$ rpki-client -vvf rpki.apnic.net/member_repository/A91B37E3/0AFEA7CE03A011EAB4C5D27CC4F9AE02/24252532B84711EA8A7F036DC4F9AE02.roa File: 24252532B84711EA8A7F036DC4F9AE02.roa (raw, json) Hash identifier: amqBd7Gmw280SNEgcUdjWQQGaKazRNP/HiWRn2dZkzs= Subject key identifier: C2:AB:81:0A:51:18:27:3F:E3:0F:34:31:C1:B7:5B:72:6D:F7:C7:56 Certificate issuer: /CN=A91B37E3/serialNumber=A7570DCF3720A8D5A8856A4BB6583F1BAEAE0093 Certificate serial: 0C58 Authority key identifier: A7:57:0D:CF:37:20:A8:D5:A8:85:6A:4B:B6:58:3F:1B:AE:AE:00:93 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/p1cNzzcgqNWohWpLtlg_G66uAJM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B37E3/0AFEA7CE03A011EAB4C5D27CC4F9AE02/24252532B84711EA8A7F036DC4F9AE02.roa Signing time: Fri 14 Feb 2025 19:09:48 +0000 ROA not before: Fri 14 Feb 2025 19:09:48 +0000 ROA not after: Fri 01 May 2026 00:00:00 +0000 asID: 24342 IP address blocks: 115.127.0.0/17 maxlen: 22 115.127.0.0/18 maxlen: 23 115.127.0.0/19 maxlen: 24 115.127.32.0/22 maxlen: 24 115.127.36.0/23 maxlen: 24 115.127.39.0/24 maxlen: 24 115.127.40.0/21 maxlen: 24 115.127.48.0/20 maxlen: 24 115.127.64.0/20 maxlen: 24 115.127.80.0/21 maxlen: 24 115.127.88.0/22 maxlen: 24 115.127.92.0/23 maxlen: 24 115.127.94.0/24 maxlen: 24 115.127.95.0/24 maxlen: 24 115.127.96.0/19 maxlen: 24 115.127.128.0/18 maxlen: 24 115.127.192.0/19 maxlen: 24 202.168.224.0/19 maxlen: 24 2406:1400::/32 maxlen: 32 2406:1400::/48 maxlen: 48 2406:1400:c00::/48 maxlen: 48 2406:1400:c07::/48 maxlen: 48 2406:1400:c6b::/48 maxlen: 48 2406:1400:8386::/48 maxlen: 48 2406:1400:8387::/48 maxlen: 48 2406:1400:c100::/48 maxlen: 48 2406:1400:c109::/48 maxlen: 48 2406:1400:c174::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B37E3/0AFEA7CE03A011EAB4C5D27CC4F9AE02/p1cNzzcgqNWohWpLtlg_G66uAJM.crl rsync://rpki.apnic.net/member_repository/A91B37E3/0AFEA7CE03A011EAB4C5D27CC4F9AE02/p1cNzzcgqNWohWpLtlg_G66uAJM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/p1cNzzcgqNWohWpLtlg_G66uAJM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 11 Apr 2025 18:32:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3160 (0xc58) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B37E3 Validity Not Before: Feb 14 19:09:48 2025 GMT Not After : May 1 00:00:00 2026 GMT Subject: CN=67af94fc-f8ba Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e6:10:d7:1b:19:a0:a7:6c:a4:9a:2a:6f:f1:72: f4:58:56:11:ea:8f:82:4d:62:de:0c:e9:65:fb:01: 0a:7c:a3:28:fd:29:0b:24:82:d0:0c:5a:2d:ea:17: 00:a3:77:1d:71:9e:cc:62:d4:c9:63:70:27:ae:60: a0:e7:71:dc:2c:bb:f9:33:5a:22:b6:ac:71:86:21: 02:68:e7:38:fe:65:c8:da:8c:6a:51:f4:ce:8d:7f: a4:d2:7b:98:58:5f:ba:98:b6:3d:d0:ba:bf:41:57: 6b:ea:82:1d:b6:5e:53:ba:9b:f7:0a:b9:8c:41:1d: 8c:9c:ee:1f:af:75:b6:61:db:b5:6a:ca:44:37:4e: 1a:1c:80:e4:97:3a:dd:f1:e1:7c:ba:4f:65:db:41: 78:26:d2:eb:5d:34:e1:a8:c7:5d:0f:56:da:ea:57: 0a:5f:b8:e5:7b:fe:4a:85:09:9e:62:a3:f6:89:7e: 5a:57:22:e4:ae:fd:14:94:64:43:74:2d:ec:f2:43: a7:9b:97:b4:81:33:46:22:80:a6:25:14:cf:ab:d5: 5b:fe:04:21:5a:a8:73:11:bd:15:88:3e:2a:93:d6: ab:8f:12:81:9c:73:7f:3d:89:9f:f4:36:a0:64:6c: 65:05:ff:23:7f:13:a1:81:cd:5b:d5:8a:5d:4c:fe: 62:5d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C2:AB:81:0A:51:18:27:3F:E3:0F:34:31:C1:B7:5B:72:6D:F7:C7:56 X509v3 Authority Key Identifier: keyid:A7:57:0D:CF:37:20:A8:D5:A8:85:6A:4B:B6:58:3F:1B:AE:AE:00:93 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B37E3/0AFEA7CE03A011EAB4C5D27CC4F9AE02/p1cNzzcgqNWohWpLtlg_G66uAJM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/p1cNzzcgqNWohWpLtlg_G66uAJM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B37E3/0AFEA7CE03A011EAB4C5D27CC4F9AE02/24252532B84711EA8A7F036DC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 115.127.0.0-115.127.223.255 202.168.224.0/19 IPv6: 2406:1400::/32 Signature Algorithm: sha256WithRSAEncryption 9b:7c:82:60:24:7f:97:08:c9:67:44:03:4a:39:c6:14:e3:69: 14:f0:c8:80:c6:db:17:40:31:fb:df:2b:76:b4:be:c5:42:45: d6:25:39:f9:b6:cc:1b:4a:59:4f:37:96:22:8c:4a:a4:25:a2: a5:76:7c:7c:bb:f8:89:98:a6:36:ed:af:95:81:d7:7b:19:6b: a5:30:0d:55:91:38:56:0b:2f:2a:1b:9e:6f:fb:6f:83:1d:25: 0c:fb:2e:de:95:e3:e4:56:1f:4b:4b:50:14:c3:e5:97:12:62: 8d:3b:97:a4:12:f9:f5:2c:0d:a4:7d:47:af:3d:8a:45:a1:1b: 53:8c:a8:79:9c:33:1e:e2:1c:9b:6e:6e:1b:61:c0:65:c1:bc: 61:21:05:34:0d:1e:04:8a:31:3a:8f:ae:af:78:b1:49:c5:a8: 2a:ae:cf:ec:ad:74:84:7a:04:7c:47:a5:f4:eb:be:40:60:12: 45:42:b2:25:ae:c7:74:2f:55:b8:c9:67:ec:55:2e:b6:e2:63: fb:fd:fb:e2:77:76:71:a9:9f:5e:71:49:1a:4c:98:b4:9a:39: e1:f5:86:d2:3b:61:9f:81:96:f8:bf:ec:55:cc:48:10:a3:4a: 97:ce:0f:27:3c:82:c6:8b:1b:4a:b3:cb:1f:e3:26:a1:d7:04: e8:92:83:c7 -----BEGIN CERTIFICATE----- MIIFjTCCBHWgAwIBAgICDFgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjM3RTMxMTAvBgNVBAUTKEE3NTcwRENGMzcyMEE4RDVBODg1NkE0QkI2NTgzRjFC QUVBRTAwOTMwHhcNMjUwMjE0MTkwOTQ4WhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD VQQDEw02N2FmOTRmYy1mOGJhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA5hDXGxmgp2ykmipv8XL0WFYR6o+CTWLeDOll+wEKfKMo/SkLJILQDFot6hcA o3cdcZ7MYtTJY3AnrmCg53HcLLv5M1oitqxxhiECaOc4/mXI2oxqUfTOjX+k0nuY WF+6mLY90Lq/QVdr6oIdtl5Tupv3CrmMQR2MnO4fr3W2Ydu1aspEN04aHIDklzrd 8eF8uk9l20F4JtLrXTThqMddD1ba6lcKX7jle/5KhQmeYqP2iX5aVyLkrv0UlGRD dC3s8kOnm5e0gTNGIoCmJRTPq9Vb/gQhWqhzEb0ViD4qk9arjxKBnHN/PYmf9Dag ZGxlBf8jfxOhgc1b1YpdTP5iXQIDAQABo4ICsTCCAq0wHQYDVR0OBBYEFMKrgQpR GCc/4w80McG3W3Jt98dWMB8GA1UdIwQYMBaAFKdXDc83IKjVqIVqS7ZYPxuurgCT MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCMzdFMy8wQUZFQTdDRTAz QTAxMUVBQjRDNUQyN0NDNEY5QUUwMi9wMWNOenpjZ3FOV29oV3BMdGxnX0c2NnVB Sk0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3AxY056emNncU5Xb2hXcEx0bGdfRzY2dUFKTS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QjM3RTMvMEFGRUE3Q0UwM0EwMTFFQUI0QzVEMjdDQzRGOUFFMDIvMjQyNTI1MzJC ODQ3MTFFQThBN0YwMzZEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOwYIKwYBBQUHAQcBAf8E LDAqMBkEAgABMBMwCwMDAHN/AwQFc3/AAwQFyqjgMA0EAgACMAcDBQAkBhQAMA0G CSqGSIb3DQEBCwUAA4IBAQCbfIJgJH+XCMlnRANKOcYU42kU8MiAxtsXQDH73yt2 tL7FQkXWJTn5tswbSllPN5YijEqkJaKldnx8u/iJmKY27a+Vgdd7GWulMA1VkThW Cy8qG55v+2+DHSUM+y7elePkVh9LS1AUw+WXEmKNO5ekEvn1LA2kfUevPYpFoRtT jKh5nDMe4hybbm4bYcBlwbxhIQU0DR4EijE6j66veLFJxagqrs/srXSEegR8R6X0 675AYBJFQrIlrsd0L1W4yWfsVS624mP7/fvid3ZxqZ9ecUkaTJi0mjnh9YbSO2Gf gZb4v+xVzEgQo0qXzg8nPILGixtKs8sf4yah1wTokoPH -----END CERTIFICATE-----Generated at Sat Apr 5 02:00:29 2025 by rpki-client