$ rpki-client -vvf rpki.apnic.net/member_repository/A91BDC3F/5CE810460EB011EF872E8127C4F9AE02/7980C32AA71B11EFA8320136C4F9AE02.roa File: 7980C32AA71B11EFA8320136C4F9AE02.roa (raw, json) Hash identifier: svWCFcB6b/XkbZIPeHevXUk9kvL6MAqPQu9nAp05skM= Subject key identifier: A0:FD:6C:C5:F7:22:FC:72:67:51:15:B3:BB:17:9E:BC:FF:DE:B1:87 Certificate issuer: /CN=A91BDC3F/serialNumber=6CE0E949711B203E4ACB22B680F3FFF47ED16C61 Certificate serial: C0 Authority key identifier: 6C:E0:E9:49:71:1B:20:3E:4A:CB:22:B6:80:F3:FF:F4:7E:D1:6C:61 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bODpSXEbID5KyyK2gPP_9H7RbGE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91BDC3F/5CE810460EB011EF872E8127C4F9AE02/7980C32AA71B11EFA8320136C4F9AE02.roa Signing time: Thu 03 Apr 2025 05:33:45 +0000 ROA not before: Thu 03 Apr 2025 05:33:45 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 38532 IP address blocks: 43.227.231.0/24 maxlen: 24 43.229.84.0/22 maxlen: 22 43.229.128.0/23 maxlen: 23 43.229.130.0/24 maxlen: 24 103.7.8.0/22 maxlen: 22 103.14.212.0/22 maxlen: 22 103.26.40.0/22 maxlen: 22 103.26.41.0/24 maxlen: 24 103.36.92.0/22 maxlen: 22 103.62.4.0/22 maxlen: 24 103.254.255.0/24 maxlen: 24 113.11.248.0/21 maxlen: 21 113.197.32.0/21 maxlen: 21 116.12.48.0/21 maxlen: 21 124.6.60.0/22 maxlen: 24 2400:1480::/48 maxlen: 48 2407:d200::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91BDC3F/5CE810460EB011EF872E8127C4F9AE02/bODpSXEbID5KyyK2gPP_9H7RbGE.crl rsync://rpki.apnic.net/member_repository/A91BDC3F/5CE810460EB011EF872E8127C4F9AE02/bODpSXEbID5KyyK2gPP_9H7RbGE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bODpSXEbID5KyyK2gPP_9H7RbGE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 20 May 2025 05:03:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 192 (0xc0) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91BDC3F, serialNumber=6CE0E949711B203E4ACB22B680F3FFF47ED16C61 Validity Not Before: Apr 3 05:33:45 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=67ee1db9-71e9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:8d:9c:7f:db:5c:9e:d8:13:9a:30:cd:e4:46: 38:be:e5:93:9c:de:9b:e6:97:53:10:41:1a:06:e5: 9d:a2:ba:1c:c9:d3:38:50:c4:ab:92:a6:f2:5b:9c: cf:24:7b:b1:b4:4b:df:f1:eb:80:54:d1:62:fd:ef: 13:bb:71:d9:be:15:ad:d6:88:3d:e8:a8:9c:e4:bb: ac:0e:f2:c9:c2:46:e1:e1:df:56:e0:59:a3:39:98: cf:77:7e:4c:fa:14:47:af:73:96:32:9c:79:55:cb: cb:35:c4:92:46:2a:94:63:af:f8:ef:5f:0b:9b:49: 7e:68:f3:52:a1:7a:92:85:d9:61:d0:a3:a5:e8:16: c7:67:d5:41:79:44:ce:07:5a:9e:c9:93:4d:5b:0f: c5:79:b6:59:23:2f:dd:bf:57:ef:b1:eb:96:b8:6c: 51:d7:e6:b2:03:dd:39:38:76:c5:78:6f:58:b2:b4: 9e:77:32:3b:e9:c9:b7:a5:66:4a:f0:2c:97:e6:08: aa:4e:c9:21:6d:63:d9:a0:bc:f7:7c:15:c0:ef:dd: 2c:92:15:d6:72:bc:12:9f:0c:7d:9b:4f:da:89:c4: 67:df:cc:01:86:a7:51:cf:3f:41:9e:70:39:bf:4f: a2:e8:bc:df:54:be:5a:3f:0a:60:cc:71:d2:b2:c8: f7:fb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A0:FD:6C:C5:F7:22:FC:72:67:51:15:B3:BB:17:9E:BC:FF:DE:B1:87 X509v3 Authority Key Identifier: keyid:6C:E0:E9:49:71:1B:20:3E:4A:CB:22:B6:80:F3:FF:F4:7E:D1:6C:61 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91BDC3F/5CE810460EB011EF872E8127C4F9AE02/bODpSXEbID5KyyK2gPP_9H7RbGE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bODpSXEbID5KyyK2gPP_9H7RbGE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BDC3F/5CE810460EB011EF872E8127C4F9AE02/7980C32AA71B11EFA8320136C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.227.231.0/24 43.229.84.0/22 43.229.128.0-43.229.130.255 103.7.8.0/22 103.14.212.0/22 103.26.40.0/22 103.36.92.0/22 103.62.4.0/22 103.254.255.0/24 113.11.248.0/21 113.197.32.0/21 116.12.48.0/21 124.6.60.0/22 IPv6: 2400:1480::/48 2407:d200::/32 Signature Algorithm: sha256WithRSAEncryption c5:a6:8f:b2:d9:e6:77:28:9f:3d:14:88:1a:54:6b:76:bb:2c: 68:54:20:13:ad:10:c2:d8:63:1b:f1:2c:e5:81:40:51:87:81: ea:51:8e:6c:18:b4:1d:7b:a5:d9:8e:4a:de:1e:e0:c7:41:94: 32:80:63:e4:d1:35:03:92:34:1f:2e:04:fc:dd:29:27:0e:38: 03:71:96:f5:db:bd:8a:7f:d2:cb:49:85:8e:4e:7c:00:26:0b: 63:2c:09:36:0b:a9:95:34:1f:40:52:96:ad:ba:80:1c:44:0e: e7:5f:49:f9:f4:4b:e4:49:dd:f2:0d:f3:88:e5:f8:3e:de:d1: da:5e:09:46:25:d6:63:73:f9:a5:83:3d:47:34:6b:c3:1f:69: 15:3f:80:a8:bc:c5:06:01:0b:8c:60:8e:10:0c:89:0e:34:02: 69:58:da:d4:31:ef:7d:1e:c8:4c:90:bb:54:7f:35:41:da:3d: 7e:ba:14:21:08:a6:94:59:18:7c:e1:dd:b2:50:73:9b:a2:d8: 21:3d:2b:e0:f2:86:eb:b8:9f:57:3a:72:42:51:2a:0e:d0:d1: 5e:56:62:a6:3f:ca:94:25:17:88:be:cc:af:0e:43:39:8a:a2: d2:92:a1:e1:0b:81:4e:49:7f:c0:ab:c0:a0:83:97:3a:5e:99: 93:11:bb:d5 -----BEGIN CERTIFICATE----- MIIF2jCCBMKgAwIBAgICAMAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QkRDM0YxMTAvBgNVBAUTKDZDRTBFOTQ5NzExQjIwM0U0QUNCMjJCNjgwRjNGRkY0 N0VEMTZDNjEwHhcNMjUwNDAzMDUzMzQ1WhcNMjYwNzAxMDAwMDAwWjAYMRYwFAYD VQQDEw02N2VlMWRiOS03MWU5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA1Y2cf9tcntgTmjDN5EY4vuWTnN6b5pdTEEEaBuWdorocydM4UMSrkqbyW5zP JHuxtEvf8euAVNFi/e8Tu3HZvhWt1og96Kic5LusDvLJwkbh4d9W4FmjOZjPd35M +hRHr3OWMpx5VcvLNcSSRiqUY6/4718Lm0l+aPNSoXqShdlh0KOl6BbHZ9VBeUTO B1qeyZNNWw/FebZZIy/dv1fvseuWuGxR1+ayA905OHbFeG9YsrSedzI76cm3pWZK 8CyX5giqTskhbWPZoLz3fBXA790skhXWcrwSnwx9m0/aicRn38wBhqdRzz9BnnA5 v0+i6LzfVL5aPwpgzHHSssj3+wIDAQABo4IC/jCCAvowHQYDVR0OBBYEFKD9bMX3 IvxyZ1EVs7sXnrz/3rGHMB8GA1UdIwQYMBaAFGzg6UlxGyA+SssitoDz//R+0Wxh MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCREMzRi81Q0U4MTA0NjBF QjAxMUVGODcyRTgxMjdDNEY5QUUwMi9iT0RwU1hFYklENUt5eUsyZ1BQXzlIN1Ji R0UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2JPRHBTWEViSUQ1S3l5SzJnUFBfOUg3UmJHRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QkRDM0YvNUNFODEwNDYwRUIwMTFFRjg3MkU4MTI3QzRGOUFFMDIvNzk4MEMzMkFB NzFCMTFFRkE4MzIwMTM2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgYcGCCsGAQUFBwEHAQH/ BHgwdjBcBAIAATBWAwQAK+PnAwQCK+VUMAwDBAcr5YADBAAr5YIDBAJnBwgDBAJn DtQDBAJnGigDBAJnJFwDBAJnPgQDBABn/v8DBANxC/gDBANxxSADBAN0DDADBAJ8 BjwwFgQCAAIwEAMHACQAFIAAAAMFACQH0gAwDQYJKoZIhvcNAQELBQADggEBAMWm j7LZ5nconz0UiBpUa3a7LGhUIBOtEMLYYxvxLOWBQFGHgepRjmwYtB17pdmOSt4e 4MdBlDKAY+TRNQOSNB8uBPzdKScOOANxlvXbvYp/0stJhY5OfAAmC2MsCTYLqZU0 H0BSlq26gBxEDudfSfn0S+RJ3fIN84jl+D7e0dpeCUYl1mNz+aWDPUc0a8MfaRU/ gKi8xQYBC4xgjhAMiQ40AmlY2tQx730eyEyQu1R/NUHaPX66FCEIppRZGHzh3bJQ c5ui2CE9K+Dyhuu4n1c6ckJRKg7Q0V5WYqY/ypQlF4i+zK8OQzmKotKSoeELgU5J f8CrwKCDlzpemZMRu9U= -----END CERTIFICATE-----Generated at Wed May 14 08:16:46 2025 by rpki-client