$ rpki-client -vvf rpki.apnic.net/member_repository/A9127FC2/5E30BF70BBA611ECBAF43156C4F9AE02/1ABD64C4FC4B11EC9E374483C4F9AE02.roa File: 1ABD64C4FC4B11EC9E374483C4F9AE02.roa (raw, json) Hash identifier: sxadIBziqD0gGHzlLgMeF3y6MatZTVAVquFeXL0wHHA= Subject key identifier: 65:28:67:A3:E2:AB:70:C7:91:B5:8A:07:69:89:CB:CC:04:C6:A9:D7 Certificate issuer: /CN=A9127FC2/serialNumber=73BA21BE36DDDFD58690116D6EEC7BDC7EFEFB28 Certificate serial: 0396 Authority key identifier: 73:BA:21:BE:36:DD:DF:D5:86:90:11:6D:6E:EC:7B:DC:7E:FE:FB:28 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/c7ohvjbd39WGkBFtbux73H7--yg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9127FC2/5E30BF70BBA611ECBAF43156C4F9AE02/1ABD64C4FC4B11EC9E374483C4F9AE02.roa Signing time: Wed 07 May 2025 01:07:33 +0000 ROA not before: Wed 07 May 2025 01:07:33 +0000 ROA not after: Thu 30 Jul 2026 00:00:00 +0000 asID: 976 IP address blocks: 103.91.219.0/24 maxlen: 24 103.95.207.0/24 maxlen: 24 103.101.153.0/24 maxlen: 24 103.107.8.0/24 maxlen: 24 2001:df0:a540::/48 maxlen: 48 2401:1740::/32 maxlen: 32 2401:1740:a::/48 maxlen: 48 2401:1740:1000::/48 maxlen: 48 2401:1740:2000::/48 maxlen: 48 2401:1740:3000::/48 maxlen: 48 2401:1740:6000::/48 maxlen: 48 2401:1740:9000::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9127FC2/5E30BF70BBA611ECBAF43156C4F9AE02/c7ohvjbd39WGkBFtbux73H7--yg.crl rsync://rpki.apnic.net/member_repository/A9127FC2/5E30BF70BBA611ECBAF43156C4F9AE02/c7ohvjbd39WGkBFtbux73H7--yg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/c7ohvjbd39WGkBFtbux73H7--yg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 18 May 2025 00:36:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 918 (0x396) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9127FC2, serialNumber=73BA21BE36DDDFD58690116D6EEC7BDC7EFEFB28 Validity Not Before: May 7 01:07:33 2025 GMT Not After : Jul 30 00:00:00 2026 GMT Subject: CN=681ab255-8d54 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:56:4a:5b:e8:1b:19:4e:b9:4d:95:29:10:ec: 6b:12:57:10:5d:4e:ac:64:28:fc:33:29:da:f3:f4: aa:79:bf:18:d1:0f:73:f9:3b:a3:ac:2b:5d:30:95: 02:6f:6b:99:b6:92:6a:e6:ea:de:ab:07:2b:7c:a8: 6c:60:26:4b:dc:e8:0b:ca:b3:d8:dc:71:2f:4a:85: 7d:42:d2:ad:ef:00:e6:6d:8e:7e:48:9b:b3:66:6b: 50:82:ca:cd:8d:a0:d3:4f:7d:91:6c:f3:72:73:30: a4:fa:de:63:38:de:fa:c3:fa:50:4c:1f:2b:2f:90: e0:c3:af:60:36:1f:46:7e:4a:f8:99:f7:5e:2b:c9: f1:1b:ef:f4:10:5e:93:fa:68:53:82:30:7c:f1:8e: d3:a5:20:28:3a:ba:ef:c8:09:34:6e:18:c9:03:2b: bb:8e:95:ef:0d:05:a1:4e:71:45:e2:05:de:0a:7b: ee:8d:a4:7b:df:e2:3d:ec:64:81:a3:85:60:b1:6b: c3:65:c4:e4:be:03:d7:4a:8b:47:e1:70:93:4c:30: fa:96:9e:8d:90:2a:60:8f:6f:ff:b0:b3:0f:c0:7b: 68:af:c1:48:7e:2e:3d:0d:41:a5:97:6e:0d:58:62: 33:6f:19:ee:d4:08:71:e2:ed:1e:94:21:89:08:4e: 48:79 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 65:28:67:A3:E2:AB:70:C7:91:B5:8A:07:69:89:CB:CC:04:C6:A9:D7 X509v3 Authority Key Identifier: keyid:73:BA:21:BE:36:DD:DF:D5:86:90:11:6D:6E:EC:7B:DC:7E:FE:FB:28 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9127FC2/5E30BF70BBA611ECBAF43156C4F9AE02/c7ohvjbd39WGkBFtbux73H7--yg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/c7ohvjbd39WGkBFtbux73H7--yg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9127FC2/5E30BF70BBA611ECBAF43156C4F9AE02/1ABD64C4FC4B11EC9E374483C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.91.219.0/24 103.95.207.0/24 103.101.153.0/24 103.107.8.0/24 IPv6: 2001:df0:a540::/48 2401:1740::/32 Signature Algorithm: sha256WithRSAEncryption aa:81:80:d1:5b:09:c2:ed:db:5c:cc:67:00:03:32:0b:ec:91: 0b:2c:f6:93:60:84:c0:bd:b4:7f:56:82:69:2f:9a:68:d6:93: c1:e0:db:82:bc:54:54:dd:cf:38:9e:76:3c:6a:59:c4:9c:b1: 98:4a:f7:af:7f:25:4f:a3:13:c0:ad:f7:9a:19:9b:94:f7:1c: 29:c8:53:c2:06:70:e7:a9:d5:bd:d2:e2:24:0e:4d:af:3a:27: 9c:ca:84:59:a7:1c:62:33:51:56:87:8e:6e:85:bf:07:1c:54: 11:6f:9a:f0:0d:57:65:9e:0c:97:e6:16:ae:6f:90:dc:37:8a: b8:44:f2:d9:9d:e9:55:40:bd:11:7a:9b:41:31:b2:33:1b:ab: 7b:6a:86:a2:f5:6f:42:fd:15:41:46:05:3a:da:88:1c:09:c5: df:2c:7c:15:0e:c6:c9:c2:ed:80:06:87:1f:3d:01:9f:bf:53: 6c:21:66:27:ed:69:95:f7:e6:2a:c7:ac:af:dc:2f:62:c4:6a: ce:8c:e2:1f:7b:8b:bc:42:83:1c:f4:8c:87:82:a8:80:cc:55: b7:03:ba:92:ea:50:a2:54:c2:69:68:ca:2a:e6:b5:3e:23:5d: b9:15:15:0e:b6:2c:83:9a:69:94:6c:c5:c7:95:bd:8c:7e:d2: 93:6a:b6:37 -----BEGIN CERTIFICATE----- MIIFmzCCBIOgAwIBAgICA5YwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MjdGQzIxMTAvBgNVBAUTKDczQkEyMUJFMzZERERGRDU4NjkwMTE2RDZFRUM3QkRD N0VGRUZCMjgwHhcNMjUwNTA3MDEwNzMzWhcNMjYwNzMwMDAwMDAwWjAYMRYwFAYD VQQDEw02ODFhYjI1NS04ZDU0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAylZKW+gbGU65TZUpEOxrElcQXU6sZCj8Myna8/Sqeb8Y0Q9z+TujrCtdMJUC b2uZtpJq5ureqwcrfKhsYCZL3OgLyrPY3HEvSoV9QtKt7wDmbY5+SJuzZmtQgsrN jaDTT32RbPNyczCk+t5jON76w/pQTB8rL5Dgw69gNh9Gfkr4mfdeK8nxG+/0EF6T +mhTgjB88Y7TpSAoOrrvyAk0bhjJAyu7jpXvDQWhTnFF4gXeCnvujaR73+I97GSB o4VgsWvDZcTkvgPXSotH4XCTTDD6lp6NkCpgj2//sLMPwHtor8FIfi49DUGll24N WGIzbxnu1Ahx4u0elCGJCE5IeQIDAQABo4ICvzCCArswHQYDVR0OBBYEFGUoZ6Pi q3DHkbWKB2mJy8wExqnXMB8GA1UdIwQYMBaAFHO6Ib423d/VhpARbW7se9x+/vso MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyN0ZDMi81RTMwQkY3MEJC QTYxMUVDQkFGNDMxNTZDNEY5QUUwMi9jN29odmpiZDM5V0drQkZ0YnV4NzNINy0t eWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2M3b2h2amJkMzlXR2tCRnRidXg3M0g3LS15Zy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MjdGQzIvNUUzMEJGNzBCQkE2MTFFQ0JBRjQzMTU2QzRGOUFFMDIvMUFCRDY0QzRG QzRCMTFFQzlFMzc0NDgzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwSQYIKwYBBQUHAQcBAf8E OjA4MB4EAgABMBgDBABnW9sDBABnX88DBABnZZkDBABnawgwFgQCAAIwEAMHACAB DfClQAMFACQBF0AwDQYJKoZIhvcNAQELBQADggEBAKqBgNFbCcLt21zMZwADMgvs kQss9pNghMC9tH9WgmkvmmjWk8Hg24K8VFTdzziedjxqWcScsZhK969/JU+jE8Ct 95oZm5T3HCnIU8IGcOep1b3S4iQOTa86J5zKhFmnHGIzUVaHjm6FvwccVBFvmvAN V2WeDJfmFq5vkNw3irhE8tmd6VVAvRF6m0ExsjMbq3tqhqL1b0L9FUFGBTraiBwJ xd8sfBUOxsnC7YAGhx89AZ+/U2whZiftaZX35irHrK/cL2LEas6M4h97i7xCgxz0 jIeCqIDMVbcDupLqUKJUwmloyirmtT4jXbkVFQ62LIOaaZRsxceVvYx+0pNqtjc= -----END CERTIFICATE-----Generated at Sun May 11 10:44:28 2025 by rpki-client