$ rpki-client -vvf rpki.apnic.net/member_repository/A91D1003/AA4E95C8320311EA8D2A1B2BC4F9AE02/0DC2568E320511EA8CF6B72DC4F9AE02.roa File: 0DC2568E320511EA8CF6B72DC4F9AE02.roa (raw, json) Hash identifier: dZqvR0xqd13+DRj0vsCnaFuawrKyEqpLXk81wck6o3Q= Subject key identifier: 2F:18:07:DC:B8:20:DD:75:C7:76:4B:C8:88:AD:AB:3A:78:A5:83:3C Certificate issuer: /CN=A91D1003/serialNumber=A5201AEE6F4A5C1EB8A7E1C7853BFBB2BA75CBD2 Certificate serial: 0B4F Authority key identifier: A5:20:1A:EE:6F:4A:5C:1E:B8:A7:E1:C7:85:3B:FB:B2:BA:75:CB:D2 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pSAa7m9KXB64p-HHhTv7srp1y9I.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D1003/AA4E95C8320311EA8D2A1B2BC4F9AE02/0DC2568E320511EA8CF6B72DC4F9AE02.roa Signing time: Fri 04 Apr 2025 19:30:47 +0000 ROA not before: Fri 04 Apr 2025 19:30:47 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 55453 IP address blocks: 27.54.120.0/24 maxlen: 24 27.54.121.0/24 maxlen: 24 27.54.122.0/24 maxlen: 24 27.54.123.0/24 maxlen: 24 103.20.0.0/24 maxlen: 24 103.20.1.0/24 maxlen: 24 103.20.2.0/24 maxlen: 24 103.20.3.0/24 maxlen: 24 137.59.192.0/24 maxlen: 24 137.59.193.0/24 maxlen: 24 137.59.194.0/24 maxlen: 24 137.59.195.0/24 maxlen: 24 2407:1b00::/34 maxlen: 34 2407:1b00:4000::/34 maxlen: 34 2407:1b00:8000::/34 maxlen: 34 2407:1b00:c000::/34 maxlen: 34 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D1003/AA4E95C8320311EA8D2A1B2BC4F9AE02/pSAa7m9KXB64p-HHhTv7srp1y9I.crl rsync://rpki.apnic.net/member_repository/A91D1003/AA4E95C8320311EA8D2A1B2BC4F9AE02/pSAa7m9KXB64p-HHhTv7srp1y9I.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pSAa7m9KXB64p-HHhTv7srp1y9I.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 19:02:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2895 (0xb4f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D1003, serialNumber=A5201AEE6F4A5C1EB8A7E1C7853BFBB2BA75CBD2 Validity Not Before: Apr 4 19:30:47 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=67f03367-6ba9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e3:04:ac:0b:d7:e8:eb:ee:38:53:9b:cd:cf:62: 8f:b2:4f:9b:ff:b0:90:ad:36:52:5d:78:5a:6b:86: ac:7e:f2:c9:dd:a7:d8:3c:4a:2b:0d:9f:94:7d:b3: 32:6f:c9:ea:85:b8:ec:fd:a8:63:c6:55:5d:64:8b: 6b:22:7a:ff:4b:86:d9:f8:af:04:70:3f:e9:0e:93: d6:13:22:49:e5:1b:65:d0:81:7f:46:88:1c:3e:c7: aa:45:83:7f:a3:c0:04:a1:7e:d7:52:18:3b:9a:ac: d0:8e:82:a4:66:53:54:f9:2d:0e:8f:07:4c:d1:37: 7d:3a:a6:19:bf:4f:a6:8f:d5:8b:07:58:80:af:ce: 97:38:9b:7b:16:f5:59:6a:7c:3f:54:00:5c:95:7c: 52:f8:13:68:14:d3:96:47:e6:c2:e0:88:32:c5:db: 0e:4d:08:86:a9:f2:e8:be:66:c2:70:b2:61:b5:a2: a7:ee:e1:d0:a6:6d:aa:96:b7:91:9a:91:f4:e0:a6: a4:b9:50:f4:0e:3a:4c:bd:8f:9a:6e:c7:2a:ef:ee: f5:b5:d9:85:b8:fd:34:a0:23:d9:b0:db:9a:e6:2f: 5b:5c:dd:a6:20:b8:79:1a:ad:03:5b:55:9d:74:e1: 8e:e8:2a:0c:27:2b:c1:55:59:ea:c2:9b:63:c9:24: c8:43 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2F:18:07:DC:B8:20:DD:75:C7:76:4B:C8:88:AD:AB:3A:78:A5:83:3C X509v3 Authority Key Identifier: keyid:A5:20:1A:EE:6F:4A:5C:1E:B8:A7:E1:C7:85:3B:FB:B2:BA:75:CB:D2 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D1003/AA4E95C8320311EA8D2A1B2BC4F9AE02/pSAa7m9KXB64p-HHhTv7srp1y9I.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pSAa7m9KXB64p-HHhTv7srp1y9I.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D1003/AA4E95C8320311EA8D2A1B2BC4F9AE02/0DC2568E320511EA8CF6B72DC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 27.54.120.0/22 103.20.0.0/22 137.59.192.0/22 IPv6: 2407:1b00::/32 Signature Algorithm: sha256WithRSAEncryption 26:4e:45:d7:4a:05:88:b6:0f:b4:ba:1b:eb:e7:b6:08:ae:a6: 48:70:38:1a:99:8e:8f:e7:7c:f0:3b:57:2e:7c:89:05:36:d7: dc:35:66:8a:56:c3:fb:1d:22:ab:f6:40:08:e3:ef:e7:b3:04: 92:24:46:59:2b:91:be:f9:c8:12:bd:9b:30:28:90:52:b0:2f: ef:6b:4e:ae:f1:e1:d0:5d:49:90:1c:7b:de:58:18:2e:ce:e6: 65:2e:73:8f:72:94:39:c8:1a:58:bf:a0:43:cd:9b:f1:ef:15: 35:53:e6:45:63:ff:d2:e2:43:77:0f:ed:a7:29:9c:9b:c0:21: 79:f7:13:1d:cf:3b:bd:bd:a0:b5:f4:e9:33:16:47:b0:d7:70: 2c:2e:4e:79:db:35:3f:77:dc:17:e3:a6:f6:c6:b0:4b:e3:25: a3:09:8f:04:28:47:eb:b3:ab:c5:14:5b:8d:54:e4:a0:c7:5f: 69:68:c7:2e:3f:42:d5:58:6f:0d:26:1e:e2:12:14:53:89:34: 62:ca:89:fa:e3:b4:e4:ef:6d:0f:07:51:79:fd:00:7b:34:63: 58:72:0c:b5:59:2d:cb:84:55:be:cd:03:09:53:03:62:9a:60: 2b:9d:a7:89:21:aa:99:25:d6:dc:fe:05:69:d2:2d:22:6d:d4: f3:49:e5:7e -----BEGIN CERTIFICATE----- MIIFjDCCBHSgAwIBAgICC08wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDEwMDMxMTAvBgNVBAUTKEE1MjAxQUVFNkY0QTVDMUVCOEE3RTFDNzg1M0JGQkIy QkE3NUNCRDIwHhcNMjUwNDA0MTkzMDQ3WhcNMjYwNzAxMDAwMDAwWjAYMRYwFAYD VQQDEw02N2YwMzM2Ny02YmE5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA4wSsC9fo6+44U5vNz2KPsk+b/7CQrTZSXXhaa4asfvLJ3afYPEorDZ+UfbMy b8nqhbjs/ahjxlVdZItrInr/S4bZ+K8EcD/pDpPWEyJJ5Rtl0IF/RogcPseqRYN/ o8AEoX7XUhg7mqzQjoKkZlNU+S0OjwdM0Td9OqYZv0+mj9WLB1iAr86XOJt7FvVZ anw/VABclXxS+BNoFNOWR+bC4IgyxdsOTQiGqfLovmbCcLJhtaKn7uHQpm2qlreR mpH04KakuVD0DjpMvY+abscq7+71tdmFuP00oCPZsNua5i9bXN2mILh5Gq0DW1Wd dOGO6CoMJyvBVVnqwptjySTIQwIDAQABo4ICsDCCAqwwHQYDVR0OBBYEFC8YB9y4 IN11x3ZLyIitqzp4pYM8MB8GA1UdIwQYMBaAFKUgGu5vSlweuKfhx4U7+7K6dcvS MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEMTAwMy9BQTRFOTVDODMy MDMxMUVBOEQyQTFCMkJDNEY5QUUwMi9wU0FhN205S1hCNjRwLUhIaFR2N3NycDF5 OUkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3BTQWE3bTlLWEI2NHAtSEhoVHY3c3JwMXk5SS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RDEwMDMvQUE0RTk1QzgzMjAzMTFFQThEMkExQjJCQzRGOUFFMDIvMERDMjU2OEUz MjA1MTFFQThDRjZCNzJEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOgYIKwYBBQUHAQcBAf8E KzApMBgEAgABMBIDBAIbNngDBAJnFAADBAKJO8AwDQQCAAIwBwMFACQHGwAwDQYJ KoZIhvcNAQELBQADggEBACZORddKBYi2D7S6G+vntgiupkhwOBqZjo/nfPA7Vy58 iQU219w1ZopWw/sdIqv2QAjj7+ezBJIkRlkrkb75yBK9mzAokFKwL+9rTq7x4dBd SZAce95YGC7O5mUuc49ylDnIGli/oEPNm/HvFTVT5kVj/9LiQ3cP7acpnJvAIXn3 Ex3PO729oLX06TMWR7DXcCwuTnnbNT933BfjpvbGsEvjJaMJjwQoR+uzq8UUW41U 5KDHX2loxy4/QtVYbw0mHuISFFOJNGLKifrjtOTvbQ8HUXn9AHs0Y1hyDLVZLcuE Vb7NAwlTA2KaYCudp4khqpkl1tz+BWnSLSJt1PNJ5X4= -----END CERTIFICATE-----Generated at Sat Apr 26 13:43:51 2025 by rpki-client