$ rpki-client -vvf rpki.apnic.net/member_repository/A91AA48F/8C81A8561D8D11E2866C50EB08B02CD2/21C0B7E23BD311F0B1BF6C56C4F9AE02.roa File: 21C0B7E23BD311F0B1BF6C56C4F9AE02.roa (raw, json) Hash identifier: B6iIcDp1e+xSTCgDaU39YslsY3oYKHC1G8nj3LY3fyg= Subject key identifier: A4:15:CB:1F:FA:F0:04:32:90:73:D2:07:5A:CA:AF:E5:FC:AB:5D:75 Certificate issuer: /CN=A91AA48F/serialNumber=BE0E7A890F7281C654632E8BE80EBBF9FFB56503 Certificate serial: 34D0 Authority key identifier: BE:0E:7A:89:0F:72:81:C6:54:63:2E:8B:E8:0E:BB:F9:FF:B5:65:03 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vg56iQ9ygcZUYy6L6A67-f-1ZQM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91AA48F/8C81A8561D8D11E2866C50EB08B02CD2/21C0B7E23BD311F0B1BF6C56C4F9AE02.roa Signing time: Wed 28 May 2025 14:50:44 +0000 ROA not before: Wed 28 May 2025 14:50:44 +0000 ROA not after: Fri 31 Oct 2025 00:00:00 +0000 asID: 3758 IP address blocks: 111.65.100.0/24 maxlen: 24 111.65.101.0/24 maxlen: 24 111.65.102.0/23 maxlen: 23 111.65.104.0/21 maxlen: 22 111.65.112.0/20 maxlen: 20 202.78.52.0/22 maxlen: 22 202.78.55.0/24 maxlen: 24 2400:1c00:13::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91AA48F/8C81A8561D8D11E2866C50EB08B02CD2/vg56iQ9ygcZUYy6L6A67-f-1ZQM.crl rsync://rpki.apnic.net/member_repository/A91AA48F/8C81A8561D8D11E2866C50EB08B02CD2/vg56iQ9ygcZUYy6L6A67-f-1ZQM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vg56iQ9ygcZUYy6L6A67-f-1ZQM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 09 Jun 2025 14:39:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13520 (0x34d0) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91AA48F, serialNumber=BE0E7A890F7281C654632E8BE80EBBF9FFB56503 Validity Not Before: May 28 14:50:44 2025 GMT Not After : Oct 31 00:00:00 2025 GMT Subject: CN=683722c4-7cf5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:25:5d:76:70:dc:69:65:2e:89:73:9a:0b:42: 25:80:c8:86:18:33:4e:74:8e:2b:6d:0b:cf:5e:04: 6f:ae:bb:d2:61:db:d5:0a:99:a9:97:12:26:aa:51: f7:6f:86:4d:63:9b:6c:18:8c:1d:dd:5b:d6:1c:fd: c8:59:2d:4f:48:e1:d1:3d:95:e2:a4:eb:47:a7:22: 7d:b1:02:91:86:ef:5a:9a:32:cd:cf:3e:48:30:62: 23:19:f7:6b:11:95:63:41:ff:cd:5e:c7:0a:f7:44: 9b:d8:6c:b9:f8:a5:20:c1:7f:5e:4f:21:7c:7c:cf: 96:90:4d:07:70:11:34:e7:f1:ee:26:8a:ec:83:d1: c2:98:74:6b:a0:72:89:f0:12:c1:33:20:44:15:c4: 05:74:ec:58:aa:97:ab:88:f4:dc:a8:31:68:d3:b2: 5e:03:b3:bf:bb:3a:9a:89:ef:56:89:cc:a4:0b:b6: 53:fa:51:af:cd:d5:f7:56:e4:cf:4a:0a:c4:10:b8: 4f:71:66:fb:95:43:33:b9:97:fc:b8:49:f2:82:90: 31:e8:28:63:30:a7:31:df:6d:4f:7e:6e:69:64:ec: fa:10:3e:93:bd:c8:b5:ae:e9:26:7c:c8:62:d9:25: c9:a8:26:42:1d:07:0a:79:e4:1a:7c:d7:cf:04:37: a7:5f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A4:15:CB:1F:FA:F0:04:32:90:73:D2:07:5A:CA:AF:E5:FC:AB:5D:75 X509v3 Authority Key Identifier: keyid:BE:0E:7A:89:0F:72:81:C6:54:63:2E:8B:E8:0E:BB:F9:FF:B5:65:03 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91AA48F/8C81A8561D8D11E2866C50EB08B02CD2/vg56iQ9ygcZUYy6L6A67-f-1ZQM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vg56iQ9ygcZUYy6L6A67-f-1ZQM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AA48F/8C81A8561D8D11E2866C50EB08B02CD2/21C0B7E23BD311F0B1BF6C56C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 111.65.100.0-111.65.127.255 202.78.52.0/22 IPv6: 2400:1c00:13::/48 Signature Algorithm: sha256WithRSAEncryption 53:5d:45:79:93:c1:b0:e8:de:16:cf:c2:24:67:b0:f8:02:c5: bd:8c:f2:e3:66:05:e6:fa:39:6e:94:c4:87:07:d6:70:a1:46: 17:9f:d2:e0:14:8a:2e:d8:62:53:c9:be:d9:cc:8a:fa:55:0f: e7:77:e8:b7:f9:b6:f9:a0:e1:48:fd:ba:76:26:d4:ad:ac:0b: 44:1b:6b:35:d9:95:ff:c8:4d:84:f7:6b:0c:2b:d5:3c:a9:38: 38:1f:2c:b4:b1:cc:b6:22:14:15:9c:7a:a8:a1:47:42:cc:c7: 35:02:2a:da:71:ee:43:42:f0:1f:63:64:45:88:ed:3f:68:0b: 59:09:4d:73:f4:50:f2:73:56:25:8d:7e:c0:18:60:61:34:5b: f2:85:f7:b1:19:17:aa:10:b0:66:69:7b:89:f5:b7:c0:df:ff: 24:da:f4:45:82:83:ab:55:b4:c1:9b:aa:88:11:02:2d:1b:e0: 7f:5b:6a:34:70:fb:48:17:41:8e:cd:f4:bf:bc:ca:78:22:db: 72:5d:78:ed:f8:91:36:52:23:9e:b4:25:70:b6:70:9a:a5:3a: 6c:bd:84:e3:e5:c7:60:4f:95:af:32:54:2c:fb:04:42:0d:6d: b2:e9:cc:f5:03:f9:8b:41:0d:ae:fb:f9:dc:32:64:3d:90:61: 0a:e4:8f:89 -----BEGIN CERTIFICATE----- MIIFkDCCBHigAwIBAgICNNAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QUE0OEYxMTAvBgNVBAUTKEJFMEU3QTg5MEY3MjgxQzY1NDYzMkU4QkU4MEVCQkY5 RkZCNTY1MDMwHhcNMjUwNTI4MTQ1MDQ0WhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD VQQDEw02ODM3MjJjNC03Y2Y1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvCVddnDcaWUuiXOaC0IlgMiGGDNOdI4rbQvPXgRvrrvSYdvVCpmplxImqlH3 b4ZNY5tsGIwd3VvWHP3IWS1PSOHRPZXipOtHpyJ9sQKRhu9amjLNzz5IMGIjGfdr EZVjQf/NXscK90Sb2Gy5+KUgwX9eTyF8fM+WkE0HcBE05/HuJorsg9HCmHRroHKJ 8BLBMyBEFcQFdOxYqperiPTcqDFo07JeA7O/uzqaie9WicykC7ZT+lGvzdX3VuTP SgrEELhPcWb7lUMzuZf8uEnygpAx6ChjMKcx321Pfm5pZOz6ED6Tvci1rukmfMhi 2SXJqCZCHQcKeeQafNfPBDenXwIDAQABo4ICtDCCArAwHQYDVR0OBBYEFKQVyx/6 8AQykHPSB1rKr+X8q111MB8GA1UdIwQYMBaAFL4OeokPcoHGVGMui+gOu/n/tWUD MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBQTQ4Ri84QzgxQTg1NjFE OEQxMUUyODY2QzUwRUIwOEIwMkNEMi92ZzU2aVE5eWdjWlVZeTZMNkE2Ny1mLTFa UU0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3ZnNTZpUTl5Z2NaVVl5Nkw2QTY3LWYtMVpRTS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QUE0OEYvOEM4MUE4NTYxRDhEMTFFMjg2NkM1MEVCMDhCMDJDRDIvMjFDMEI3RTIz QkQzMTFGMEIxQkY2QzU2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwPgYIKwYBBQUHAQcBAf8E LzAtMBoEAgABMBQwDAMEAm9BZAMEB29BAAMEAspONDAPBAIAAjAJAwcAJAAcAAAT MA0GCSqGSIb3DQEBCwUAA4IBAQBTXUV5k8Gw6N4Wz8IkZ7D4AsW9jPLjZgXm+jlu lMSHB9ZwoUYXn9LgFIou2GJTyb7ZzIr6VQ/nd+i3+bb5oOFI/bp2JtStrAtEG2s1 2ZX/yE2E92sMK9U8qTg4Hyy0scy2IhQVnHqooUdCzMc1Airace5DQvAfY2RFiO0/ aAtZCU1z9FDyc1YljX7AGGBhNFvyhfexGReqELBmaXuJ9bfA3/8k2vRFgoOrVbTB m6qIEQItG+B/W2o0cPtIF0GOzfS/vMp4IttyXXjt+JE2UiOetCVwtnCapTpsvYTj 5cdgT5WvMlQs+wRCDW2y6cz1A/mLQQ2u+/ncMmQ9kGEK5I+J -----END CERTIFICATE-----Generated at Tue Jun 3 23:45:18 2025 by rpki-client