$ rpki-client -vvf rpki.apnic.net/member_repository/A91CE978/3223F35E1D9811E28A8C2E8208B02CD2/D1EE6884F06C11EEA5BAA656C4F9AE02.roa File: D1EE6884F06C11EEA5BAA656C4F9AE02.roa (raw, json) Hash identifier: 8K4hb6GJHcWswysfKKK+VFXlsdhKy8EjS5fIz+8731Q= Subject key identifier: 42:24:E2:12:33:78:8C:F7:F8:70:42:B1:C8:BC:28:78:A9:6F:B0:05 Certificate issuer: /CN=A91CE978/serialNumber=6A1E4F72847EB3699522C93D26773F0DF8396EBE Certificate serial: 352B Authority key identifier: 6A:1E:4F:72:84:7E:B3:69:95:22:C9:3D:26:77:3F:0D:F8:39:6E:BE Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ah5PcoR-s2mVIsk9Jnc_Dfg5br4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CE978/3223F35E1D9811E28A8C2E8208B02CD2/D1EE6884F06C11EEA5BAA656C4F9AE02.roa Signing time: Thu 10 Apr 2025 15:20:54 +0000 ROA not before: Thu 10 Apr 2025 15:20:54 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 38477 IP address blocks: 103.11.124.0/22 maxlen: 24 116.90.128.0/20 maxlen: 20 116.90.128.0/21 maxlen: 21 116.90.128.0/24 maxlen: 24 116.90.129.0/24 maxlen: 24 116.90.130.0/24 maxlen: 24 116.90.133.0/24 maxlen: 24 116.90.134.0/24 maxlen: 24 116.90.136.0/21 maxlen: 21 116.90.136.0/23 maxlen: 23 116.90.138.0/24 maxlen: 24 116.90.139.0/24 maxlen: 24 116.90.140.0/24 maxlen: 24 116.90.142.0/24 maxlen: 24 116.90.143.0/24 maxlen: 24 120.136.62.0/24 maxlen: 24 122.102.108.0/23 maxlen: 23 202.6.116.0/23 maxlen: 23 2401:f000::/32 maxlen: 32 2401:f000::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CE978/3223F35E1D9811E28A8C2E8208B02CD2/ah5PcoR-s2mVIsk9Jnc_Dfg5br4.crl rsync://rpki.apnic.net/member_repository/A91CE978/3223F35E1D9811E28A8C2E8208B02CD2/ah5PcoR-s2mVIsk9Jnc_Dfg5br4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ah5PcoR-s2mVIsk9Jnc_Dfg5br4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 03 May 2025 14:50:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13611 (0x352b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CE978, serialNumber=6A1E4F72847EB3699522C93D26773F0DF8396EBE Validity Not Before: Apr 10 15:20:54 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=67f7e1d5-f87f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:41:49:46:74:32:f8:82:b0:a9:60:31:96:77: 5c:08:9f:50:75:9c:ee:99:54:da:79:d9:73:3c:e1: 57:f1:20:49:c0:d1:c5:09:01:6c:d3:17:c1:a3:a6: 28:98:dd:21:9d:dc:a5:77:f5:58:24:2a:c8:c1:48: 23:08:d0:21:c2:03:a1:72:79:12:ed:d5:16:4f:ef: 6d:de:29:a8:cd:dc:6b:d7:d6:df:e5:23:82:fd:55: c2:8f:07:f4:a4:04:aa:a6:1f:57:89:ec:37:cd:53: c2:2c:a1:7d:d5:ea:53:fa:da:6e:02:29:f5:55:d7: 8c:9b:d5:4c:6e:ef:71:b7:70:25:8a:12:ce:73:4a: 82:b9:f7:72:62:f9:21:3c:df:cf:04:61:3a:27:cd: a5:0f:73:34:f3:ab:a2:e8:be:38:81:0b:eb:ca:5c: 3d:c9:19:80:d7:14:f5:fc:34:21:2d:49:d9:1e:a7: 96:9a:53:46:d4:b5:58:69:a7:33:1b:22:f8:7e:d5: 15:98:f6:bd:95:68:f9:7f:f2:3b:3b:28:cc:21:ff: 95:65:6a:97:0a:c2:0f:db:54:ae:dc:53:18:34:27: 7f:79:7c:6f:24:5e:4a:a9:7d:44:6f:2f:64:8a:43: b5:32:0f:b8:86:19:72:4e:c6:ce:58:aa:d0:cb:a3: d4:95 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 42:24:E2:12:33:78:8C:F7:F8:70:42:B1:C8:BC:28:78:A9:6F:B0:05 X509v3 Authority Key Identifier: keyid:6A:1E:4F:72:84:7E:B3:69:95:22:C9:3D:26:77:3F:0D:F8:39:6E:BE X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CE978/3223F35E1D9811E28A8C2E8208B02CD2/ah5PcoR-s2mVIsk9Jnc_Dfg5br4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ah5PcoR-s2mVIsk9Jnc_Dfg5br4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CE978/3223F35E1D9811E28A8C2E8208B02CD2/D1EE6884F06C11EEA5BAA656C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.11.124.0/22 116.90.128.0/20 120.136.62.0/24 122.102.108.0/23 202.6.116.0/23 IPv6: 2401:f000::/32 Signature Algorithm: sha256WithRSAEncryption 30:b3:93:d6:f4:ce:e4:c5:86:99:7e:9d:cc:81:6f:4d:74:9d: 9f:63:b2:e2:04:1b:90:0d:55:f4:54:41:9e:d4:9f:03:ae:73: 0b:ff:c7:10:18:8c:48:54:7c:80:0a:cf:4f:a4:e7:08:b9:a7: 19:6d:0b:6c:b4:ed:62:7e:c4:42:fa:f1:cf:2a:45:27:ff:0a: 8b:2d:27:dd:1a:bc:cb:c5:37:4a:6d:f6:74:4a:99:28:4b:15: 70:9b:2b:1d:64:6e:2b:e2:20:bb:36:8e:db:45:95:f6:30:91: cb:73:62:41:29:62:fe:0c:b9:8c:3d:83:53:e0:27:c0:08:fd: f9:e5:56:f4:a8:4e:70:cb:90:4c:27:30:f4:bd:d9:db:07:d4: 3d:e2:f6:da:4e:c6:0c:67:4d:78:cd:8d:69:87:7b:dc:61:cf: 66:ac:f1:30:c7:ce:f1:47:bb:f3:82:39:8e:64:e0:93:6a:36: 4c:bd:4f:02:e4:36:d4:b4:dd:2c:f9:b0:4c:15:51:64:a1:f3: 0c:8c:ea:56:cd:17:dc:bb:cc:71:37:49:2e:7d:23:4e:09:15: e8:df:66:95:86:2a:1d:0b:c2:15:86:7b:9b:55:21:05:b8:2b: 3a:63:0b:7c:06:a9:fa:68:cf:19:2d:79:0f:21:b7:b5:8e:7a: ba:58:76:c3 -----BEGIN CERTIFICATE----- MIIFmDCCBICgAwIBAgICNSswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Q0U5NzgxMTAvBgNVBAUTKDZBMUU0RjcyODQ3RUIzNjk5NTIyQzkzRDI2NzczRjBE RjgzOTZFQkUwHhcNMjUwNDEwMTUyMDU0WhcNMjYwNzAxMDAwMDAwWjAYMRYwFAYD VQQDEw02N2Y3ZTFkNS1mODdmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA1EFJRnQy+IKwqWAxlndcCJ9QdZzumVTaedlzPOFX8SBJwNHFCQFs0xfBo6Yo mN0hndyld/VYJCrIwUgjCNAhwgOhcnkS7dUWT+9t3imozdxr19bf5SOC/VXCjwf0 pASqph9Xiew3zVPCLKF91epT+tpuAin1VdeMm9VMbu9xt3AlihLOc0qCufdyYvkh PN/PBGE6J82lD3M086ui6L44gQvrylw9yRmA1xT1/DQhLUnZHqeWmlNG1LVYaacz GyL4ftUVmPa9lWj5f/I7OyjMIf+VZWqXCsIP21Su3FMYNCd/eXxvJF5KqX1Eby9k ikO1Mg+4hhlyTsbOWKrQy6PUlQIDAQABo4ICvDCCArgwHQYDVR0OBBYEFEIk4hIz eIz3+HBCsci8KHipb7AFMB8GA1UdIwQYMBaAFGoeT3KEfrNplSLJPSZ3Pw34OW6+ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDRTk3OC8zMjIzRjM1RTFE OTgxMUUyOEE4QzJFODIwOEIwMkNEMi9haDVQY29SLXMybVZJc2s5Sm5jX0RmZzVi cjQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2FoNVBjb1ItczJtVklzazlKbmNfRGZnNWJyNC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx Q0U5NzgvMzIyM0YzNUUxRDk4MTFFMjhBOEMyRTgyMDhCMDJDRDIvRDFFRTY4ODRG MDZDMTFFRUE1QkFBNjU2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwRgYIKwYBBQUHAQcBAf8E NzA1MCQEAgABMB4DBAJnC3wDBAR0WoADBAB4iD4DBAF6ZmwDBAHKBnQwDQQCAAIw BwMFACQB8AAwDQYJKoZIhvcNAQELBQADggEBADCzk9b0zuTFhpl+ncyBb010nZ9j suIEG5ANVfRUQZ7UnwOucwv/xxAYjEhUfIAKz0+k5wi5pxltC2y07WJ+xEL68c8q RSf/CostJ90avMvFN0pt9nRKmShLFXCbKx1kbiviILs2jttFlfYwkctzYkEpYv4M uYw9g1PgJ8AI/fnlVvSoTnDLkEwnMPS92dsH1D3i9tpOxgxnTXjNjWmHe9xhz2as 8TDHzvFHu/OCOY5k4JNqNky9TwLkNtS03Sz5sEwVUWSh8wyM6lbNF9y7zHE3SS59 I04JFejfZpWGKh0LwhWGe5tVIQW4KzpjC3wGqfpozxkteQ8ht7WOerpYdsM= -----END CERTIFICATE-----Generated at Sat Apr 26 16:55:22 2025 by rpki-client