$ rpki-client -vvf rpki.apnic.net/member_repository/A91E0267/190EAB5C1D9811E29E65FF8108B02CD2/77C9E89A3CDC11EEBFA0475EC4F9AE02.roa File: 77C9E89A3CDC11EEBFA0475EC4F9AE02.roa (raw, json) Hash identifier: e40Fx6yfX6nJRx1dMJZUnN8AeYmm3aJoH7MptW5kCWo= Subject key identifier: 1E:B9:8A:32:06:CD:5B:C0:E5:39:B9:DE:11:DF:CD:A8:3E:FF:A0:2F Certificate issuer: /CN=A91E0267/serialNumber=A01D23F781E8FF353B18BD188284C9ADFCD9E396 Certificate serial: 3478 Authority key identifier: A0:1D:23:F7:81:E8:FF:35:3B:18:BD:18:82:84:C9:AD:FC:D9:E3:96 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oB0j94Ho_zU7GL0YgoTJrfzZ45Y.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E0267/190EAB5C1D9811E29E65FF8108B02CD2/77C9E89A3CDC11EEBFA0475EC4F9AE02.roa Signing time: Thu 24 Apr 2025 15:11:03 +0000 ROA not before: Thu 24 Apr 2025 15:11:03 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 45246 IP address blocks: 114.198.232.0/24 maxlen: 24 114.198.233.0/24 maxlen: 24 114.198.234.0/24 maxlen: 24 114.198.235.0/24 maxlen: 24 114.198.236.0/24 maxlen: 24 114.198.237.0/24 maxlen: 24 114.198.238.0/24 maxlen: 24 114.198.239.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E0267/190EAB5C1D9811E29E65FF8108B02CD2/oB0j94Ho_zU7GL0YgoTJrfzZ45Y.crl rsync://rpki.apnic.net/member_repository/A91E0267/190EAB5C1D9811E29E65FF8108B02CD2/oB0j94Ho_zU7GL0YgoTJrfzZ45Y.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oB0j94Ho_zU7GL0YgoTJrfzZ45Y.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 15:11:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13432 (0x3478) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E0267, serialNumber=A01D23F781E8FF353B18BD188284C9ADFCD9E396 Validity Not Before: Apr 24 15:11:03 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=680a5487-3d4d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:23:47:b4:ab:61:d0:96:e4:df:08:10:3e:8f: bd:7d:01:8c:28:14:43:48:31:e8:ba:35:1e:9a:98: 7e:11:7a:c6:85:b6:d9:c1:25:3b:db:d0:c4:3d:99: f7:02:55:35:9a:fc:2f:03:df:9d:51:18:37:2c:59: ec:99:5b:7b:8b:d1:8f:a7:fb:11:c7:a3:55:cf:c0: 3c:5c:c5:d7:9a:5d:e0:05:28:70:6e:a5:6e:15:10: 68:52:3e:63:1f:8b:1e:38:ac:8a:00:f2:68:53:66: b1:17:a1:13:e6:20:0a:ae:e4:10:0e:e0:a4:7a:ee: 0c:17:81:2f:1d:cc:d9:e7:91:63:70:a3:a7:39:e3: 22:e6:5e:59:89:fc:e6:9f:8e:62:99:e6:4e:00:45: ec:c6:9b:ce:bc:28:f0:d9:35:ad:09:00:6d:18:d9: 95:05:22:b7:39:9a:bf:6c:82:fd:2d:2f:fc:8b:cb: b4:e8:2f:c6:b3:60:12:13:eb:ec:25:d7:6c:c1:b6: b3:4c:fe:83:d1:89:b7:dd:47:a9:06:2e:81:dc:b7: 96:81:b0:5f:0c:ad:3a:e3:84:cd:d5:1a:1b:fe:5e: cd:8e:4a:9a:b4:6d:ed:bd:ef:2a:e2:11:ea:f7:93: 4a:d0:29:26:ab:50:45:62:80:29:a3:ff:98:70:7d: b1:7f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1E:B9:8A:32:06:CD:5B:C0:E5:39:B9:DE:11:DF:CD:A8:3E:FF:A0:2F X509v3 Authority Key Identifier: keyid:A0:1D:23:F7:81:E8:FF:35:3B:18:BD:18:82:84:C9:AD:FC:D9:E3:96 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E0267/190EAB5C1D9811E29E65FF8108B02CD2/oB0j94Ho_zU7GL0YgoTJrfzZ45Y.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oB0j94Ho_zU7GL0YgoTJrfzZ45Y.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E0267/190EAB5C1D9811E29E65FF8108B02CD2/77C9E89A3CDC11EEBFA0475EC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 114.198.232.0/21 Signature Algorithm: sha256WithRSAEncryption aa:0a:12:9d:ad:e9:9b:b2:0b:84:a9:0f:d1:31:96:e8:41:ea: 87:37:69:50:66:ea:8c:8b:16:92:ca:2b:94:1a:ee:b2:e3:a6: 65:5e:15:e1:f4:91:ab:9d:6b:0c:81:23:6a:4e:84:79:4a:d0: 9a:50:3a:c7:88:22:15:82:e5:02:93:ce:06:8c:01:30:b2:9e: ac:b5:43:fc:bd:2a:0b:40:e3:4f:1c:7d:23:6b:ef:25:39:8a: 87:3c:39:e4:df:a9:2f:e9:3c:c4:21:db:91:52:75:1e:7c:73: 67:c7:7d:d1:01:7f:cc:b8:1d:1b:a2:ae:83:bd:53:da:c1:39: 07:be:23:f1:b4:5c:b4:c2:3b:41:ce:5a:60:db:84:f2:c7:7b: e8:7f:73:da:f0:43:1e:3e:2d:c4:df:1b:d5:57:ff:28:fc:39: 0d:aa:52:41:9f:7f:21:53:ad:34:af:57:43:55:04:1c:34:90: 9c:7a:6d:1e:3b:bb:97:38:a8:30:82:0f:e4:b6:74:ef:ea:9b: f0:d0:d4:dc:61:98:09:e9:e3:a6:78:74:fd:4e:cb:15:31:21: 7f:6f:ad:90:75:b9:26:82:57:d0:0b:d6:63:57:6c:ad:02:29: 6d:d2:25:1f:43:e6:5a:f3:ad:9a:b7:22:32:97:5f:e3:20:7d: 41:33:03:08 -----BEGIN CERTIFICATE----- MIIFcTCCBFmgAwIBAgICNHgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTAyNjcxMTAvBgNVBAUTKEEwMUQyM0Y3ODFFOEZGMzUzQjE4QkQxODgyODRDOUFE RkNEOUUzOTYwHhcNMjUwNDI0MTUxMTAzWhcNMjYwNzAxMDAwMDAwWjAYMRYwFAYD VQQDEw02ODBhNTQ4Ny0zZDRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAqyNHtKth0Jbk3wgQPo+9fQGMKBRDSDHoujUemph+EXrGhbbZwSU729DEPZn3 AlU1mvwvA9+dURg3LFnsmVt7i9GPp/sRx6NVz8A8XMXXml3gBShwbqVuFRBoUj5j H4seOKyKAPJoU2axF6ET5iAKruQQDuCkeu4MF4EvHczZ55FjcKOnOeMi5l5Zifzm n45imeZOAEXsxpvOvCjw2TWtCQBtGNmVBSK3OZq/bIL9LS/8i8u06C/Gs2ASE+vs JddswbazTP6D0Ym33UepBi6B3LeWgbBfDK0644TN1Rob/l7NjkqatG3tve8q4hHq 95NK0Ckmq1BFYoApo/+YcH2xfwIDAQABo4IClTCCApEwHQYDVR0OBBYEFB65ijIG zVvA5Tm53hHfzag+/6AvMB8GA1UdIwQYMBaAFKAdI/eB6P81Oxi9GIKEya382eOW MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFMDI2Ny8xOTBFQUI1QzFE OTgxMUUyOUU2NUZGODEwOEIwMkNEMi9vQjBqOTRIb196VTdHTDBZZ29USnJmelo0 NVkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL29CMGo5NEhvX3pVN0dMMFlnb1RKcmZ6WjQ1WS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RTAyNjcvMTkwRUFCNUMxRDk4MTFFMjlFNjVGRjgxMDhCMDJDRDIvNzdDOUU4OUEz Q0RDMTFFRUJGQTA0NzVFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E EDAOMAwEAgABMAYDBANyxugwDQYJKoZIhvcNAQELBQADggEBAKoKEp2t6ZuyC4Sp D9ExluhB6oc3aVBm6oyLFpLKK5Qa7rLjpmVeFeH0kaudawyBI2pOhHlK0JpQOseI IhWC5QKTzgaMATCynqy1Q/y9KgtA408cfSNr7yU5ioc8OeTfqS/pPMQh25FSdR58 c2fHfdEBf8y4HRuiroO9U9rBOQe+I/G0XLTCO0HOWmDbhPLHe+h/c9rwQx4+LcTf G9VX/yj8OQ2qUkGffyFTrTSvV0NVBBw0kJx6bR47u5c4qDCCD+S2dO/qm/DQ1Nxh mAnp46Z4dP1OyxUxIX9vrZB1uSaCV9AL1mNXbK0CKW3SJR9D5lrzrZq3IjKXX+Mg fUEzAwg= -----END CERTIFICATE-----Generated at Sat Apr 26 08:17:34 2025 by rpki-client