$ rpki-client -vvf rpki.apnic.net/member_repository/A91847A2/AED3D35E594211EA936FCE43C4F9AE02/54EDB8542E1811EBB4E80B1FC4F9AE02.roa File: 54EDB8542E1811EBB4E80B1FC4F9AE02.roa (raw, json) Hash identifier: 3V95dG8EwbjGC7EMndTVlVAHQWvt90W2HKQwUZ++P/E= Subject key identifier: 6E:DB:B8:78:32:17:BC:3D:F0:B5:98:31:0C:A4:84:96:22:53:F8:32 Certificate issuer: /CN=A91847A2/serialNumber=909516597C76FA3CFFAB15208C0AE9886634AA03 Certificate serial: 0A89 Authority key identifier: 90:95:16:59:7C:76:FA:3C:FF:AB:15:20:8C:0A:E9:88:66:34:AA:03 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/kJUWWXx2-jz_qxUgjArpiGY0qgM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91847A2/AED3D35E594211EA936FCE43C4F9AE02/54EDB8542E1811EBB4E80B1FC4F9AE02.roa Signing time: Fri 28 Mar 2025 20:01:49 +0000 ROA not before: Fri 28 Mar 2025 20:01:49 +0000 ROA not after: Thu 28 May 2026 00:00:00 +0000 asID: 4628 IP address blocks: 192.154.17.0/24 maxlen: 24 192.154.18.0/23 maxlen: 24 192.154.20.0/22 maxlen: 24 192.169.32.0/24 maxlen: 24 192.169.34.0/24 maxlen: 24 192.169.37.0/24 maxlen: 24 192.169.38.0/24 maxlen: 24 192.169.41.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91847A2/AED3D35E594211EA936FCE43C4F9AE02/kJUWWXx2-jz_qxUgjArpiGY0qgM.crl rsync://rpki.apnic.net/member_repository/A91847A2/AED3D35E594211EA936FCE43C4F9AE02/kJUWWXx2-jz_qxUgjArpiGY0qgM.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/kJUWWXx2-jz_qxUgjArpiGY0qgM.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 13 Apr 2025 19:24:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2697 (0xa89) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91847A2 Validity Not Before: Mar 28 20:01:49 2025 GMT Not After : May 28 00:00:00 2026 GMT Subject: CN=67e7002d-070d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:a5:0c:3b:5a:a3:8e:4a:c9:d5:15:3d:df:01: 76:d6:61:6a:19:3d:23:8b:59:d7:ce:1c:2c:ae:71: ea:78:ac:b6:c0:d1:9e:fa:8f:68:51:e9:d0:48:ef: 71:d3:e4:9a:55:47:c9:1a:48:ba:84:19:63:09:a8: 08:e3:64:db:50:1a:a1:1d:e5:6c:cf:5d:ac:40:5f: e4:04:f9:5e:99:5b:da:d1:d4:bc:64:2b:fd:16:45: 1a:1b:80:72:9f:b1:84:53:e8:d1:f9:37:00:1c:eb: 78:52:a1:2d:f1:65:27:30:63:3b:b5:1a:70:8d:0e: 31:ec:c2:e9:0b:e5:f2:a2:b5:27:c8:ab:09:68:a0: c0:c5:84:c8:3d:9b:85:04:a9:a3:8c:a7:4c:cb:cd: 71:4c:df:e6:63:a5:fb:f0:51:09:a9:b5:0d:d3:63: 9c:ef:d1:ed:86:5a:a8:ac:0f:5e:d3:2b:2f:0d:ff: a6:46:d4:ea:15:8b:5d:f2:5a:50:0a:64:38:ad:52: 59:d3:98:ce:f9:82:20:44:d9:28:2b:cf:16:67:60: 07:d1:cb:65:da:cf:d6:c2:4b:6a:56:da:e6:93:ce: 64:21:f8:23:89:c6:9d:fc:ff:e3:ce:99:2d:53:15: be:83:52:09:a5:f9:45:2d:11:24:bb:6d:dc:4c:88: 1f:23 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6E:DB:B8:78:32:17:BC:3D:F0:B5:98:31:0C:A4:84:96:22:53:F8:32 X509v3 Authority Key Identifier: keyid:90:95:16:59:7C:76:FA:3C:FF:AB:15:20:8C:0A:E9:88:66:34:AA:03 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91847A2/AED3D35E594211EA936FCE43C4F9AE02/kJUWWXx2-jz_qxUgjArpiGY0qgM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/kJUWWXx2-jz_qxUgjArpiGY0qgM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91847A2/AED3D35E594211EA936FCE43C4F9AE02/54EDB8542E1811EBB4E80B1FC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 192.154.17.0-192.154.23.255 192.169.32.0/24 192.169.34.0/24 192.169.37.0-192.169.38.255 192.169.41.0/24 Signature Algorithm: sha256WithRSAEncryption b4:aa:cf:7b:81:37:79:31:c1:9a:c5:95:0e:86:b8:ce:52:67: 3d:23:b0:9d:80:b5:69:5a:18:92:6c:3e:6f:29:4e:91:d8:ad: 58:44:7c:ad:37:40:67:34:4b:4d:18:3e:68:30:ab:3e:b0:b3: ce:80:fa:a2:0e:56:a2:55:2f:59:d1:b0:73:f5:02:58:61:4a: 83:fc:e6:ce:90:35:a7:ca:0d:73:94:0c:bd:08:45:92:db:19: bb:88:3d:89:89:a3:88:25:94:ae:7e:34:a2:af:33:a3:18:5f: 5e:71:5c:10:a8:0e:ed:71:77:91:cc:3d:f4:7f:54:4c:2f:fb: 2b:c8:17:1d:a6:fb:54:74:b4:d3:52:59:ec:49:59:32:e1:59: e4:88:b2:c0:15:33:63:49:53:80:7d:e3:c9:d1:fd:5f:9e:2a: c5:69:1a:c3:0a:86:eb:c4:4c:09:55:62:6f:c8:21:1d:38:fb: f2:16:92:b6:cf:4b:c2:3e:eb:d3:62:9d:a5:82:70:f1:1d:a6: 55:e1:a6:0c:26:c2:f7:77:f9:a6:f6:5d:1d:c4:41:a1:7d:f3: 53:4d:00:13:7c:b4:1c:02:47:fb:4c:37:e1:f8:90:5b:07:90: 0b:70:0f:ae:71:da:93:1f:35:28:0a:90:fe:cc:63:7d:ed:30: 35:38:e3:7d -----BEGIN CERTIFICATE----- MIIFmTCCBIGgAwIBAgICCokwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx ODQ3QTIxMTAvBgNVBAUTKDkwOTUxNjU5N0M3NkZBM0NGRkFCMTUyMDhDMEFFOTg4 NjYzNEFBMDMwHhcNMjUwMzI4MjAwMTQ5WhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD VQQDEw02N2U3MDAyZC0wNzBkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAsaUMO1qjjkrJ1RU93wF21mFqGT0ji1nXzhwsrnHqeKy2wNGe+o9oUenQSO9x 0+SaVUfJGki6hBljCagI42TbUBqhHeVsz12sQF/kBPlemVva0dS8ZCv9FkUaG4By n7GEU+jR+TcAHOt4UqEt8WUnMGM7tRpwjQ4x7MLpC+XyorUnyKsJaKDAxYTIPZuF BKmjjKdMy81xTN/mY6X78FEJqbUN02Oc79HthlqorA9e0ysvDf+mRtTqFYtd8lpQ CmQ4rVJZ05jO+YIgRNkoK88WZ2AH0ctl2s/WwktqVtrmk85kIfgjicad/P/jzpkt UxW+g1IJpflFLREku23cTIgfIwIDAQABo4ICvTCCArkwHQYDVR0OBBYEFG7buHgy F7w98LWYMQykhJYiU/gyMB8GA1UdIwQYMBaAFJCVFll8dvo8/6sVIIwK6YhmNKoD MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4NDdBMi9BRUQzRDM1RTU5 NDIxMUVBOTM2RkNFNDNDNEY5QUUwMi9rSlVXV1h4Mi1qel9xeFVnakFycGlHWTBx Z00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL2tKVVdXWHgyLWp6X3F4VWdqQXJwaUdZMHFnTS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx ODQ3QTIvQUVEM0QzNUU1OTQyMTFFQTkzNkZDRTQzQzRGOUFFMDIvNTRFREI4NTQy RTE4MTFFQkI0RTgwQjFGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwRwYIKwYBBQUHAQcBAf8E ODA2MDQEAgABMC4wDAMEAMCaEQMEA8CaEAMEAMCpIAMEAMCpIjAMAwQAwKklAwQA wKkmAwQAwKkpMA0GCSqGSIb3DQEBCwUAA4IBAQC0qs97gTd5McGaxZUOhrjOUmc9 I7CdgLVpWhiSbD5vKU6R2K1YRHytN0BnNEtNGD5oMKs+sLPOgPqiDlaiVS9Z0bBz 9QJYYUqD/ObOkDWnyg1zlAy9CEWS2xm7iD2JiaOIJZSufjSirzOjGF9ecVwQqA7t cXeRzD30f1RML/sryBcdpvtUdLTTUlnsSVky4VnkiLLAFTNjSVOAfePJ0f1fnirF aRrDCobrxEwJVWJvyCEdOPvyFpK2z0vCPuvTYp2lgnDxHaZV4aYMJsL3d/mm9l0d xEGhffNTTQATfLQcAkf7TDfh+JBbB5ALcA+ucdqTHzUoCpD+zGN97TA1OON9 -----END CERTIFICATE-----Generated at Tue Apr 8 04:14:01 2025 by rpki-client