$ rpki-client -vvf rpki.apnic.net/member_repository/A91C6CAF/F3E0FAE4B6F411EEAC203810C4F9AE02/09E42D1E921B11EF829E0041C4F9AE02.roa File: 09E42D1E921B11EF829E0041C4F9AE02.roa (raw, json) Hash identifier: B4bx9kA0p4n5ASz52WYMBOS7rU+I5DT2fmWjDq/qssM= Subject key identifier: 30:C7:2C:C1:EC:18:D7:8C:F3:C0:57:57:18:E3:7E:C3:D3:FA:22:9C Certificate issuer: /CN=A91C6CAF/serialNumber=9F02DA3AB5FB45317507C48021CE0A8B937255C9 Certificate serial: D6 Authority key identifier: 9F:02:DA:3A:B5:FB:45:31:75:07:C4:80:21:CE:0A:8B:93:72:55:C9 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/nwLaOrX7RTF1B8SAIc4Ki5NyVck.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C6CAF/F3E0FAE4B6F411EEAC203810C4F9AE02/09E42D1E921B11EF829E0041C4F9AE02.roa Signing time: Wed 29 Jan 2025 04:18:02 +0000 ROA not before: Wed 29 Jan 2025 04:18:02 +0000 ROA not after: Tue 31 Mar 2026 00:00:00 +0000 asID: 152334 IP address blocks: 157.10.238.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C6CAF/F3E0FAE4B6F411EEAC203810C4F9AE02/nwLaOrX7RTF1B8SAIc4Ki5NyVck.crl rsync://rpki.apnic.net/member_repository/A91C6CAF/F3E0FAE4B6F411EEAC203810C4F9AE02/nwLaOrX7RTF1B8SAIc4Ki5NyVck.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/nwLaOrX7RTF1B8SAIc4Ki5NyVck.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 28 Apr 2025 04:13:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 214 (0xd6) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C6CAF, serialNumber=9F02DA3AB5FB45317507C48021CE0A8B937255C9 Validity Not Before: Jan 29 04:18:02 2025 GMT Not After : Mar 31 00:00:00 2026 GMT Subject: CN=6799abfa-c8b6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:71:1f:2f:ec:3a:e4:89:34:9d:22:df:b8:02: d8:12:a2:f9:e8:73:54:0c:ab:49:4b:d3:d2:36:e9: 0e:49:37:4c:32:1f:a4:24:d8:ca:df:2c:62:d0:d2: 7b:a3:c3:e2:1e:b0:81:01:f1:d2:9d:27:67:d1:94: 50:ca:f8:29:6b:a0:0d:3e:19:70:49:df:bc:90:6e: ee:a0:8e:c6:d8:26:3a:d5:6f:8d:a7:c3:4a:5b:bb: 25:85:6d:6d:0f:b7:7b:c4:1f:46:e2:6d:89:eb:87: 1d:18:d7:ee:46:88:00:ce:18:63:72:da:d6:4d:05: 80:a4:fa:19:18:29:0d:87:32:8b:8b:5a:d3:de:81: 43:22:82:35:03:db:55:55:44:7c:32:7c:70:60:35: ed:fd:97:4c:54:af:14:4a:4d:fe:53:a7:93:32:13: 6f:53:e2:56:e3:d6:2c:02:12:2d:a2:c5:32:c2:8a: 00:38:66:16:fc:05:c4:b8:3f:55:b8:10:86:48:ff: 2b:3c:1f:74:51:f9:5a:c4:e5:e3:79:3a:50:63:eb: 1d:bb:f4:09:c1:51:90:4c:d5:6f:ac:a6:35:30:5e: ed:80:e0:d3:fe:e6:8b:62:7a:97:91:31:c9:b8:51: bc:9c:7e:94:17:67:d3:fb:c2:ee:d6:de:db:be:11: 3b:fd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 30:C7:2C:C1:EC:18:D7:8C:F3:C0:57:57:18:E3:7E:C3:D3:FA:22:9C X509v3 Authority Key Identifier: keyid:9F:02:DA:3A:B5:FB:45:31:75:07:C4:80:21:CE:0A:8B:93:72:55:C9 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C6CAF/F3E0FAE4B6F411EEAC203810C4F9AE02/nwLaOrX7RTF1B8SAIc4Ki5NyVck.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/nwLaOrX7RTF1B8SAIc4Ki5NyVck.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C6CAF/F3E0FAE4B6F411EEAC203810C4F9AE02/09E42D1E921B11EF829E0041C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 157.10.238.0/24 Signature Algorithm: sha256WithRSAEncryption 54:d7:39:7f:f5:53:ee:3c:2b:56:11:02:20:e7:61:5f:c2:bd: 38:bf:97:11:6a:ac:79:85:10:de:dc:93:fa:fa:e8:c9:ef:fd: 34:d3:8a:46:c4:f2:c6:2b:ab:b5:23:dc:66:1b:f7:8c:4f:c6: b8:c9:48:d4:b3:4e:95:74:51:e1:43:71:86:ee:56:f2:98:05: b3:57:47:6a:5a:e1:67:bf:88:1f:32:10:aa:7e:08:e4:d7:d1: 7c:9b:21:7a:9d:0b:e4:29:19:43:0e:d3:a0:d7:91:df:5e:75: 07:b3:99:79:61:25:45:87:35:61:5f:49:83:a0:7b:bc:e3:9c: 5c:04:b1:6e:ea:cf:80:75:ae:ca:5b:1a:18:27:0f:c6:81:c7: b7:13:0d:d5:41:4b:d7:31:f0:f7:0d:5c:af:78:77:0c:65:5c: e7:fb:9f:51:b3:5e:d0:c2:8a:1f:88:7c:7b:5a:05:8b:51:5b: dd:8f:bc:51:f8:d8:8c:ed:75:66:b6:dc:f5:b5:12:a9:8c:01: f5:38:35:92:aa:ad:35:59:ee:ca:d4:d5:47:d7:a3:34:34:51: 37:2e:80:90:06:b3:9f:fc:06:83:b0:8e:23:35:7d:37:43:c8: 66:ab:a3:79:b7:1d:90:54:b9:e4:59:86:34:9f:6c:fe:e7:9b: 6e:04:8b:f0 -----BEGIN CERTIFICATE----- MIIFcTCCBFmgAwIBAgICANYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QzZDQUYxMTAvBgNVBAUTKDlGMDJEQTNBQjVGQjQ1MzE3NTA3QzQ4MDIxQ0UwQThC OTM3MjU1QzkwHhcNMjUwMTI5MDQxODAyWhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD VQQDEw02Nzk5YWJmYS1jOGI2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwXEfL+w65Ik0nSLfuALYEqL56HNUDKtJS9PSNukOSTdMMh+kJNjK3yxi0NJ7 o8PiHrCBAfHSnSdn0ZRQyvgpa6ANPhlwSd+8kG7uoI7G2CY61W+Np8NKW7slhW1t D7d7xB9G4m2J64cdGNfuRogAzhhjctrWTQWApPoZGCkNhzKLi1rT3oFDIoI1A9tV VUR8MnxwYDXt/ZdMVK8USk3+U6eTMhNvU+JW49YsAhItosUywooAOGYW/AXEuD9V uBCGSP8rPB90UflaxOXjeTpQY+sdu/QJwVGQTNVvrKY1MF7tgODT/uaLYnqXkTHJ uFG8nH6UF2fT+8Lu1t7bvhE7/QIDAQABo4IClTCCApEwHQYDVR0OBBYEFDDHLMHs GNeM88BXVxjjfsPT+iKcMB8GA1UdIwQYMBaAFJ8C2jq1+0UxdQfEgCHOCouTclXJ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDNkNBRi9GM0UwRkFFNEI2 RjQxMUVFQUMyMDM4MTBDNEY5QUUwMi9ud0xhT3JYN1JURjFCOFNBSWM0S2k1TnlW Y2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL253TGFPclg3UlRGMUI4U0FJYzRLaTVOeVZjay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QzZDQUYvRjNFMEZBRTRCNkY0MTFFRUFDMjAzODEwQzRGOUFFMDIvMDlFNDJEMUU5 MjFCMTFFRjgyOUUwMDQxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E EDAOMAwEAgABMAYDBACdCu4wDQYJKoZIhvcNAQELBQADggEBAFTXOX/1U+48K1YR AiDnYV/CvTi/lxFqrHmFEN7ck/r66Mnv/TTTikbE8sYrq7Uj3GYb94xPxrjJSNSz TpV0UeFDcYbuVvKYBbNXR2pa4We/iB8yEKp+COTX0XybIXqdC+QpGUMO06DXkd9e dQezmXlhJUWHNWFfSYOge7zjnFwEsW7qz4B1rspbGhgnD8aBx7cTDdVBS9cx8PcN XK94dwxlXOf7n1GzXtDCih+IfHtaBYtRW92PvFH42IztdWa23PW1EqmMAfU4NZKq rTVZ7srU1UfXozQ0UTcugJAGs5/8BoOwjiM1fTdDyGaro3m3HZBUueRZhjSfbP7n m24Ei/A= -----END CERTIFICATE-----Generated at Tue Apr 22 02:59:38 2025 by rpki-client