$ rpki-client -vvf rpki.apnic.net/member_repository/A91D41AC/2445BCE2E93F11EF8DF1E035C4F9AE02/685B8598EE5711EFB6D57660C4F9AE02.roa File: 685B8598EE5711EFB6D57660C4F9AE02.roa (raw, json) Hash identifier: 2ByPgzEPC85mGN14iqcQMrmFSzyBoiAoV4LILjdSwYs= Subject key identifier: CC:38:24:94:1A:38:79:9A:C5:80:7F:D4:03:F9:D7:9A:16:48:BD:7C Certificate issuer: /CN=A91D41AC/serialNumber=BF98688E98B01E84D7366F67864CE8F3EBBD4377 Certificate serial: 1A Authority key identifier: BF:98:68:8E:98:B0:1E:84:D7:36:6F:67:86:4C:E8:F3:EB:BD:43:77 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/v5hojpiwHoTXNm9nhkzo8-u9Q3c.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D41AC/2445BCE2E93F11EF8DF1E035C4F9AE02/685B8598EE5711EFB6D57660C4F9AE02.roa Signing time: Wed 19 Feb 2025 00:27:51 +0000 ROA not before: Wed 19 Feb 2025 00:27:51 +0000 ROA not after: Thu 28 May 2026 00:00:00 +0000 asID: 9336 IP address blocks: 27.113.240.0/21 maxlen: 24 45.64.56.0/22 maxlen: 24 45.113.244.0/22 maxlen: 24 103.18.124.0/22 maxlen: 24 103.53.200.0/22 maxlen: 24 103.233.224.0/22 maxlen: 24 118.127.96.0/19 maxlen: 24 121.200.208.0/22 maxlen: 24 121.200.214.0/23 maxlen: 24 202.90.48.0/21 maxlen: 21 203.153.192.0/20 maxlen: 24 218.185.232.0/21 maxlen: 24 2403:3600::/32 maxlen: 33 2403:3600::/33 maxlen: 40 2403:3600:8000::/34 maxlen: 34 2403:3600:8000::/35 maxlen: 37 2403:3600:8000::/36 maxlen: 40 2403:3600:9000::/37 maxlen: 40 2403:3600:9800::/38 maxlen: 38 2403:3600:9800::/39 maxlen: 39 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D41AC/2445BCE2E93F11EF8DF1E035C4F9AE02/v5hojpiwHoTXNm9nhkzo8-u9Q3c.crl rsync://rpki.apnic.net/member_repository/A91D41AC/2445BCE2E93F11EF8DF1E035C4F9AE02/v5hojpiwHoTXNm9nhkzo8-u9Q3c.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/v5hojpiwHoTXNm9nhkzo8-u9Q3c.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 10 Apr 2025 07:08:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 26 (0x1a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D41AC Validity Not Before: Feb 19 00:27:51 2025 GMT Not After : May 28 00:00:00 2026 GMT Subject: CN=67b52587-3731 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:05:90:22:2b:70:3b:a8:2b:66:95:89:e5:3e: 83:c2:dc:1d:ce:22:d3:c1:79:6b:9e:89:79:84:ff: 21:9e:96:f7:a9:0a:33:98:84:9a:3f:9c:43:62:e6: 80:c9:21:e6:a7:7b:cb:bc:34:0c:6c:f9:84:eb:fb: 10:db:34:9c:f7:a3:b0:18:81:ec:a8:ef:61:7d:f3: 20:d6:1a:bb:b1:8d:f8:8e:fb:ad:84:4f:bb:73:01: a7:22:eb:85:8e:3d:3f:c7:8f:43:fe:6c:e8:ed:7b: ec:8e:a9:fa:1c:b1:70:d4:12:a7:35:fe:e8:a6:6a: 3f:e6:01:16:16:73:0d:5d:a8:0f:2a:d1:37:d2:7d: 36:2f:3a:62:09:1a:8a:69:b8:2e:53:55:13:8d:f7: 8b:41:b5:15:e5:e5:49:60:77:82:f2:f0:9d:7e:76: 92:8f:82:19:64:23:84:83:dd:a1:bb:d0:2a:13:62: cc:b4:66:53:e7:41:fb:a4:f2:2e:3d:7e:d8:67:b7: 12:1c:a7:c6:32:93:77:1a:ff:66:5c:ef:0a:43:79: 3c:8f:f1:f0:86:60:24:f1:8c:66:9f:ff:99:c5:a9: 12:dd:a0:2b:1d:13:33:83:a3:18:56:c1:6c:1c:1e: c2:03:93:c1:ee:a1:a4:60:4d:b7:2e:6a:f4:8f:3e: d6:d1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CC:38:24:94:1A:38:79:9A:C5:80:7F:D4:03:F9:D7:9A:16:48:BD:7C X509v3 Authority Key Identifier: keyid:BF:98:68:8E:98:B0:1E:84:D7:36:6F:67:86:4C:E8:F3:EB:BD:43:77 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D41AC/2445BCE2E93F11EF8DF1E035C4F9AE02/v5hojpiwHoTXNm9nhkzo8-u9Q3c.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/v5hojpiwHoTXNm9nhkzo8-u9Q3c.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D41AC/2445BCE2E93F11EF8DF1E035C4F9AE02/685B8598EE5711EFB6D57660C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 27.113.240.0/21 45.64.56.0/22 45.113.244.0/22 103.18.124.0/22 103.53.200.0/22 103.233.224.0/22 118.127.96.0/19 121.200.208.0/22 121.200.214.0/23 202.90.48.0/21 203.153.192.0/20 218.185.232.0/21 IPv6: 2403:3600::/32 Signature Algorithm: sha256WithRSAEncryption 48:1b:5f:20:72:b1:ab:8c:d1:13:ff:cd:f9:85:d7:20:92:54: 7a:5a:00:f2:51:1b:69:06:e6:29:c9:21:f7:c0:a8:21:a2:5f: 19:f1:44:1c:78:94:01:b6:d3:65:87:12:b5:6a:62:f5:17:f9: a1:66:22:a4:4e:f3:30:d0:8a:b8:f2:c4:cb:61:7c:91:b3:c9: fb:5b:76:d5:a1:e3:e4:fb:ce:89:75:b3:72:e1:bd:7d:dc:1f: 2f:db:56:a2:55:6a:de:5a:f2:4b:4f:00:8e:11:6f:10:76:9d: cb:96:e8:c2:57:20:15:ff:b2:f6:56:bc:98:c1:f9:54:e7:aa: a5:2f:31:b0:b5:58:8a:74:4f:b9:50:e4:9f:cd:50:25:ef:93: 74:fe:cb:f0:6b:fa:dd:c3:b4:34:17:7b:15:a4:08:65:96:10: a0:2e:53:77:93:6e:ce:f3:18:df:83:29:8c:44:0e:9c:c3:2d: ce:d1:80:ab:f7:e6:ff:25:74:80:73:b0:1b:dc:c2:12:73:7e: a9:e9:ea:50:4d:60:3d:f9:f9:0d:a0:95:79:f1:34:23:51:54: b0:f9:43:b9:89:c9:fc:75:fc:ec:15:da:a8:1d:6c:e6:6f:ee: 21:64:ed:28:f0:1f:23:85:4d:51:3e:c9:dd:27:0b:8c:98:7b: 07:58:71:f7 -----BEGIN CERTIFICATE----- MIIFwTCCBKmgAwIBAgIBGjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFE NDFBQzExMC8GA1UEBRMoQkY5ODY4OEU5OEIwMUU4NEQ3MzY2RjY3ODY0Q0U4RjNF QkJENDM3NzAeFw0yNTAyMTkwMDI3NTFaFw0yNjA1MjgwMDAwMDBaMBgxFjAUBgNV BAMTDTY3YjUyNTg3LTM3MzEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCyBZAiK3A7qCtmlYnlPoPC3B3OItPBeWueiXmE/yGelvepCjOYhJo/nENi5oDJ Ieane8u8NAxs+YTr+xDbNJz3o7AYgeyo72F98yDWGruxjfiO+62ET7tzAaci64WO PT/Hj0P+bOjte+yOqfocsXDUEqc1/uimaj/mARYWcw1dqA8q0TfSfTYvOmIJGopp uC5TVRON94tBtRXl5Ulgd4Ly8J1+dpKPghlkI4SD3aG70CoTYsy0ZlPnQfuk8i49 fthntxIcp8Yyk3ca/2Zc7wpDeTyP8fCGYCTxjGaf/5nFqRLdoCsdEzODoxhWwWwc HsIDk8HuoaRgTbcuavSPPtbRAgMBAAGjggLmMIIC4jAdBgNVHQ4EFgQUzDgklBo4 eZrFgH/UA/nXmhZIvXwwHwYDVR0jBBgwFoAUv5hojpiwHoTXNm9nhkzo8+u9Q3cw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUQ0MUFDLzI0NDVCQ0UyRTkz RjExRUY4REYxRTAzNUM0RjlBRTAyL3Y1aG9qcGl3SG9UWE5tOW5oa3pvOC11OVEz Yy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvdjVob2pwaXdIb1RYTm05bmhrem84LXU5UTNjLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE NDFBQy8yNDQ1QkNFMkU5M0YxMUVGOERGMUUwMzVDNEY5QUUwMi82ODVCODU5OEVF NTcxMUVGQjZENTc2NjBDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDBwBggrBgEFBQcBBwEB/wRh MF8wTgQCAAEwSAMEAxtx8AMEAi1AOAMEAi1x9AMEAmcSfAMEAmc1yAMEAmfp4AME BXZ/YAMEAnnI0AMEAXnI1gMEA8paMAMEBMuZwAMEA9q56DANBAIAAjAHAwUAJAM2 ADANBgkqhkiG9w0BAQsFAAOCAQEASBtfIHKxq4zRE//N+YXXIJJUeloA8lEbaQbm Kckh98CoIaJfGfFEHHiUAbbTZYcStWpi9Rf5oWYipE7zMNCKuPLEy2F8kbPJ+1t2 1aHj5PvOiXWzcuG9fdwfL9tWolVq3lryS08AjhFvEHady5bowlcgFf+y9la8mMH5 VOeqpS8xsLVYinRPuVDkn81QJe+TdP7L8Gv63cO0NBd7FaQIZZYQoC5Td5NuzvMY 34MpjEQOnMMtztGAq/fm/yV0gHOwG9zCEnN+qenqUE1gPfn5DaCVefE0I1FUsPlD uYnJ/HX87BXaqB1s5m/uIWTtKPAfI4VNUT7J3ScLjJh7B1hx9w== -----END CERTIFICATE-----Generated at Sat Apr 5 01:55:04 2025 by rpki-client