$ rpki-client -vvf rpki.apnic.net/member_repository/A91BC6DD/F3FB9056C0F411EAB05DFC5EC4F9AE02/F61502A4C0F511EA854EE45FC4F9AE02.roa File: F61502A4C0F511EA854EE45FC4F9AE02.roa (raw, json) Hash identifier: X7RAgT98H5oJW9AeQBUUPea1LvMkZ7ZMcojcd1ujO/c= Subject key identifier: A8:56:F9:97:AE:77:6D:BC:1A:01:72:B2:DD:B9:BD:04:D1:AF:84:B5 Certificate issuer: /CN=A91BC6DD/serialNumber=4FDD1C93A13CBA91B4F8B7F2C6518F48BA170BAD Certificate serial: 0887 Authority key identifier: 4F:DD:1C:93:A1:3C:BA:91:B4:F8:B7:F2:C6:51:8F:48:BA:17:0B:AD Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/T90ck6E8upG0-LfyxlGPSLoXC60.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91BC6DD/F3FB9056C0F411EAB05DFC5EC4F9AE02/F61502A4C0F511EA854EE45FC4F9AE02.roa Signing time: Mon 12 May 2025 21:18:15 +0000 ROA not before: Mon 12 May 2025 21:18:15 +0000 ROA not after: Mon 31 Aug 2026 00:00:00 +0000 asID: 10098 IP address blocks: 49.213.0.0/21 maxlen: 21 49.213.0.0/24 maxlen: 24 49.213.1.0/24 maxlen: 24 49.213.2.0/24 maxlen: 24 49.213.3.0/24 maxlen: 24 49.213.4.0/24 maxlen: 24 49.213.5.0/24 maxlen: 24 49.213.6.0/24 maxlen: 24 49.213.7.0/24 maxlen: 24 202.123.64.0/19 maxlen: 19 202.123.64.0/24 maxlen: 24 202.123.65.0/24 maxlen: 24 202.123.66.0/24 maxlen: 24 202.123.68.0/24 maxlen: 24 202.123.69.0/24 maxlen: 24 202.123.70.0/24 maxlen: 24 202.123.72.0/24 maxlen: 24 202.123.74.0/24 maxlen: 24 202.123.75.0/24 maxlen: 24 202.123.76.0/24 maxlen: 24 202.123.77.0/24 maxlen: 24 202.123.80.0/24 maxlen: 24 202.123.81.0/24 maxlen: 24 202.123.84.0/24 maxlen: 24 202.123.85.0/24 maxlen: 24 202.123.87.0/24 maxlen: 24 202.123.89.0/24 maxlen: 24 202.123.91.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91BC6DD/F3FB9056C0F411EAB05DFC5EC4F9AE02/T90ck6E8upG0-LfyxlGPSLoXC60.crl rsync://rpki.apnic.net/member_repository/A91BC6DD/F3FB9056C0F411EAB05DFC5EC4F9AE02/T90ck6E8upG0-LfyxlGPSLoXC60.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/T90ck6E8upG0-LfyxlGPSLoXC60.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 19 May 2025 21:18:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2183 (0x887) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91BC6DD, serialNumber=4FDD1C93A13CBA91B4F8B7F2C6518F48BA170BAD Validity Not Before: May 12 21:18:15 2025 GMT Not After : Aug 31 00:00:00 2026 GMT Subject: CN=68226596-04af Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:90:84:6a:49:53:67:97:6e:eb:00:81:81:aa: 11:29:5e:48:ee:9a:a4:b2:fd:76:6d:c5:ec:62:ec: e4:64:41:e9:c7:6f:8d:48:e0:e2:3f:cc:05:cd:44: d8:ec:0b:13:6f:18:aa:67:fd:cd:3a:16:b3:52:49: 4a:23:28:b0:07:1c:54:a4:9c:b2:e6:a2:e0:9f:bb: cf:ea:30:92:6f:2b:4e:02:1c:21:3d:b5:a5:51:b6: 85:75:ee:64:43:69:03:da:44:f5:8d:bc:35:88:ea: b2:4b:64:b5:3f:75:6e:cc:b8:5f:af:2a:f8:5d:d1: 71:82:37:59:99:7f:c9:d1:78:f9:0a:34:f6:64:ae: fa:f1:c3:07:c7:cd:18:0b:08:f5:3d:05:e2:ff:54: 1b:70:4a:a6:38:b5:a5:bd:25:87:6d:74:22:c5:3d: b1:e6:15:09:c1:52:3a:26:6d:c3:f3:4b:e5:2e:92: d0:b1:b2:b5:63:90:4e:34:49:6b:0b:4b:a5:7c:f5: 05:14:ff:96:b1:62:0d:c2:7b:4b:17:4a:00:a2:1d: ce:ba:f4:29:ed:52:b3:df:02:33:3f:0a:c9:fc:9a: 59:c3:e6:70:48:b3:94:35:d2:47:91:48:f5:da:73: 32:39:c7:4b:d7:92:e1:ff:a2:9a:1e:b1:c1:6f:44: 0b:d7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A8:56:F9:97:AE:77:6D:BC:1A:01:72:B2:DD:B9:BD:04:D1:AF:84:B5 X509v3 Authority Key Identifier: keyid:4F:DD:1C:93:A1:3C:BA:91:B4:F8:B7:F2:C6:51:8F:48:BA:17:0B:AD X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91BC6DD/F3FB9056C0F411EAB05DFC5EC4F9AE02/T90ck6E8upG0-LfyxlGPSLoXC60.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/T90ck6E8upG0-LfyxlGPSLoXC60.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BC6DD/F3FB9056C0F411EAB05DFC5EC4F9AE02/F61502A4C0F511EA854EE45FC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 49.213.0.0/21 202.123.64.0/19 Signature Algorithm: sha256WithRSAEncryption b7:ef:06:f1:1e:b8:cb:0c:e8:07:09:b5:ea:9b:ec:9c:47:d5: 66:fc:f6:fd:3c:25:22:33:13:59:94:d3:a7:8d:3f:42:20:9d: f7:ba:65:c9:6a:d1:e6:b9:4f:2d:97:b0:1d:39:95:30:11:80: 20:48:d0:fe:91:10:61:46:27:e6:1e:80:1a:76:75:19:47:b7: 20:90:07:de:d0:1b:cb:f7:bc:04:56:41:76:8c:12:ad:7a:48: 5a:96:39:d6:0c:cb:60:9b:c8:d9:39:74:32:ba:35:5a:2b:62: e0:75:f2:71:a2:bb:65:e5:79:c5:c6:c0:35:82:29:a7:96:13: 39:eb:6b:90:14:27:11:d3:07:c6:13:cc:2f:e6:4e:b3:e3:56: 31:da:89:3d:f0:38:77:f2:32:07:81:e5:13:24:fe:54:52:99: 70:56:33:47:81:f2:ec:ca:31:a0:d3:f5:d6:8f:cf:61:ee:d1: 04:83:11:59:03:57:a6:7f:ef:b0:46:6a:30:94:f0:bf:b9:95: 3c:54:71:7a:e3:57:30:e7:bc:f5:7e:5e:6c:94:c4:c7:b4:ef: 56:62:3e:38:9d:15:13:4c:c0:f1:e7:a1:82:0b:53:b7:2e:4d: 74:cc:27:d4:d7:29:ca:62:ab:45:73:7c:0f:b6:5f:9a:ee:5b: b7:60:ea:f4 -----BEGIN CERTIFICATE----- MIIFdzCCBF+gAwIBAgICCIcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QkM2REQxMTAvBgNVBAUTKDRGREQxQzkzQTEzQ0JBOTFCNEY4QjdGMkM2NTE4RjQ4 QkExNzBCQUQwHhcNMjUwNTEyMjExODE1WhcNMjYwODMxMDAwMDAwWjAYMRYwFAYD VQQDEw02ODIyNjU5Ni0wNGFmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAzJCEaklTZ5du6wCBgaoRKV5I7pqksv12bcXsYuzkZEHpx2+NSODiP8wFzUTY 7AsTbxiqZ/3NOhazUklKIyiwBxxUpJyy5qLgn7vP6jCSbytOAhwhPbWlUbaFde5k Q2kD2kT1jbw1iOqyS2S1P3VuzLhfryr4XdFxgjdZmX/J0Xj5CjT2ZK768cMHx80Y Cwj1PQXi/1QbcEqmOLWlvSWHbXQixT2x5hUJwVI6Jm3D80vlLpLQsbK1Y5BONElr C0ulfPUFFP+WsWINwntLF0oAoh3OuvQp7VKz3wIzPwrJ/JpZw+ZwSLOUNdJHkUj1 2nMyOcdL15Lh/6KaHrHBb0QL1wIDAQABo4ICmzCCApcwHQYDVR0OBBYEFKhW+Zeu d228GgFyst25vQTRr4S1MB8GA1UdIwQYMBaAFE/dHJOhPLqRtPi38sZRj0i6Fwut MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCQzZERC9GM0ZCOTA1NkMw RjQxMUVBQjA1REZDNUVDNEY5QUUwMi9UOTBjazZFOHVwRzAtTGZ5eGxHUFNMb1hD NjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1Q5MGNrNkU4dXBHMC1MZnl4bEdQU0xvWEM2MC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QkM2REQvRjNGQjkwNTZDMEY0MTFFQUIwNURGQzVFQzRGOUFFMDIvRjYxNTAyQTRD MEY1MTFFQTg1NEVFNDVGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E FjAUMBIEAgABMAwDBAMx1QADBAXKe0AwDQYJKoZIhvcNAQELBQADggEBALfvBvEe uMsM6AcJteqb7JxH1Wb89v08JSIzE1mU06eNP0Ignfe6Zclq0ea5Ty2XsB05lTAR gCBI0P6REGFGJ+YegBp2dRlHtyCQB97QG8v3vARWQXaMEq16SFqWOdYMy2CbyNk5 dDK6NVorYuB18nGiu2XlecXGwDWCKaeWEznra5AUJxHTB8YTzC/mTrPjVjHaiT3w OHfyMgeB5RMk/lRSmXBWM0eB8uzKMaDT9daPz2Hu0QSDEVkDV6Z/77BGajCU8L+5 lTxUcXrjVzDnvPV+XmyUxMe071ZiPjidFRNMwPHnoYILU7cuTXTMJ9TXKcpiq0Vz fA+2X5ruW7dg6vQ= -----END CERTIFICATE-----Generated at Wed May 14 03:46:15 2025 by rpki-client