$ rpki-client -vvf rpki.apnic.net/member_repository/A91582D9/0EDA6D5ECDDA11E7BDEA8C2BC4F9AE02/654665EA197611F09D2B1C76C4F9AE02.roa File: 654665EA197611F09D2B1C76C4F9AE02.roa (raw, json) Hash identifier: hgO4m8NBFvCWTk/xZ7lTPgH3uo1aBC3KP8OdcPsjkbo= Subject key identifier: 7F:F7:E1:FB:CB:7A:B7:B5:87:8B:CE:1F:F0:FD:C9:57:BA:41:F1:2B Certificate issuer: /CN=A91582D9/serialNumber=5282A4642AF7D35799291BBA447EA14251A4D5FC Certificate serial: 0862 Authority key identifier: 52:82:A4:64:2A:F7:D3:57:99:29:1B:BA:44:7E:A1:42:51:A4:D5:FC Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UoKkZCr301eZKRu6RH6hQlGk1fw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91582D9/0EDA6D5ECDDA11E7BDEA8C2BC4F9AE02/654665EA197611F09D2B1C76C4F9AE02.roa Signing time: Wed 16 Jul 2025 16:55:19 +0000 ROA not before: Wed 16 Jul 2025 16:55:19 +0000 ROA not after: Thu 30 Jul 2026 00:00:00 +0000 asID: 58889 IP address blocks: 45.64.136.0/24 maxlen: 24 45.64.138.0/24 maxlen: 24 45.64.139.0/24 maxlen: 24 2401:1980::/32 maxlen: 40 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91582D9/0EDA6D5ECDDA11E7BDEA8C2BC4F9AE02/UoKkZCr301eZKRu6RH6hQlGk1fw.crl rsync://rpki.apnic.net/member_repository/A91582D9/0EDA6D5ECDDA11E7BDEA8C2BC4F9AE02/UoKkZCr301eZKRu6RH6hQlGk1fw.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UoKkZCr301eZKRu6RH6hQlGk1fw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 29 Jul 2025 16:42:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2146 (0x862) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91582D9, serialNumber=5282A4642AF7D35799291BBA447EA14251A4D5FC Validity Not Before: Jul 16 16:55:19 2025 GMT Not After : Jul 30 00:00:00 2026 GMT Subject: CN=6877d977-c486 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:e6:83:bf:9a:44:95:50:c1:aa:07:88:7c:b7: 5e:8b:f2:8a:63:bb:c2:ef:75:3e:28:cb:62:ff:a0: ef:a0:5d:77:86:35:a4:78:73:84:62:3f:1c:9f:9f: 9f:37:98:76:39:bd:2b:d2:95:c0:98:b2:45:83:64: 37:88:77:ca:a4:02:1a:12:65:b7:7d:4b:da:93:cf: b6:f2:64:68:ee:20:2b:7d:90:85:64:51:14:ed:b2: 12:d8:96:ed:0a:88:16:83:6b:5c:49:30:05:18:dd: a2:04:d0:0f:70:c1:99:a9:50:f7:1c:d5:19:3f:06: ee:21:ea:d9:05:96:d3:82:8a:f0:7f:98:19:a0:45: be:1f:ed:a8:8b:3c:d8:82:5d:47:33:cb:57:ea:37: 52:f9:0a:89:fb:d8:80:1d:84:d5:e7:90:ca:43:ad: 24:4c:21:03:4e:40:d2:1b:a5:72:dc:44:c2:72:f6: cf:a8:9e:b5:97:b4:f7:fc:bf:8c:ea:3c:3b:38:c9: 1c:04:ec:67:7f:87:1c:fe:63:df:7d:5d:7e:6d:92: f4:4d:4d:10:69:bd:1f:42:1d:6c:8e:37:28:71:10: 96:28:61:91:7a:2a:ee:e8:ab:67:8a:b7:ae:bd:1f: b7:33:bd:3b:cf:ed:38:aa:07:af:2a:74:f5:87:3a: 3a:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7F:F7:E1:FB:CB:7A:B7:B5:87:8B:CE:1F:F0:FD:C9:57:BA:41:F1:2B X509v3 Authority Key Identifier: keyid:52:82:A4:64:2A:F7:D3:57:99:29:1B:BA:44:7E:A1:42:51:A4:D5:FC X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91582D9/0EDA6D5ECDDA11E7BDEA8C2BC4F9AE02/UoKkZCr301eZKRu6RH6hQlGk1fw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UoKkZCr301eZKRu6RH6hQlGk1fw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91582D9/0EDA6D5ECDDA11E7BDEA8C2BC4F9AE02/654665EA197611F09D2B1C76C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 45.64.136.0/24 45.64.138.0/23 IPv6: 2401:1980::/32 Signature Algorithm: sha256WithRSAEncryption b0:b5:9c:96:e0:6b:90:84:f5:24:4a:61:27:58:0e:81:34:81: ff:ff:b1:b0:55:7d:52:8a:a1:72:81:31:9d:52:db:3a:24:3a: da:4b:7d:50:11:8c:68:ce:36:6b:5a:66:fa:dd:a2:33:eb:80: 20:1b:33:2e:94:a5:67:41:66:4f:46:34:32:f6:f1:b5:53:fd: b3:3f:34:6b:e1:69:34:f0:95:1d:a8:87:89:84:74:8c:89:35: d9:6b:23:d7:dd:d0:0b:26:0f:94:f8:0c:e4:ed:ae:cc:32:ec: 44:40:1f:c7:04:57:a3:26:0d:6a:16:3d:f7:99:3b:68:58:2d: da:89:fd:f8:b9:50:c8:2c:c6:a8:2b:da:d8:fc:b5:09:c9:49: 0d:d9:bc:44:2e:73:d3:b4:76:7a:4e:28:68:cc:3c:3b:a9:63: 84:fc:fd:55:ef:f4:62:a9:13:df:42:b9:80:09:50:80:23:bb: 4a:99:5f:54:4b:0b:81:ee:4a:4c:f5:bb:18:02:f4:9b:6e:8d: 05:56:07:16:d7:f7:e8:cc:07:5b:6d:17:3d:4d:b9:ec:99:c5: 38:63:b5:ed:58:93:d3:12:f3:bb:e2:67:fb:87:93:8f:fb:b8: 5c:8c:c0:67:98:1c:70:ac:81:fa:89:0f:b8:20:c6:f0:10:67: a0:90:b2:06 -----BEGIN CERTIFICATE----- MIIFhjCCBG6gAwIBAgICCGIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTgyRDkxMTAvBgNVBAUTKDUyODJBNDY0MkFGN0QzNTc5OTI5MUJCQTQ0N0VBMTQy NTFBNEQ1RkMwHhcNMjUwNzE2MTY1NTE5WhcNMjYwNzMwMDAwMDAwWjAYMRYwFAYD VQQDEw02ODc3ZDk3Ny1jNDg2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAuOaDv5pElVDBqgeIfLdei/KKY7vC73U+KMti/6DvoF13hjWkeHOEYj8cn5+f N5h2Ob0r0pXAmLJFg2Q3iHfKpAIaEmW3fUvak8+28mRo7iArfZCFZFEU7bIS2Jbt CogWg2tcSTAFGN2iBNAPcMGZqVD3HNUZPwbuIerZBZbTgorwf5gZoEW+H+2oizzY gl1HM8tX6jdS+QqJ+9iAHYTV55DKQ60kTCEDTkDSG6Vy3ETCcvbPqJ61l7T3/L+M 6jw7OMkcBOxnf4cc/mPffV1+bZL0TU0Qab0fQh1sjjcocRCWKGGReiru6Ktnireu vR+3M707z+04qgevKnT1hzo6KwIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFH/34fvL ere1h4vOH/D9yVe6QfErMB8GA1UdIwQYMBaAFFKCpGQq99NXmSkbukR+oUJRpNX8 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1ODJEOS8wRURBNkQ1RUNE REExMUU3QkRFQThDMkJDNEY5QUUwMi9Vb0trWkNyMzAxZVpLUnU2Ukg2aFFsR2sx ZncuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1VvS2taQ3IzMDFlWktSdTZSSDZoUWxHazFmdy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NTgyRDkvMEVEQTZENUVDRERBMTFFN0JERUE4QzJCQzRGOUFFMDIvNjU0NjY1RUEx OTc2MTFGMDlEMkIxQzc2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E JTAjMBIEAgABMAwDBAAtQIgDBAEtQIowDQQCAAIwBwMFACQBGYAwDQYJKoZIhvcN AQELBQADggEBALC1nJbga5CE9SRKYSdYDoE0gf//sbBVfVKKoXKBMZ1S2zokOtpL fVARjGjONmtaZvrdojPrgCAbMy6UpWdBZk9GNDL28bVT/bM/NGvhaTTwlR2oh4mE dIyJNdlrI9fd0AsmD5T4DOTtrswy7ERAH8cEV6MmDWoWPfeZO2hYLdqJ/fi5UMgs xqgr2tj8tQnJSQ3ZvEQuc9O0dnpOKGjMPDupY4T8/VXv9GKpE99CuYAJUIAju0qZ X1RLC4HuSkz1uxgC9JtujQVWBxbX9+jMB1ttFz1NueyZxThjte1Yk9MS87viZ/uH k4/7uFyMwGeYHHCsgfqJD7ggxvAQZ6CQsgY= -----END CERTIFICATE-----Generated at Thu Jul 24 12:06:43 2025 by rpki-client