$ rpki-client -vvf rpki.apnic.net/member_repository/A91FDD4D/BAE108C4EA6011E58815770CC4F9AE02/E9DE96C44C3611EEA9D59630C4F9AE02.roa File: E9DE96C44C3611EEA9D59630C4F9AE02.roa (raw, json) Hash identifier: PC1UpxkrsO/0WXvqCVPit0ma41SpwfY7b5bjQTzVpWQ= Subject key identifier: 92:6F:0E:27:44:BD:7A:51:D7:2C:CF:44:27:A8:6A:16:3F:4F:7D:21 Certificate issuer: /CN=A91FDD4D/serialNumber=72AFBAEBC9ECDDA2EED2D49B13E6048EA3E41E60 Certificate serial: 217D Authority key identifier: 72:AF:BA:EB:C9:EC:DD:A2:EE:D2:D4:9B:13:E6:04:8E:A3:E4:1E:60 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cq-668ns3aLu0tSbE-YEjqPkHmA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91FDD4D/BAE108C4EA6011E58815770CC4F9AE02/E9DE96C44C3611EEA9D59630C4F9AE02.roa Signing time: Tue 04 Mar 2025 16:33:17 +0000 ROA not before: Tue 04 Mar 2025 16:33:17 +0000 ROA not after: Fri 01 May 2026 00:00:00 +0000 asID: 55811 IP address blocks: 27.124.96.0/20 maxlen: 20 45.113.196.0/22 maxlen: 22 103.53.116.0/22 maxlen: 22 103.53.116.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91FDD4D/BAE108C4EA6011E58815770CC4F9AE02/cq-668ns3aLu0tSbE-YEjqPkHmA.crl rsync://rpki.apnic.net/member_repository/A91FDD4D/BAE108C4EA6011E58815770CC4F9AE02/cq-668ns3aLu0tSbE-YEjqPkHmA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cq-668ns3aLu0tSbE-YEjqPkHmA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 15:57:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8573 (0x217d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FDD4D, serialNumber=72AFBAEBC9ECDDA2EED2D49B13E6048EA3E41E60 Validity Not Before: Mar 4 16:33:17 2025 GMT Not After : May 1 00:00:00 2026 GMT Subject: CN=67c72b4c-2a50 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:d4:51:43:58:dd:87:ae:f0:d0:93:5d:87:37: e3:d2:05:59:91:69:a6:3b:da:10:89:b7:9b:f9:ed: 77:9c:fc:6d:42:bc:28:d6:28:27:b2:b3:9d:6d:c0: 71:b2:4b:1e:e3:04:79:1d:26:00:81:06:b8:43:a6: f3:b4:2c:9b:cb:2e:8e:11:80:79:b5:47:0c:87:a0: 8c:a5:b3:be:e2:19:26:4f:6c:30:76:91:56:6b:84: 88:21:7b:aa:84:71:6a:10:03:a9:e9:cf:67:95:ba: 00:bd:f7:fe:86:e8:ee:6a:e5:09:55:f3:dd:c8:b4: ff:a9:eb:7f:a8:be:6a:35:3e:fb:57:58:fe:36:d8: 20:98:9b:44:5c:80:67:12:0d:d7:32:ba:a9:44:45: 45:82:5c:1c:92:45:1f:34:7f:11:ed:d8:e7:90:dd: 1d:23:42:50:36:7b:b6:28:4c:2b:8f:0b:a3:bb:64: d8:9d:16:8e:5d:91:5e:14:1f:32:d8:72:bc:6b:69: f9:2b:ec:53:76:11:de:e2:6b:d8:4c:0a:60:3a:fc: f0:11:e1:9a:03:2b:83:f9:eb:e7:ba:3e:97:e3:d1: 81:57:12:f3:f2:6c:0e:f5:f0:ef:62:29:d9:51:e0: 5c:c6:f7:4a:77:b1:ff:bb:86:e2:c3:e3:38:aa:82: d7:5f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 92:6F:0E:27:44:BD:7A:51:D7:2C:CF:44:27:A8:6A:16:3F:4F:7D:21 X509v3 Authority Key Identifier: keyid:72:AF:BA:EB:C9:EC:DD:A2:EE:D2:D4:9B:13:E6:04:8E:A3:E4:1E:60 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91FDD4D/BAE108C4EA6011E58815770CC4F9AE02/cq-668ns3aLu0tSbE-YEjqPkHmA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cq-668ns3aLu0tSbE-YEjqPkHmA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FDD4D/BAE108C4EA6011E58815770CC4F9AE02/E9DE96C44C3611EEA9D59630C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 27.124.96.0/20 45.113.196.0/22 103.53.116.0/22 Signature Algorithm: sha256WithRSAEncryption 38:ac:43:ce:6d:5e:95:17:60:af:12:4a:3a:08:4d:a5:77:16: 48:90:32:15:7c:ee:55:e5:41:e5:c0:68:87:51:a8:23:08:c8: f1:cf:95:a0:a3:da:7c:8d:f7:76:0e:c4:4a:89:c6:13:37:76: 90:0c:3e:ea:4f:a7:09:47:99:65:9f:37:77:f6:ce:18:4e:03: d5:f8:04:2c:ec:79:be:c8:9f:b0:18:76:39:74:20:84:b3:6b: f5:bc:73:98:3e:e9:bd:e9:02:50:e6:db:bc:d1:fb:62:fd:fd: d1:d1:32:71:98:0a:ae:59:a3:7a:25:ee:94:f8:68:6d:a1:36: 38:c6:ac:70:79:a7:52:32:45:55:d9:b8:b7:d1:23:e6:2d:75: 27:fc:f5:96:e6:96:ff:19:84:7b:af:e3:bc:7d:16:43:6d:23: 25:63:ca:fa:d9:de:d5:09:f0:d7:55:c8:e1:84:8e:60:fc:39: 70:4e:c4:93:6c:d2:5b:65:ff:38:13:c3:eb:60:96:ba:b8:1b: 9d:83:5e:e9:08:4d:b3:41:01:a4:d0:94:30:5c:c6:0f:6b:ad: 89:c1:04:87:7d:f6:6d:59:69:fa:6a:ea:ec:b1:97:d5:d2:e1: 28:a1:57:65:02:5b:d6:f7:67:63:9f:0b:56:28:92:0b:df:3c: 80:47:4d:b8 -----BEGIN CERTIFICATE----- MIIFfTCCBGWgAwIBAgICIX0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RkRENEQxMTAvBgNVBAUTKDcyQUZCQUVCQzlFQ0REQTJFRUQyRDQ5QjEzRTYwNDhF QTNFNDFFNjAwHhcNMjUwMzA0MTYzMzE3WhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD VQQDEw02N2M3MmI0Yy0yYTUwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAp9RRQ1jdh67w0JNdhzfj0gVZkWmmO9oQibeb+e13nPxtQrwo1ignsrOdbcBx skse4wR5HSYAgQa4Q6bztCybyy6OEYB5tUcMh6CMpbO+4hkmT2wwdpFWa4SIIXuq hHFqEAOp6c9nlboAvff+hujuauUJVfPdyLT/qet/qL5qNT77V1j+NtggmJtEXIBn Eg3XMrqpREVFglwckkUfNH8R7djnkN0dI0JQNnu2KEwrjwuju2TYnRaOXZFeFB8y 2HK8a2n5K+xTdhHe4mvYTApgOvzwEeGaAyuD+evnuj6X49GBVxLz8mwO9fDvYinZ UeBcxvdKd7H/u4biw+M4qoLXXwIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFJJvDidE vXpR1yzPRCeoahY/T30hMB8GA1UdIwQYMBaAFHKvuuvJ7N2i7tLUmxPmBI6j5B5g MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGREQ0RC9CQUUxMDhDNEVB NjAxMUU1ODgxNTc3MENDNEY5QUUwMi9jcS02NjhuczNhTHUwdFNiRS1ZRWpxUGtI bUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2NxLTY2OG5zM2FMdTB0U2JFLVlFanFQa0htQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RkRENEQvQkFFMTA4QzRFQTYwMTFFNTg4MTU3NzBDQzRGOUFFMDIvRTlERTk2QzQ0 QzM2MTFFRUE5RDU5NjMwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E HDAaMBgEAgABMBIDBAQbfGADBAItccQDBAJnNXQwDQYJKoZIhvcNAQELBQADggEB ADisQ85tXpUXYK8SSjoITaV3FkiQMhV87lXlQeXAaIdRqCMIyPHPlaCj2nyN93YO xEqJxhM3dpAMPupPpwlHmWWfN3f2zhhOA9X4BCzseb7In7AYdjl0IISza/W8c5g+ 6b3pAlDm27zR+2L9/dHRMnGYCq5Zo3ol7pT4aG2hNjjGrHB5p1IyRVXZuLfRI+Yt dSf89Zbmlv8ZhHuv47x9FkNtIyVjyvrZ3tUJ8NdVyOGEjmD8OXBOxJNs0ltl/zgT w+tglrq4G52DXukITbNBAaTQlDBcxg9rrYnBBId99m1Zafpq6uyxl9XS4SihV2UC W9b3Z2OfC1YokgvfPIBHTbg= -----END CERTIFICATE-----Generated at Sat Apr 26 09:26:51 2025 by rpki-client