$ rpki-client -vvf rpki.apnic.net/member_repository/A911BD54/3E281C98004911E5B4B64F63C4F9AE02/BF80484C737D11E8950B2925C4F9AE02.roa File: BF80484C737D11E8950B2925C4F9AE02.roa (raw, json) Hash identifier: O78cVZwqyxDVfjOwvS4al+LaTd+tf8q/fwBcoeELa14= Subject key identifier: C1:D8:D0:BB:18:17:1C:A6:10:E0:C9:B4:23:14:41:4B:DF:B7:0B:C8 Certificate issuer: /CN=A911BD54/serialNumber=BCFAF8D33F18A8D3602029EBCEDE1E36AF20715C Certificate serial: 2A36 Authority key identifier: BC:FA:F8:D3:3F:18:A8:D3:60:20:29:EB:CE:DE:1E:36:AF:20:71:5C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vPr40z8YqNNgICnrzt4eNq8gcVw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A911BD54/3E281C98004911E5B4B64F63C4F9AE02/BF80484C737D11E8950B2925C4F9AE02.roa Signing time: Wed 04 Jun 2025 03:49:18 +0000 ROA not before: Wed 04 Jun 2025 03:49:18 +0000 ROA not after: Mon 02 Mar 2026 00:00:00 +0000 asID: 134240 IP address blocks: 27.254.4.0/24 maxlen: 24 27.254.11.0/24 maxlen: 24 27.254.31.0/24 maxlen: 24 27.254.185.0/24 maxlen: 24 27.254.186.0/24 maxlen: 24 27.254.231.0/24 maxlen: 24 27.254.233.0/24 maxlen: 24 49.229.88.0/23 maxlen: 23 49.229.90.0/23 maxlen: 23 58.64.24.0/24 maxlen: 24 58.64.27.0/24 maxlen: 24 58.137.6.0/24 maxlen: 24 103.20.204.0/22 maxlen: 24 110.49.141.0/24 maxlen: 24 110.49.142.0/23 maxlen: 24 2405:9800:d000::/36 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A911BD54/3E281C98004911E5B4B64F63C4F9AE02/vPr40z8YqNNgICnrzt4eNq8gcVw.crl rsync://rpki.apnic.net/member_repository/A911BD54/3E281C98004911E5B4B64F63C4F9AE02/vPr40z8YqNNgICnrzt4eNq8gcVw.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vPr40z8YqNNgICnrzt4eNq8gcVw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 21 Jun 2025 15:41:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 10806 (0x2a36) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A911BD54, serialNumber=BCFAF8D33F18A8D3602029EBCEDE1E36AF20715C Validity Not Before: Jun 4 03:49:18 2025 GMT Not After : Mar 2 00:00:00 2026 GMT Subject: CN=683fc23e-f200 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:5c:aa:93:fa:a2:c2:1c:3c:81:12:0f:a5:51: 44:76:c9:ca:56:de:a5:e1:5f:cc:a3:46:0a:6d:cf: 5f:38:3f:39:65:04:9b:55:90:a7:bf:47:6b:2a:71: 46:68:18:c5:14:f8:e7:45:2b:f3:e9:37:41:36:e8: ae:e5:36:1c:d9:18:7e:9c:1c:65:81:f3:24:26:c1: b3:d8:9e:d9:33:ad:6d:1a:21:92:04:6f:f6:51:46: 63:68:91:01:83:a9:b5:05:82:c9:58:7d:47:70:a2: 4c:b9:07:0a:09:d3:ec:96:da:6b:6c:08:35:30:e1: 8e:60:cb:80:8d:a3:ea:a1:d2:6f:85:07:b7:84:22: 72:94:ae:fd:ad:8b:02:b9:63:c1:b7:b7:0e:92:e0: b0:da:30:c6:63:4b:a6:5f:c4:96:f6:98:3c:ed:bb: dc:8a:f2:a5:3e:63:bc:9c:db:4a:cb:02:94:d1:6d: 6a:d2:af:e2:1b:47:9b:1d:51:57:aa:04:74:c7:90: 9e:cd:40:85:90:8c:4a:33:84:39:57:57:62:2c:8f: 75:a1:89:59:81:d4:1f:c2:21:fb:cb:88:f1:19:1e: 6c:fb:c5:ab:a4:57:78:cd:67:ae:ef:81:84:d9:f3: 8b:ef:5c:bd:b7:71:7b:f8:fb:2c:4a:74:db:00:7c: d7:73 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C1:D8:D0:BB:18:17:1C:A6:10:E0:C9:B4:23:14:41:4B:DF:B7:0B:C8 X509v3 Authority Key Identifier: keyid:BC:FA:F8:D3:3F:18:A8:D3:60:20:29:EB:CE:DE:1E:36:AF:20:71:5C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A911BD54/3E281C98004911E5B4B64F63C4F9AE02/vPr40z8YqNNgICnrzt4eNq8gcVw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vPr40z8YqNNgICnrzt4eNq8gcVw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911BD54/3E281C98004911E5B4B64F63C4F9AE02/BF80484C737D11E8950B2925C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 27.254.4.0/24 27.254.11.0/24 27.254.31.0/24 27.254.185.0-27.254.186.255 27.254.231.0/24 27.254.233.0/24 49.229.88.0/22 58.64.24.0/24 58.64.27.0/24 58.137.6.0/24 103.20.204.0/22 110.49.141.0-110.49.143.255 IPv6: 2405:9800:d000::/36 Signature Algorithm: sha256WithRSAEncryption 5b:d8:47:e7:ef:af:bb:b8:14:05:4a:cc:52:ce:66:b0:d0:e9: c7:6e:7d:76:3d:6e:6f:8d:e4:18:41:25:2d:d4:13:4c:8a:f9: 0d:36:a7:5e:a5:69:e2:97:90:e1:dd:c0:ec:5d:4a:57:20:21: a9:17:0c:2a:ec:54:35:19:67:36:9f:56:20:3a:f7:ff:5f:13: de:bf:d7:dc:7c:42:96:37:c7:8b:5d:f4:62:0a:b7:cd:7c:bf: 88:19:9b:b6:0b:03:ca:54:fc:01:db:5a:61:df:d3:85:ca:c5: 50:97:84:fb:76:38:80:49:a2:05:8d:24:c3:ec:b7:b2:d3:20: c8:15:90:fa:90:6f:d5:51:c8:aa:29:11:26:91:89:ce:80:58: 86:4c:6a:05:0d:d9:2b:43:53:91:ea:f8:9e:1f:0d:cf:b6:65: d5:25:bf:a1:ff:c4:ca:e0:26:bd:75:14:38:1e:ff:4b:0c:e9: 5c:49:ac:d1:df:e4:be:66:7e:c7:05:76:59:3d:30:e4:e0:7e: 13:6d:c0:da:cd:e5:1f:a8:97:62:31:1c:d0:70:70:67:dd:4b: 84:f3:fc:62:81:05:aa:90:a3:ea:17:d3:e2:f2:c4:45:f9:04: a1:23:61:43:d9:fd:39:fa:0b:fd:8f:e7:36:11:57:21:90:e8: 2c:cd:49:54 -----BEGIN CERTIFICATE----- MIIF1DCCBLygAwIBAgICKjYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MUJENTQxMTAvBgNVBAUTKEJDRkFGOEQzM0YxOEE4RDM2MDIwMjlFQkNFREUxRTM2 QUYyMDcxNUMwHhcNMjUwNjA0MDM0OTE4WhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD VQQDEw02ODNmYzIzZS1mMjAwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtFyqk/qiwhw8gRIPpVFEdsnKVt6l4V/Mo0YKbc9fOD85ZQSbVZCnv0drKnFG aBjFFPjnRSvz6TdBNuiu5TYc2Rh+nBxlgfMkJsGz2J7ZM61tGiGSBG/2UUZjaJEB g6m1BYLJWH1HcKJMuQcKCdPsltprbAg1MOGOYMuAjaPqodJvhQe3hCJylK79rYsC uWPBt7cOkuCw2jDGY0umX8SW9pg87bvcivKlPmO8nNtKywKU0W1q0q/iG0ebHVFX qgR0x5CezUCFkIxKM4Q5V1diLI91oYlZgdQfwiH7y4jxGR5s+8WrpFd4zWeu74GE 2fOL71y9t3F7+PssSnTbAHzXcwIDAQABo4IC+DCCAvQwHQYDVR0OBBYEFMHY0LsY FxymEODJtCMUQUvftwvIMB8GA1UdIwQYMBaAFLz6+NM/GKjTYCAp687eHjavIHFc MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQkQ1NC8zRTI4MUM5ODAw NDkxMUU1QjRCNjRGNjNDNEY5QUUwMi92UHI0MHo4WXFOTmdJQ25yenQ0ZU5xOGdj VncuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3ZQcjQwejhZcU5OZ0lDbnJ6dDRlTnE4Z2NWdy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MUJENTQvM0UyODFDOTgwMDQ5MTFFNUI0QjY0RjYzQzRGOUFFMDIvQkY4MDQ4NEM3 MzdEMTFFODk1MEIyOTI1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgYEGCCsGAQUFBwEHAQH/ BHIwcDBeBAIAATBYAwQAG/4EAwQAG/4LAwQAG/4fMAwDBAAb/rkDBAAb/roDBAAb /ucDBAAb/ukDBAIx5VgDBAA6QBgDBAA6QBsDBAA6iQYDBAJnFMwwDAMEAG4xjQME BG4xgDAOBAIAAjAIAwYEJAWYANAwDQYJKoZIhvcNAQELBQADggEBAFvYR+fvr7u4 FAVKzFLOZrDQ6cdufXY9bm+N5BhBJS3UE0yK+Q02p16laeKXkOHdwOxdSlcgIakX DCrsVDUZZzafViA69/9fE96/19x8QpY3x4td9GIKt818v4gZm7YLA8pU/AHbWmHf 04XKxVCXhPt2OIBJogWNJMPst7LTIMgVkPqQb9VRyKopESaRic6AWIZMagUN2StD U5Hq+J4fDc+2ZdUlv6H/xMrgJr11FDge/0sM6VxJrNHf5L5mfscFdlk9MOTgfhNt wNrN5R+ol2IxHNBwcGfdS4Tz/GKBBaqQo+oX0+LyxEX5BKEjYUPZ/Tn6C/2P5zYR VyGQ6CzNSVQ= -----END CERTIFICATE-----Generated at Sun Jun 15 08:51:24 2025 by rpki-client