$ rpki-client -vvf rpki.apnic.net/member_repository/A91B1FA8/DF470902AFD911E8B2ED4C7FC4F9AE02/B8B7B5BA64BE11EBA96DF40DC4F9AE02.roa File: B8B7B5BA64BE11EBA96DF40DC4F9AE02.roa (raw, json) Hash identifier: R0AZPv6+24ga8tPLfZ8kNV1NXohs9+QG7hIHcrhg+8k= Subject key identifier: CC:B7:FB:A5:C0:08:06:4C:F7:48:56:6C:10:E7:11:F3:4E:47:C6:59 Certificate issuer: /CN=A91B1FA8/serialNumber=0DEEED1362143C362F24F97C67C8E4ECE2C7A561 Certificate serial: 134D Authority key identifier: 0D:EE:ED:13:62:14:3C:36:2F:24:F9:7C:67:C8:E4:EC:E2:C7:A5:61 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/De7tE2IUPDYvJPl8Z8jk7OLHpWE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B1FA8/DF470902AFD911E8B2ED4C7FC4F9AE02/B8B7B5BA64BE11EBA96DF40DC4F9AE02.roa Signing time: Tue 08 Jul 2025 02:38:55 +0000 ROA not before: Tue 08 Jul 2025 02:38:55 +0000 ROA not after: Fri 01 May 2026 00:00:00 +0000 asID: 4764 IP address blocks: 144.6.0.0/16 maxlen: 22 157.211.0.0/16 maxlen: 16 159.196.0.0/18 maxlen: 23 159.196.64.0/18 maxlen: 24 159.196.128.0/18 maxlen: 23 159.196.168.0/24 maxlen: 24 159.196.169.0/24 maxlen: 24 159.196.170.0/24 maxlen: 24 159.196.171.0/24 maxlen: 24 159.196.192.0/18 maxlen: 24 167.179.128.0/18 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B1FA8/DF470902AFD911E8B2ED4C7FC4F9AE02/De7tE2IUPDYvJPl8Z8jk7OLHpWE.crl rsync://rpki.apnic.net/member_repository/A91B1FA8/DF470902AFD911E8B2ED4C7FC4F9AE02/De7tE2IUPDYvJPl8Z8jk7OLHpWE.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/De7tE2IUPDYvJPl8Z8jk7OLHpWE.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 25 Jul 2025 17:10:47 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4941 (0x134d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B1FA8, serialNumber=0DEEED1362143C362F24F97C67C8E4ECE2C7A561 Validity Not Before: Jul 8 02:38:55 2025 GMT Not After : May 1 00:00:00 2026 GMT Subject: CN=686c84bf-3553 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:6e:6e:22:0e:6a:ff:11:62:a5:52:f9:77:8e: 48:f9:6f:69:d6:99:ac:61:26:d7:9a:b6:69:b1:3a: 99:dd:68:4e:49:d6:dd:88:10:16:07:5f:46:1c:df: 98:97:70:95:53:4f:26:d7:3a:78:03:10:80:17:57: 48:fc:1b:a6:5c:df:ed:57:c3:9c:54:e1:b1:63:a1: 49:8b:7a:2f:97:74:36:9e:77:65:da:1f:ee:03:3c: 1e:f2:d8:0b:91:e7:b2:b0:32:4e:56:40:49:e3:aa: e5:12:f7:65:57:f9:84:5c:bf:3a:75:91:e4:ee:dc: c8:8c:0a:f7:bc:ba:cc:87:ee:a0:88:25:e2:01:10: 31:a3:6e:88:2e:90:7b:e1:ae:d9:87:21:8e:e7:ec: 44:db:a4:1e:9b:6b:6c:9d:31:fd:04:bf:20:8e:99: 15:69:32:06:e6:61:3b:e1:dc:6f:2a:02:53:d8:ce: 07:ec:c7:c3:b6:40:85:bd:9e:00:d0:73:11:93:36: 22:f1:50:a5:a4:fd:77:0e:00:c6:f1:b4:ab:e3:d8: 04:ff:fe:7b:c0:74:ef:2d:e0:80:35:e9:cb:63:7e: da:a8:fd:13:08:17:d3:dc:c9:ac:9c:a0:17:e4:99: 4c:d1:71:ec:18:b1:1b:b4:05:74:6d:4e:49:b2:39: c0:ab Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CC:B7:FB:A5:C0:08:06:4C:F7:48:56:6C:10:E7:11:F3:4E:47:C6:59 X509v3 Authority Key Identifier: keyid:0D:EE:ED:13:62:14:3C:36:2F:24:F9:7C:67:C8:E4:EC:E2:C7:A5:61 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B1FA8/DF470902AFD911E8B2ED4C7FC4F9AE02/De7tE2IUPDYvJPl8Z8jk7OLHpWE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/De7tE2IUPDYvJPl8Z8jk7OLHpWE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B1FA8/DF470902AFD911E8B2ED4C7FC4F9AE02/B8B7B5BA64BE11EBA96DF40DC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 144.6.0.0/16 157.211.0.0/16 159.196.0.0/16 167.179.128.0/18 Signature Algorithm: sha256WithRSAEncryption bb:e3:07:58:13:86:98:46:73:aa:e1:04:fa:54:f1:6e:e7:b1: 3e:2c:8a:14:a9:ae:66:13:da:8f:7b:34:d0:fa:30:81:d0:33: 18:ac:95:7d:b5:36:15:92:31:34:71:9b:06:11:3c:fd:4a:70: 23:78:f1:0b:17:13:82:43:1e:bb:76:9a:a6:98:2d:7e:09:e8: 3e:d0:24:d5:e5:80:e7:3a:bf:4e:2d:85:3d:23:f4:5b:27:d2: 32:0d:d3:df:bf:e1:c0:d6:6c:86:06:fb:34:0c:36:25:a4:9e: 1c:d6:5a:d8:79:f7:f6:a1:c2:83:80:4c:e2:8c:2e:51:02:2d: c6:18:2f:f6:7b:d6:18:13:3b:05:e0:a4:3c:85:8c:82:7a:69: df:b5:91:b9:08:08:a5:84:96:5d:16:f5:9a:22:3f:5a:8c:ff: d3:13:93:ea:40:5c:3b:ad:b7:1f:ec:f7:fc:e7:3a:d7:8f:7d: ce:ab:0f:c6:37:f6:a1:59:20:b5:87:da:d3:27:53:56:f8:7d: 52:58:c8:b1:a9:55:ea:5f:19:59:4f:19:a1:bd:cd:10:66:5a: d2:a9:08:03:1f:91:12:d3:ab:70:b4:5e:84:5a:b5:d6:13:4c: 29:8d:e4:3c:8c:9c:2f:82:90:33:c4:e2:29:84:9d:5a:93:3c: e2:02:2d:e1 -----BEGIN CERTIFICATE----- MIIFgDCCBGigAwIBAgICE00wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjFGQTgxMTAvBgNVBAUTKDBERUVFRDEzNjIxNDNDMzYyRjI0Rjk3QzY3QzhFNEVD RTJDN0E1NjEwHhcNMjUwNzA4MDIzODU1WhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD VQQDEw02ODZjODRiZi0zNTUzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA1W5uIg5q/xFipVL5d45I+W9p1pmsYSbXmrZpsTqZ3WhOSdbdiBAWB19GHN+Y l3CVU08m1zp4AxCAF1dI/BumXN/tV8OcVOGxY6FJi3ovl3Q2nndl2h/uAzwe8tgL keeysDJOVkBJ46rlEvdlV/mEXL86dZHk7tzIjAr3vLrMh+6giCXiARAxo26ILpB7 4a7ZhyGO5+xE26Qem2tsnTH9BL8gjpkVaTIG5mE74dxvKgJT2M4H7MfDtkCFvZ4A 0HMRkzYi8VClpP13DgDG8bSr49gE//57wHTvLeCANenLY37aqP0TCBfT3MmsnKAX 5JlM0XHsGLEbtAV0bU5JsjnAqwIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFMy3+6XA CAZM90hWbBDnEfNOR8ZZMB8GA1UdIwQYMBaAFA3u7RNiFDw2LyT5fGfI5Ozix6Vh MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCMUZBOC9ERjQ3MDkwMkFG RDkxMUU4QjJFRDRDN0ZDNEY5QUUwMi9EZTd0RTJJVVBEWXZKUGw4WjhqazdPTEhw V0UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL0RlN3RFMklVUERZdkpQbDhaOGprN09MSHBXRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QjFGQTgvREY0NzA5MDJBRkQ5MTFFOEIyRUQ0QzdGQzRGOUFFMDIvQjhCN0I1QkE2 NEJFMTFFQkE5NkRGNDBEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E HzAdMBsEAgABMBUDAwCQBgMDAJ3TAwMAn8QDBAans4AwDQYJKoZIhvcNAQELBQAD ggEBALvjB1gThphGc6rhBPpU8W7nsT4sihSprmYT2o97NND6MIHQMxislX21NhWS MTRxmwYRPP1KcCN48QsXE4JDHrt2mqaYLX4J6D7QJNXlgOc6v04thT0j9Fsn0jIN 09+/4cDWbIYG+zQMNiWknhzWWth59/ahwoOATOKMLlECLcYYL/Z71hgTOwXgpDyF jIJ6ad+1kbkICKWEll0W9ZoiP1qM/9MTk+pAXDuttx/s9/znOtePfc6rD8Y39qFZ ILWH2tMnU1b4fVJYyLGpVepfGVlPGaG9zRBmWtKpCAMfkRLTq3C0XoRatdYTTCmN 5DyMnC+CkDPE4imEnVqTPOICLeE= -----END CERTIFICATE-----Generated at Sun Jul 20 06:11:19 2025 by rpki-client