$ rpki-client -vvf rpki.apnic.net/member_repository/A91975CC/13E7D72EAFE311ECA2CB066DC4F9AE02/AF08CB4CC77511EC81DCA645C4F9AE02.roa File: AF08CB4CC77511EC81DCA645C4F9AE02.roa (raw, json) Hash identifier: fCg3LsUh16wFnDfXkxVhThF2ZOUkgckgr+TaTcI9RIg= Subject key identifier: D2:EA:BA:1E:29:D5:E6:28:9C:1C:75:22:5D:A8:2C:4A:47:19:99:A8 Certificate issuer: /CN=A91975CC/serialNumber=B8A22277ECC6B10A3D202AA390CCA7FBB92A46E0 Certificate serial: 032C Authority key identifier: B8:A2:22:77:EC:C6:B1:0A:3D:20:2A:A3:90:CC:A7:FB:B9:2A:46:E0 Authority info access: rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/uKIid-zGsQo9ICqjkMyn-7kqRuA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91975CC/13E7D72EAFE311ECA2CB066DC4F9AE02/AF08CB4CC77511EC81DCA645C4F9AE02.roa Signing time: Fri 31 Jan 2025 01:15:15 +0000 ROA not before: Fri 31 Jan 2025 01:15:15 +0000 ROA not after: Tue 31 Mar 2026 00:00:00 +0000 asID: 134697 IP address blocks: 87.121.72.0/23 maxlen: 24 87.121.74.0/23 maxlen: 24 87.121.92.0/23 maxlen: 24 87.121.94.0/23 maxlen: 24 87.121.248.0/23 maxlen: 24 87.121.250.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91975CC/13E7D72EAFE311ECA2CB066DC4F9AE02/uKIid-zGsQo9ICqjkMyn-7kqRuA.crl rsync://rpki.apnic.net/member_repository/A91975CC/13E7D72EAFE311ECA2CB066DC4F9AE02/uKIid-zGsQo9ICqjkMyn-7kqRuA.mft rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/uKIid-zGsQo9ICqjkMyn-7kqRuA.cer rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.crl rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 12 Apr 2025 01:10:01 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 812 (0x32c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91975CC Validity Not Before: Jan 31 01:15:15 2025 GMT Not After : Mar 31 00:00:00 2026 GMT Subject: CN=679c2422-077a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:82:0a:1a:05:62:18:aa:56:a2:41:3c:94:c0: 29:4f:d1:89:66:d8:00:8c:e4:04:ba:d0:2a:97:26: f1:a2:ea:c0:65:40:76:62:c3:13:22:27:94:43:a4: c3:4f:26:4f:84:07:bf:df:f1:a8:cc:eb:87:c7:88: da:06:c7:4c:2c:1c:56:75:fd:58:2a:14:b2:84:5d: 9a:98:f9:fc:8e:75:f3:99:00:75:44:b5:98:65:6b: 8f:a3:42:a8:b1:46:ba:20:e9:60:2d:6b:28:92:4d: 23:60:30:50:fc:82:ba:5b:0b:bb:e7:29:35:c2:68: f7:d9:1f:c9:1f:39:fa:cb:6e:c5:d8:24:5e:ff:23: b6:64:17:15:55:da:99:bd:7f:3a:5a:e1:39:ca:8e: 3d:01:5f:82:9a:08:e0:c3:05:70:a7:f8:f4:d7:95: dc:3b:4f:3f:d8:16:8c:ba:b4:e5:fd:0d:f4:b5:06: 7c:17:52:b1:1e:bc:05:80:e3:b7:2b:c2:62:04:b3: 16:8f:a7:72:0e:d3:f7:ca:0c:cb:1a:6a:67:33:08: 26:25:9d:cb:ea:65:a6:59:bf:aa:17:8c:3f:10:95: 73:00:fc:a9:4c:d7:27:76:bc:6d:2d:c7:99:7b:86: a0:fb:b9:d3:ea:40:2d:31:a6:e0:82:be:f5:5a:7a: be:47 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D2:EA:BA:1E:29:D5:E6:28:9C:1C:75:22:5D:A8:2C:4A:47:19:99:A8 X509v3 Authority Key Identifier: keyid:B8:A2:22:77:EC:C6:B1:0A:3D:20:2A:A3:90:CC:A7:FB:B9:2A:46:E0 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91975CC/13E7D72EAFE311ECA2CB066DC4F9AE02/uKIid-zGsQo9ICqjkMyn-7kqRuA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/uKIid-zGsQo9ICqjkMyn-7kqRuA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91975CC/13E7D72EAFE311ECA2CB066DC4F9AE02/AF08CB4CC77511EC81DCA645C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 87.121.72.0/22 87.121.92.0/22 87.121.248.0/22 Signature Algorithm: sha256WithRSAEncryption 38:4d:d4:0e:01:0e:6c:5f:4e:f4:bc:ae:d7:be:04:33:d6:2a: cf:e5:6e:0e:65:ca:66:77:1d:cc:fc:3b:58:37:ef:9e:6f:75: b0:46:46:53:77:ab:0a:45:ea:cd:44:98:bf:bf:b2:3c:9a:06: 47:70:58:79:5a:e5:e4:05:75:51:6c:b6:1f:da:a2:af:f8:7b: 39:b4:ce:d2:20:16:6b:6c:ae:1d:eb:50:25:0a:52:52:7d:d4: 4d:2f:47:33:4a:9b:d5:6b:29:86:b9:de:65:fb:7f:f3:f0:18: 42:1c:72:b5:ec:1f:a0:02:ba:20:fc:71:0a:43:cc:a7:30:4e: 26:56:44:35:eb:b3:59:65:0f:f1:50:82:90:49:01:21:ef:17: 9d:0d:72:c6:ca:3f:3b:c5:8d:b6:2b:d5:4b:ef:76:a5:aa:af: 44:98:10:ae:9a:b1:53:97:26:03:da:b1:45:8d:ff:c2:a8:5f: 16:00:b0:e3:58:3d:93:10:39:b9:11:ca:dd:1c:60:6e:a3:d7: dc:b7:a7:76:28:5d:31:72:2d:50:e8:e6:1d:61:bf:1d:5c:2f: aa:66:d3:93:4e:39:72:60:5c:be:29:dc:59:b5:35:f2:14:06: 50:b8:cc:69:2e:d8:4a:27:46:70:d2:f7:9b:a3:36:eb:86:32: 69:a2:25:71 -----BEGIN CERTIFICATE----- MIIFfTCCBGWgAwIBAgICAywwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OTc1Q0MxMTAvBgNVBAUTKEI4QTIyMjc3RUNDNkIxMEEzRDIwMkFBMzkwQ0NBN0ZC QjkyQTQ2RTAwHhcNMjUwMTMxMDExNTE1WhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NzljMjQyMi0wNzdhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAq4IKGgViGKpWokE8lMApT9GJZtgAjOQEutAqlybxourAZUB2YsMTIieUQ6TD TyZPhAe/3/GozOuHx4jaBsdMLBxWdf1YKhSyhF2amPn8jnXzmQB1RLWYZWuPo0Ko sUa6IOlgLWsokk0jYDBQ/IK6Wwu75yk1wmj32R/JHzn6y27F2CRe/yO2ZBcVVdqZ vX86WuE5yo49AV+CmgjgwwVwp/j015XcO08/2BaMurTl/Q30tQZ8F1KxHrwFgOO3 K8JiBLMWj6dyDtP3ygzLGmpnMwgmJZ3L6mWmWb+qF4w/EJVzAPypTNcndrxtLceZ e4ag+7nT6kAtMabggr71Wnq+RwIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFNLquh4p 1eYonBx1Il2oLEpHGZmoMB8GA1UdIwQYMBaAFLiiInfsxrEKPSAqo5DMp/u5Kkbg MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5NzVDQy8xM0U3RDcyRUFG RTMxMUVDQTJDQjA2NkRDNEY5QUUwMi91S0lpZC16R3NRbzlJQ3Fqa015bi03a3FS dUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzMjJBNUY0MUQ2NjExRTJBM0YyN0Y3Qzcy RkQxRkYyL3VLSWlkLXpHc1FvOUlDcWprTXluLTdrcVJ1QS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx OTc1Q0MvMTNFN0Q3MkVBRkUzMTFFQ0EyQ0IwNjZEQzRGOUFFMDIvQUYwOENCNEND Nzc1MTFFQzgxRENBNjQ1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E HDAaMBgEAgABMBIDBAJXeUgDBAJXeVwDBAJXefgwDQYJKoZIhvcNAQELBQADggEB ADhN1A4BDmxfTvS8rte+BDPWKs/lbg5lymZ3Hcz8O1g3755vdbBGRlN3qwpF6s1E mL+/sjyaBkdwWHla5eQFdVFsth/aoq/4ezm0ztIgFmtsrh3rUCUKUlJ91E0vRzNK m9VrKYa53mX7f/PwGEIccrXsH6ACuiD8cQpDzKcwTiZWRDXrs1llD/FQgpBJASHv F50NcsbKPzvFjbYr1UvvdqWqr0SYEK6asVOXJgPasUWN/8KoXxYAsONYPZMQObkR yt0cYG6j19y3p3YoXTFyLVDo5h1hvx1cL6pm05NOOXJgXL4p3Fm1NfIUBlC4zGku 2EonRnDS95ujNuuGMmmiJXE= -----END CERTIFICATE-----Generated at Sat Apr 5 22:15:05 2025 by rpki-client