$ rpki-client -vvf rpki.apnic.net/member_repository/A91D60CF/E53608F02AFC11EFA0243C4AC4F9AE02/B56F40DEE9DB11EFBDD8BD26C4F9AE02.roa File: B56F40DEE9DB11EFBDD8BD26C4F9AE02.roa (raw, json) Hash identifier: dk/mJ6WLbx1un0lM/kEaDG7s+C714fNxg9o9daVbyM4= Subject key identifier: 26:A5:7B:74:07:EC:3C:27:B6:10:D7:57:57:1D:85:32:D7:93:C1:7E Certificate issuer: /CN=A91D60CF/serialNumber=0474F406A178D22C54D5EF724C6B2C2C9A3B6B98 Certificate serial: 7F Authority key identifier: 04:74:F4:06:A1:78:D2:2C:54:D5:EF:72:4C:6B:2C:2C:9A:3B:6B:98 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/BHT0BqF40ixU1e9yTGssLJo7a5g.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D60CF/E53608F02AFC11EFA0243C4AC4F9AE02/B56F40DEE9DB11EFBDD8BD26C4F9AE02.roa Signing time: Thu 13 Feb 2025 07:25:32 +0000 ROA not before: Thu 13 Feb 2025 07:25:32 +0000 ROA not after: Sun 31 Aug 2025 00:00:00 +0000 asID: 136030 IP address blocks: 160.22.140.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D60CF/E53608F02AFC11EFA0243C4AC4F9AE02/BHT0BqF40ixU1e9yTGssLJo7a5g.crl rsync://rpki.apnic.net/member_repository/A91D60CF/E53608F02AFC11EFA0243C4AC4F9AE02/BHT0BqF40ixU1e9yTGssLJo7a5g.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/BHT0BqF40ixU1e9yTGssLJo7a5g.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 12 Apr 2025 05:35:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 127 (0x7f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D60CF Validity Not Before: Feb 13 07:25:32 2025 GMT Not After : Aug 31 00:00:00 2025 GMT Subject: CN=67ad9e6c-0618 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:8d:3a:60:50:9e:19:e2:58:8c:90:9b:9d:05: 6f:91:34:df:a6:cd:85:76:e7:31:d5:0d:5a:fd:11: 5d:73:ec:dc:fc:1f:82:b2:83:73:d3:fa:23:f9:4c: e9:0b:47:4f:0a:10:e7:ce:2a:7c:46:69:c8:2a:b5: 88:04:78:f6:cb:bd:ad:3a:76:34:89:ef:c5:dc:d5: 5a:3f:36:43:f9:3c:0e:05:5e:92:00:30:15:3b:1e: 42:5a:3f:3f:37:07:a2:e9:1e:30:fa:5e:81:4b:c1: df:52:84:e6:44:d2:cd:a6:ff:fd:5c:95:6f:a6:0d: 8f:75:d9:f4:2c:ce:7f:72:f8:df:79:2d:08:16:46: cf:af:8e:e2:56:02:7e:8d:a3:11:23:4a:34:6a:d3: c3:53:80:9a:36:92:62:39:1a:95:77:2a:71:d6:8b: d6:5f:d6:42:52:d5:c7:45:7c:ca:2c:e9:dd:c6:a9: 90:bd:9e:0c:f3:82:49:2f:b8:c1:92:92:0a:82:7f: d7:11:81:82:48:c3:9c:6c:12:90:48:95:70:a3:44: 9b:51:9b:4f:ca:41:ad:0d:07:81:f6:1e:fe:73:33: 1f:18:97:90:03:b0:93:2c:b6:b4:88:8d:a5:7c:07: 1f:4c:9d:17:cf:5e:ef:d0:5a:6b:31:cf:d4:70:a0: 3a:29 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 26:A5:7B:74:07:EC:3C:27:B6:10:D7:57:57:1D:85:32:D7:93:C1:7E X509v3 Authority Key Identifier: keyid:04:74:F4:06:A1:78:D2:2C:54:D5:EF:72:4C:6B:2C:2C:9A:3B:6B:98 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D60CF/E53608F02AFC11EFA0243C4AC4F9AE02/BHT0BqF40ixU1e9yTGssLJo7a5g.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/BHT0BqF40ixU1e9yTGssLJo7a5g.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D60CF/E53608F02AFC11EFA0243C4AC4F9AE02/B56F40DEE9DB11EFBDD8BD26C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 160.22.140.0/24 Signature Algorithm: sha256WithRSAEncryption 51:21:7f:5f:cd:ab:6d:0f:e5:2e:fd:61:da:0f:94:c2:de:bb: 53:21:7f:0b:e1:00:e6:88:04:b4:9d:e8:43:86:28:ef:73:6a: 19:c3:43:8e:84:9e:c1:0b:5a:97:9f:d0:43:98:67:5a:b0:ed: e7:4d:cf:11:0a:bd:d4:17:57:de:67:c4:d3:5d:4f:15:15:86: 65:91:03:92:63:4d:9c:6c:5f:4f:4f:0e:a8:c0:38:62:44:4a: f8:e0:5e:65:f0:40:69:17:a3:67:f7:16:b6:95:5a:6e:44:46: ee:8e:63:a3:83:c6:88:8c:4d:29:c3:b8:32:ee:53:b0:30:35: 2d:73:b3:67:24:0c:4c:82:12:c1:b3:8c:51:5e:30:15:ac:fe: ba:2b:fc:34:92:c9:f9:fb:44:ac:c7:a1:d5:d3:92:86:7c:41: 78:a7:81:4a:8e:dc:77:c6:3f:ba:1d:64:a8:90:fd:92:66:bd: 80:99:37:2d:b2:7f:01:d5:ee:2b:d8:51:31:9e:6f:8c:e7:f6: f5:98:b2:c2:96:fd:e5:5b:e4:8b:ec:a2:8a:34:2b:80:59:5a: 0d:b1:32:b5:fb:a8:ef:2d:cc:9c:8f:82:a1:16:52:cd:0f:cf: 63:de:04:c0:09:bd:0c:fe:bd:56:45:bd:e6:e6:ea:2f:d9:50: 70:26:40:bb -----BEGIN CERTIFICATE----- MIIFcDCCBFigAwIBAgIBfzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFE NjBDRjExMC8GA1UEBRMoMDQ3NEY0MDZBMTc4RDIyQzU0RDVFRjcyNEM2QjJDMkM5 QTNCNkI5ODAeFw0yNTAyMTMwNzI1MzJaFw0yNTA4MzEwMDAwMDBaMBgxFjAUBgNV BAMTDTY3YWQ5ZTZjLTA2MTgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQC/jTpgUJ4Z4liMkJudBW+RNN+mzYV25zHVDVr9EV1z7Nz8H4Kyg3PT+iP5TOkL R08KEOfOKnxGacgqtYgEePbLva06djSJ78Xc1Vo/NkP5PA4FXpIAMBU7HkJaPz83 B6LpHjD6XoFLwd9ShOZE0s2m//1clW+mDY912fQszn9y+N95LQgWRs+vjuJWAn6N oxEjSjRq08NTgJo2kmI5GpV3KnHWi9Zf1kJS1cdFfMos6d3GqZC9ngzzgkkvuMGS kgqCf9cRgYJIw5xsEpBIlXCjRJtRm0/KQa0NB4H2Hv5zMx8Yl5ADsJMstrSIjaV8 Bx9MnRfPXu/QWmsxz9RwoDopAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUJqV7dAfs PCe2ENdXVx2FMteTwX4wHwYDVR0jBBgwFoAUBHT0BqF40ixU1e9yTGssLJo7a5gw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUQ2MENGL0U1MzYwOEYwMkFG QzExRUZBMDI0M0M0QUM0RjlBRTAyL0JIVDBCcUY0MGl4VTFlOXlUR3NzTEpvN2E1 Zy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvQkhUMEJxRjQwaXhVMWU5eVRHc3NMSm83YTVnLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE NjBDRi9FNTM2MDhGMDJBRkMxMUVGQTAyNDNDNEFDNEY5QUUwMi9CNTZGNDBERUU5 REIxMUVGQkREOEJEMjZDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ MA4wDAQCAAEwBgMEAKAWjDANBgkqhkiG9w0BAQsFAAOCAQEAUSF/X82rbQ/lLv1h 2g+Uwt67UyF/C+EA5ogEtJ3oQ4Yo73NqGcNDjoSewQtal5/QQ5hnWrDt503PEQq9 1BdX3mfE011PFRWGZZEDkmNNnGxfT08OqMA4YkRK+OBeZfBAaRejZ/cWtpVabkRG 7o5jo4PGiIxNKcO4Mu5TsDA1LXOzZyQMTIISwbOMUV4wFaz+uiv8NJLJ+ftErMeh 1dOShnxBeKeBSo7cd8Y/uh1kqJD9kma9gJk3LbJ/AdXuK9hRMZ5vjOf29Ziywpb9 5Vvki+yiijQrgFlaDbEytfuo7y3MnI+CoRZSzQ/PY94EwAm9DP69VkW95ubqL9lQ cCZAuw== -----END CERTIFICATE-----Generated at Sat Apr 5 19:18:30 2025 by rpki-client