$ rpki-client -vvf rpki.apnic.net/member_repository/A91F0CC8/012ED1BECA4D11EAA132E17BC4F9AE02/D4B550921C2011F09CB77376C4F9AE02.roa File: D4B550921C2011F09CB77376C4F9AE02.roa (raw, json) Hash identifier: JQT2hti6LgfZzi6xAGa9WtWCSt6AfjSy/VBWGxZBRBM= Subject key identifier: D7:BD:9F:8E:E3:B9:00:F8:36:F6:2A:3D:9B:FC:A2:05:9C:5B:58:D3 Certificate issuer: /CN=A91F0CC8/serialNumber=56D7B15CC1AE8277858D6492C01DD5330844CC06 Certificate serial: 0873 Authority key identifier: 56:D7:B1:5C:C1:AE:82:77:85:8D:64:92:C0:1D:D5:33:08:44:CC:06 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VtexXMGugneFjWSSwB3VMwhEzAY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F0CC8/012ED1BECA4D11EAA132E17BC4F9AE02/D4B550921C2011F09CB77376C4F9AE02.roa Signing time: Wed 30 Apr 2025 20:59:40 +0000 ROA not before: Wed 30 Apr 2025 20:59:40 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 18222 IP address blocks: 45.115.216.0/22 maxlen: 22 45.115.216.0/23 maxlen: 24 45.115.218.0/23 maxlen: 24 45.117.152.0/23 maxlen: 24 103.90.84.0/22 maxlen: 22 103.90.84.0/23 maxlen: 23 103.90.84.0/24 maxlen: 24 103.90.85.0/24 maxlen: 24 103.90.86.0/23 maxlen: 23 103.90.86.0/24 maxlen: 24 103.90.87.0/24 maxlen: 24 103.250.132.0/23 maxlen: 24 202.51.74.0/23 maxlen: 24 202.51.82.0/23 maxlen: 23 202.51.95.0/24 maxlen: 24 2400:89e0::/32 maxlen: 36 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F0CC8/012ED1BECA4D11EAA132E17BC4F9AE02/VtexXMGugneFjWSSwB3VMwhEzAY.crl rsync://rpki.apnic.net/member_repository/A91F0CC8/012ED1BECA4D11EAA132E17BC4F9AE02/VtexXMGugneFjWSSwB3VMwhEzAY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VtexXMGugneFjWSSwB3VMwhEzAY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 17 May 2025 20:26:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2163 (0x873) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F0CC8, serialNumber=56D7B15CC1AE8277858D6492C01DD5330844CC06 Validity Not Before: Apr 30 20:59:40 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=68128f3b-edfe Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:d9:e5:b4:1e:4e:7a:87:bf:90:01:e0:d3:49: ed:8a:84:14:74:0d:f6:fe:a0:3a:fe:e4:3b:fc:3a: 30:62:a5:df:0c:bf:19:aa:57:d3:2d:60:c1:6a:63: 62:6d:f4:f3:69:f3:7b:7d:3f:31:5e:92:80:f6:d0: b7:b1:38:ea:43:52:2c:86:e7:e5:16:c2:40:65:f4: d1:c6:4c:4c:fd:ee:fe:d6:d9:23:94:f5:29:9a:86: 2b:f7:fe:eb:57:69:ee:7a:e9:f3:d0:47:dd:ce:c7: c0:ae:d7:29:68:ae:97:0b:94:d1:8b:61:4b:8e:0c: 24:1c:81:72:e4:52:37:95:3f:99:25:f9:50:03:3b: c7:c8:9b:12:79:64:a0:0a:4b:5c:c1:2a:a7:39:79: 9a:19:2e:63:b3:f9:30:61:cd:e4:e8:a7:99:81:ba: db:87:35:6e:a8:a8:91:51:63:ba:3c:77:de:4f:81: 34:ee:3a:81:71:8d:d0:5a:26:22:47:1b:a2:43:99: 41:d8:5d:f4:a7:cc:f9:6a:99:1b:08:d0:1b:e5:ab: c4:bb:e9:2c:cb:f2:4c:db:d5:5c:a3:72:36:80:84: a3:03:de:1b:ef:57:d4:92:8b:c2:71:85:7c:de:59: aa:f3:64:70:5f:0f:65:2d:59:5e:71:6f:35:34:eb: 00:f9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D7:BD:9F:8E:E3:B9:00:F8:36:F6:2A:3D:9B:FC:A2:05:9C:5B:58:D3 X509v3 Authority Key Identifier: keyid:56:D7:B1:5C:C1:AE:82:77:85:8D:64:92:C0:1D:D5:33:08:44:CC:06 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F0CC8/012ED1BECA4D11EAA132E17BC4F9AE02/VtexXMGugneFjWSSwB3VMwhEzAY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VtexXMGugneFjWSSwB3VMwhEzAY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F0CC8/012ED1BECA4D11EAA132E17BC4F9AE02/D4B550921C2011F09CB77376C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 45.115.216.0/22 45.117.152.0/23 103.90.84.0/22 103.250.132.0/23 202.51.74.0/23 202.51.82.0/23 202.51.95.0/24 IPv6: 2400:89e0::/32 Signature Algorithm: sha256WithRSAEncryption c5:23:0b:a3:bf:ac:6b:09:6d:4a:94:08:20:c5:19:d2:ec:1c: 47:d2:f3:c7:31:73:ef:b8:2d:ef:10:fb:bb:dc:a7:b9:3b:88: 82:31:95:7f:9f:c8:e9:e0:71:39:9a:8d:c0:51:ca:31:66:68: b5:4e:f4:3d:65:c9:3a:c6:7a:57:d0:bb:82:73:01:45:6b:10: af:79:7b:8a:ac:6e:a8:b2:9a:6e:59:b1:20:ff:2e:7e:20:89: 4f:2b:17:88:eb:4a:2a:70:58:6d:c1:d5:0b:f9:23:f5:79:4c: f4:4c:97:e0:00:7d:69:41:6a:71:79:52:d0:da:41:77:dd:d2: 33:ff:25:42:4d:20:8f:cd:7e:e0:b4:b5:b5:99:2f:ba:cc:e7: ef:2d:1f:61:17:7c:93:5d:1c:6b:00:29:fa:22:f2:b8:ff:a4: 0e:82:a7:4c:98:ae:85:4c:27:7b:3f:42:94:21:ee:c1:1d:9f: bc:bd:de:48:4c:82:26:87:25:a8:2a:db:07:dc:5b:83:21:3c: 1e:ab:53:ff:33:11:3a:05:5b:77:03:27:73:e4:90:10:df:ce: 11:70:50:47:7f:38:a4:86:3f:f0:2a:d9:f4:ea:19:0a:68:78: 10:23:31:63:1d:1b:e8:f5:34:ea:4b:da:9b:17:7d:fc:84:0e: d1:f2:d9:96 -----BEGIN CERTIFICATE----- MIIFpDCCBIygAwIBAgICCHMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjBDQzgxMTAvBgNVBAUTKDU2RDdCMTVDQzFBRTgyNzc4NThENjQ5MkMwMURENTMz MDg0NENDMDYwHhcNMjUwNDMwMjA1OTQwWhcNMjYwNzAxMDAwMDAwWjAYMRYwFAYD VQQDEw02ODEyOGYzYi1lZGZlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwNnltB5Oeoe/kAHg00ntioQUdA32/qA6/uQ7/DowYqXfDL8ZqlfTLWDBamNi bfTzafN7fT8xXpKA9tC3sTjqQ1IshuflFsJAZfTRxkxM/e7+1tkjlPUpmoYr9/7r V2nueunz0EfdzsfArtcpaK6XC5TRi2FLjgwkHIFy5FI3lT+ZJflQAzvHyJsSeWSg CktcwSqnOXmaGS5js/kwYc3k6KeZgbrbhzVuqKiRUWO6PHfeT4E07jqBcY3QWiYi RxuiQ5lB2F30p8z5apkbCNAb5avEu+ksy/JM29Vco3I2gISjA94b71fUkovCcYV8 3lmq82RwXw9lLVlecW81NOsA+QIDAQABo4ICyDCCAsQwHQYDVR0OBBYEFNe9n47j uQD4NvYqPZv8ogWcW1jTMB8GA1UdIwQYMBaAFFbXsVzBroJ3hY1kksAd1TMIRMwG MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGMENDOC8wMTJFRDFCRUNB NEQxMUVBQTEzMkUxN0JDNEY5QUUwMi9WdGV4WE1HdWduZUZqV1NTd0IzVk13aEV6 QVkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1Z0ZXhYTUd1Z25lRmpXU1N3QjNWTXdoRXpBWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RjBDQzgvMDEyRUQxQkVDQTREMTFFQUExMzJFMTdCQzRGOUFFMDIvRDRCNTUwOTIx QzIwMTFGMDlDQjc3Mzc2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwUgYIKwYBBQUHAQcBAf8E QzBBMDAEAgABMCoDBAItc9gDBAEtdZgDBAJnWlQDBAFn+oQDBAHKM0oDBAHKM1ID BADKM18wDQQCAAIwBwMFACQAieAwDQYJKoZIhvcNAQELBQADggEBAMUjC6O/rGsJ bUqUCCDFGdLsHEfS88cxc++4Le8Q+7vcp7k7iIIxlX+fyOngcTmajcBRyjFmaLVO 9D1lyTrGelfQu4JzAUVrEK95e4qsbqiymm5ZsSD/Ln4giU8rF4jrSipwWG3B1Qv5 I/V5TPRMl+AAfWlBanF5UtDaQXfd0jP/JUJNII/NfuC0tbWZL7rM5+8tH2EXfJNd HGsAKfoi8rj/pA6Cp0yYroVMJ3s/QpQh7sEdn7y93khMgiaHJagq2wfcW4MhPB6r U/8zEToFW3cDJ3PkkBDfzhFwUEd/OKSGP/Aq2fTqGQpoeBAjMWMdG+j1NOpL2psX ffyEDtHy2ZY= -----END CERTIFICATE-----Generated at Mon May 12 15:11:16 2025 by rpki-client