$ rpki-client -vvf rpki.apnic.net/member_repository/A91CFFA0/1D66D486D8CB11E9BAE24D21C4F9AE02/27F85F401B0811EEA3313C43C4F9AE02.roa File: 27F85F401B0811EEA3313C43C4F9AE02.roa (raw, json) Hash identifier: lKd14RCSyU2vrCrtMJxPKeMYKMqLc77HXu+4PUEXtJI= Subject key identifier: 86:11:85:93:12:21:E9:8F:67:86:D0:4A:BE:3C:80:64:49:A0:8D:6D Certificate issuer: /CN=A91CFFA0/serialNumber=ADD9418F0F9B55F3B7376A093DB11DBAD3AEFEC8 Certificate serial: 0EC3 Authority key identifier: AD:D9:41:8F:0F:9B:55:F3:B7:37:6A:09:3D:B1:1D:BA:D3:AE:FE:C8 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rdlBjw-bVfO3N2oJPbEdutOu_sg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CFFA0/1D66D486D8CB11E9BAE24D21C4F9AE02/27F85F401B0811EEA3313C43C4F9AE02.roa Signing time: Tue 14 Jan 2025 18:16:30 +0000 ROA not before: Tue 14 Jan 2025 18:16:30 +0000 ROA not after: Tue 31 Mar 2026 00:00:00 +0000 asID: 7468 IP address blocks: 202.64.110.0/24 maxlen: 24 220.232.132.0/24 maxlen: 24 220.232.133.0/24 maxlen: 24 220.232.134.0/24 maxlen: 24 220.232.156.0/24 maxlen: 24 220.232.157.0/24 maxlen: 24 220.232.159.0/24 maxlen: 24 220.232.211.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CFFA0/1D66D486D8CB11E9BAE24D21C4F9AE02/rdlBjw-bVfO3N2oJPbEdutOu_sg.crl rsync://rpki.apnic.net/member_repository/A91CFFA0/1D66D486D8CB11E9BAE24D21C4F9AE02/rdlBjw-bVfO3N2oJPbEdutOu_sg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rdlBjw-bVfO3N2oJPbEdutOu_sg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 11 Apr 2025 18:10:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3779 (0xec3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CFFA0 Validity Not Before: Jan 14 18:16:30 2025 GMT Not After : Mar 31 00:00:00 2026 GMT Subject: CN=6786a9fe-b19d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:c7:8d:b9:54:0a:ec:9e:1f:f1:96:32:05:98: 2b:67:b3:1e:48:4c:b9:80:ba:12:ee:f5:78:e7:70: e2:00:69:63:d3:d5:7c:f4:bb:ec:b4:f3:91:a6:2f: 3d:e9:f2:16:da:21:44:21:38:61:ef:02:9b:c5:28: 7d:62:ca:17:52:be:47:a4:12:15:6b:51:45:9c:f7: 36:23:94:e0:f9:9e:0f:a1:45:db:85:9f:36:05:ac: ab:e1:18:d5:82:60:86:87:32:15:c8:9a:d9:44:9a: 59:b2:62:34:20:17:1a:dc:81:ba:df:f9:f9:b9:5d: a6:ce:b3:e3:ea:74:5f:f0:6d:2d:57:fa:32:b1:60: 66:65:78:33:9d:7d:83:f0:85:b2:09:cb:8d:a7:f8: 23:09:2e:9c:41:9e:db:c2:db:32:05:e5:98:e5:b5: 54:11:fb:14:b5:c1:e0:29:4b:26:fb:8e:cc:a0:bf: 4d:52:95:09:e6:97:9f:d2:32:4a:6d:8b:1c:66:fd: 1f:9c:43:b7:70:bc:2c:5d:76:48:84:b7:12:e6:6e: e8:57:68:60:4a:4c:33:67:dd:a7:e7:50:03:a6:b9: 27:9d:81:6a:f6:89:56:c3:6b:bd:48:73:c1:b1:1d: 50:c6:db:f3:c1:82:9c:0b:ff:fe:52:04:57:4d:80: 77:e9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 86:11:85:93:12:21:E9:8F:67:86:D0:4A:BE:3C:80:64:49:A0:8D:6D X509v3 Authority Key Identifier: keyid:AD:D9:41:8F:0F:9B:55:F3:B7:37:6A:09:3D:B1:1D:BA:D3:AE:FE:C8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CFFA0/1D66D486D8CB11E9BAE24D21C4F9AE02/rdlBjw-bVfO3N2oJPbEdutOu_sg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rdlBjw-bVfO3N2oJPbEdutOu_sg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CFFA0/1D66D486D8CB11E9BAE24D21C4F9AE02/27F85F401B0811EEA3313C43C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 202.64.110.0/24 220.232.132.0-220.232.134.255 220.232.156.0/23 220.232.159.0/24 220.232.211.0/24 Signature Algorithm: sha256WithRSAEncryption 94:37:2b:70:1b:03:3d:81:4c:d7:c7:14:a3:e7:c6:09:dd:34: cf:06:30:b4:92:39:da:44:16:14:22:4c:53:8d:56:c5:d4:b4: c7:6a:cd:94:ca:3f:93:ba:89:09:a3:71:d2:49:1b:c2:1f:92: 8b:92:a5:4d:19:47:0a:c4:96:5b:6f:88:54:d7:6b:db:13:2d: 0e:d9:6e:c6:b5:83:2d:9a:23:45:91:b6:f9:05:d2:6b:0f:84: eb:c5:eb:aa:7e:3c:e4:10:75:42:c4:ab:04:cf:b0:e3:98:a8: 37:cf:be:28:6e:67:05:bb:43:00:f5:d4:40:3c:89:16:a1:90: 66:d8:e3:93:19:b4:16:5a:ef:86:be:e2:65:2a:ba:55:98:90: 03:22:cd:cc:e5:20:47:d7:81:b5:7f:d5:4e:c9:b4:f5:c4:7b: 08:04:e4:ad:f1:43:04:97:a7:3f:43:66:f9:8d:7a:af:36:89: 02:17:0f:e2:7f:8b:f8:a2:a0:f4:1c:f3:da:ee:93:eb:da:ad: 3f:73:2a:5a:58:67:17:1d:90:c3:ec:7f:01:d1:49:42:09:d5: 86:04:31:64:fb:47:2b:76:2e:f8:07:74:c3:44:77:a1:13:cb: 6b:fe:65:a7:30:50:7c:44:ea:88:70:13:49:25:9b:b7:8c:5d: 50:68:3b:c6 -----BEGIN CERTIFICATE----- MIIFkTCCBHmgAwIBAgICDsMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Q0ZGQTAxMTAvBgNVBAUTKEFERDk0MThGMEY5QjU1RjNCNzM3NkEwOTNEQjExREJB RDNBRUZFQzgwHhcNMjUwMTE0MTgxNjMwWhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD VQQDEw02Nzg2YTlmZS1iMTlkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA0MeNuVQK7J4f8ZYyBZgrZ7MeSEy5gLoS7vV453DiAGlj09V89LvstPORpi89 6fIW2iFEIThh7wKbxSh9YsoXUr5HpBIVa1FFnPc2I5Tg+Z4PoUXbhZ82Bayr4RjV gmCGhzIVyJrZRJpZsmI0IBca3IG63/n5uV2mzrPj6nRf8G0tV/oysWBmZXgznX2D 8IWyCcuNp/gjCS6cQZ7bwtsyBeWY5bVUEfsUtcHgKUsm+47MoL9NUpUJ5pef0jJK bYscZv0fnEO3cLwsXXZIhLcS5m7oV2hgSkwzZ92n51ADprknnYFq9olWw2u9SHPB sR1QxtvzwYKcC//+UgRXTYB36QIDAQABo4ICtTCCArEwHQYDVR0OBBYEFIYRhZMS IemPZ4bQSr48gGRJoI1tMB8GA1UdIwQYMBaAFK3ZQY8Pm1XztzdqCT2xHbrTrv7I MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDRkZBMC8xRDY2RDQ4NkQ4 Q0IxMUU5QkFFMjREMjFDNEY5QUUwMi9yZGxCanctYlZmTzNOMm9KUGJFZHV0T3Vf c2cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3JkbEJqdy1iVmZPM04yb0pQYkVkdXRPdV9zZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx Q0ZGQTAvMUQ2NkQ0ODZEOENCMTFFOUJBRTI0RDIxQzRGOUFFMDIvMjdGODVGNDAx QjA4MTFFRUEzMzEzQzQzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwPwYIKwYBBQUHAQcBAf8E MDAuMCwEAgABMCYDBADKQG4wDAMEAtzohAMEANzohgMEAdzonAMEANzonwMEANzo 0zANBgkqhkiG9w0BAQsFAAOCAQEAlDcrcBsDPYFM18cUo+fGCd00zwYwtJI52kQW FCJMU41WxdS0x2rNlMo/k7qJCaNx0kkbwh+Si5KlTRlHCsSWW2+IVNdr2xMtDtlu xrWDLZojRZG2+QXSaw+E68Xrqn485BB1QsSrBM+w45ioN8++KG5nBbtDAPXUQDyJ FqGQZtjjkxm0Flrvhr7iZSq6VZiQAyLNzOUgR9eBtX/VTsm09cR7CATkrfFDBJen P0Nm+Y16rzaJAhcP4n+L+KKg9Bzz2u6T69qtP3MqWlhnFx2Qw+x/AdFJQgnVhgQx ZPtHK3Yu+Ad0w0R3oRPLa/5lpzBQfETqiHATSSWbt4xdUGg7xg== -----END CERTIFICATE-----Generated at Sat Apr 5 10:30:21 2025 by rpki-client