$ rpki-client -vvf rpki.apnic.net/member_repository/A91A7CDD/8A23A6F8DD0D11EE9D292D6AC4F9AE02/1E595AE8DD0E11EE9833196BC4F9AE02.roa File: 1E595AE8DD0E11EE9833196BC4F9AE02.roa (raw, json) Hash identifier: kcBBvIPO2Q30vTutynVp6ce7Y05AQ3m9EdubLnBzT4w= Subject key identifier: C8:42:46:83:2B:B6:2E:F6:86:2F:5D:D9:12:C0:B3:18:D8:4D:7A:64 Certificate issuer: /CN=A91A7CDD/serialNumber=838A94ED25240959AA6F15491003AC6E6D03957E Certificate serial: C9 Authority key identifier: 83:8A:94:ED:25:24:09:59:AA:6F:15:49:10:03:AC:6E:6D:03:95:7E Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/g4qU7SUkCVmqbxVJEAOsbm0DlX4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A7CDD/8A23A6F8DD0D11EE9D292D6AC4F9AE02/1E595AE8DD0E11EE9833196BC4F9AE02.roa Signing time: Thu 27 Mar 2025 05:12:01 +0000 ROA not before: Thu 27 Mar 2025 05:12:01 +0000 ROA not after: Thu 28 May 2026 00:00:00 +0000 asID: 18109 IP address blocks: 157.20.114.0/24 maxlen: 24 157.20.115.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A7CDD/8A23A6F8DD0D11EE9D292D6AC4F9AE02/g4qU7SUkCVmqbxVJEAOsbm0DlX4.crl rsync://rpki.apnic.net/member_repository/A91A7CDD/8A23A6F8DD0D11EE9D292D6AC4F9AE02/g4qU7SUkCVmqbxVJEAOsbm0DlX4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/g4qU7SUkCVmqbxVJEAOsbm0DlX4.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 12 Apr 2025 05:01:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 201 (0xc9) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A7CDD Validity Not Before: Mar 27 05:12:01 2025 GMT Not After : May 28 00:00:00 2026 GMT Subject: CN=67e4de20-1ebb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:10:80:25:40:52:c7:7d:ee:29:69:36:a4:83: d6:06:dc:36:0b:d2:fb:8c:41:70:f8:85:93:65:96: 39:89:77:d7:77:a7:e0:d3:98:94:11:a3:cb:c6:2a: 3f:bc:b4:a3:0f:9f:03:40:a2:41:62:86:7a:8e:67: 3d:83:4e:7d:a9:16:a3:b4:81:15:7e:5d:52:54:42: 46:9e:a9:2e:99:4f:0e:44:74:31:71:eb:9a:97:3d: 03:67:f5:a9:43:c4:1e:cd:bd:0d:62:18:89:57:f8: 2b:3a:39:2c:be:6b:59:70:03:7d:f1:20:53:8d:c2: fd:fe:43:6b:83:5b:ed:27:40:14:e1:83:c5:11:be: 37:94:40:12:89:0b:1a:42:ef:88:73:a5:81:58:9b: 89:02:ba:1e:f2:af:53:42:53:03:64:38:4b:4e:bd: 02:ef:d1:50:d5:2f:ee:76:85:81:32:fe:87:26:54: b3:f1:22:12:e2:00:f2:60:86:44:2d:d2:6d:18:3f: d2:6a:8f:96:94:21:fe:e6:c3:fe:06:25:6e:1f:74: e7:cb:0f:69:e4:62:c1:b0:cc:c2:a8:0a:33:ff:f2: 29:22:dd:0c:97:78:47:40:19:40:2f:f0:f3:d7:2e: e9:ec:d7:06:94:fc:a8:a7:38:fd:57:ad:11:73:30: 95:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C8:42:46:83:2B:B6:2E:F6:86:2F:5D:D9:12:C0:B3:18:D8:4D:7A:64 X509v3 Authority Key Identifier: keyid:83:8A:94:ED:25:24:09:59:AA:6F:15:49:10:03:AC:6E:6D:03:95:7E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A7CDD/8A23A6F8DD0D11EE9D292D6AC4F9AE02/g4qU7SUkCVmqbxVJEAOsbm0DlX4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/g4qU7SUkCVmqbxVJEAOsbm0DlX4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A7CDD/8A23A6F8DD0D11EE9D292D6AC4F9AE02/1E595AE8DD0E11EE9833196BC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 157.20.114.0/23 Signature Algorithm: sha256WithRSAEncryption b8:0e:af:e1:a8:6e:e6:43:82:cd:3f:59:25:92:23:79:92:4c: f6:a5:50:e0:96:05:e6:28:c7:63:68:7a:18:e1:04:a1:5d:d0: 4e:e1:44:88:d9:fc:37:c8:65:7d:0e:2c:9b:8b:85:00:50:e8: e6:6a:c8:77:76:8e:f0:43:44:7f:00:f7:ec:ae:b1:14:6d:82: 5a:3d:03:33:59:b1:d5:82:d9:51:0a:bb:cb:81:be:a4:73:53: 34:ed:7c:ca:61:73:d4:5a:dc:8e:50:42:17:da:e8:bc:a0:11: 9f:ef:db:10:f5:fb:e1:88:3f:b9:03:15:05:1a:c9:d5:39:d3: 92:8c:2e:4e:ce:e2:74:22:f1:11:0a:e7:27:5f:cc:50:3e:33: fe:80:e6:87:dd:b6:d8:5e:4f:31:70:6a:ce:a6:f8:a2:3f:33: b3:2d:88:81:95:a5:9e:c7:d8:04:18:00:dc:12:6c:d7:ce:f8: 52:2a:0b:62:eb:64:89:69:88:be:2e:a7:b6:14:18:6f:76:df: 98:c9:1a:87:83:17:cc:06:6a:e7:7e:5d:d4:fb:57:3d:51:9b: 66:e7:cd:62:7c:76:e8:63:17:b0:a1:3d:82:71:55:02:10:1a: 7e:f9:11:c4:44:09:f7:fc:84:e4:1a:5f:ad:2d:bb:4e:5a:26: 76:7d:7d:cd -----BEGIN CERTIFICATE----- MIIFcTCCBFmgAwIBAgICAMkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTdDREQxMTAvBgNVBAUTKDgzOEE5NEVEMjUyNDA5NTlBQTZGMTU0OTEwMDNBQzZF NkQwMzk1N0UwHhcNMjUwMzI3MDUxMjAxWhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD VQQDEw02N2U0ZGUyMC0xZWJiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAqxCAJUBSx33uKWk2pIPWBtw2C9L7jEFw+IWTZZY5iXfXd6fg05iUEaPLxio/ vLSjD58DQKJBYoZ6jmc9g059qRajtIEVfl1SVEJGnqkumU8ORHQxceualz0DZ/Wp Q8Qezb0NYhiJV/grOjksvmtZcAN98SBTjcL9/kNrg1vtJ0AU4YPFEb43lEASiQsa Qu+Ic6WBWJuJAroe8q9TQlMDZDhLTr0C79FQ1S/udoWBMv6HJlSz8SIS4gDyYIZE LdJtGD/Sao+WlCH+5sP+BiVuH3Tnyw9p5GLBsMzCqAoz//IpIt0Ml3hHQBlAL/Dz 1y7p7NcGlPyopzj9V60RczCVFQIDAQABo4IClTCCApEwHQYDVR0OBBYEFMhCRoMr ti72hi9d2RLAsxjYTXpkMB8GA1UdIwQYMBaAFIOKlO0lJAlZqm8VSRADrG5tA5V+ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBN0NERC84QTIzQTZGOERE MEQxMUVFOUQyOTJENkFDNEY5QUUwMi9nNHFVN1NVa0NWbXFieFZKRUFPc2JtMERs WDQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL2c0cVU3U1VrQ1ZtcWJ4VkpFQU9zYm0wRGxYNC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QTdDREQvOEEyM0E2RjhERDBEMTFFRTlEMjkyRDZBQzRGOUFFMDIvMUU1OTVBRThE RDBFMTFFRTk4MzMxOTZCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E EDAOMAwEAgABMAYDBAGdFHIwDQYJKoZIhvcNAQELBQADggEBALgOr+GobuZDgs0/ WSWSI3mSTPalUOCWBeYox2NoehjhBKFd0E7hRIjZ/DfIZX0OLJuLhQBQ6OZqyHd2 jvBDRH8A9+yusRRtglo9AzNZsdWC2VEKu8uBvqRzUzTtfMphc9Ra3I5QQhfa6Lyg EZ/v2xD1++GIP7kDFQUaydU505KMLk7O4nQi8REK5ydfzFA+M/6A5ofdttheTzFw as6m+KI/M7MtiIGVpZ7H2AQYANwSbNfO+FIqC2LrZIlpiL4up7YUGG9235jJGoeD F8wGaud+XdT7Vz1Rm2bnzWJ8duhjF7ChPYJxVQIQGn75EcRECff8hOQaX60tu05a JnZ9fc0= -----END CERTIFICATE-----Generated at Sun Apr 6 12:25:19 2025 by rpki-client