$ rpki-client -vvf rpki.apnic.net/member_repository/A91A0832/9DAF780E1D9411E29901F3F808B02CD2/DF6E9324D08D11EA9010E72EC4F9AE02.roa File: DF6E9324D08D11EA9010E72EC4F9AE02.roa (raw, json) Hash identifier: hFXanv2FdjB0oerr/Ni9RmWLKXd7bj75bYHKTp5JZ4U= Subject key identifier: A6:33:11:DB:1A:F4:0D:07:98:26:AA:D5:B3:FB:9E:7A:1C:DD:D9:4A Certificate issuer: /CN=A91A0832/serialNumber=9ED9055107C70F85BB91A8DA0270B5CA760AEB54 Certificate serial: 36CF Authority key identifier: 9E:D9:05:51:07:C7:0F:85:BB:91:A8:DA:02:70:B5:CA:76:0A:EB:54 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ntkFUQfHD4W7kajaAnC1ynYK61Q.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A0832/9DAF780E1D9411E29901F3F808B02CD2/DF6E9324D08D11EA9010E72EC4F9AE02.roa Signing time: Sat 22 Mar 2025 15:01:23 +0000 ROA not before: Sat 22 Mar 2025 15:01:23 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 9557 IP address blocks: 58.181.96.0/20 maxlen: 24 119.159.0.0/16 maxlen: 24 182.176.0.0/16 maxlen: 24 202.70.144.0/20 maxlen: 24 202.125.128.0/19 maxlen: 24 203.135.0.0/19 maxlen: 24 203.135.32.0/19 maxlen: 24 221.120.192.0/18 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A0832/9DAF780E1D9411E29901F3F808B02CD2/ntkFUQfHD4W7kajaAnC1ynYK61Q.crl rsync://rpki.apnic.net/member_repository/A91A0832/9DAF780E1D9411E29901F3F808B02CD2/ntkFUQfHD4W7kajaAnC1ynYK61Q.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ntkFUQfHD4W7kajaAnC1ynYK61Q.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 05 May 2025 14:54:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 14031 (0x36cf) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A0832, serialNumber=9ED9055107C70F85BB91A8DA0270B5CA760AEB54 Validity Not Before: Mar 22 15:01:23 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=67ded0c3-7701 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e6:01:91:ac:f9:d6:d6:88:d7:19:34:df:44:ec: 28:c7:63:a6:ba:fa:97:ed:02:fb:1b:b6:61:90:cf: 8f:05:c7:30:f9:bb:fe:b1:9f:b6:27:32:1b:49:78: 5f:dc:4d:a2:18:57:26:4a:3e:4f:18:0f:33:ac:f7: 4e:49:b3:1a:36:7c:1b:90:bb:65:9f:f0:54:68:77: 52:02:03:ff:aa:9e:6a:4d:3b:1b:f2:03:cf:10:ee: c4:42:70:ae:6e:9d:53:1e:06:53:c5:f9:1d:d9:df: b9:19:60:4e:01:e7:59:ce:79:fd:54:98:3e:6d:05: f6:33:9c:07:a7:a2:8d:54:64:b0:28:96:05:c3:07: 2f:d4:93:a6:c0:66:33:8b:58:24:bb:3a:e3:7a:6b: e0:32:2b:50:45:6b:11:33:57:d8:f5:4c:3f:57:2b: 42:89:be:5c:92:c5:71:68:02:f9:a3:61:d5:cc:35: 67:84:ee:c6:91:46:1b:2f:d0:31:28:0c:54:18:50: 8e:2d:70:a9:cf:59:56:51:63:79:f3:db:32:d2:46: 8f:c3:b4:17:bd:e6:bd:85:70:03:b2:10:a6:82:24: 63:2e:6e:dd:da:53:a6:0e:30:79:c5:f9:94:8c:b4: 2e:0b:7d:8b:a7:e4:d2:b2:b9:b0:12:dd:68:f4:2a: 1f:8d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A6:33:11:DB:1A:F4:0D:07:98:26:AA:D5:B3:FB:9E:7A:1C:DD:D9:4A X509v3 Authority Key Identifier: keyid:9E:D9:05:51:07:C7:0F:85:BB:91:A8:DA:02:70:B5:CA:76:0A:EB:54 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A0832/9DAF780E1D9411E29901F3F808B02CD2/ntkFUQfHD4W7kajaAnC1ynYK61Q.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ntkFUQfHD4W7kajaAnC1ynYK61Q.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A0832/9DAF780E1D9411E29901F3F808B02CD2/DF6E9324D08D11EA9010E72EC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 58.181.96.0/20 119.159.0.0/16 182.176.0.0/16 202.70.144.0/20 202.125.128.0/19 203.135.0.0/18 221.120.192.0/18 Signature Algorithm: sha256WithRSAEncryption 5e:af:bd:02:6d:6d:7e:5f:a8:20:ec:a6:b5:13:53:d0:4e:f3: 64:3a:24:0d:94:1b:bc:1e:5e:ff:f3:00:b2:79:76:c9:d5:d6: e3:7e:67:21:ba:b9:85:57:71:9e:ce:fb:d9:a0:de:ff:57:2f: 4c:37:15:9a:b4:7f:3f:c1:fc:d7:c8:83:e0:39:79:28:74:dd: 57:80:56:2c:19:ce:61:c0:6d:21:2a:5c:fa:3e:fa:88:c8:fb: e6:3b:09:e4:d4:90:30:45:4c:3c:cf:62:fe:ac:c8:a1:9e:1a: 77:9e:72:8e:3f:bb:a7:29:c4:c3:ef:0b:60:64:b3:d0:6c:46: 5b:b2:93:c0:44:56:66:7c:f2:65:f8:89:79:bf:b8:80:57:05: 35:05:37:37:ff:a3:8c:e4:83:39:56:e8:35:29:b8:1a:63:90: bd:3b:16:49:67:46:8b:d7:fd:b4:6b:35:d7:e6:91:2a:18:33: 01:e0:9f:9a:7c:9f:ed:f9:d0:e4:7d:e1:12:10:3c:a0:60:55: 1e:0a:08:4b:9b:b0:92:b8:22:12:47:55:29:d4:c9:f8:3c:8a: 49:1c:3d:73:16:0f:d5:2e:fe:3c:00:9c:32:37:df:17:2d:4f: b0:b5:6a:19:1f:32:35:bf:fb:ec:01:a1:ba:91:74:69:5b:a0: 6d:46:1a:34 -----BEGIN CERTIFICATE----- MIIFkzCCBHugAwIBAgICNs8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTA4MzIxMTAvBgNVBAUTKDlFRDkwNTUxMDdDNzBGODVCQjkxQThEQTAyNzBCNUNB NzYwQUVCNTQwHhcNMjUwMzIyMTUwMTIzWhcNMjYwNzAxMDAwMDAwWjAYMRYwFAYD VQQDEw02N2RlZDBjMy03NzAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA5gGRrPnW1ojXGTTfROwox2OmuvqX7QL7G7ZhkM+PBccw+bv+sZ+2JzIbSXhf 3E2iGFcmSj5PGA8zrPdOSbMaNnwbkLtln/BUaHdSAgP/qp5qTTsb8gPPEO7EQnCu bp1THgZTxfkd2d+5GWBOAedZznn9VJg+bQX2M5wHp6KNVGSwKJYFwwcv1JOmwGYz i1gkuzrjemvgMitQRWsRM1fY9Uw/VytCib5cksVxaAL5o2HVzDVnhO7GkUYbL9Ax KAxUGFCOLXCpz1lWUWN589sy0kaPw7QXvea9hXADshCmgiRjLm7d2lOmDjB5xfmU jLQuC32Lp+TSsrmwEt1o9CofjQIDAQABo4ICtzCCArMwHQYDVR0OBBYEFKYzEdsa 9A0HmCaq1bP7nnoc3dlKMB8GA1UdIwQYMBaAFJ7ZBVEHxw+Fu5Go2gJwtcp2CutU MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBMDgzMi85REFGNzgwRTFE OTQxMUUyOTkwMUYzRjgwOEIwMkNEMi9udGtGVVFmSEQ0VzdrYWphQW5DMXluWUs2 MVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL250a0ZVUWZIRDRXN2thamFBbkMxeW5ZSzYxUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QTA4MzIvOURBRjc4MEUxRDk0MTFFMjk5MDFGM0Y4MDhCMDJDRDIvREY2RTkzMjRE MDhEMTFFQTkwMTBFNzJFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQQYIKwYBBQUHAQcBAf8E MjAwMC4EAgABMCgDBAQ6tWADAwB3nwMDALawAwQEykaQAwQFyn2AAwQGy4cAAwQG 3XjAMA0GCSqGSIb3DQEBCwUAA4IBAQBer70CbW1+X6gg7Ka1E1PQTvNkOiQNlBu8 Hl7/8wCyeXbJ1dbjfmchurmFV3GezvvZoN7/Vy9MNxWatH8/wfzXyIPgOXkodN1X gFYsGc5hwG0hKlz6PvqIyPvmOwnk1JAwRUw8z2L+rMihnhp3nnKOP7unKcTD7wtg ZLPQbEZbspPARFZmfPJl+Il5v7iAVwU1BTc3/6OM5IM5Vug1KbgaY5C9OxZJZ0aL 1/20azXX5pEqGDMB4J+afJ/t+dDkfeESEDygYFUeCghLm7CSuCISR1Up1Mn4PIpJ HD1zFg/VLv48AJwyN98XLU+wtWoZHzI1v/vsAaG6kXRpW6BtRho0 -----END CERTIFICATE-----Generated at Mon Apr 28 17:45:59 2025 by rpki-client on console.sobornost.net