$ rpki-client -vvf rpki.apnic.net/member_repository/A91B727C/9D77C6D4028F11E99D81F640C4F9AE02/B58038B838FF11EAB8D91529C4F9AE02.roa File: B58038B838FF11EAB8D91529C4F9AE02.roa (raw, json) Hash identifier: IU4SG15xY5pa/IoW3wwDCZ3o/ZxiWKB5Df2NzHDteOY= Subject key identifier: B0:E1:8B:80:E6:9F:58:B5:12:28:B6:8E:C1:01:90:6A:65:1D:9C:C1 Certificate issuer: /CN=A91B727C/serialNumber=1D882C8CF2434CC9BBFD79191DC2C6982926E8AB Certificate serial: 1151 Authority key identifier: 1D:88:2C:8C:F2:43:4C:C9:BB:FD:79:19:1D:C2:C6:98:29:26:E8:AB Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HYgsjPJDTMm7_XkZHcLGmCkm6Ks.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B727C/9D77C6D4028F11E99D81F640C4F9AE02/B58038B838FF11EAB8D91529C4F9AE02.roa Signing time: Thu 30 Jan 2025 17:34:50 +0000 ROA not before: Thu 30 Jan 2025 17:34:50 +0000 ROA not after: Tue 31 Mar 2026 00:00:00 +0000 asID: 138505 IP address blocks: 103.127.68.0/22 maxlen: 22 103.127.68.0/23 maxlen: 23 103.127.68.0/24 maxlen: 24 103.127.69.0/24 maxlen: 24 103.127.70.0/23 maxlen: 23 103.127.70.0/24 maxlen: 24 103.127.71.0/24 maxlen: 24 2404:19c0::/32 maxlen: 32 2404:19c0::/36 maxlen: 36 2404:19c0:1000::/36 maxlen: 36 2404:19c0:2000::/36 maxlen: 36 2404:19c0:3000::/36 maxlen: 36 2404:19c0:4000::/36 maxlen: 36 2404:19c0:5000::/36 maxlen: 36 2404:19c0:6000::/36 maxlen: 36 2404:19c0:7000::/36 maxlen: 36 2404:19c0:8000::/36 maxlen: 36 2404:19c0:9000::/36 maxlen: 36 2404:19c0:a000::/36 maxlen: 36 2404:19c0:b000::/36 maxlen: 36 2404:19c0:c000::/36 maxlen: 36 2404:19c0:d000::/36 maxlen: 36 2404:19c0:e000::/36 maxlen: 36 2404:19c0:f000::/36 maxlen: 36 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B727C/9D77C6D4028F11E99D81F640C4F9AE02/HYgsjPJDTMm7_XkZHcLGmCkm6Ks.crl rsync://rpki.apnic.net/member_repository/A91B727C/9D77C6D4028F11E99D81F640C4F9AE02/HYgsjPJDTMm7_XkZHcLGmCkm6Ks.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HYgsjPJDTMm7_XkZHcLGmCkm6Ks.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 17:15:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4433 (0x1151) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B727C, serialNumber=1D882C8CF2434CC9BBFD79191DC2C6982926E8AB Validity Not Before: Jan 30 17:34:50 2025 GMT Not After : Mar 31 00:00:00 2026 GMT Subject: CN=679bb839-7396 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:9a:a5:05:2b:a3:61:07:98:bc:60:35:7b:d6: 08:9c:ac:5a:68:81:77:b5:d0:d7:91:52:b0:12:aa: 4c:1f:33:3c:4c:f9:c2:24:b8:c4:6c:1d:d4:be:df: 02:8b:5c:c7:39:f2:89:8e:01:56:51:f1:b7:0a:9f: 97:5e:fa:ae:26:7e:38:2a:1d:a9:5e:66:e8:a4:5e: 48:36:c5:36:f8:3a:9d:7d:08:d4:75:79:12:8a:90: 21:3d:75:04:0d:7b:16:ee:0a:5c:f9:1c:24:f7:f4: 2a:93:d8:b4:a5:f6:21:a6:4b:4f:b8:10:b7:bb:64: e9:47:05:97:2a:d9:8b:41:44:f5:b5:cf:86:85:72: c4:9b:ad:bd:bf:35:44:41:df:0d:f0:bc:3a:2a:6a: 40:82:f1:df:a5:98:91:93:79:55:6b:ea:2a:52:49: 64:ed:8a:f4:a3:95:1d:24:7f:a6:dc:05:a5:8e:e7: eb:d5:8d:a7:83:11:84:6f:e6:65:18:fc:07:20:2a: 29:4d:8e:2a:dd:12:e2:26:ae:92:26:bf:62:a8:26: a1:51:ec:6d:33:96:29:bb:11:db:c1:28:28:57:c7: e7:c5:de:51:ed:dd:4b:bf:aa:b3:f8:13:ab:e8:26: 10:6b:84:c8:88:06:1e:78:88:b6:88:db:d7:57:5e: ad:61 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B0:E1:8B:80:E6:9F:58:B5:12:28:B6:8E:C1:01:90:6A:65:1D:9C:C1 X509v3 Authority Key Identifier: keyid:1D:88:2C:8C:F2:43:4C:C9:BB:FD:79:19:1D:C2:C6:98:29:26:E8:AB X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B727C/9D77C6D4028F11E99D81F640C4F9AE02/HYgsjPJDTMm7_XkZHcLGmCkm6Ks.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HYgsjPJDTMm7_XkZHcLGmCkm6Ks.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B727C/9D77C6D4028F11E99D81F640C4F9AE02/B58038B838FF11EAB8D91529C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.127.68.0/22 IPv6: 2404:19c0::/32 Signature Algorithm: sha256WithRSAEncryption aa:39:84:a7:37:c7:56:95:d7:63:21:cf:ad:b5:16:0f:70:eb: 6c:d4:f5:62:87:55:0a:a6:9a:4c:fa:8a:a9:6f:18:74:04:4b: 52:6d:89:36:5a:86:86:b5:6b:09:2c:58:0b:26:ff:b8:dc:6b: b7:d9:3f:36:fb:9f:8c:35:09:5e:93:6c:54:13:18:59:4f:33: 38:76:b2:cc:34:9e:56:dd:09:8a:02:c7:32:f6:d4:16:ad:d7: 44:22:04:de:70:26:24:cf:9a:0f:66:dc:03:57:f2:07:31:23: 9a:15:32:3f:43:20:83:9d:d7:c2:2b:79:a1:98:b0:e1:ea:a4: c9:d3:11:6e:4d:6c:f3:3a:2e:e4:0a:6c:e7:5b:75:7e:1d:4d: bb:64:a5:a5:7f:ea:3d:cb:17:4a:92:0e:29:51:b5:88:c3:53: 66:8f:4c:9a:3f:7f:0b:0b:41:cd:6d:4e:ad:97:7f:e1:f7:49: b6:f4:04:2c:05:41:01:4f:83:39:52:e6:16:9d:74:50:0a:ae: 18:8b:1b:81:d4:ec:83:de:ff:b3:66:3c:cb:09:1f:29:74:0e: 12:c7:54:1d:bd:84:52:7c:02:6d:48:de:c3:bc:d1:af:f7:57: 77:a1:cc:ad:69:e6:de:c0:5e:27:71:c8:41:cf:04:92:38:ab: 69:4d:ce:1d -----BEGIN CERTIFICATE----- MIIFgDCCBGigAwIBAgICEVEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjcyN0MxMTAvBgNVBAUTKDFEODgyQzhDRjI0MzRDQzlCQkZENzkxOTFEQzJDNjk4 MjkyNkU4QUIwHhcNMjUwMTMwMTczNDUwWhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NzliYjgzOS03Mzk2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAzZqlBSujYQeYvGA1e9YInKxaaIF3tdDXkVKwEqpMHzM8TPnCJLjEbB3Uvt8C i1zHOfKJjgFWUfG3Cp+XXvquJn44Kh2pXmbopF5INsU2+DqdfQjUdXkSipAhPXUE DXsW7gpc+Rwk9/Qqk9i0pfYhpktPuBC3u2TpRwWXKtmLQUT1tc+GhXLEm629vzVE Qd8N8Lw6KmpAgvHfpZiRk3lVa+oqUklk7Yr0o5UdJH+m3AWljufr1Y2ngxGEb+Zl GPwHICopTY4q3RLiJq6SJr9iqCahUextM5YpuxHbwSgoV8fnxd5R7d1Lv6qz+BOr 6CYQa4TIiAYeeIi2iNvXV16tYQIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFLDhi4Dm n1i1Eii2jsEBkGplHZzBMB8GA1UdIwQYMBaAFB2ILIzyQ0zJu/15GR3CxpgpJuir MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNzI3Qy85RDc3QzZENDAy OEYxMUU5OUQ4MUY2NDBDNEY5QUUwMi9IWWdzalBKRFRNbTdfWGtaSGNMR21Da202 S3MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0hZZ3NqUEpEVE1tN19Ya1pIY0xHbUNrbTZLcy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QjcyN0MvOUQ3N0M2RDQwMjhGMTFFOTlEODFGNjQwQzRGOUFFMDIvQjU4MDM4Qjgz OEZGMTFFQUI4RDkxNTI5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E HzAdMAwEAgABMAYDBAJnf0QwDQQCAAIwBwMFACQEGcAwDQYJKoZIhvcNAQELBQAD ggEBAKo5hKc3x1aV12Mhz621Fg9w62zU9WKHVQqmmkz6iqlvGHQES1JtiTZahoa1 awksWAsm/7jca7fZPzb7n4w1CV6TbFQTGFlPMzh2ssw0nlbdCYoCxzL21Bat10Qi BN5wJiTPmg9m3ANX8gcxI5oVMj9DIIOd18IreaGYsOHqpMnTEW5NbPM6LuQKbOdb dX4dTbtkpaV/6j3LF0qSDilRtYjDU2aPTJo/fwsLQc1tTq2Xf+H3Sbb0BCwFQQFP gzlS5haddFAKrhiLG4HU7IPe/7NmPMsJHyl0DhLHVB29hFJ8Am1I3sO80a/3V3eh zK1p5t7AXidxyEHPBJI4q2lNzh0= -----END CERTIFICATE-----Generated at Sat Apr 26 05:50:59 2025 by rpki-client