$ rpki-client -vvf rpki.apnic.net/member_repository/A91DC46A/00500164943211E68C1B824AC4F9AE02/527AA5C69F4F11EAA7970484C4F9AE02.roa File: 527AA5C69F4F11EAA7970484C4F9AE02.roa (raw, json) Hash identifier: zuUsKZCcjPOj5pM09o9z0mAoFhewcmu+fcIGUoGJ1jw= Subject key identifier: D3:2A:94:7A:D3:E2:A5:4C:F7:A1:0F:FE:91:9B:63:B3:07:32:03:0A Certificate issuer: /CN=A91DC46A/serialNumber=F8D4A632D069964C61A33E41D6243D535B007D54 Certificate serial: 1DEE Authority key identifier: F8:D4:A6:32:D0:69:96:4C:61:A3:3E:41:D6:24:3D:53:5B:00:7D:54 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-NSmMtBplkxhoz5B1iQ9U1sAfVQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91DC46A/00500164943211E68C1B824AC4F9AE02/527AA5C69F4F11EAA7970484C4F9AE02.roa Signing time: Wed 22 Jan 2025 16:23:27 +0000 ROA not before: Wed 22 Jan 2025 16:23:27 +0000 ROA not after: Tue 31 Mar 2026 00:00:00 +0000 asID: 45121 IP address blocks: 27.131.62.0/23 maxlen: 23 27.131.62.0/24 maxlen: 24 27.131.63.0/24 maxlen: 24 103.221.63.0/24 maxlen: 24 122.0.31.0/24 maxlen: 24 202.133.108.0/22 maxlen: 22 202.133.108.0/23 maxlen: 24 202.133.110.0/23 maxlen: 24 2405:6400:4000::/36 maxlen: 36 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91DC46A/00500164943211E68C1B824AC4F9AE02/-NSmMtBplkxhoz5B1iQ9U1sAfVQ.crl rsync://rpki.apnic.net/member_repository/A91DC46A/00500164943211E68C1B824AC4F9AE02/-NSmMtBplkxhoz5B1iQ9U1sAfVQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-NSmMtBplkxhoz5B1iQ9U1sAfVQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 16:07:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7662 (0x1dee) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91DC46A, serialNumber=F8D4A632D069964C61A33E41D6243D535B007D54 Validity Not Before: Jan 22 16:23:27 2025 GMT Not After : Mar 31 00:00:00 2026 GMT Subject: CN=67911b7f-6c0a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:c4:59:02:01:c0:50:ae:e6:61:ce:1d:1b:03: 68:80:c7:e6:67:8e:0f:9a:bd:b2:a0:10:2c:cf:19: 2d:cd:2f:6a:6a:c8:6f:70:dd:8d:8e:93:36:51:d6: ee:e3:c1:62:74:08:d5:a5:94:5f:36:aa:6f:a1:53: 6d:57:d8:91:6b:57:62:fd:c0:41:69:3d:9a:4b:a9: 49:43:1b:df:4b:4a:23:17:91:0c:d2:60:3e:fb:ca: c3:fe:97:83:b3:9d:4d:16:d9:7a:30:c9:c0:99:23: 8c:a5:bd:d7:f6:dd:22:c5:d3:f8:e9:dc:2c:9e:20: 93:d1:77:c3:0e:70:94:26:2b:29:48:92:0f:ff:2a: b4:58:4e:bf:31:5b:68:9a:37:99:04:30:a1:4b:9e: 35:c1:d2:04:ee:25:72:7b:fa:37:17:2b:a2:c3:5e: eb:3d:8b:19:46:76:3f:a2:89:d3:99:a4:d5:7f:34: b5:29:39:21:a6:33:20:2a:f8:85:58:d4:15:52:f5: 69:79:5a:7e:f7:79:15:8c:3e:a9:3f:3e:99:64:67: a3:ea:2f:ed:a7:dd:ea:75:fb:ce:da:ec:14:95:31: 71:1f:08:cc:b2:8b:10:ab:33:f6:8c:fa:c4:c1:7e: 11:78:af:aa:2e:ab:05:28:5b:1f:0b:c9:5d:24:98: d8:d7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D3:2A:94:7A:D3:E2:A5:4C:F7:A1:0F:FE:91:9B:63:B3:07:32:03:0A X509v3 Authority Key Identifier: keyid:F8:D4:A6:32:D0:69:96:4C:61:A3:3E:41:D6:24:3D:53:5B:00:7D:54 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91DC46A/00500164943211E68C1B824AC4F9AE02/-NSmMtBplkxhoz5B1iQ9U1sAfVQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-NSmMtBplkxhoz5B1iQ9U1sAfVQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DC46A/00500164943211E68C1B824AC4F9AE02/527AA5C69F4F11EAA7970484C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 27.131.62.0/23 103.221.63.0/24 122.0.31.0/24 202.133.108.0/22 IPv6: 2405:6400:4000::/36 Signature Algorithm: sha256WithRSAEncryption 46:7f:11:35:8a:1b:cd:2f:bd:d5:f0:85:0e:f8:1e:e6:b7:23: 47:73:78:3f:05:2b:3f:58:30:03:ef:a0:c8:36:d7:b6:49:c7: fa:8d:4b:40:bb:6c:31:c8:85:32:52:04:6a:52:f6:74:d4:78: b1:05:f9:0f:e8:48:a2:41:a5:93:fd:2d:7b:86:70:b1:85:3d: 2e:83:0e:5e:a5:f0:4d:42:87:41:28:e1:3f:23:9e:c3:af:d6: d2:fd:6c:a7:63:41:5f:66:21:40:60:93:42:c3:86:39:89:17: 06:2b:59:07:72:be:27:02:28:78:77:e0:0b:96:52:71:36:c9: 24:08:d5:68:2f:c1:9d:43:8f:a5:f6:10:9b:76:0a:8e:83:2a: 45:f0:1f:aa:c0:b4:7a:84:d3:41:00:a9:b7:79:e5:2a:3c:ce: 71:58:a0:26:e1:c1:4b:2a:c2:61:24:76:a1:98:9c:29:34:08: 6d:1c:34:20:0d:0a:2f:3e:e8:64:4e:b3:84:13:9e:94:16:4a: 30:b5:64:0b:9b:32:b2:a2:38:73:9f:b2:16:95:06:2b:29:e6: dc:76:9b:0a:eb:38:ff:6d:e4:0f:d6:a2:9b:85:ac:00:28:e1: 63:bb:90:b4:bd:7f:1a:cb:a1:3e:46:8f:23:a0:68:e7:07:2b: f5:20:8f:fe -----BEGIN CERTIFICATE----- MIIFkzCCBHugAwIBAgICHe4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx REM0NkExMTAvBgNVBAUTKEY4RDRBNjMyRDA2OTk2NEM2MUEzM0U0MUQ2MjQzRDUz NUIwMDdENTQwHhcNMjUwMTIyMTYyMzI3WhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NzkxMWI3Zi02YzBhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA1MRZAgHAUK7mYc4dGwNogMfmZ44Pmr2yoBAszxktzS9qashvcN2NjpM2Udbu 48FidAjVpZRfNqpvoVNtV9iRa1di/cBBaT2aS6lJQxvfS0ojF5EM0mA++8rD/peD s51NFtl6MMnAmSOMpb3X9t0ixdP46dwsniCT0XfDDnCUJispSJIP/yq0WE6/MVto mjeZBDChS541wdIE7iVye/o3Fyuiw17rPYsZRnY/oonTmaTVfzS1KTkhpjMgKviF WNQVUvVpeVp+93kVjD6pPz6ZZGej6i/tp93qdfvO2uwUlTFxHwjMsosQqzP2jPrE wX4ReK+qLqsFKFsfC8ldJJjY1wIDAQABo4ICtzCCArMwHQYDVR0OBBYEFNMqlHrT 4qVM96EP/pGbY7MHMgMKMB8GA1UdIwQYMBaAFPjUpjLQaZZMYaM+QdYkPVNbAH1U MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEQzQ2QS8wMDUwMDE2NDk0 MzIxMUU2OEMxQjgyNEFDNEY5QUUwMi8tTlNtTXRCcGxreGhvejVCMWlROVUxc0Fm VlEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLy1OU21NdEJwbGt4aG96NUIxaVE5VTFzQWZWUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx REM0NkEvMDA1MDAxNjQ5NDMyMTFFNjhDMUI4MjRBQzRGOUFFMDIvNTI3QUE1QzY5 RjRGMTFFQUE3OTcwNDg0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQQYIKwYBBQUHAQcBAf8E MjAwMB4EAgABMBgDBAEbgz4DBABn3T8DBAB6AB8DBALKhWwwDgQCAAIwCAMGBCQF ZABAMA0GCSqGSIb3DQEBCwUAA4IBAQBGfxE1ihvNL73V8IUO+B7mtyNHc3g/BSs/ WDAD76DINte2Scf6jUtAu2wxyIUyUgRqUvZ01HixBfkP6EiiQaWT/S17hnCxhT0u gw5epfBNQodBKOE/I57Dr9bS/WynY0FfZiFAYJNCw4Y5iRcGK1kHcr4nAih4d+AL llJxNskkCNVoL8GdQ4+l9hCbdgqOgypF8B+qwLR6hNNBAKm3eeUqPM5xWKAm4cFL KsJhJHahmJwpNAhtHDQgDQovPuhkTrOEE56UFkowtWQLmzKyojhzn7IWlQYrKebc dpsK6zj/beQP1qKbhawAKOFju5C0vX8ay6E+Ro8joGjnByv1II/+ -----END CERTIFICATE-----Generated at Sat Apr 26 12:38:54 2025 by rpki-client