0sKQQchh0duvgfTYb8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9BP1HYe7_0sKQQchh0duvgfTYb8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9190CC3/24B8E258EE7C11EE9F290E80C4F9AE02/88FD3F60EE7D11EE8868470EC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 203.28.252.0/23 IPv6: 2001:df3:9fc0::/48 Signature Algorithm: sha256WithRSAEncryption b3:9d:b0:51:de:23:07:b8:c8:44:2b:5e:e5:5f:d4:ff:b9:69: 20:73:d3:8b:33:45:be:97:b4:51:0b:9c:96:d8:c7:5c:e8:55: 22:1e:50:86:93:c6:db:d1:94:f5:70:af:91:88:97:6e:62:dc: e4:85:38:f1:db:17:8c:fc:fa:c7:d1:61:c9:40:cd:b6:e8:28: 2d:3c:9c:bf:01:9e:f0:a2:4b:eb:f7:6a:d7:0a:49:46:f6:fa: 4e:aa:b3:1b:56:c1:43:ed:93:2c:51:3d:99:f2:65:8e:b8:db: a8:11:0c:3e:d5:80:47:44:91:7b:fd:b9:7a:0a:5d:a7:b6:fb: b0:23:e9:f6:15:a7:26:f7:fc:f8:dc:b1:c6:4c:25:b3:ca:37: 6f:1e:c7:99:13:8d:50:90:bf:7b:b1:46:c0:2f:21:b5:6d:52: ec:28:68:bf:13:95:07:c8:79:06:fd:42:9f:51:9e:8b:00:13: a3:72:e6:2b:22:91:df:f5:b7:4d:b9:d7:66:81:42:6b:a6:57: fe:2d:98:35:22:98:be:a7:a7:88:85:73:b3:a1:18:6f:54:d0: af:c8:e0:1f:da:1f:e3:8f:c9:c1:44:e5:f0:44:fa:49:a8:6e: df:77:68:05:29:40:d9:dc:c6:8c:db:6a:82:cb:09:32:fd:cb: 3a:0b:51:33 -----BEGIN CERTIFICATE----- MIIFgjCCBGqgAwIBAgICAM0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OTBDQzMxMTAvBgNVBAUTKEY0MTNGNTFEODdCQkZGNEIwQTQxMDcyMTg3NDc2RUJF MDdEMzYxQkYwHhcNMjUwNTAxMDQ0MjA3WhcNMjYwNzAxMDAwMDAwWjAYMRYwFAYD VQQDEw02ODEyZmI5Zi1lNWI4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtyRN2CS1YfvmU+bOk29YH3J/PmZA1dX7nFyXUu0VOKp1JrmlZSVYfg+ZVlIW oVGEj7N6xyKv805xgp3Dg4wM2z0pGLOLi/ZuyGm7zs157z3H2UqKsgbKrnJlui70 58XAdtjGAlk+Dd4+Q+cYSrJ7qdRYjOCiLH3U0m7a3nsv4zPb2lNAT1ajksAHS3Ej Q8YMU4FVd+zyLmkq6mjZhnDHU+CWYYUKs2nQHUTK1tSgv6moFdwJf7CJVTn4Aa+g //+3+jkXkuNGUq9AFt0OIGZ3vU5pbNPgwHgf4BPwkl4WNPY4Lfd7O7aoojhkIvf+ xgPrMNSXs5b4TWkXfe9Xrp4jmQIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFH2RBE81 IsP5A1j9VVcLHhml/CE3MB8GA1UdIwQYMBaAFPQT9R2Hu/9LCkEHIYdHbr4H02G/ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5MENDMy8yNEI4RTI1OEVF N0MxMUVFOUYyOTBFODBDNEY5QUUwMi85QlAxSFllN18wc0tRUWNoaDBkdXZnZlRZ YjguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzlCUDFIWWU3XzBzS1FRY2hoMGR1dmdmVFliOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx OTBDQzMvMjRCOEUyNThFRTdDMTFFRTlGMjkwRTgwQzRGOUFFMDIvODhGRDNGNjBF RTdEMTFFRTg4Njg0NzBFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E ITAfMAwEAgABMAYDBAHLHPwwDwQCAAIwCQMHACABDfOfwDANBgkqhkiG9w0BAQsF AAOCAQEAs52wUd4jB7jIRCte5V/U/7lpIHPTizNFvpe0UQucltjHXOhVIh5QhpPG 29GU9XCvkYiXbmLc5IU48dsXjPz6x9FhyUDNtugoLTycvwGe8KJL6/dq1wpJRvb6 TqqzG1bBQ+2TLFE9mfJljrjbqBEMPtWAR0SRe/25egpdp7b7sCPp9hWnJvf8+Nyx xkwls8o3bx7HmRONUJC/e7FGwC8htW1S7ChovxOVB8h5Bv1Cn1GeiwATo3LmKyKR 3/W3TbnXZoFCa6ZX/i2YNSKYvqeniIVzs6EYb1TQr8jgH9of44/JwUTl8ET6Sahu 33doBSlA2dzGjNtqgssJMv3LOgtRMw== -----END CERTIFICATE-----Generated at Thu May 15 12:22:49 2025 by rpki-client