$ rpki-client -vvf rpki.apnic.net/member_repository/A91C3B8A/08C43924384D11EAA4F55B73C4F9AE02/C12380C49B0511EDB2F0BD4EC4F9AE02.roa File: C12380C49B0511EDB2F0BD4EC4F9AE02.roa (raw, json) Hash identifier: ep/NR5+KsXHxM/fL5lTu5X9ahtnO2No4DOGzWzbPKmU= Subject key identifier: AB:C0:45:89:72:B9:FA:F4:C9:24:34:5B:44:C6:78:65:D6:00:95:36 Certificate issuer: /CN=A91C3B8A/serialNumber=4550C69051BAA18AF112DC76B5F5DF9E6B7940D5 Certificate serial: 0B43 Authority key identifier: 45:50:C6:90:51:BA:A1:8A:F1:12:DC:76:B5:F5:DF:9E:6B:79:40:D5 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/RVDGkFG6oYrxEtx2tfXfnmt5QNU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C3B8A/08C43924384D11EAA4F55B73C4F9AE02/C12380C49B0511EDB2F0BD4EC4F9AE02.roa Signing time: Tue 04 Mar 2025 20:27:56 +0000 ROA not before: Tue 04 Mar 2025 20:27:56 +0000 ROA not after: Fri 01 May 2026 00:00:00 +0000 asID: 56111 IP address blocks: 27.121.108.0/22 maxlen: 22 27.121.108.0/23 maxlen: 23 27.121.108.0/24 maxlen: 24 27.121.109.0/24 maxlen: 24 27.121.110.0/23 maxlen: 23 27.121.110.0/24 maxlen: 24 27.121.111.0/24 maxlen: 24 103.229.196.0/23 maxlen: 23 103.229.196.0/24 maxlen: 24 103.229.197.0/24 maxlen: 24 2402:5700::/32 maxlen: 32 2402:5700::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C3B8A/08C43924384D11EAA4F55B73C4F9AE02/RVDGkFG6oYrxEtx2tfXfnmt5QNU.crl rsync://rpki.apnic.net/member_repository/A91C3B8A/08C43924384D11EAA4F55B73C4F9AE02/RVDGkFG6oYrxEtx2tfXfnmt5QNU.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/RVDGkFG6oYrxEtx2tfXfnmt5QNU.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 19 Mar 2025 19:01:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2883 (0xb43) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C3B8A Validity Not Before: Mar 4 20:27:56 2025 GMT Not After : May 1 00:00:00 2026 GMT Subject: CN=67c7624c-0db9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:1f:c1:b3:5d:ea:a9:5c:9a:92:4f:1d:cc:78: 88:53:5a:04:df:f7:61:1e:03:50:da:7f:98:7b:29: ec:14:32:3b:21:80:f3:7b:3f:f0:9b:91:57:10:b0: fd:f5:e5:09:26:8a:ab:77:62:9f:51:cd:4b:95:1d: 01:d6:75:d4:8c:42:06:86:92:f1:e3:f6:c8:53:95: 28:ae:da:e4:b0:a9:54:51:da:83:9d:03:3b:cc:71: 23:65:5b:d1:52:09:54:1a:b0:93:50:3c:36:6f:be: c7:fc:df:9c:d0:30:38:97:d2:76:39:f6:01:52:19: e9:11:f4:8f:ff:e3:5d:d4:a7:79:2a:b7:b8:05:c2: ab:02:6a:01:79:0f:5a:10:6c:6c:33:ad:d4:9c:1a: 22:54:2c:bf:5d:19:73:73:e7:52:0c:54:b0:2c:85: e9:7d:d9:bb:92:71:e6:37:10:ff:a5:f9:ab:cc:dd: 6a:d4:43:9a:4c:2b:23:64:be:09:a4:c6:2a:22:c3: 21:1b:75:6d:3c:dc:68:4b:24:e5:32:46:1a:6f:19: 42:67:c1:26:4d:61:d0:3e:fc:3b:12:f9:bc:7c:eb: 9b:58:61:25:8a:24:3b:1e:51:a7:69:18:6b:a1:ef: 34:ab:60:b6:a7:d7:40:cb:84:d3:19:12:f9:7d:a1: 5a:19 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AB:C0:45:89:72:B9:FA:F4:C9:24:34:5B:44:C6:78:65:D6:00:95:36 X509v3 Authority Key Identifier: keyid:45:50:C6:90:51:BA:A1:8A:F1:12:DC:76:B5:F5:DF:9E:6B:79:40:D5 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C3B8A/08C43924384D11EAA4F55B73C4F9AE02/RVDGkFG6oYrxEtx2tfXfnmt5QNU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/RVDGkFG6oYrxEtx2tfXfnmt5QNU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C3B8A/08C43924384D11EAA4F55B73C4F9AE02/C12380C49B0511EDB2F0BD4EC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 27.121.108.0/22 103.229.196.0/23 IPv6: 2402:5700::/32 Signature Algorithm: sha256WithRSAEncryption 2b:7a:be:9f:14:1f:07:89:cd:b3:98:05:bf:2d:4f:ae:c7:09: b8:67:ba:4d:17:bd:4c:d1:b4:5b:88:0e:6f:2f:70:5f:4a:7d: ae:bd:44:da:8f:c8:78:33:cf:11:c0:c5:1d:90:56:e2:b7:84: e6:14:a5:36:51:43:3e:69:5c:17:bb:36:68:6f:c1:3b:17:ec: 41:57:4e:2a:54:d6:5b:b1:be:d5:e7:95:9f:a0:85:6c:a5:05: a7:19:8a:8f:0f:0a:16:6f:e1:35:44:a5:22:fa:ea:67:59:39: ff:74:b0:2e:2a:c2:29:71:cb:81:72:0b:86:40:c6:b2:82:66: a2:0c:58:8a:91:2b:9c:a6:02:b6:d0:7f:02:e3:13:02:60:1c: 1d:ef:5c:a3:b2:95:1e:a9:6b:08:2e:a7:7d:fe:35:a5:2a:64: ce:95:54:52:b1:e7:5b:06:5b:5e:6f:4a:0d:0d:05:b5:63:70: 05:0b:3e:dd:87:b2:62:76:d2:c7:c8:62:75:1e:1f:d3:19:b6: 44:1e:3d:aa:7b:e1:83:0a:3d:f7:5f:e4:52:76:8b:76:4e:d3: 4f:4d:06:9c:ea:3b:57:cd:e7:7f:81:03:b2:98:84:4a:41:ca: 6a:5c:dd:dc:37:1c:f7:f6:55:9c:0a:c7:16:7b:9d:57:61:1c: 50:77:90:2c -----BEGIN CERTIFICATE----- MIIFhjCCBG6gAwIBAgICC0MwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QzNCOEExMTAvBgNVBAUTKDQ1NTBDNjkwNTFCQUExOEFGMTEyREM3NkI1RjVERjlF NkI3OTQwRDUwHhcNMjUwMzA0MjAyNzU2WhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD VQQDEw02N2M3NjI0Yy0wZGI5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtx/Bs13qqVyakk8dzHiIU1oE3/dhHgNQ2n+YeynsFDI7IYDzez/wm5FXELD9 9eUJJoqrd2KfUc1LlR0B1nXUjEIGhpLx4/bIU5UortrksKlUUdqDnQM7zHEjZVvR UglUGrCTUDw2b77H/N+c0DA4l9J2OfYBUhnpEfSP/+Nd1Kd5Kre4BcKrAmoBeQ9a EGxsM63UnBoiVCy/XRlzc+dSDFSwLIXpfdm7knHmNxD/pfmrzN1q1EOaTCsjZL4J pMYqIsMhG3VtPNxoSyTlMkYabxlCZ8EmTWHQPvw7Evm8fOubWGEliiQ7HlGnaRhr oe80q2C2p9dAy4TTGRL5faFaGQIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFKvARYly ufr0ySQ0W0TGeGXWAJU2MB8GA1UdIwQYMBaAFEVQxpBRuqGK8RLcdrX1355reUDV MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDM0I4QS8wOEM0MzkyNDM4 NEQxMUVBQTRGNTVCNzNDNEY5QUUwMi9SVkRHa0ZHNm9ZcnhFdHgydGZYZm5tdDVR TlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1JWREdrRkc2b1lyeEV0eDJ0Zlhmbm10NVFOVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QzNCOEEvMDhDNDM5MjQzODREMTFFQUE0RjU1QjczQzRGOUFFMDIvQzEyMzgwQzQ5 QjA1MTFFREIyRjBCRDRFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E JTAjMBIEAgABMAwDBAIbeWwDBAFn5cQwDQQCAAIwBwMFACQCVwAwDQYJKoZIhvcN AQELBQADggEBACt6vp8UHweJzbOYBb8tT67HCbhnuk0XvUzRtFuIDm8vcF9Kfa69 RNqPyHgzzxHAxR2QVuK3hOYUpTZRQz5pXBe7NmhvwTsX7EFXTipU1luxvtXnlZ+g hWylBacZio8PChZv4TVEpSL66mdZOf90sC4qwilxy4FyC4ZAxrKCZqIMWIqRK5ym ArbQfwLjEwJgHB3vXKOylR6pawgup33+NaUqZM6VVFKx51sGW15vSg0NBbVjcAUL Pt2HsmJ20sfIYnUeH9MZtkQePap74YMKPfdf5FJ2i3ZO009NBpzqO1fN53+BA7KY hEpBympc3dw3HPf2VZwKxxZ7nVdhHFB3kCw= -----END CERTIFICATE-----Generated at Thu Mar 13 21:48:53 2025 by rpki-client