$ rpki-client -vvf rpki.apnic.net/member_repository/A91B7292/03B88ADAD14A11EE99DE2B52C4F9AE02/998461D4D14E11EEBD6E0D11C4F9AE02.roa File: 998461D4D14E11EEBD6E0D11C4F9AE02.roa (raw, json) Hash identifier: Bq4ocVFZ0iosWtq4rhIKfW0siZZeuAW1JI1o4Hun97U= Subject key identifier: DB:93:D3:2C:A5:C2:AC:5A:2D:B4:9C:3E:52:69:40:5D:9E:B1:38:10 Certificate issuer: /CN=A91B7292/serialNumber=C2FC6448564EC6526B91B2FE23B4FD58342D20F4 Certificate serial: B6 Authority key identifier: C2:FC:64:48:56:4E:C6:52:6B:91:B2:FE:23:B4:FD:58:34:2D:20:F4 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wvxkSFZOxlJrkbL-I7T9WDQtIPQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B7292/03B88ADAD14A11EE99DE2B52C4F9AE02/998461D4D14E11EEBD6E0D11C4F9AE02.roa Signing time: Wed 15 Jan 2025 04:47:24 +0000 ROA not before: Wed 15 Jan 2025 04:47:24 +0000 ROA not after: Tue 31 Mar 2026 00:00:00 +0000 asID: 38325 IP address blocks: 123.108.120.0/21 maxlen: 21 123.108.120.0/22 maxlen: 22 123.108.121.0/24 maxlen: 24 123.108.122.0/24 maxlen: 24 123.108.123.0/24 maxlen: 24 123.108.124.0/22 maxlen: 22 123.108.124.0/24 maxlen: 24 123.108.125.0/24 maxlen: 24 123.108.126.0/24 maxlen: 24 123.108.127.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B7292/03B88ADAD14A11EE99DE2B52C4F9AE02/wvxkSFZOxlJrkbL-I7T9WDQtIPQ.crl rsync://rpki.apnic.net/member_repository/A91B7292/03B88ADAD14A11EE99DE2B52C4F9AE02/wvxkSFZOxlJrkbL-I7T9WDQtIPQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wvxkSFZOxlJrkbL-I7T9WDQtIPQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 12 Apr 2025 04:58:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 182 (0xb6) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B7292 Validity Not Before: Jan 15 04:47:24 2025 GMT Not After : Mar 31 00:00:00 2026 GMT Subject: CN=67873ddc-5d4d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:98:0c:15:8e:b7:21:c9:8f:64:9d:fa:c3:a6: d9:34:5d:db:45:4a:dc:fa:c0:c3:2f:fa:1f:86:f8: 16:e5:86:ae:d9:81:5d:83:48:91:c5:fc:89:d7:b5: 21:8d:28:48:a9:53:d6:b3:27:ca:88:f0:7e:8e:98: 98:66:c3:c1:04:8a:e8:1d:14:0d:22:6a:4b:0a:b7: 6d:42:9f:14:ca:cc:5f:84:d3:41:95:31:62:20:26: fd:7f:c9:78:ba:96:f3:f5:0b:e7:25:6d:b1:26:37: e7:e8:fc:c8:6c:29:a2:68:b4:11:68:26:bf:5d:47: 6b:42:b9:77:a0:a4:2a:3d:46:b4:2b:7a:97:49:ba: bc:25:19:7b:b8:27:2d:90:d6:5e:2b:0d:ba:ea:0c: 21:0c:f7:c6:95:e1:64:dd:c2:1c:29:a7:f0:3c:33: 1b:09:e6:13:a7:ed:96:d0:e8:25:de:87:d5:f9:94: dc:30:4b:e6:cc:ce:e8:29:27:39:2a:17:a0:c6:49: bf:86:8d:36:f8:09:6d:1b:16:42:69:9d:c1:49:cc: 4c:cd:6a:c2:7e:7f:c8:ea:ef:7a:2a:0c:c4:18:eb: 6e:bb:15:9d:af:20:51:3e:71:d2:56:93:4a:a1:87: 61:b8:15:37:98:3f:46:cb:35:a2:38:6a:c5:5a:76: 37:69 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DB:93:D3:2C:A5:C2:AC:5A:2D:B4:9C:3E:52:69:40:5D:9E:B1:38:10 X509v3 Authority Key Identifier: keyid:C2:FC:64:48:56:4E:C6:52:6B:91:B2:FE:23:B4:FD:58:34:2D:20:F4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B7292/03B88ADAD14A11EE99DE2B52C4F9AE02/wvxkSFZOxlJrkbL-I7T9WDQtIPQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wvxkSFZOxlJrkbL-I7T9WDQtIPQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B7292/03B88ADAD14A11EE99DE2B52C4F9AE02/998461D4D14E11EEBD6E0D11C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 123.108.120.0/21 Signature Algorithm: sha256WithRSAEncryption cf:45:07:d4:c7:a6:04:2d:bc:ca:8e:a7:0c:8e:37:04:71:d0: b8:1d:95:41:f2:7a:64:b4:59:ab:02:73:d1:ce:36:ac:d6:e9: 7b:63:c4:81:ff:45:63:c8:eb:1f:3a:45:af:7b:06:3b:4d:b4: 8c:96:dc:9d:d9:c3:3a:47:ca:ea:8d:ae:92:42:44:93:d3:c1: a7:02:c5:58:58:12:7c:b7:6d:a3:8d:30:cb:23:a7:09:34:52: fb:f4:76:5b:d2:7c:48:e2:49:85:12:9b:32:a5:ca:f6:01:44: 1a:e6:6f:88:6f:dd:df:98:c9:92:60:07:61:15:e3:0b:e2:08: 3d:55:66:8b:da:31:4a:b3:5c:9f:fa:9f:0b:5b:5e:ae:d2:6a: 41:4b:f6:cb:f8:8f:4f:bd:23:61:55:18:bf:d5:49:73:90:81: 76:15:35:1f:4c:62:92:fd:af:04:97:bd:92:34:a6:e0:8d:58: 0b:db:66:3c:6e:f4:0d:1b:e6:80:51:fe:67:b2:ef:1a:aa:f8: 69:50:ad:d3:03:d1:6b:fb:78:ff:cc:c6:a1:9a:2f:ed:a6:c9: 15:37:48:35:ac:45:81:b6:d5:ed:cd:d1:92:89:ea:00:f0:3c: 75:15:8c:b3:c2:6a:35:4b:37:de:ac:81:bd:86:2e:e6:89:8f: 44:17:fc:48 -----BEGIN CERTIFICATE----- MIIFcTCCBFmgAwIBAgICALYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjcyOTIxMTAvBgNVBAUTKEMyRkM2NDQ4NTY0RUM2NTI2QjkxQjJGRTIzQjRGRDU4 MzQyRDIwRjQwHhcNMjUwMTE1MDQ0NzI0WhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD VQQDEw02Nzg3M2RkYy01ZDRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEApJgMFY63IcmPZJ36w6bZNF3bRUrc+sDDL/ofhvgW5Yau2YFdg0iRxfyJ17Uh jShIqVPWsyfKiPB+jpiYZsPBBIroHRQNImpLCrdtQp8UysxfhNNBlTFiICb9f8l4 upbz9QvnJW2xJjfn6PzIbCmiaLQRaCa/XUdrQrl3oKQqPUa0K3qXSbq8JRl7uCct kNZeKw266gwhDPfGleFk3cIcKafwPDMbCeYTp+2W0Ogl3ofV+ZTcMEvmzM7oKSc5 Khegxkm/ho02+AltGxZCaZ3BScxMzWrCfn/I6u96KgzEGOtuuxWdryBRPnHSVpNK oYdhuBU3mD9GyzWiOGrFWnY3aQIDAQABo4IClTCCApEwHQYDVR0OBBYEFNuT0yyl wqxaLbScPlJpQF2esTgQMB8GA1UdIwQYMBaAFML8ZEhWTsZSa5Gy/iO0/Vg0LSD0 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNzI5Mi8wM0I4OEFEQUQx NEExMUVFOTlERTJCNTJDNEY5QUUwMi93dnhrU0ZaT3hsSnJrYkwtSTdUOVdEUXRJ UFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3d2eGtTRlpPeGxKcmtiTC1JN1Q5V0RRdElQUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QjcyOTIvMDNCODhBREFEMTRBMTFFRTk5REUyQjUyQzRGOUFFMDIvOTk4NDYxRDRE MTRFMTFFRUJENkUwRDExQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E EDAOMAwEAgABMAYDBAN7bHgwDQYJKoZIhvcNAQELBQADggEBAM9FB9THpgQtvMqO pwyONwRx0LgdlUHyemS0WasCc9HONqzW6XtjxIH/RWPI6x86Ra97BjtNtIyW3J3Z wzpHyuqNrpJCRJPTwacCxVhYEny3baONMMsjpwk0Uvv0dlvSfEjiSYUSmzKlyvYB RBrmb4hv3d+YyZJgB2EV4wviCD1VZovaMUqzXJ/6nwtbXq7SakFL9sv4j0+9I2FV GL/VSXOQgXYVNR9MYpL9rwSXvZI0puCNWAvbZjxu9A0b5oBR/mey7xqq+GlQrdMD 0Wv7eP/MxqGaL+2myRU3SDWsRYG21e3N0ZKJ6gDwPHUVjLPCajVLN96sgb2GLuaJ j0QX/Eg= -----END CERTIFICATE-----Generated at Sun Apr 6 10:16:23 2025 by rpki-client