$ rpki-client -vvf rpki.apnic.net/member_repository/A91C4502/40E2DFCCB50211EAA29F277AC4F9AE02/8C3B232E8E1A11EC96B4970AC4F9AE02.roa File: 8C3B232E8E1A11EC96B4970AC4F9AE02.roa (raw, json) Hash identifier: cyH7Vo4cKVMVChE7HnXd5ewZU8N7qvsDouFa2aCv6v8= Subject key identifier: 38:3A:F8:34:DF:BC:9C:C8:D7:9E:5D:08:3E:64:3D:A7:80:3D:80:1F Certificate issuer: /CN=A91C4502/serialNumber=CB4C95F839E21D1DE0F458553D9A4CE28E414D88 Certificate serial: 08EB Authority key identifier: CB:4C:95:F8:39:E2:1D:1D:E0:F4:58:55:3D:9A:4C:E2:8E:41:4D:88 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/y0yV-DniHR3g9FhVPZpM4o5BTYg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C4502/40E2DFCCB50211EAA29F277AC4F9AE02/8C3B232E8E1A11EC96B4970AC4F9AE02.roa Signing time: Wed 14 May 2025 20:57:30 +0000 ROA not before: Wed 14 May 2025 20:57:30 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 210110 IP address blocks: 2405:f3c0::/42 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C4502/40E2DFCCB50211EAA29F277AC4F9AE02/y0yV-DniHR3g9FhVPZpM4o5BTYg.crl rsync://rpki.apnic.net/member_repository/A91C4502/40E2DFCCB50211EAA29F277AC4F9AE02/y0yV-DniHR3g9FhVPZpM4o5BTYg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/y0yV-DniHR3g9FhVPZpM4o5BTYg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 21 May 2025 20:57:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2283 (0x8eb) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C4502, serialNumber=CB4C95F839E21D1DE0F458553D9A4CE28E414D88 Validity Not Before: May 14 20:57:30 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=682503ba-838d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e0:74:b7:44:3c:6a:41:c3:41:b2:8d:59:1b:60: 1a:ba:3a:2f:76:2c:9c:2c:95:14:73:53:20:b9:0d: f2:29:1e:62:41:28:7e:6e:9d:f0:d2:33:6d:9b:f4: 87:33:7f:45:7e:54:7d:44:c8:35:33:21:42:17:95: 5b:d4:e5:36:61:8d:f3:f7:7d:9a:59:1d:d0:60:10: d5:82:80:f9:95:5d:83:25:b1:5b:fe:e1:34:ed:e2: 90:db:93:d2:93:a2:27:c4:41:c4:c2:a8:d2:d8:8a: 40:ef:b6:75:33:47:2e:2a:69:b8:16:5f:08:d1:f2: 8d:33:dd:3d:4e:b2:ed:bc:50:7c:4f:7f:f6:03:69: bb:04:bf:fc:7f:b0:28:16:80:48:60:54:2c:bc:5b: 0c:27:17:17:a1:56:1e:37:6a:71:30:53:c0:21:22: 12:4f:d6:52:65:73:d9:98:b7:66:0d:6f:cf:cd:8d: 0f:c4:e6:08:66:65:3e:81:e2:e6:fe:fe:a8:3d:c9: 21:ad:36:a0:c6:2e:39:c2:8c:8d:19:14:6d:e7:88: 16:76:c7:08:0b:e0:d3:f5:43:c1:3a:08:82:54:2d: f5:f5:3a:5d:af:95:55:db:5f:6b:a4:04:6e:c1:27: be:91:3d:8e:bc:16:e8:bc:b2:b1:c4:ec:3d:ff:28: 7c:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 38:3A:F8:34:DF:BC:9C:C8:D7:9E:5D:08:3E:64:3D:A7:80:3D:80:1F X509v3 Authority Key Identifier: keyid:CB:4C:95:F8:39:E2:1D:1D:E0:F4:58:55:3D:9A:4C:E2:8E:41:4D:88 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C4502/40E2DFCCB50211EAA29F277AC4F9AE02/y0yV-DniHR3g9FhVPZpM4o5BTYg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/y0yV-DniHR3g9FhVPZpM4o5BTYg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C4502/40E2DFCCB50211EAA29F277AC4F9AE02/8C3B232E8E1A11EC96B4970AC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv6: 2405:f3c0::/42 Signature Algorithm: sha256WithRSAEncryption 02:f8:fa:25:1e:de:25:80:a9:23:2c:56:bc:5d:a9:58:9c:e3: d8:e6:24:6a:c0:3a:0c:54:c8:96:f3:74:79:2b:88:96:8a:29: f3:76:34:dd:21:52:e9:97:5f:2c:92:77:31:13:37:c9:d4:8e: ba:22:20:98:8e:38:e2:33:aa:7f:2f:a0:72:27:ee:d8:16:bf: c0:6a:b5:22:78:e9:9e:34:49:82:db:0e:38:e8:90:4b:a5:58: 58:43:a6:9e:cc:36:96:53:f6:8a:f3:15:5d:66:62:eb:dd:68: 9e:f7:af:64:87:9d:fa:0b:94:88:6c:b9:e2:8a:f6:5a:a8:c0: c4:02:7f:60:26:23:f8:de:6f:f2:3e:c7:2a:75:f9:49:95:08: 79:9b:ad:39:4f:71:27:4a:53:60:4a:9f:0f:4d:b0:12:c5:47: 23:26:3b:91:bb:14:5f:ac:d8:66:bf:6c:5e:42:ff:27:6d:d5: 49:36:16:26:f1:48:ce:5b:97:41:9d:e6:a6:42:2f:b2:6f:21: 31:03:13:1b:bb:ec:2a:54:94:50:bf:e9:60:b9:85:f6:c2:8f: 54:0e:5f:e6:b1:dc:8a:b3:15:26:0a:17:a9:9d:c0:f2:87:f8: a3:05:51:89:bd:c7:92:ca:dc:3d:a9:62:4a:cc:ed:99:ea:d8: d4:d3:a1:2c -----BEGIN CERTIFICATE----- MIIFdDCCBFygAwIBAgICCOswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QzQ1MDIxMTAvBgNVBAUTKENCNEM5NUY4MzlFMjFEMURFMEY0NTg1NTNEOUE0Q0Uy OEU0MTREODgwHhcNMjUwNTE0MjA1NzMwWhcNMjYwNzAxMDAwMDAwWjAYMRYwFAYD VQQDEw02ODI1MDNiYS04MzhkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA4HS3RDxqQcNBso1ZG2AaujovdiycLJUUc1MguQ3yKR5iQSh+bp3w0jNtm/SH M39FflR9RMg1MyFCF5Vb1OU2YY3z932aWR3QYBDVgoD5lV2DJbFb/uE07eKQ25PS k6InxEHEwqjS2IpA77Z1M0cuKmm4Fl8I0fKNM909TrLtvFB8T3/2A2m7BL/8f7Ao FoBIYFQsvFsMJxcXoVYeN2pxMFPAISIST9ZSZXPZmLdmDW/PzY0PxOYIZmU+geLm /v6oPckhrTagxi45woyNGRRt54gWdscIC+DT9UPBOgiCVC319Tpdr5VV219rpARu wSe+kT2OvBbovLKxxOw9/yh8awIDAQABo4ICmDCCApQwHQYDVR0OBBYEFDg6+DTf vJzI155dCD5kPaeAPYAfMB8GA1UdIwQYMBaAFMtMlfg54h0d4PRYVT2aTOKOQU2I MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDNDUwMi80MEUyREZDQ0I1 MDIxMUVBQTI5RjI3N0FDNEY5QUUwMi95MHlWLURuaUhSM2c5RmhWUFpwTTRvNUJU WWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3kweVYtRG5pSFIzZzlGaFZQWnBNNG81QlRZZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QzQ1MDIvNDBFMkRGQ0NCNTAyMTFFQUEyOUYyNzdBQzRGOUFFMDIvOEMzQjIzMkU4 RTFBMTFFQzk2QjQ5NzBBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIgYIKwYBBQUHAQcBAf8E EzARMA8EAgACMAkDBwYkBfPAAAAwDQYJKoZIhvcNAQELBQADggEBAAL4+iUe3iWA qSMsVrxdqVic49jmJGrAOgxUyJbzdHkriJaKKfN2NN0hUumXXyySdzETN8nUjroi IJiOOOIzqn8voHIn7tgWv8BqtSJ46Z40SYLbDjjokEulWFhDpp7MNpZT9orzFV1m YuvdaJ73r2SHnfoLlIhsueKK9lqowMQCf2AmI/jeb/I+xyp1+UmVCHmbrTlPcSdK U2BKnw9NsBLFRyMmO5G7FF+s2Ga/bF5C/ydt1Uk2FibxSM5bl0Gd5qZCL7JvITED Exu77CpUlFC/6WC5hfbCj1QOX+ax3IqzFSYKF6mdwPKH+KMFUYm9x5LK3D2pYkrM 7Znq2NTToSw= -----END CERTIFICATE-----Generated at Thu May 15 03:39:55 2025 by rpki-client