$ rpki-client -vvf rpki.apnic.net/member_repository/A9142127/20F4443A546D11EABDD3C117C4F9AE02/7B3737EE546E11EAAA4CF919C4F9AE02.roa File: 7B3737EE546E11EAAA4CF919C4F9AE02.roa (raw, json) Hash identifier: BRh8F/ZFWfYeIdiPZ6JVdtAsFlC7I+7udl7AHdMF4RM= Subject key identifier: A0:A4:C7:3B:C2:98:7C:FF:8A:D0:4C:ED:4E:14:32:6B:3B:DE:0E:FA Certificate issuer: /CN=A9142127/serialNumber=415027D8C9298E97DA05C0C43DCD8BAF52174175 Certificate serial: 0AB1 Authority key identifier: 41:50:27:D8:C9:29:8E:97:DA:05:C0:C4:3D:CD:8B:AF:52:17:41:75 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QVAn2MkpjpfaBcDEPc2Lr1IXQXU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9142127/20F4443A546D11EABDD3C117C4F9AE02/7B3737EE546E11EAAA4CF919C4F9AE02.roa Signing time: Wed 02 Apr 2025 19:49:56 +0000 ROA not before: Wed 02 Apr 2025 19:49:56 +0000 ROA not after: Thu 28 May 2026 00:00:00 +0000 asID: 4049 IP address blocks: 59.153.20.0/22 maxlen: 24 103.47.3.0/24 maxlen: 24 103.65.244.0/22 maxlen: 24 103.130.76.0/22 maxlen: 24 103.148.132.0/23 maxlen: 24 103.250.198.0/24 maxlen: 24 202.27.113.0/24 maxlen: 24 202.36.150.0/23 maxlen: 24 202.36.152.0/23 maxlen: 24 202.49.20.0/22 maxlen: 24 202.49.24.0/21 maxlen: 24 202.134.32.0/20 maxlen: 24 2406:2b00::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9142127/20F4443A546D11EABDD3C117C4F9AE02/QVAn2MkpjpfaBcDEPc2Lr1IXQXU.crl rsync://rpki.apnic.net/member_repository/A9142127/20F4443A546D11EABDD3C117C4F9AE02/QVAn2MkpjpfaBcDEPc2Lr1IXQXU.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QVAn2MkpjpfaBcDEPc2Lr1IXQXU.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 17 Apr 2025 19:31:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2737 (0xab1) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9142127 Validity Not Before: Apr 2 19:49:56 2025 GMT Not After : May 28 00:00:00 2026 GMT Subject: CN=67ed94e3-b06f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:56:84:46:ec:7d:d4:ce:05:ca:e7:36:7f:36: 2f:a4:6d:95:a7:ef:97:cd:9a:62:59:7e:4d:22:2d: 0d:f9:f5:92:72:b3:14:28:89:d6:ce:8a:82:8d:fe: 8d:b2:c6:f8:ce:27:4b:a5:bf:31:3f:6e:bb:4e:65: 65:0a:31:f8:ce:4a:69:80:1d:90:ef:81:c8:6d:06: fa:ac:9b:61:7e:75:ba:01:2d:aa:26:27:f4:56:bd: 7e:90:4b:2f:fe:1f:cc:3a:1b:ac:09:a1:ee:6d:18: c5:dd:18:12:3a:41:59:17:64:1b:ea:3f:d4:13:97: ad:03:e0:66:ff:a6:20:a1:a6:f9:3a:7a:b0:95:f8: 5f:44:25:2d:87:82:07:2f:47:69:ac:0b:53:8f:52: b2:f4:f6:50:91:a6:3f:0b:d7:44:58:c6:be:85:3a: a5:4a:84:65:43:a1:95:82:9d:29:f7:b8:43:01:c4: 74:bb:e2:96:d7:ac:ea:f8:07:79:6b:f6:1f:9b:c9: 22:a5:52:2c:46:c7:be:88:76:d5:50:4d:17:e1:65: 75:7d:06:fa:04:93:52:8a:32:c9:52:ee:37:40:d3: 28:7e:02:ad:46:22:de:02:78:57:86:7f:35:f5:2b: b7:7a:ea:2c:33:84:f3:7b:47:55:3b:b0:d4:1d:2a: 18:a9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A0:A4:C7:3B:C2:98:7C:FF:8A:D0:4C:ED:4E:14:32:6B:3B:DE:0E:FA X509v3 Authority Key Identifier: keyid:41:50:27:D8:C9:29:8E:97:DA:05:C0:C4:3D:CD:8B:AF:52:17:41:75 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9142127/20F4443A546D11EABDD3C117C4F9AE02/QVAn2MkpjpfaBcDEPc2Lr1IXQXU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QVAn2MkpjpfaBcDEPc2Lr1IXQXU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9142127/20F4443A546D11EABDD3C117C4F9AE02/7B3737EE546E11EAAA4CF919C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 59.153.20.0/22 103.47.3.0/24 103.65.244.0/22 103.130.76.0/22 103.148.132.0/23 103.250.198.0/24 202.27.113.0/24 202.36.150.0-202.36.153.255 202.49.20.0-202.49.31.255 202.134.32.0/20 IPv6: 2406:2b00::/32 Signature Algorithm: sha256WithRSAEncryption 01:45:96:6e:bf:8a:4a:ae:e8:64:b1:af:76:12:9f:44:f1:e3: 7b:85:ac:3f:04:d0:95:ce:9d:f4:30:4b:48:5f:cc:76:ab:35: d4:30:80:6c:2a:3c:83:dc:c8:04:82:03:09:e3:ff:54:5d:99: 61:ad:d6:73:31:e8:c0:ba:f1:95:d4:73:dd:5f:ba:05:d5:ad: 05:b8:2a:76:7a:08:26:f9:97:a4:e2:27:73:63:c4:36:e2:a8: da:63:fd:a9:d2:e1:20:26:7b:de:7d:82:1a:02:74:43:e3:84: 11:81:2a:f8:0f:e1:4b:15:9b:e0:85:db:5e:ca:7e:6b:a1:4e: 0d:e4:0a:2a:9a:f0:cb:3c:13:dd:db:dc:16:39:0e:63:fb:70: 9d:aa:ff:a8:a4:52:d4:61:e0:97:6f:44:64:37:5a:ef:f3:91: 9e:31:ad:e4:00:f0:d1:26:2c:d8:13:10:8b:19:12:a5:b2:50: af:72:76:e3:bb:47:37:5d:64:66:81:af:a7:75:1e:ab:a5:28: b3:e7:dd:43:22:e5:7d:b5:83:04:3e:e8:26:55:e8:80:ff:d3: ce:15:4a:2e:2f:37:a1:7f:14:07:48:34:3a:28:4d:50:94:29: 0a:db:c8:26:90:96:69:cb:1f:57:2a:93:30:a5:f1:af:10:ea: be:15:63:7e -----BEGIN CERTIFICATE----- MIIFxjCCBK6gAwIBAgICCrEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDIxMjcxMTAvBgNVBAUTKDQxNTAyN0Q4QzkyOThFOTdEQTA1QzBDNDNEQ0Q4QkFG NTIxNzQxNzUwHhcNMjUwNDAyMTk0OTU2WhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD VQQDEw02N2VkOTRlMy1iMDZmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwVaERux91M4Fyuc2fzYvpG2Vp++XzZpiWX5NIi0N+fWScrMUKInWzoqCjf6N ssb4zidLpb8xP267TmVlCjH4zkppgB2Q74HIbQb6rJthfnW6AS2qJif0Vr1+kEsv /h/MOhusCaHubRjF3RgSOkFZF2Qb6j/UE5etA+Bm/6Ygoab5OnqwlfhfRCUth4IH L0dprAtTj1Ky9PZQkaY/C9dEWMa+hTqlSoRlQ6GVgp0p97hDAcR0u+KW16zq+Ad5 a/Yfm8kipVIsRse+iHbVUE0X4WV1fQb6BJNSijLJUu43QNMofgKtRiLeAnhXhn81 9Su3euosM4Tze0dVO7DUHSoYqQIDAQABo4IC6jCCAuYwHQYDVR0OBBYEFKCkxzvC mHz/itBM7U4UMms73g76MB8GA1UdIwQYMBaAFEFQJ9jJKY6X2gXAxD3Ni69SF0F1 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0MjEyNy8yMEY0NDQzQTU0 NkQxMUVBQkREM0MxMTdDNEY5QUUwMi9RVkFuMk1rcGpwZmFCY0RFUGMyTHIxSVhR WFUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1FWQW4yTWtwanBmYUJjREVQYzJMcjFJWFFYVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NDIxMjcvMjBGNDQ0M0E1NDZEMTFFQUJERDNDMTE3QzRGOUFFMDIvN0IzNzM3RUU1 NDZFMTFFQUFBNENGOTE5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwdAYIKwYBBQUHAQcBAf8E ZTBjMFIEAgABMEwDBAI7mRQDBABnLwMDBAJnQfQDBAJngkwDBAFnlIQDBABn+sYD BADKG3EwDAMEAcoklgMEAcokmDAMAwQCyjEUAwQFyjEAAwQEyoYgMA0EAgACMAcD BQAkBisAMA0GCSqGSIb3DQEBCwUAA4IBAQABRZZuv4pKruhksa92Ep9E8eN7haw/ BNCVzp30MEtIX8x2qzXUMIBsKjyD3MgEggMJ4/9UXZlhrdZzMejAuvGV1HPdX7oF 1a0FuCp2eggm+Zek4idzY8Q24qjaY/2p0uEgJnvefYIaAnRD44QRgSr4D+FLFZvg hdteyn5roU4N5AoqmvDLPBPd29wWOQ5j+3Cdqv+opFLUYeCXb0RkN1rv85GeMa3k APDRJizYExCLGRKlslCvcnbju0c3XWRmga+ndR6rpSiz591DIuV9tYMEPugmVeiA /9POFUouLzehfxQHSDQ6KE1QlCkK28gmkJZpyx9XKpMwpfGvEOq+FWN+ -----END CERTIFICATE-----Generated at Sat Apr 12 01:28:43 2025 by rpki-client