$ rpki-client -vvf rpki.apnic.net/member_repository/A91C911D/7B13B3846C0311EB8844784BC4F9AE02/277D6F8A92FC11EE9104E34AC4F9AE02.roa File: 277D6F8A92FC11EE9104E34AC4F9AE02.roa (raw, json) Hash identifier: fdmvB0an6LNCJ/rPDiFDz7+5feqDx6HJCe4RxaUQMiw= Subject key identifier: 0D:17:F3:A9:A9:DF:E4:6E:F7:E1:C6:1B:7A:DB:43:45:DE:2C:0F:5A Certificate issuer: /CN=A91C911D/serialNumber=475B62A5F233ED05AC72D8781234E109BF3A908C Certificate serial: 06F1 Authority key identifier: 47:5B:62:A5:F2:33:ED:05:AC:72:D8:78:12:34:E1:09:BF:3A:90:8C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/R1tipfIz7QWscth4EjThCb86kIw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C911D/7B13B3846C0311EB8844784BC4F9AE02/277D6F8A92FC11EE9104E34AC4F9AE02.roa Signing time: Mon 02 Jun 2025 22:30:48 +0000 ROA not before: Mon 02 Jun 2025 22:30:48 +0000 ROA not after: Mon 01 Dec 2025 00:00:00 +0000 asID: 45158 IP address blocks: 103.251.172.0/22 maxlen: 23 120.29.240.0/21 maxlen: 21 120.29.245.0/24 maxlen: 24 120.29.246.0/24 maxlen: 24 2407:1e00::/32 maxlen: 32 2407:1e00::/33 maxlen: 40 2407:1e00:1003::/48 maxlen: 48 2407:1e00:8000::/33 maxlen: 37 2407:1e00:8000::/34 maxlen: 40 2407:1e00:c000::/35 maxlen: 40 2407:1e00:e000::/36 maxlen: 40 2407:1e00:f000::/37 maxlen: 40 2407:1e00:f800::/38 maxlen: 38 2407:1e00:f800::/39 maxlen: 39 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C911D/7B13B3846C0311EB8844784BC4F9AE02/R1tipfIz7QWscth4EjThCb86kIw.crl rsync://rpki.apnic.net/member_repository/A91C911D/7B13B3846C0311EB8844784BC4F9AE02/R1tipfIz7QWscth4EjThCb86kIw.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/R1tipfIz7QWscth4EjThCb86kIw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 09 Jun 2025 22:30:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1777 (0x6f1) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C911D, serialNumber=475B62A5F233ED05AC72D8781234E109BF3A908C Validity Not Before: Jun 2 22:30:48 2025 GMT Not After : Dec 1 00:00:00 2025 GMT Subject: CN=683e2618-5375 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:eb:b9:99:ed:fb:a5:fe:b8:2c:7d:34:64:c9:48: 29:ca:1b:00:aa:b9:e0:50:28:a4:2e:60:b7:67:3a: 1b:0b:15:b1:25:af:0e:20:3d:5c:f6:01:41:db:2c: 37:72:e2:db:66:63:a3:39:d8:b1:ba:50:64:c1:0d: f1:28:09:0b:1c:37:27:52:4b:7f:1c:3c:09:62:2b: 8d:a8:ce:a2:23:35:2d:23:5e:9e:41:76:ca:4a:84: 8f:e9:1a:1d:d3:8c:0c:e1:c8:60:b8:d8:53:e8:2a: dd:02:2c:18:b5:a7:4c:00:a1:4e:e2:66:1b:17:e5: ac:e6:2d:47:04:45:10:28:ea:02:75:11:24:56:2e: dd:45:f0:cb:b7:b4:9c:99:d3:22:02:20:77:4d:ca: 37:95:cf:a9:3d:18:25:3b:96:a0:68:b2:27:53:45: 6c:17:5d:0e:41:ad:43:af:90:06:be:8a:55:10:19: e3:20:85:1d:c2:f0:a6:84:59:80:72:cb:d4:16:1d: 74:95:61:7a:7a:b3:fc:68:6d:3d:43:88:fd:0f:d4: a0:a8:96:01:f0:bc:f6:6b:8c:2a:ee:2d:dd:c4:d9: 09:4d:bb:70:a6:0d:1a:7b:71:b9:8d:87:77:fc:af: 3c:07:85:19:0f:f3:3c:23:a5:f3:23:29:00:53:51: 49:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0D:17:F3:A9:A9:DF:E4:6E:F7:E1:C6:1B:7A:DB:43:45:DE:2C:0F:5A X509v3 Authority Key Identifier: keyid:47:5B:62:A5:F2:33:ED:05:AC:72:D8:78:12:34:E1:09:BF:3A:90:8C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C911D/7B13B3846C0311EB8844784BC4F9AE02/R1tipfIz7QWscth4EjThCb86kIw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/R1tipfIz7QWscth4EjThCb86kIw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C911D/7B13B3846C0311EB8844784BC4F9AE02/277D6F8A92FC11EE9104E34AC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.251.172.0/22 120.29.240.0/21 IPv6: 2407:1e00::/32 Signature Algorithm: sha256WithRSAEncryption 27:d4:67:d8:0b:ec:5f:3a:6d:8a:74:3c:18:ed:61:b6:de:91: 5d:2c:29:bc:31:6f:45:0d:26:b6:80:72:d0:e5:b2:02:9f:db: e9:af:3c:35:d4:c7:69:e5:30:6c:f8:d2:1f:56:48:85:b4:ca: 2c:cb:f3:8b:c0:b8:fc:fb:ab:d9:6a:51:ac:35:1e:9a:30:ee: 10:c5:fc:f7:1b:ec:68:87:2b:10:b5:13:85:a4:79:3e:77:e3: f3:26:35:1a:44:67:92:12:9e:1b:5b:c9:c8:a0:fb:28:dc:89: db:ab:da:ab:cc:9c:57:9d:86:d8:8f:87:f8:21:82:08:a5:57: 5e:42:2a:00:4e:4e:5a:16:76:4b:67:b9:6a:c3:ea:f5:55:75: 49:f2:af:71:a4:db:f0:76:5a:c0:84:cf:2e:47:0c:69:1e:e8: 30:0f:63:03:28:3c:c3:a4:5d:79:d4:7a:c2:b2:8f:e7:c8:37: c8:ec:21:05:0e:7a:40:ee:e3:70:64:50:cb:3b:cb:f1:c8:50: 0c:d0:ef:92:94:3f:39:2d:a4:21:cc:31:5f:c0:68:3e:2f:56: 96:63:3b:3d:ed:d3:73:25:d5:67:69:7e:99:dc:3c:b2:64:73: 02:fe:6f:bd:a9:03:c7:94:6c:d2:34:23:06:19:49:5a:b0:e8: 4a:3f:54:92 -----BEGIN CERTIFICATE----- MIIFhjCCBG6gAwIBAgICBvEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QzkxMUQxMTAvBgNVBAUTKDQ3NUI2MkE1RjIzM0VEMDVBQzcyRDg3ODEyMzRFMTA5 QkYzQTkwOEMwHhcNMjUwNjAyMjIzMDQ4WhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD VQQDEw02ODNlMjYxOC01Mzc1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA67mZ7ful/rgsfTRkyUgpyhsAqrngUCikLmC3ZzobCxWxJa8OID1c9gFB2yw3 cuLbZmOjOdixulBkwQ3xKAkLHDcnUkt/HDwJYiuNqM6iIzUtI16eQXbKSoSP6Rod 04wM4chguNhT6CrdAiwYtadMAKFO4mYbF+Ws5i1HBEUQKOoCdREkVi7dRfDLt7Sc mdMiAiB3Tco3lc+pPRglO5agaLInU0VsF10OQa1Dr5AGvopVEBnjIIUdwvCmhFmA csvUFh10lWF6erP8aG09Q4j9D9SgqJYB8Lz2a4wq7i3dxNkJTbtwpg0ae3G5jYd3 /K88B4UZD/M8I6XzIykAU1FJnwIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFA0X86mp 3+Ru9+HGG3rbQ0XeLA9aMB8GA1UdIwQYMBaAFEdbYqXyM+0FrHLYeBI04Qm/OpCM MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDOTExRC83QjEzQjM4NDZD MDMxMUVCODg0NDc4NEJDNEY5QUUwMi9SMXRpcGZJejdRV3NjdGg0RWpUaENiODZr SXcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1IxdGlwZkl6N1FXc2N0aDRFalRoQ2I4NmtJdy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QzkxMUQvN0IxM0IzODQ2QzAzMTFFQjg4NDQ3ODRCQzRGOUFFMDIvMjc3RDZGOEE5 MkZDMTFFRTkxMDRFMzRBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E JTAjMBIEAgABMAwDBAJn+6wDBAN4HfAwDQQCAAIwBwMFACQHHgAwDQYJKoZIhvcN AQELBQADggEBACfUZ9gL7F86bYp0PBjtYbbekV0sKbwxb0UNJraActDlsgKf2+mv PDXUx2nlMGz40h9WSIW0yizL84vAuPz7q9lqUaw1Hpow7hDF/Pcb7GiHKxC1E4Wk eT534/MmNRpEZ5ISnhtbycig+yjcidur2qvMnFedhtiPh/ghggilV15CKgBOTloW dktnuWrD6vVVdUnyr3Gk2/B2WsCEzy5HDGke6DAPYwMoPMOkXXnUesKyj+fIN8js IQUOekDu43BkUMs7y/HIUAzQ75KUPzktpCHMMV/AaD4vVpZjOz3t03Ml1Wdpfpnc PLJkcwL+b72pA8eUbNI0IwYZSVqw6Eo/VJI= -----END CERTIFICATE-----Generated at Wed Jun 4 00:11:58 2025 by rpki-client