$ rpki-client -vvf rpki.apnic.net/member_repository/A91C0BDE/7E5AC3E0897111EA92402A0AC4F9AE02/2921D24E067C11ED882FC127C4F9AE02.roa File: 2921D24E067C11ED882FC127C4F9AE02.roa (raw, json) Hash identifier: X9FUZvXw3xYym+gKphnPApVeFORX8RZUTOXm3OpSzcU= Subject key identifier: CF:63:13:DA:8A:BB:4B:12:46:B7:AE:CE:1D:D6:4C:96:F9:6A:49:02 Certificate issuer: /CN=A91C0BDE/serialNumber=A4B50BECD8BBA285587128D5919283DBE1690918 Certificate serial: 0913 Authority key identifier: A4:B5:0B:EC:D8:BB:A2:85:58:71:28:D5:91:92:83:DB:E1:69:09:18 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pLUL7Ni7ooVYcSjVkZKD2-FpCRg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C0BDE/7E5AC3E0897111EA92402A0AC4F9AE02/2921D24E067C11ED882FC127C4F9AE02.roa Signing time: Fri 30 May 2025 20:57:09 +0000 ROA not before: Fri 30 May 2025 20:57:09 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 134806 IP address blocks: 114.129.12.0/22 maxlen: 22 114.129.12.0/24 maxlen: 24 114.129.13.0/24 maxlen: 24 114.129.14.0/24 maxlen: 24 114.129.15.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C0BDE/7E5AC3E0897111EA92402A0AC4F9AE02/pLUL7Ni7ooVYcSjVkZKD2-FpCRg.crl rsync://rpki.apnic.net/member_repository/A91C0BDE/7E5AC3E0897111EA92402A0AC4F9AE02/pLUL7Ni7ooVYcSjVkZKD2-FpCRg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pLUL7Ni7ooVYcSjVkZKD2-FpCRg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 20:09:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2323 (0x913) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C0BDE, serialNumber=A4B50BECD8BBA285587128D5919283DBE1690918 Validity Not Before: May 30 20:57:09 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=683a1ba5-46a6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f0:72:67:e1:c7:2a:fa:76:2f:9c:9a:9f:bf:81: 60:68:2d:fd:99:62:b4:e2:af:cf:3c:96:23:03:c6: 56:ef:50:44:30:b6:22:60:14:0f:4e:de:59:af:c7: 0a:33:0a:f9:6f:cb:6d:36:8f:09:43:24:9f:e7:c7: d9:ea:3a:02:39:dc:d5:c2:9c:ea:70:3e:d0:09:c9: 1b:52:7d:e6:ed:77:b2:db:fc:5e:12:82:85:d0:be: ff:32:c5:38:36:90:61:02:fe:00:f7:6d:21:4a:a3: b0:56:fc:fd:90:3c:9b:db:c6:17:9d:08:e3:f1:ad: ca:c4:97:f3:48:86:0d:5b:bb:fe:07:32:7d:6a:64: 5f:aa:9b:77:c0:6b:4f:51:fe:38:37:17:48:9e:40: 81:53:e3:b8:4c:b2:dd:26:c7:b4:a0:a1:67:c4:91: be:e3:05:3f:e5:91:6f:10:8f:01:a5:0b:e2:86:c3: c1:1e:77:fb:c1:e3:6d:7b:af:74:6d:d4:2e:a3:87: bc:88:72:c3:82:62:dd:b8:c5:23:11:39:70:f8:dc: 00:f5:2d:07:13:51:0f:48:e8:37:7f:3f:b7:f4:8b: a7:19:31:39:1c:53:2d:6e:b7:25:3a:f9:18:cf:fd: 4a:b7:f8:a5:11:f8:30:e6:cb:26:5b:a8:1e:c2:ad: e7:a3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CF:63:13:DA:8A:BB:4B:12:46:B7:AE:CE:1D:D6:4C:96:F9:6A:49:02 X509v3 Authority Key Identifier: keyid:A4:B5:0B:EC:D8:BB:A2:85:58:71:28:D5:91:92:83:DB:E1:69:09:18 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C0BDE/7E5AC3E0897111EA92402A0AC4F9AE02/pLUL7Ni7ooVYcSjVkZKD2-FpCRg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pLUL7Ni7ooVYcSjVkZKD2-FpCRg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C0BDE/7E5AC3E0897111EA92402A0AC4F9AE02/2921D24E067C11ED882FC127C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 114.129.12.0/22 Signature Algorithm: sha256WithRSAEncryption 11:bd:b4:9d:8d:35:9b:64:0c:29:50:ec:a7:67:40:a7:e7:f8: d6:55:43:2f:2c:ee:5a:9a:55:63:e5:64:bd:32:5c:46:00:ed: 6b:11:bc:ce:59:dc:74:c2:0f:f7:10:eb:e0:06:51:7e:bc:13: 6b:52:52:39:84:0b:74:ab:76:1f:44:b5:2b:b6:30:e6:b0:d5: 32:da:d5:cb:9d:9d:ce:f9:ab:ab:07:bf:a9:73:73:9a:55:9e: 65:25:a8:38:c9:87:f9:74:0f:bc:d5:34:4b:d0:0d:d2:f6:ea: d2:7f:a0:92:34:5e:f0:ca:1b:03:22:9d:aa:11:7b:1c:8f:66: 3d:6c:43:a5:db:c6:96:6a:02:8b:b8:0c:b3:36:62:3b:1c:04: 50:ee:22:07:18:e8:97:bd:b8:6f:64:f1:22:bf:ad:38:bf:06: 83:0e:1d:ff:83:6a:f7:c6:2d:df:32:ac:63:d3:ad:05:e3:f6: 7b:b3:52:42:9f:fd:80:9c:9b:4a:7b:6e:2f:19:99:9e:3b:d7: b0:8d:ba:75:a1:3a:dd:a4:d7:0d:27:cf:b6:13:39:8f:62:71: 1f:ca:28:e5:f2:de:05:a2:8f:47:24:70:6e:9d:2e:85:f0:fe: fb:6f:21:a3:af:22:d4:7f:56:23:9c:89:44:91:e1:7e:67:3f: d0:82:f6:4a -----BEGIN CERTIFICATE----- MIIFcTCCBFmgAwIBAgICCRMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QzBCREUxMTAvBgNVBAUTKEE0QjUwQkVDRDhCQkEyODU1ODcxMjhENTkxOTI4M0RC RTE2OTA5MTgwHhcNMjUwNTMwMjA1NzA5WhcNMjYwNzAxMDAwMDAwWjAYMRYwFAYD VQQDEw02ODNhMWJhNS00NmE2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA8HJn4ccq+nYvnJqfv4FgaC39mWK04q/PPJYjA8ZW71BEMLYiYBQPTt5Zr8cK Mwr5b8ttNo8JQySf58fZ6joCOdzVwpzqcD7QCckbUn3m7Xey2/xeEoKF0L7/MsU4 NpBhAv4A920hSqOwVvz9kDyb28YXnQjj8a3KxJfzSIYNW7v+BzJ9amRfqpt3wGtP Uf44NxdInkCBU+O4TLLdJse0oKFnxJG+4wU/5ZFvEI8BpQvihsPBHnf7weNte690 bdQuo4e8iHLDgmLduMUjETlw+NwA9S0HE1EPSOg3fz+39IunGTE5HFMtbrclOvkY z/1Kt/ilEfgw5ssmW6gewq3nowIDAQABo4IClTCCApEwHQYDVR0OBBYEFM9jE9qK u0sSRreuzh3WTJb5akkCMB8GA1UdIwQYMBaAFKS1C+zYu6KFWHEo1ZGSg9vhaQkY MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDMEJERS83RTVBQzNFMDg5 NzExMUVBOTI0MDJBMEFDNEY5QUUwMi9wTFVMN05pN29vVlljU2pWa1pLRDItRnBD UmcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3BMVUw3Tmk3b29WWWNTalZrWktEMi1GcENSZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QzBCREUvN0U1QUMzRTA4OTcxMTFFQTkyNDAyQTBBQzRGOUFFMDIvMjkyMUQyNEUw NjdDMTFFRDg4MkZDMTI3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E EDAOMAwEAgABMAYDBAJygQwwDQYJKoZIhvcNAQELBQADggEBABG9tJ2NNZtkDClQ 7KdnQKfn+NZVQy8s7lqaVWPlZL0yXEYA7WsRvM5Z3HTCD/cQ6+AGUX68E2tSUjmE C3Srdh9EtSu2MOaw1TLa1cudnc75q6sHv6lzc5pVnmUlqDjJh/l0D7zVNEvQDdL2 6tJ/oJI0XvDKGwMinaoRexyPZj1sQ6XbxpZqAou4DLM2YjscBFDuIgcY6Je9uG9k 8SK/rTi/BoMOHf+DavfGLd8yrGPTrQXj9nuzUkKf/YCcm0p7bi8ZmZ4717CNunWh Ot2k1w0nz7YTOY9icR/KKOXy3gWij0ckcG6dLoXw/vtvIaOvItR/ViOciUSR4X5n P9CC9ko= -----END CERTIFICATE-----Generated at Mon Jun 2 07:10:50 2025 by rpki-client