$ rpki-client -vvf rpki.apnic.net/member_repository/A91DD4A6/6A5969A87E9511EC82EE520AC4F9AE02/96BF84D621A411F0AC5C0C24C4F9AE02.roa File: 96BF84D621A411F0AC5C0C24C4F9AE02.roa (raw, json) Hash identifier: 798NxIqDDFl6KrkCTp1VY6O+JV8in8IvqJ86we9gpvc= Subject key identifier: 8D:FA:AF:B2:69:AD:00:9F:99:2A:53:BD:13:2F:FE:79:C8:EF:58:45 Certificate issuer: /CN=A91DD4A6/serialNumber=17004AA33105B0A0E6D3EB4E47C513063D92CEC2 Certificate serial: 0418 Authority key identifier: 17:00:4A:A3:31:05:B0:A0:E6:D3:EB:4E:47:C5:13:06:3D:92:CE:C2 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FwBKozEFsKDm0-tOR8UTBj2SzsI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91DD4A6/6A5969A87E9511EC82EE520AC4F9AE02/96BF84D621A411F0AC5C0C24C4F9AE02.roa Signing time: Sun 27 Apr 2025 00:35:07 +0000 ROA not before: Sun 27 Apr 2025 00:35:07 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 56209 IP address blocks: 202.47.112.0/21 maxlen: 21 202.47.112.0/24 maxlen: 24 202.47.113.0/24 maxlen: 24 202.47.114.0/24 maxlen: 24 202.47.115.0/24 maxlen: 24 202.47.116.0/24 maxlen: 24 202.47.117.0/24 maxlen: 24 202.47.118.0/24 maxlen: 24 202.47.119.0/24 maxlen: 24 202.71.0.0/23 maxlen: 23 202.71.0.0/24 maxlen: 24 202.71.1.0/24 maxlen: 24 202.71.2.0/23 maxlen: 23 202.71.2.0/24 maxlen: 24 202.71.3.0/24 maxlen: 24 2406:2100::/32 maxlen: 32 2406:2100::/48 maxlen: 48 2406:2100:1::/48 maxlen: 48 2406:2100:2::/48 maxlen: 48 2406:2100:3::/48 maxlen: 48 2406:2100:4::/48 maxlen: 48 2406:2100:5::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91DD4A6/6A5969A87E9511EC82EE520AC4F9AE02/FwBKozEFsKDm0-tOR8UTBj2SzsI.crl rsync://rpki.apnic.net/member_repository/A91DD4A6/6A5969A87E9511EC82EE520AC4F9AE02/FwBKozEFsKDm0-tOR8UTBj2SzsI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FwBKozEFsKDm0-tOR8UTBj2SzsI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 04 May 2025 00:35:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1048 (0x418) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91DD4A6, serialNumber=17004AA33105B0A0E6D3EB4E47C513063D92CEC2 Validity Not Before: Apr 27 00:35:07 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=680d7bbb-6aee Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:0f:30:8e:dc:92:36:1f:10:2b:d0:90:60:04: ad:d5:ed:49:78:aa:50:00:ac:f6:fd:b0:13:e8:f1: ed:dd:86:6f:33:20:63:f4:e2:6c:30:d1:8c:70:5a: 18:08:e7:aa:c9:37:b9:53:a9:fc:df:ea:3a:5c:07: 2e:26:a0:77:a9:71:5a:8a:43:2a:54:d9:ee:79:18: 2f:8c:b8:9c:ae:a9:80:c4:90:f4:51:5c:5d:7d:23: 53:4b:e9:0c:d0:3d:cb:1a:17:b8:53:1c:69:f1:1d: d0:31:be:73:e3:2d:69:2d:0d:f0:23:f2:46:6c:ec: 8e:10:cc:19:d1:08:cc:95:eb:a5:aa:6d:be:56:ad: 6c:7a:a6:21:a4:5d:e5:85:06:df:d0:f4:2a:0e:94: 43:e3:ff:74:dd:42:9d:01:e8:65:93:a4:2c:9e:8f: c7:9d:95:b6:dc:a7:70:4a:77:4b:95:0f:88:ba:0c: 77:b1:a7:57:2d:9c:d3:f5:4e:a9:ce:83:af:96:18: 28:4d:89:da:50:99:5c:2d:60:9d:93:b8:46:aa:3c: 8d:77:02:84:85:60:99:0a:11:4d:b7:1a:4c:87:b2: be:92:30:b4:91:3d:79:66:05:ab:62:e3:36:07:8d: 47:a0:1a:0f:c4:9b:d3:6a:f8:4d:fc:89:c6:d9:14: 35:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8D:FA:AF:B2:69:AD:00:9F:99:2A:53:BD:13:2F:FE:79:C8:EF:58:45 X509v3 Authority Key Identifier: keyid:17:00:4A:A3:31:05:B0:A0:E6:D3:EB:4E:47:C5:13:06:3D:92:CE:C2 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91DD4A6/6A5969A87E9511EC82EE520AC4F9AE02/FwBKozEFsKDm0-tOR8UTBj2SzsI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FwBKozEFsKDm0-tOR8UTBj2SzsI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DD4A6/6A5969A87E9511EC82EE520AC4F9AE02/96BF84D621A411F0AC5C0C24C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 202.47.112.0/21 202.71.0.0/22 IPv6: 2406:2100::/32 Signature Algorithm: sha256WithRSAEncryption 38:0e:d3:26:1b:58:90:f6:18:10:72:34:d0:18:cd:a8:65:b3: 82:87:a7:e9:21:3e:77:fc:42:27:76:a9:8d:d2:f3:5a:0a:39: 2b:31:8b:8e:3b:b3:ac:bf:1d:e9:63:d6:d2:b1:50:5e:35:66: e3:3d:3a:b7:38:f3:6f:86:f4:81:e4:b9:fd:77:c0:bd:1c:e1: 73:65:24:c0:22:60:03:12:ed:53:58:df:ed:54:5a:0c:32:3d: f2:c9:3e:bc:69:5c:b0:fd:29:83:8a:4d:eb:98:59:18:df:11: 24:af:cb:88:dc:dc:a6:57:24:26:82:47:dc:42:d4:c6:8d:4f: ff:29:01:63:fd:d5:29:31:1a:13:36:de:75:a6:cf:57:5a:ec: 01:a2:94:15:61:54:fc:97:aa:46:a4:28:5f:80:56:51:df:40: 45:70:29:e3:19:e6:a4:bb:32:51:f2:98:42:f8:76:5c:6a:5a: 8e:84:71:eb:32:ee:83:5d:e4:92:c9:3e:eb:77:b9:ce:0d:32: af:af:3c:ce:85:c1:2c:bb:fc:ec:bc:29:b3:af:4c:3c:87:d8: fc:25:6d:bc:11:ef:04:5e:a5:0f:31:37:98:78:49:c1:cf:68: cc:e6:c0:87:d7:a3:fb:31:21:c7:26:e5:f5:dc:4c:09:90:35: a2:63:78:03 -----BEGIN CERTIFICATE----- MIIFhjCCBG6gAwIBAgICBBgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx REQ0QTYxMTAvBgNVBAUTKDE3MDA0QUEzMzEwNUIwQTBFNkQzRUI0RTQ3QzUxMzA2 M0Q5MkNFQzIwHhcNMjUwNDI3MDAzNTA3WhcNMjYwNzAxMDAwMDAwWjAYMRYwFAYD VQQDEw02ODBkN2JiYi02YWVlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtw8wjtySNh8QK9CQYASt1e1JeKpQAKz2/bAT6PHt3YZvMyBj9OJsMNGMcFoY COeqyTe5U6n83+o6XAcuJqB3qXFaikMqVNnueRgvjLicrqmAxJD0UVxdfSNTS+kM 0D3LGhe4Uxxp8R3QMb5z4y1pLQ3wI/JGbOyOEMwZ0QjMleulqm2+Vq1seqYhpF3l hQbf0PQqDpRD4/903UKdAehlk6Qsno/HnZW23KdwSndLlQ+Iugx3sadXLZzT9U6p zoOvlhgoTYnaUJlcLWCdk7hGqjyNdwKEhWCZChFNtxpMh7K+kjC0kT15ZgWrYuM2 B41HoBoPxJvTavhN/InG2RQ12QIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFI36r7Jp rQCfmSpTvRMv/nnI71hFMB8GA1UdIwQYMBaAFBcASqMxBbCg5tPrTkfFEwY9ks7C MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFERDRBNi82QTU5NjlBODdF OTUxMUVDODJFRTUyMEFDNEY5QUUwMi9Gd0JLb3pFRnNLRG0wLXRPUjhVVEJqMlN6 c0kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0Z3QktvekVGc0tEbTAtdE9SOFVUQmoyU3pzSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx REQ0QTYvNkE1OTY5QTg3RTk1MTFFQzgyRUU1MjBBQzRGOUFFMDIvOTZCRjg0RDYy MUE0MTFGMEFDNUMwQzI0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E JTAjMBIEAgABMAwDBAPKL3ADBALKRwAwDQQCAAIwBwMFACQGIQAwDQYJKoZIhvcN AQELBQADggEBADgO0yYbWJD2GBByNNAYzahls4KHp+khPnf8Qid2qY3S81oKOSsx i447s6y/Helj1tKxUF41ZuM9Orc482+G9IHkuf13wL0c4XNlJMAiYAMS7VNY3+1U WgwyPfLJPrxpXLD9KYOKTeuYWRjfESSvy4jc3KZXJCaCR9xC1MaNT/8pAWP91Skx GhM23nWmz1da7AGilBVhVPyXqkakKF+AVlHfQEVwKeMZ5qS7MlHymEL4dlxqWo6E cesy7oNd5JLJPut3uc4NMq+vPM6FwSy7/Oy8KbOvTDyH2PwlbbwR7wRepQ8xN5h4 ScHPaMzmwIfXo/sxIccm5fXcTAmQNaJjeAM= -----END CERTIFICATE-----Generated at Sun Apr 27 05:43:14 2025 by rpki-client on console.sobornost.net