$ rpki-client -vvf rpki.apnic.net/member_repository/A911BD54/3E281C98004911E5B4B64F63C4F9AE02/BF80484C737D11E8950B2925C4F9AE02.roa File: BF80484C737D11E8950B2925C4F9AE02.roa (raw, json) Hash identifier: zIbNLYd7iKL03VaVR3t3faZhNzHRooqowjsGGbOCeik= Subject key identifier: 4C:6A:E3:EA:BC:70:7C:47:32:9A:29:52:15:81:F2:D4:CB:12:72:1C Certificate issuer: /CN=A911BD54/serialNumber=BCFAF8D33F18A8D3602029EBCEDE1E36AF20715C Certificate serial: 2A15 Authority key identifier: BC:FA:F8:D3:3F:18:A8:D3:60:20:29:EB:CE:DE:1E:36:AF:20:71:5C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vPr40z8YqNNgICnrzt4eNq8gcVw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A911BD54/3E281C98004911E5B4B64F63C4F9AE02/BF80484C737D11E8950B2925C4F9AE02.roa Signing time: Tue 06 May 2025 09:31:24 +0000 ROA not before: Tue 06 May 2025 09:31:24 +0000 ROA not after: Mon 02 Mar 2026 00:00:00 +0000 asID: 134240 IP address blocks: 27.254.4.0/24 maxlen: 24 27.254.11.0/24 maxlen: 24 27.254.31.0/24 maxlen: 24 27.254.185.0/24 maxlen: 24 27.254.186.0/24 maxlen: 24 27.254.231.0/24 maxlen: 24 27.254.233.0/24 maxlen: 24 49.229.88.0/23 maxlen: 23 49.229.90.0/23 maxlen: 23 58.64.24.0/24 maxlen: 24 58.64.27.0/24 maxlen: 24 103.20.204.0/22 maxlen: 24 110.49.141.0/24 maxlen: 24 110.49.142.0/23 maxlen: 24 2405:9800:d000::/36 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A911BD54/3E281C98004911E5B4B64F63C4F9AE02/vPr40z8YqNNgICnrzt4eNq8gcVw.crl rsync://rpki.apnic.net/member_repository/A911BD54/3E281C98004911E5B4B64F63C4F9AE02/vPr40z8YqNNgICnrzt4eNq8gcVw.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vPr40z8YqNNgICnrzt4eNq8gcVw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 20 May 2025 10:20:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 10773 (0x2a15) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A911BD54, serialNumber=BCFAF8D33F18A8D3602029EBCEDE1E36AF20715C Validity Not Before: May 6 09:31:24 2025 GMT Not After : Mar 2 00:00:00 2026 GMT Subject: CN=6819d6ec-63cb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e3:b6:11:1b:fb:1a:ea:b7:c9:10:24:f1:f2:90: 83:94:37:17:c8:63:74:8e:69:66:1a:4a:46:95:16: 84:dd:34:f3:b2:39:7e:70:f2:14:a7:c8:d0:6c:71: 51:3c:ae:54:29:41:d7:b6:bf:39:59:c5:98:c3:13: b4:24:bb:eb:0d:7a:98:e4:02:8c:4b:88:3c:f4:fa: 20:7c:2d:19:23:c4:b3:66:70:df:cb:fa:be:5c:62: b7:e1:5f:00:4a:80:a7:1f:e3:af:7a:8e:80:ca:f6: f0:ac:70:3b:21:5a:8c:da:e9:40:57:0f:17:d3:e2: 97:3e:2f:c8:ea:ee:88:4e:34:79:d3:67:77:bd:35: e2:e7:50:b7:66:bb:c7:2d:ce:62:b4:86:85:b3:e9: b7:bb:f8:52:fe:10:69:62:a1:63:18:a3:2a:ba:7e: 2f:c8:85:c1:a4:b9:e3:4a:3a:4f:86:30:39:1a:e4: e9:8c:fb:17:35:e0:af:07:a1:21:fc:99:5c:ea:ba: 37:46:4e:c8:1f:78:0d:77:fe:ec:14:7a:41:9e:c2: 7c:f5:6b:d3:48:c1:08:c1:99:18:b1:83:e3:1f:ca: 97:7a:fb:f3:1b:50:51:16:fa:d2:9f:30:5f:e4:d2: a5:a8:4a:50:c6:c0:73:8c:61:c2:35:1c:af:29:45: 4d:61 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4C:6A:E3:EA:BC:70:7C:47:32:9A:29:52:15:81:F2:D4:CB:12:72:1C X509v3 Authority Key Identifier: keyid:BC:FA:F8:D3:3F:18:A8:D3:60:20:29:EB:CE:DE:1E:36:AF:20:71:5C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A911BD54/3E281C98004911E5B4B64F63C4F9AE02/vPr40z8YqNNgICnrzt4eNq8gcVw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vPr40z8YqNNgICnrzt4eNq8gcVw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911BD54/3E281C98004911E5B4B64F63C4F9AE02/BF80484C737D11E8950B2925C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 27.254.4.0/24 27.254.11.0/24 27.254.31.0/24 27.254.185.0-27.254.186.255 27.254.231.0/24 27.254.233.0/24 49.229.88.0/22 58.64.24.0/24 58.64.27.0/24 103.20.204.0/22 110.49.141.0-110.49.143.255 IPv6: 2405:9800:d000::/36 Signature Algorithm: sha256WithRSAEncryption 8c:0e:96:a7:f6:e6:4c:1d:9e:72:14:e9:ca:f1:d0:a2:7d:48: cf:79:76:0c:4f:66:6e:ad:eb:f4:03:31:0d:00:62:86:aa:35: 10:43:b4:3d:23:50:91:89:13:cd:50:99:74:26:e8:a4:3a:8a: dc:02:af:fb:60:e9:8f:af:6f:91:89:b3:6a:9c:e7:79:29:e1: 0f:bb:3f:72:a7:72:4f:2e:68:2f:fb:58:d5:70:9d:4b:40:7a: 36:a6:f3:1a:17:f8:2c:ee:6c:a0:c2:ab:d3:ff:04:bf:51:64: 6a:82:e1:08:9a:2d:24:4b:60:cb:de:46:6f:83:be:50:8d:19: 00:66:c6:cd:52:8f:52:eb:5f:64:d5:97:7b:04:97:5d:20:fc: 1f:09:82:29:ae:37:1c:48:da:51:ba:d9:e2:1c:e2:97:91:de: 29:77:a2:53:8a:24:73:96:f2:97:d0:ab:2f:15:b0:e7:50:22: 22:21:49:0f:e5:bc:ae:18:92:fb:4a:c8:7d:bd:c2:f6:3d:a6: e8:fc:12:40:53:2d:3f:01:20:55:58:88:e9:a6:3e:23:96:10: 4d:5c:1d:2c:75:3d:20:e2:9b:29:c1:c1:c5:f8:38:6d:52:47: ff:fc:f7:5d:91:32:e9:79:d8:2c:a0:5f:43:e4:43:ba:79:31: fd:a7:97:2b -----BEGIN CERTIFICATE----- MIIFzTCCBLWgAwIBAgICKhUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MUJENTQxMTAvBgNVBAUTKEJDRkFGOEQzM0YxOEE4RDM2MDIwMjlFQkNFREUxRTM2 QUYyMDcxNUMwHhcNMjUwNTA2MDkzMTI0WhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD VQQDEw02ODE5ZDZlYy02M2NiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA47YRG/sa6rfJECTx8pCDlDcXyGN0jmlmGkpGlRaE3TTzsjl+cPIUp8jQbHFR PK5UKUHXtr85WcWYwxO0JLvrDXqY5AKMS4g89PogfC0ZI8SzZnDfy/q+XGK34V8A SoCnH+Oveo6AyvbwrHA7IVqM2ulAVw8X0+KXPi/I6u6ITjR502d3vTXi51C3ZrvH Lc5itIaFs+m3u/hS/hBpYqFjGKMqun4vyIXBpLnjSjpPhjA5GuTpjPsXNeCvB6Eh /Jlc6ro3Rk7IH3gNd/7sFHpBnsJ89WvTSMEIwZkYsYPjH8qXevvzG1BRFvrSnzBf 5NKlqEpQxsBzjGHCNRyvKUVNYQIDAQABo4IC8TCCAu0wHQYDVR0OBBYEFExq4+q8 cHxHMpopUhWB8tTLEnIcMB8GA1UdIwQYMBaAFLz6+NM/GKjTYCAp687eHjavIHFc MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQkQ1NC8zRTI4MUM5ODAw NDkxMUU1QjRCNjRGNjNDNEY5QUUwMi92UHI0MHo4WXFOTmdJQ25yenQ0ZU5xOGdj VncuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3ZQcjQwejhZcU5OZ0lDbnJ6dDRlTnE4Z2NWdy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MUJENTQvM0UyODFDOTgwMDQ5MTFFNUI0QjY0RjYzQzRGOUFFMDIvQkY4MDQ4NEM3 MzdEMTFFODk1MEIyOTI1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwewYIKwYBBQUHAQcBAf8E bDBqMFgEAgABMFIDBAAb/gQDBAAb/gsDBAAb/h8wDAMEABv+uQMEABv+ugMEABv+ 5wMEABv+6QMEAjHlWAMEADpAGAMEADpAGwMEAmcUzDAMAwQAbjGNAwQEbjGAMA4E AgACMAgDBgQkBZgA0DANBgkqhkiG9w0BAQsFAAOCAQEAjA6Wp/bmTB2echTpyvHQ on1Iz3l2DE9mbq3r9AMxDQBihqo1EEO0PSNQkYkTzVCZdCbopDqK3AKv+2Dpj69v kYmzapzneSnhD7s/cqdyTy5oL/tY1XCdS0B6NqbzGhf4LO5soMKr0/8Ev1FkaoLh CJotJEtgy95Gb4O+UI0ZAGbGzVKPUutfZNWXewSXXSD8HwmCKa43HEjaUbrZ4hzi l5HeKXeiU4okc5byl9CrLxWw51AiIiFJD+W8rhiS+0rIfb3C9j2m6PwSQFMtPwEg VViI6aY+I5YQTVwdLHU9IOKbKcHBxfg4bVJH//z3XZEy6XnYLKBfQ+RDunkx/aeX Kw== -----END CERTIFICATE-----Generated at Wed May 14 00:45:17 2025 by rpki-client