$ rpki-client -vvf rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/D91A51FE753E11ED91728868C4F9AE02.roa File: D91A51FE753E11ED91728868C4F9AE02.roa (raw, json) Hash identifier: 7dzWx0jPuyBoLDvUfXeImNsUv//whqLxzUiVbPlikaw= Subject key identifier: E4:37:9D:4A:D2:CF:1F:F1:FC:9A:52:CA:F4:D7:0C:34:21:60:7C:66 Certificate issuer: /CN=A91A560A/serialNumber=167C3B221775FEC05039468150CE814756AC6F0A Certificate serial: 4AC7 Authority key identifier: 16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/D91A51FE753E11ED91728868C4F9AE02.roa Signing time: Sat 10 May 2025 13:03:06 +0000 ROA not before: Sat 10 May 2025 13:03:06 +0000 ROA not after: Fri 31 Oct 2025 00:00:00 +0000 asID: 38244 IP address blocks: 45.127.252.0/22 maxlen: 24 49.213.64.0/18 maxlen: 24 58.84.0.0/22 maxlen: 24 61.28.224.0/19 maxlen: 24 103.196.236.0/22 maxlen: 24 103.245.248.0/22 maxlen: 24 118.102.0.0/21 maxlen: 24 120.138.64.0/20 maxlen: 24 122.201.8.0/21 maxlen: 24 2001:df0:13::/48 maxlen: 48 2001:df0:1a::/48 maxlen: 48 2402:4e0::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.crl rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 20 May 2025 08:51:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 19143 (0x4ac7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A560A, serialNumber=167C3B221775FEC05039468150CE814756AC6F0A Validity Not Before: May 10 13:03:06 2025 GMT Not After : Oct 31 00:00:00 2025 GMT Subject: CN=681f4e8a-7c93 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9f:89:6b:91:a7:71:f6:1b:f3:10:e1:09:f6:21: 80:2c:9b:43:26:83:40:b1:db:6c:dc:a6:bf:63:54: 13:9c:d9:1c:97:69:1e:fe:b8:0e:f5:67:27:ef:7d: aa:68:d2:d3:e2:7d:41:cd:8f:5c:5b:0b:bd:99:dc: 5f:ae:31:2d:74:a6:e0:96:22:88:d1:5e:e9:84:2b: 12:ab:08:02:84:fa:f1:c2:58:c6:a1:2f:1a:c6:79: 3b:92:ca:83:06:f8:e0:48:6c:7c:e9:32:8f:63:24: e3:57:42:71:ba:7b:99:7a:48:b2:82:83:25:0f:f4: 44:be:12:f2:01:9a:18:9a:0b:2f:c6:43:46:cd:98: 48:32:5e:df:d0:7e:a9:d2:44:b4:5b:9b:79:9e:64: 97:89:93:fe:3d:c5:08:43:31:e6:2e:75:6c:c4:c9: 40:30:ce:b8:d2:51:4e:4f:0f:ef:d7:b1:50:ca:17: 48:f6:25:97:13:33:a3:75:a7:84:07:42:8f:b0:2f: 87:2f:4a:9e:f7:3a:94:ce:77:30:03:85:d5:f7:b5: 14:3f:d3:f4:19:77:00:e4:be:74:9d:35:ab:65:e9: 68:c4:cf:1c:04:c9:aa:59:35:02:f8:f6:29:d5:23: a2:99:53:01:1a:b4:84:7d:39:3d:44:75:e7:61:44: 08:ab Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E4:37:9D:4A:D2:CF:1F:F1:FC:9A:52:CA:F4:D7:0C:34:21:60:7C:66 X509v3 Authority Key Identifier: keyid:16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/D91A51FE753E11ED91728868C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 45.127.252.0/22 49.213.64.0/18 58.84.0.0/22 61.28.224.0/19 103.196.236.0/22 103.245.248.0/22 118.102.0.0/21 120.138.64.0/20 122.201.8.0/21 IPv6: 2001:df0:13::/48 2001:df0:1a::/48 2402:4e0::/32 Signature Algorithm: sha256WithRSAEncryption 89:04:c5:67:94:44:fa:0d:2e:22:0e:20:34:e1:b9:22:cf:2b: df:90:cd:2e:6c:53:6d:80:d3:65:e1:80:b2:cd:c2:0a:f7:48: 9a:b8:f7:6e:9a:47:db:a5:7d:e5:4b:44:22:8e:de:ba:36:cb: b4:6f:c8:ce:5d:2b:17:be:54:a2:da:17:9d:4a:88:00:84:3e: 8b:e2:67:c9:ab:bd:95:c2:e1:d2:64:47:dc:ad:45:8d:94:7b: dd:2b:9b:d5:fb:33:ca:3f:61:f0:0a:84:73:50:c4:d4:e9:f9: ee:dd:8d:d5:a9:bd:dc:25:c2:36:8c:9a:6b:9c:40:f8:b0:08: 3b:f7:4b:7a:22:e9:e5:65:e4:a8:a6:bd:ad:af:34:b6:f7:50: 1b:c5:40:51:c1:fd:88:f1:0e:2f:a1:af:de:a5:4e:8b:a4:37: c2:32:d6:dd:8f:00:6a:6c:fe:20:b2:49:58:7f:62:89:82:06: 82:e6:ab:5a:47:8c:f3:e5:65:84:55:59:28:2a:a8:b8:10:6e: 4e:a5:66:f9:1f:3f:41:01:72:19:5a:1b:93:90:07:81:80:c0: 17:e4:3a:4d:dc:1d:ff:53:0c:2c:70:6b:d8:f7:45:0b:60:44: 55:b2:4c:f3:f3:08:d1:88:46:4a:ec:21:6b:8c:0f:f7:43:a2: d7:d7:06:21 -----BEGIN CERTIFICATE----- MIIFwjCCBKqgAwIBAgICSscwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTU2MEExMTAvBgNVBAUTKDE2N0MzQjIyMTc3NUZFQzA1MDM5NDY4MTUwQ0U4MTQ3 NTZBQzZGMEEwHhcNMjUwNTEwMTMwMzA2WhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD VQQDEw02ODFmNGU4YS03YzkzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAn4lrkadx9hvzEOEJ9iGALJtDJoNAsdts3Ka/Y1QTnNkcl2ke/rgO9Wcn732q aNLT4n1BzY9cWwu9mdxfrjEtdKbgliKI0V7phCsSqwgChPrxwljGoS8axnk7ksqD BvjgSGx86TKPYyTjV0JxunuZekiygoMlD/REvhLyAZoYmgsvxkNGzZhIMl7f0H6p 0kS0W5t5nmSXiZP+PcUIQzHmLnVsxMlAMM640lFOTw/v17FQyhdI9iWXEzOjdaeE B0KPsC+HL0qe9zqUzncwA4XV97UUP9P0GXcA5L50nTWrZeloxM8cBMmqWTUC+PYp 1SOimVMBGrSEfTk9RHXnYUQIqwIDAQABo4IC5jCCAuIwHQYDVR0OBBYEFOQ3nUrS zx/x/JpSyvTXDDQhYHxmMB8GA1UdIwQYMBaAFBZ8OyIXdf7AUDlGgVDOgUdWrG8K MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTYwQS9BQUVCMTkxQTFE OEExMUUyQTM4N0QwRTQwOEIwMkNEMi9Gbnc3SWhkMV9zQlFPVWFCVU02QlIxYXNi d28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0ZudzdJaGQxX3NCUU9VYUJVTTZCUjFhc2J3by5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QTU2MEEvQUFFQjE5MUExRDhBMTFFMkEzODdEMEU0MDhCMDJDRDIvRDkxQTUxRkU3 NTNFMTFFRDkxNzI4ODY4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwcAYIKwYBBQUHAQcBAf8E YTBfMDwEAgABMDYDBAItf/wDBAYx1UADBAI6VAADBAU9HOADBAJnxOwDBAJn9fgD BAN2ZgADBAR4ikADBAN6yQgwHwQCAAIwGQMHACABDfAAEwMHACABDfAAGgMFACQC BOAwDQYJKoZIhvcNAQELBQADggEBAIkExWeURPoNLiIOIDThuSLPK9+QzS5sU22A 02XhgLLNwgr3SJq4926aR9ulfeVLRCKO3ro2y7RvyM5dKxe+VKLaF51KiACEPovi Z8mrvZXC4dJkR9ytRY2Ue90rm9X7M8o/YfAKhHNQxNTp+e7djdWpvdwlwjaMmmuc QPiwCDv3S3oi6eVl5Kimva2vNLb3UBvFQFHB/YjxDi+hr96lToukN8Iy1t2PAGps /iCySVh/YomCBoLmq1pHjPPlZYRVWSgqqLgQbk6lZvkfP0EBchlaG5OQB4GAwBfk Ok3cHf9TDCxwa9j3RQtgRFWyTPPzCNGIRkrsIWuMD/dDotfXBiE= -----END CERTIFICATE-----Generated at Tue May 13 12:39:17 2025 by rpki-client