$ rpki-client -vvf rpki.apnic.net/member_repository/A91B1FA8/DF470902AFD911E8B2ED4C7FC4F9AE02/B8B7B5BA64BE11EBA96DF40DC4F9AE02.roa File: B8B7B5BA64BE11EBA96DF40DC4F9AE02.roa (raw, json) Hash identifier: vee2Trog0A8Sa455ioxH/3gGtre4yzjbz6bH8ySXmH8= Subject key identifier: CF:E7:64:FC:6F:D8:2F:93:5A:6C:58:18:46:A4:28:F2:1D:AE:72:A6 Certificate issuer: /CN=A91B1FA8/serialNumber=0DEEED1362143C362F24F97C67C8E4ECE2C7A561 Certificate serial: 1309 Authority key identifier: 0D:EE:ED:13:62:14:3C:36:2F:24:F9:7C:67:C8:E4:EC:E2:C7:A5:61 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/De7tE2IUPDYvJPl8Z8jk7OLHpWE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B1FA8/DF470902AFD911E8B2ED4C7FC4F9AE02/B8B7B5BA64BE11EBA96DF40DC4F9AE02.roa Signing time: Tue 04 Mar 2025 17:44:55 +0000 ROA not before: Tue 04 Mar 2025 17:44:55 +0000 ROA not after: Fri 01 May 2026 00:00:00 +0000 asID: 4764 IP address blocks: 144.6.0.0/16 maxlen: 22 159.196.0.0/18 maxlen: 23 159.196.64.0/18 maxlen: 24 159.196.128.0/18 maxlen: 23 159.196.168.0/24 maxlen: 24 159.196.169.0/24 maxlen: 24 159.196.170.0/24 maxlen: 24 159.196.171.0/24 maxlen: 24 159.196.192.0/18 maxlen: 24 167.179.128.0/18 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B1FA8/DF470902AFD911E8B2ED4C7FC4F9AE02/De7tE2IUPDYvJPl8Z8jk7OLHpWE.crl rsync://rpki.apnic.net/member_repository/A91B1FA8/DF470902AFD911E8B2ED4C7FC4F9AE02/De7tE2IUPDYvJPl8Z8jk7OLHpWE.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/De7tE2IUPDYvJPl8Z8jk7OLHpWE.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 11 Apr 2025 17:08:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4873 (0x1309) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B1FA8 Validity Not Before: Mar 4 17:44:55 2025 GMT Not After : May 1 00:00:00 2026 GMT Subject: CN=67c73c17-f674 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:15:65:d1:ed:d0:b9:66:33:89:46:56:25:6c: 87:98:2f:86:7e:93:58:ef:93:5d:7f:2f:21:48:00: 96:36:21:65:42:a9:64:a3:54:e0:b7:38:5b:40:41: fc:6c:98:39:02:5e:a9:f8:88:1c:1f:63:c3:d7:e0: 08:5c:f7:c6:6b:a0:7f:24:58:fb:79:5f:c5:24:fe: ce:d1:e7:0b:0e:35:52:a3:9b:19:fe:e1:af:7c:9c: 36:a5:4b:e8:e1:33:59:f1:b5:90:c6:fb:9f:e4:33: 83:ed:7b:e1:50:e6:b0:f9:97:5a:cd:03:9e:2e:74: d6:ff:51:b7:64:7b:56:d3:88:7a:18:4b:a1:f6:80: cc:e4:d4:fa:0b:83:11:57:7d:de:95:e3:6d:ee:83: 5f:68:29:2b:1f:8f:9f:e3:32:2c:1c:22:bf:b3:58: b6:8c:d6:39:d7:ff:fa:af:31:79:11:6f:d3:22:47: 30:80:46:89:41:c4:f1:c6:d3:bd:c0:84:21:22:e2: 0e:43:4a:41:09:d3:c6:3f:99:d8:6c:68:81:a3:06: 41:07:25:50:47:66:73:e2:f0:87:a3:80:0a:f5:18: 00:6c:83:b9:a3:e7:2e:d2:2b:a2:fa:06:2e:52:c9: a3:e0:1a:41:20:9b:10:42:a3:75:eb:c7:91:81:ae: 7e:db Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CF:E7:64:FC:6F:D8:2F:93:5A:6C:58:18:46:A4:28:F2:1D:AE:72:A6 X509v3 Authority Key Identifier: keyid:0D:EE:ED:13:62:14:3C:36:2F:24:F9:7C:67:C8:E4:EC:E2:C7:A5:61 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B1FA8/DF470902AFD911E8B2ED4C7FC4F9AE02/De7tE2IUPDYvJPl8Z8jk7OLHpWE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/De7tE2IUPDYvJPl8Z8jk7OLHpWE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B1FA8/DF470902AFD911E8B2ED4C7FC4F9AE02/B8B7B5BA64BE11EBA96DF40DC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 144.6.0.0/16 159.196.0.0/16 167.179.128.0/18 Signature Algorithm: sha256WithRSAEncryption 68:fa:36:15:68:5f:7e:83:ae:a5:06:96:6b:f9:d5:88:ea:a7: 26:51:5b:a2:e8:49:ed:2b:53:9f:f3:b5:26:0f:4e:52:cb:fe: ca:b9:8e:97:90:c8:15:e3:68:09:52:a4:33:d5:58:ad:bf:07: 80:85:1c:3f:b8:79:16:11:d1:03:63:08:b2:16:bf:37:d4:4d: c5:6d:b5:03:2a:af:1a:56:16:0e:c1:cf:f1:14:0e:48:60:e9: dd:9a:68:69:29:08:e1:c4:1e:59:86:8c:d5:5b:f2:15:27:f9: 6f:d6:ad:02:e2:a6:3e:ad:5d:72:7a:ec:df:50:a0:05:a2:01: 34:ed:f1:d7:2c:08:19:47:1f:62:ef:cb:9d:84:07:d5:e6:7d: c4:df:d6:4e:8f:e5:e7:90:8a:2e:43:07:fe:7f:45:a2:52:aa: 4c:50:69:9d:67:f6:51:4f:e7:bc:ce:8d:bb:59:2a:0e:dd:b0: e1:ad:3e:0c:83:cb:57:be:6d:b6:b3:7d:57:e3:0e:b1:46:cf: de:8b:0b:3a:03:73:d2:eb:21:73:75:d8:f0:69:7e:bb:7d:8a: 7e:1d:44:89:ff:da:d5:9d:4e:c3:99:59:86:5b:9f:62:84:44: 55:f6:1b:93:7c:3d:d2:93:a3:ca:d8:07:b7:44:02:65:c7:82: 5e:b6:cf:1b -----BEGIN CERTIFICATE----- MIIFezCCBGOgAwIBAgICEwkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjFGQTgxMTAvBgNVBAUTKDBERUVFRDEzNjIxNDNDMzYyRjI0Rjk3QzY3QzhFNEVD RTJDN0E1NjEwHhcNMjUwMzA0MTc0NDU1WhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD VQQDEw02N2M3M2MxNy1mNjc0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAyhVl0e3QuWYziUZWJWyHmC+GfpNY75Ndfy8hSACWNiFlQqlko1TgtzhbQEH8 bJg5Al6p+IgcH2PD1+AIXPfGa6B/JFj7eV/FJP7O0ecLDjVSo5sZ/uGvfJw2pUvo 4TNZ8bWQxvuf5DOD7XvhUOaw+ZdazQOeLnTW/1G3ZHtW04h6GEuh9oDM5NT6C4MR V33eleNt7oNfaCkrH4+f4zIsHCK/s1i2jNY51//6rzF5EW/TIkcwgEaJQcTxxtO9 wIQhIuIOQ0pBCdPGP5nYbGiBowZBByVQR2Zz4vCHo4AK9RgAbIO5o+cu0iui+gYu Usmj4BpBIJsQQqN168eRga5+2wIDAQABo4ICnzCCApswHQYDVR0OBBYEFM/nZPxv 2C+TWmxYGEakKPIdrnKmMB8GA1UdIwQYMBaAFA3u7RNiFDw2LyT5fGfI5Ozix6Vh MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCMUZBOC9ERjQ3MDkwMkFG RDkxMUU4QjJFRDRDN0ZDNEY5QUUwMi9EZTd0RTJJVVBEWXZKUGw4WjhqazdPTEhw V0UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL0RlN3RFMklVUERZdkpQbDhaOGprN09MSHBXRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QjFGQTgvREY0NzA5MDJBRkQ5MTFFOEIyRUQ0QzdGQzRGOUFFMDIvQjhCN0I1QkE2 NEJFMTFFQkE5NkRGNDBEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKQYIKwYBBQUHAQcBAf8E GjAYMBYEAgABMBADAwCQBgMDAJ/EAwQGp7OAMA0GCSqGSIb3DQEBCwUAA4IBAQBo +jYVaF9+g66lBpZr+dWI6qcmUVui6EntK1Of87UmD05Sy/7KuY6XkMgV42gJUqQz 1VitvweAhRw/uHkWEdEDYwiyFr831E3FbbUDKq8aVhYOwc/xFA5IYOndmmhpKQjh xB5ZhozVW/IVJ/lv1q0C4qY+rV1yeuzfUKAFogE07fHXLAgZRx9i78udhAfV5n3E 39ZOj+XnkIouQwf+f0WiUqpMUGmdZ/ZRT+e8zo27WSoO3bDhrT4Mg8tXvm22s31X 4w6xRs/eiws6A3PS6yFzddjwaX67fYp+HUSJ/9rVnU7DmVmGW59ihERV9huTfD3S k6PK2Ae3RAJlx4Jets8b -----END CERTIFICATE-----Generated at Sat Apr 5 12:34:57 2025 by rpki-client