$ rpki-client -vvf rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/45FFCD9AD6E511EE9E963F62C4F9AE02.roa File: 45FFCD9AD6E511EE9E963F62C4F9AE02.roa (raw, json) Hash identifier: vYpBOBXNxf9h+DOzyp4xR8P1uHvfF6zLBTsybxAd5Mg= Subject key identifier: 6B:FD:88:AF:84:3A:7B:AB:5C:87:9C:18:19:BF:7E:51:B3:BF:07:BD Certificate issuer: /CN=A91A560A/serialNumber=8AC721298F92E10A2EE3051AFBC9114284F80E12 Certificate serial: 05A0 Authority key identifier: 8A:C7:21:29:8F:92:E1:0A:2E:E3:05:1A:FB:C9:11:42:84:F8:0E:12 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ischKY-S4Qou4wUa-8kRQoT4DhI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/45FFCD9AD6E511EE9E963F62C4F9AE02.roa Signing time: Wed 02 Apr 2025 03:34:33 +0000 ROA not before: Wed 02 Apr 2025 03:34:33 +0000 ROA not after: Fri 31 Oct 2025 00:00:00 +0000 asID: 135905 IP address blocks: 157.20.88.0/23 maxlen: 24 160.22.102.0/23 maxlen: 24 160.191.100.0/23 maxlen: 23 160.250.126.0/23 maxlen: 24 160.250.188.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/ischKY-S4Qou4wUa-8kRQoT4DhI.crl rsync://rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/ischKY-S4Qou4wUa-8kRQoT4DhI.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ischKY-S4Qou4wUa-8kRQoT4DhI.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 13 Apr 2025 14:32:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1440 (0x5a0) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A560A Validity Not Before: Apr 2 03:34:33 2025 GMT Not After : Oct 31 00:00:00 2025 GMT Subject: CN=67ecb049-555d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:32:36:11:9c:0d:ea:94:c2:1c:0a:0a:86:d2: 57:c3:7c:9d:1e:ea:f7:6a:45:a7:60:eb:10:6b:b7: 56:36:fd:c2:bf:74:76:d8:4d:a9:81:f5:f4:d9:d3: fd:e7:be:21:90:c1:0c:0d:1c:8a:83:cb:73:81:06: 66:fd:f2:dc:8b:01:88:3d:3a:08:1b:b9:6d:75:9a: c5:4e:70:7e:45:d5:50:a2:ab:22:63:73:4b:bd:71: 4a:a7:d5:43:8e:e8:87:89:f7:3e:21:82:e8:4e:9e: 47:dc:52:1c:41:82:b7:c7:a7:bf:b6:1b:aa:17:63: 3c:6f:e6:2c:16:25:de:73:c2:52:49:a1:af:d5:1d: 35:f7:ca:b6:6e:17:87:a1:ff:91:92:62:43:49:ff: 8c:e7:8f:a4:bf:90:3a:a4:33:d4:87:7c:80:98:e0: 1d:62:ab:58:e5:ff:7f:f3:ed:6e:05:47:19:75:0c: 49:7d:5f:21:2f:40:be:5c:39:ca:e2:71:89:4d:9b: 6a:b5:70:8d:bc:5c:07:32:9e:10:44:59:84:50:25: 9e:36:be:b4:a1:ae:e3:d3:ac:73:d5:f5:a6:f2:ac: 66:4a:6d:f1:20:17:4c:fc:9b:7a:f0:69:ed:3a:64: d2:ea:81:ae:29:ac:0b:72:d0:19:c7:67:3c:a9:6a: 19:89 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6B:FD:88:AF:84:3A:7B:AB:5C:87:9C:18:19:BF:7E:51:B3:BF:07:BD X509v3 Authority Key Identifier: keyid:8A:C7:21:29:8F:92:E1:0A:2E:E3:05:1A:FB:C9:11:42:84:F8:0E:12 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/ischKY-S4Qou4wUa-8kRQoT4DhI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ischKY-S4Qou4wUa-8kRQoT4DhI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/45FFCD9AD6E511EE9E963F62C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 157.20.88.0/23 160.22.102.0/23 160.191.100.0/23 160.250.126.0/23 160.250.188.0/23 Signature Algorithm: sha256WithRSAEncryption b0:6d:b8:6b:26:10:9b:33:28:6b:b1:47:25:47:46:41:0b:53: ae:36:ae:89:64:cc:7d:a1:83:f6:03:c9:d3:c7:ab:b1:39:90: f7:3f:a3:36:da:e9:e4:9c:2d:1b:dd:b5:eb:1d:c9:39:76:ae: 0d:49:f2:a9:3c:17:9a:17:b9:92:04:7e:7a:fb:7f:d5:c8:ae: 66:9f:0b:ec:37:db:5e:ed:d1:90:97:58:bd:18:2b:e8:2e:50: ae:bd:f9:ad:53:69:2d:72:5f:6d:96:ec:35:c7:56:21:04:0d: 0c:a5:6a:6f:98:73:c0:1e:a0:d5:f9:2b:3e:60:f4:e1:c9:62: f0:13:3c:e8:ad:56:e8:e4:5a:ea:0b:a3:a5:78:35:a0:51:4f: 3e:1b:d1:62:c9:cb:a7:d0:e2:78:ca:f0:94:1d:c8:48:7c:30: 7b:a7:55:9d:e0:fc:e3:0d:99:c4:55:94:4f:4f:d8:a7:f6:4e: a5:93:ad:25:2d:b0:9a:20:ab:87:4b:07:e3:4a:e1:f1:de:60: f1:e0:95:e6:be:f6:2d:aa:da:96:30:a3:7d:4a:13:e6:4e:d4: f3:99:db:d9:d2:4b:f1:9d:b0:b4:06:2a:45:b6:4e:ab:b4:f0: d0:f6:31:2b:01:a4:58:93:e4:b2:46:f1:54:48:f0:99:54:36: 74:b6:04:ee -----BEGIN CERTIFICATE----- MIIFiTCCBHGgAwIBAgICBaAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTU2MEExMTAvBgNVBAUTKDhBQzcyMTI5OEY5MkUxMEEyRUUzMDUxQUZCQzkxMTQy ODRGODBFMTIwHhcNMjUwNDAyMDMzNDMzWhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD VQQDEw02N2VjYjA0OS01NTVkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAqDI2EZwN6pTCHAoKhtJXw3ydHur3akWnYOsQa7dWNv3Cv3R22E2pgfX02dP9 574hkMEMDRyKg8tzgQZm/fLciwGIPToIG7ltdZrFTnB+RdVQoqsiY3NLvXFKp9VD juiHifc+IYLoTp5H3FIcQYK3x6e/thuqF2M8b+YsFiXec8JSSaGv1R0198q2bheH of+RkmJDSf+M54+kv5A6pDPUh3yAmOAdYqtY5f9/8+1uBUcZdQxJfV8hL0C+XDnK 4nGJTZtqtXCNvFwHMp4QRFmEUCWeNr60oa7j06xz1fWm8qxmSm3xIBdM/Jt68Gnt OmTS6oGuKawLctAZx2c8qWoZiQIDAQABo4ICrTCCAqkwHQYDVR0OBBYEFGv9iK+E OnurXIecGBm/flGzvwe9MB8GA1UdIwQYMBaAFIrHISmPkuEKLuMFGvvJEUKE+A4S MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTYwQS8yMDk1ODYxOEE5 REYxMUVFQTM1NkE0M0VDNEY5QUUwMi9pc2NoS1ktUzRRb3U0d1VhLThrUlFvVDRE aEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL2lzY2hLWS1TNFFvdTR3VWEtOGtSUW9UNERoSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QTU2MEEvMjA5NTg2MThBOURGMTFFRUEzNTZBNDNFQzRGOUFFMDIvNDVGRkNEOUFE NkU1MTFFRTlFOTYzRjYyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNwYIKwYBBQUHAQcBAf8E KDAmMCQEAgABMB4DBAGdFFgDBAGgFmYDBAGgv2QDBAGg+n4DBAGg+rwwDQYJKoZI hvcNAQELBQADggEBALBtuGsmEJszKGuxRyVHRkELU642rolkzH2hg/YDydPHq7E5 kPc/ozba6eScLRvdtesdyTl2rg1J8qk8F5oXuZIEfnr7f9XIrmafC+w3217t0ZCX WL0YK+guUK69+a1TaS1yX22W7DXHViEEDQylam+Yc8AeoNX5Kz5g9OHJYvATPOit VujkWuoLo6V4NaBRTz4b0WLJy6fQ4njK8JQdyEh8MHunVZ3g/OMNmcRVlE9P2Kf2 TqWTrSUtsJogq4dLB+NK4fHeYPHglea+9i2q2pYwo31KE+ZO1POZ29nSS/GdsLQG KkW2Tqu08ND2MSsBpFiT5LJG8VRI8JlUNnS2BO4= -----END CERTIFICATE-----Generated at Mon Apr 7 01:25:42 2025 by rpki-client