$ rpki-client -vvf rpki.apnic.net/member_repository/A91B885C/5C19F842F26711E987C7131FC4F9AE02/8BFEF29C3AEA11EC84E6634EC4F9AE02.roa File: 8BFEF29C3AEA11EC84E6634EC4F9AE02.roa (raw, json) Hash identifier: 6pM1TQdNb79+DA6IOYbwXDIQvGxFIYUOEy7bg1GioZ4= Subject key identifier: F7:08:E8:B9:71:93:BB:21:B7:68:34:A2:E4:81:29:E9:C2:07:BE:EB Certificate issuer: /CN=A91B885C/serialNumber=5374C6E75F186052455A2D8DA5292FEF009CC9AF Certificate serial: 0CF2 Authority key identifier: 53:74:C6:E7:5F:18:60:52:45:5A:2D:8D:A5:29:2F:EF:00:9C:C9:AF Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U3TG518YYFJFWi2NpSkv7wCcya8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B885C/5C19F842F26711E987C7131FC4F9AE02/8BFEF29C3AEA11EC84E6634EC4F9AE02.roa Signing time: Sat 18 Jan 2025 18:06:49 +0000 ROA not before: Sat 18 Jan 2025 18:06:49 +0000 ROA not after: Mon 01 Dec 2025 00:00:00 +0000 asID: 134520 IP address blocks: 27.122.56.0/24 maxlen: 24 27.122.57.0/24 maxlen: 24 43.239.156.0/22 maxlen: 24 43.251.157.0/24 maxlen: 24 43.251.158.0/24 maxlen: 24 43.251.159.0/24 maxlen: 24 103.1.152.0/24 maxlen: 24 103.1.153.0/24 maxlen: 24 103.1.154.0/24 maxlen: 24 103.10.196.0/24 maxlen: 24 103.10.198.0/24 maxlen: 24 103.35.72.0/22 maxlen: 22 103.35.72.0/24 maxlen: 24 103.35.73.0/24 maxlen: 24 103.35.74.0/24 maxlen: 24 103.35.75.0/24 maxlen: 24 2402:c480:8000::/48 maxlen: 48 2402:c480:9000::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B885C/5C19F842F26711E987C7131FC4F9AE02/U3TG518YYFJFWi2NpSkv7wCcya8.crl rsync://rpki.apnic.net/member_repository/A91B885C/5C19F842F26711E987C7131FC4F9AE02/U3TG518YYFJFWi2NpSkv7wCcya8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U3TG518YYFJFWi2NpSkv7wCcya8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 11 Apr 2025 18:18:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3314 (0xcf2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B885C Validity Not Before: Jan 18 18:06:49 2025 GMT Not After : Dec 1 00:00:00 2025 GMT Subject: CN=678bedb8-ec76 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:df:b7:4d:32:2d:99:8e:f5:22:80:76:20:44: f0:a2:eb:22:e6:75:53:d3:b1:14:e6:01:2c:54:89: 82:23:ed:84:f3:2d:92:72:75:e7:a4:63:1c:24:f3: ea:63:bd:eb:82:b6:f6:00:d6:5d:b7:78:e6:80:3a: f3:61:ea:a6:07:19:db:5c:65:c9:25:e2:1b:8b:fb: 59:ce:6a:8d:99:34:c1:4b:0d:0f:08:52:16:13:d9: 66:1e:ac:da:d0:b6:8e:ed:26:6a:c2:57:95:79:6b: 8d:5e:73:a1:7d:33:70:55:12:50:65:36:24:4c:9f: d0:62:6f:be:5e:52:4d:af:2c:41:cf:c0:31:20:0d: f1:41:71:cb:2e:51:f0:d9:52:16:c6:11:d7:0a:87: 64:af:16:74:89:3f:b9:9e:8b:d9:cd:cf:39:8e:34: 4d:25:f2:14:f9:1a:84:30:33:7d:45:df:55:49:b0: 16:67:02:68:8e:14:1c:4f:4e:4b:c5:8b:bf:2b:8a: 58:69:9f:ca:83:d0:65:df:2d:22:9c:5f:24:71:1f: 65:49:79:24:ce:40:ab:f7:a6:01:01:49:cf:36:da: 77:e8:68:f6:3b:9c:1a:86:73:c7:f9:57:91:b4:7c: 38:b1:22:21:59:24:8f:e4:56:da:be:b6:64:1c:0d: 5f:e7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F7:08:E8:B9:71:93:BB:21:B7:68:34:A2:E4:81:29:E9:C2:07:BE:EB X509v3 Authority Key Identifier: keyid:53:74:C6:E7:5F:18:60:52:45:5A:2D:8D:A5:29:2F:EF:00:9C:C9:AF X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B885C/5C19F842F26711E987C7131FC4F9AE02/U3TG518YYFJFWi2NpSkv7wCcya8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U3TG518YYFJFWi2NpSkv7wCcya8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B885C/5C19F842F26711E987C7131FC4F9AE02/8BFEF29C3AEA11EC84E6634EC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 27.122.56.0/23 43.239.156.0/22 43.251.157.0-43.251.159.255 103.1.152.0-103.1.154.255 103.10.196.0/24 103.10.198.0/24 103.35.72.0/22 IPv6: 2402:c480:8000::/48 2402:c480:9000::/48 Signature Algorithm: sha256WithRSAEncryption 9d:33:d8:20:ae:51:04:b6:68:4a:75:32:a6:58:fb:17:23:7d: 2e:f2:97:d0:60:c2:84:c5:e7:f5:0f:3f:6f:68:e8:d0:0c:d2: 73:7a:99:ad:9d:1f:e4:41:94:e2:47:e1:ce:49:2a:c0:ad:67: ed:cc:34:53:66:8d:db:57:d5:dc:39:b0:9d:b9:43:03:a1:83: c8:6e:ad:65:05:ff:49:a8:1a:0b:6b:76:96:14:e6:6a:6c:2e: 9e:87:2e:7a:68:da:a9:91:d8:e1:26:33:2d:dc:98:6e:b6:41: a8:3d:43:74:fd:b7:b3:a0:a7:08:2f:71:18:92:02:60:59:62: 48:2c:f0:ed:b2:6a:66:ea:d7:d4:1f:60:28:fe:b3:7b:d0:61: b7:30:77:8e:69:9a:d8:b3:00:64:b8:e4:71:74:c8:60:f2:97: d7:f8:07:9d:b1:b8:86:51:15:1e:4a:fd:c0:9e:75:3a:7b:d7: 20:16:8b:e1:80:23:b2:55:bb:c3:f2:3b:98:99:27:29:81:9b: 18:53:99:4e:ca:a7:ae:ac:65:47:32:27:97:b7:b6:5b:61:de: c2:74:53:6a:b2:29:09:4e:bd:f3:b5:80:50:17:9b:58:bf:df: 24:86:bb:c7:f7:da:0a:05:19:33:9a:82:53:43:af:fe:d1:bc: 99:57:ac:16 -----BEGIN CERTIFICATE----- MIIFvzCCBKegAwIBAgICDPIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Qjg4NUMxMTAvBgNVBAUTKDUzNzRDNkU3NUYxODYwNTI0NTVBMkQ4REE1MjkyRkVG MDA5Q0M5QUYwHhcNMjUwMTE4MTgwNjQ5WhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD VQQDEw02NzhiZWRiOC1lYzc2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAod+3TTItmY71IoB2IETwousi5nVT07EU5gEsVImCI+2E8y2ScnXnpGMcJPPq Y73rgrb2ANZdt3jmgDrzYeqmBxnbXGXJJeIbi/tZzmqNmTTBSw0PCFIWE9lmHqza 0LaO7SZqwleVeWuNXnOhfTNwVRJQZTYkTJ/QYm++XlJNryxBz8AxIA3xQXHLLlHw 2VIWxhHXCodkrxZ0iT+5novZzc85jjRNJfIU+RqEMDN9Rd9VSbAWZwJojhQcT05L xYu/K4pYaZ/Kg9Bl3y0inF8kcR9lSXkkzkCr96YBAUnPNtp36Gj2O5wahnPH+VeR tHw4sSIhWSSP5FbavrZkHA1f5wIDAQABo4IC4zCCAt8wHQYDVR0OBBYEFPcI6Llx k7sht2g0ouSBKenCB77rMB8GA1UdIwQYMBaAFFN0xudfGGBSRVotjaUpL+8AnMmv MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCODg1Qy81QzE5Rjg0MkYy NjcxMUU5ODdDNzEzMUZDNEY5QUUwMi9VM1RHNTE4WVlGSkZXaTJOcFNrdjd3Q2N5 YTguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1UzVEc1MThZWUZKRldpMk5wU2t2N3dDY3lhOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx Qjg4NUMvNUMxOUY4NDJGMjY3MTFFOTg3QzcxMzFGQzRGOUFFMDIvOEJGRUYyOUMz QUVBMTFFQzg0RTY2MzRFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwbQYIKwYBBQUHAQcBAf8E XjBcMEAEAgABMDoDBAEbejgDBAIr75wwDAMEACv7nQMEBSv7gDAMAwQDZwGYAwQA ZwGaAwQAZwrEAwQAZwrGAwQCZyNIMBgEAgACMBIDBwAkAsSAgAADBwAkAsSAkAAw DQYJKoZIhvcNAQELBQADggEBAJ0z2CCuUQS2aEp1MqZY+xcjfS7yl9BgwoTF5/UP P29o6NAM0nN6ma2dH+RBlOJH4c5JKsCtZ+3MNFNmjdtX1dw5sJ25QwOhg8hurWUF /0moGgtrdpYU5mpsLp6HLnpo2qmR2OEmMy3cmG62Qag9Q3T9t7OgpwgvcRiSAmBZ Ykgs8O2yambq19QfYCj+s3vQYbcwd45pmtizAGS45HF0yGDyl9f4B52xuIZRFR5K /cCedTp71yAWi+GAI7JVu8PyO5iZJymBmxhTmU7Kp66sZUcyJ5e3tlth3sJ0U2qy KQlOvfO1gFAXm1i/3ySGu8f32goFGTOaglNDr/7RvJlXrBY= -----END CERTIFICATE-----Generated at Sun Apr 6 01:25:56 2025 by rpki-client