$ rpki-client -vvf rpki.apnic.net/member_repository/A91BD000/E6602ED20DB411EABA5C1D7FC4F9AE02/A55C1282ACA311EFBA427354C4F9AE02.roa File: A55C1282ACA311EFBA427354C4F9AE02.roa (raw, json) Hash identifier: xR90gNQMnqZeX9/Y9edNzOkrUxu48WORxv+O+Po63Y4= Subject key identifier: E5:DC:2F:74:51:DE:17:D4:BB:7E:1B:46:A2:B8:B0:11:9C:37:37:B1 Certificate issuer: /CN=A91BD000/serialNumber=40E96CAEB19D41E0DAD652F435AD08E7AE809EF9 Certificate serial: 0C20 Authority key identifier: 40:E9:6C:AE:B1:9D:41:E0:DA:D6:52:F4:35:AD:08:E7:AE:80:9E:F9 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QOlsrrGdQeDa1lL0Na0I566Anvk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91BD000/E6602ED20DB411EABA5C1D7FC4F9AE02/A55C1282ACA311EFBA427354C4F9AE02.roa Signing time: Tue 20 May 2025 19:13:49 +0000 ROA not before: Tue 20 May 2025 19:13:49 +0000 ROA not after: Thu 30 Jul 2026 00:00:00 +0000 asID: 58912 IP address blocks: 45.124.12.0/22 maxlen: 24 103.25.80.0/22 maxlen: 24 2407:9ac0::/32 maxlen: 32 2407:9ac0::/36 maxlen: 36 2407:9ac0:1000::/36 maxlen: 36 2407:9ac0:2000::/36 maxlen: 36 2407:9ac0:3000::/36 maxlen: 36 2407:9ac0:4000::/36 maxlen: 36 2407:9ac0:5000::/36 maxlen: 36 2407:9ac0:6000::/36 maxlen: 36 2407:9ac0:7000::/36 maxlen: 36 2407:9ac0:8000::/36 maxlen: 36 2407:9ac0:9000::/36 maxlen: 36 2407:9ac0:a000::/36 maxlen: 36 2407:9ac0:b000::/36 maxlen: 36 2407:9ac0:c000::/36 maxlen: 36 2407:9ac0:d000::/36 maxlen: 36 2407:9ac0:e000::/36 maxlen: 36 2407:9ac0:f000::/36 maxlen: 36 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91BD000/E6602ED20DB411EABA5C1D7FC4F9AE02/QOlsrrGdQeDa1lL0Na0I566Anvk.crl rsync://rpki.apnic.net/member_repository/A91BD000/E6602ED20DB411EABA5C1D7FC4F9AE02/QOlsrrGdQeDa1lL0Na0I566Anvk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QOlsrrGdQeDa1lL0Na0I566Anvk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 15 Jun 2025 18:26:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3104 (0xc20) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91BD000, serialNumber=40E96CAEB19D41E0DAD652F435AD08E7AE809EF9 Validity Not Before: May 20 19:13:49 2025 GMT Not After : Jul 30 00:00:00 2026 GMT Subject: CN=682cd46d-e608 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:ae:a6:07:78:40:d1:f3:c9:49:59:a1:28:da: 04:49:ed:86:a5:f6:06:77:5a:41:e9:1f:da:86:e5: 4f:45:75:a1:bf:fe:89:62:9c:64:0e:55:63:45:03: d4:f7:f3:73:40:2a:d4:39:21:c6:ee:71:e2:cf:3f: f4:e2:83:3e:d0:60:63:3d:ab:9e:72:ac:24:49:87: 75:8a:ac:17:99:98:e9:51:0b:65:ec:19:ec:90:65: 38:07:66:75:75:6b:b2:92:f3:89:14:17:d9:4f:c9: 0d:82:aa:91:89:b8:39:cb:05:fa:0b:d1:02:30:31: 79:43:7d:ab:eb:e2:ee:c4:42:49:2f:a5:c2:00:22: 6d:55:dc:6d:27:ce:85:96:fb:0f:3f:5c:cc:12:d2: 00:08:51:a1:57:8f:0b:86:20:90:c9:34:df:aa:aa: d9:fd:e3:91:5d:65:95:61:f7:4f:a4:a3:da:3b:7f: 8c:ba:20:c7:64:89:9e:6e:e0:79:e2:0c:a4:96:ff: 74:e7:dc:a4:d2:27:23:71:9e:3b:6f:1f:80:d1:4b: 12:18:6e:47:21:78:80:38:14:67:c8:3e:20:ff:a6: 6a:b8:4b:55:2d:0d:67:9a:76:23:3e:27:51:bd:a9: c1:b1:e5:91:07:cb:cb:fe:4e:85:9f:0e:dc:9d:6a: 04:43 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E5:DC:2F:74:51:DE:17:D4:BB:7E:1B:46:A2:B8:B0:11:9C:37:37:B1 X509v3 Authority Key Identifier: keyid:40:E9:6C:AE:B1:9D:41:E0:DA:D6:52:F4:35:AD:08:E7:AE:80:9E:F9 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91BD000/E6602ED20DB411EABA5C1D7FC4F9AE02/QOlsrrGdQeDa1lL0Na0I566Anvk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QOlsrrGdQeDa1lL0Na0I566Anvk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BD000/E6602ED20DB411EABA5C1D7FC4F9AE02/A55C1282ACA311EFBA427354C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 45.124.12.0/22 103.25.80.0/22 IPv6: 2407:9ac0::/32 Signature Algorithm: sha256WithRSAEncryption 35:e6:66:8d:d5:21:c0:cb:e7:09:d2:52:73:1f:bb:ca:54:fa: 9c:f9:99:74:7f:d6:a0:cf:0f:5e:38:35:9d:31:e9:f4:1b:e2: 3e:26:88:21:38:bc:cc:2e:d0:7d:df:f9:d2:e1:4c:60:91:11: 5a:24:d6:d6:cf:2a:81:d1:0f:9c:12:6a:ad:57:c5:ef:b7:6d: f8:d7:29:06:4b:d7:23:cc:f5:25:cd:a7:a1:48:c9:fb:6c:8b: ff:93:38:8e:09:02:10:51:bb:96:d5:c3:2f:eb:b9:ea:b7:71: 12:6a:dc:97:37:37:50:7a:13:b3:67:2f:e5:02:26:1b:fc:80: 39:2e:45:e4:f7:52:cc:3f:81:80:44:b6:42:38:23:84:be:09: 02:d7:af:e7:d2:f6:bb:a7:ac:41:73:ba:d6:20:99:4a:ec:c4: 83:de:29:3c:46:54:be:3b:dc:fa:75:a7:19:c0:df:cf:6c:74: b1:f5:a0:96:ee:0d:8e:da:aa:df:10:a1:b8:b4:86:7b:da:e2: 67:27:78:b6:99:87:a6:94:1c:41:58:72:20:14:a6:3a:40:19: b6:d1:6d:da:a5:4d:1b:eb:4f:36:5d:13:6a:bd:cf:92:b9:4b: 49:3a:84:51:91:fb:42:e7:8f:fe:ea:10:5c:b6:81:d8:ac:ea: fc:33:56:26 -----BEGIN CERTIFICATE----- MIIFhjCCBG6gAwIBAgICDCAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QkQwMDAxMTAvBgNVBAUTKDQwRTk2Q0FFQjE5RDQxRTBEQUQ2NTJGNDM1QUQwOEU3 QUU4MDlFRjkwHhcNMjUwNTIwMTkxMzQ5WhcNMjYwNzMwMDAwMDAwWjAYMRYwFAYD VQQDEw02ODJjZDQ2ZC1lNjA4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA1a6mB3hA0fPJSVmhKNoESe2GpfYGd1pB6R/ahuVPRXWhv/6JYpxkDlVjRQPU 9/NzQCrUOSHG7nHizz/04oM+0GBjPauecqwkSYd1iqwXmZjpUQtl7BnskGU4B2Z1 dWuykvOJFBfZT8kNgqqRibg5ywX6C9ECMDF5Q32r6+LuxEJJL6XCACJtVdxtJ86F lvsPP1zMEtIACFGhV48LhiCQyTTfqqrZ/eORXWWVYfdPpKPaO3+MuiDHZImebuB5 4gyklv9059yk0icjcZ47bx+A0UsSGG5HIXiAOBRnyD4g/6ZquEtVLQ1nmnYjPidR vanBseWRB8vL/k6Fnw7cnWoEQwIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFOXcL3RR 3hfUu34bRqK4sBGcNzexMB8GA1UdIwQYMBaAFEDpbK6xnUHg2tZS9DWtCOeugJ75 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCRDAwMC9FNjYwMkVEMjBE QjQxMUVBQkE1QzFEN0ZDNEY5QUUwMi9RT2xzcnJHZFFlRGExbEwwTmEwSTU2NkFu dmsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1FPbHNyckdkUWVEYTFsTDBOYTBJNTY2QW52ay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QkQwMDAvRTY2MDJFRDIwREI0MTFFQUJBNUMxRDdGQzRGOUFFMDIvQTU1QzEyODJB Q0EzMTFFRkJBNDI3MzU0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E JTAjMBIEAgABMAwDBAItfAwDBAJnGVAwDQQCAAIwBwMFACQHmsAwDQYJKoZIhvcN AQELBQADggEBADXmZo3VIcDL5wnSUnMfu8pU+pz5mXR/1qDPD144NZ0x6fQb4j4m iCE4vMwu0H3f+dLhTGCREVok1tbPKoHRD5wSaq1Xxe+3bfjXKQZL1yPM9SXNp6FI yftsi/+TOI4JAhBRu5bVwy/rueq3cRJq3Jc3N1B6E7NnL+UCJhv8gDkuReT3Usw/ gYBEtkI4I4S+CQLXr+fS9runrEFzutYgmUrsxIPeKTxGVL473Pp1pxnA389sdLH1 oJbuDY7aqt8Qobi0hnva4mcneLaZh6aUHEFYciAUpjpAGbbRbdqlTRvrTzZdE2q9 z5K5S0k6hFGR+0Lnj/7qEFy2gdis6vwzViY= -----END CERTIFICATE-----Generated at Mon Jun 9 21:14:10 2025 by rpki-client