$ rpki-client -vvf rpki.apnic.net/member_repository/A91FEB37/3CB779E0F5F711EFB82EFD6BC4F9AE02/0FED0338F66C11EFA1F5216AC4F9AE02.roa File: 0FED0338F66C11EFA1F5216AC4F9AE02.roa (raw, json) Hash identifier: U5ihYANfpqZVv2wTmvSMJeDuFIy+/heVKl2c8EiBKYs= Subject key identifier: 37:0D:50:F2:78:FB:0A:54:5A:B6:DD:68:E5:0D:64:F0:BB:77:E6:E4 Certificate issuer: /CN=A91FEB37/serialNumber=4E68B048DD3DDBA5F478F1FD288A8618BA9FABAA Certificate serial: 09 Authority key identifier: 4E:68:B0:48:DD:3D:DB:A5:F4:78:F1:FD:28:8A:86:18:BA:9F:AB:AA Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/TmiwSN0926X0ePH9KIqGGLqfq6o.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91FEB37/3CB779E0F5F711EFB82EFD6BC4F9AE02/0FED0338F66C11EFA1F5216AC4F9AE02.roa Signing time: Sat 01 Mar 2025 07:09:52 +0000 ROA not before: Sat 01 Mar 2025 07:09:52 +0000 ROA not after: Fri 01 May 2026 00:00:00 +0000 asID: 152329 IP address blocks: 157.10.224.0/24 maxlen: 24 157.10.225.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91FEB37/3CB779E0F5F711EFB82EFD6BC4F9AE02/TmiwSN0926X0ePH9KIqGGLqfq6o.crl rsync://rpki.apnic.net/member_repository/A91FEB37/3CB779E0F5F711EFB82EFD6BC4F9AE02/TmiwSN0926X0ePH9KIqGGLqfq6o.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/TmiwSN0926X0ePH9KIqGGLqfq6o.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 28 Apr 2025 06:43:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 9 (0x9) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FEB37, serialNumber=4E68B048DD3DDBA5F478F1FD288A8618BA9FABAA Validity Not Before: Mar 1 07:09:52 2025 GMT Not After : May 1 00:00:00 2026 GMT Subject: CN=67c2b2c0-6a37 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:37:1b:4e:b5:da:67:db:7a:6b:ea:d9:1a:19: ce:49:94:50:77:25:57:aa:38:f2:89:b6:93:12:f9: a7:84:09:54:b0:6f:57:b1:94:39:e0:8e:eb:0b:a3: 9c:43:d3:52:18:ea:3b:9b:3b:d5:dc:f6:b5:d7:68: ec:de:07:40:a2:18:0a:ff:e7:1a:34:ec:0e:c3:5d: 68:90:5b:05:51:18:ce:1e:80:ee:a5:f0:f2:3d:e2: 72:90:bd:2a:48:ad:2e:84:d4:0c:ed:96:60:db:b7: 30:4d:50:4f:2e:13:80:29:eb:10:af:0a:f6:48:8e: 8a:41:69:61:b4:ff:5f:9c:32:db:04:2a:36:f2:ff: ab:87:3c:1b:a3:82:10:e1:db:23:b0:cb:00:43:23: 19:38:14:b1:16:86:c3:77:d6:f9:74:de:5e:ec:34: df:17:04:87:96:69:1a:00:e2:90:55:84:1b:f4:9d: d9:71:5d:91:7c:73:63:74:3e:36:39:68:41:11:4a: b5:19:26:23:7a:03:2e:b8:fa:61:71:6f:aa:9c:24: 2f:cc:d6:b0:2e:d5:f8:54:14:d9:7f:aa:2b:4b:27: 0f:a7:85:53:d9:94:65:45:b9:db:bc:8a:9c:2f:42: 8e:6e:c0:f8:9d:9c:b4:b9:25:db:bf:56:d3:57:f9: 6a:9d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 37:0D:50:F2:78:FB:0A:54:5A:B6:DD:68:E5:0D:64:F0:BB:77:E6:E4 X509v3 Authority Key Identifier: keyid:4E:68:B0:48:DD:3D:DB:A5:F4:78:F1:FD:28:8A:86:18:BA:9F:AB:AA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91FEB37/3CB779E0F5F711EFB82EFD6BC4F9AE02/TmiwSN0926X0ePH9KIqGGLqfq6o.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/TmiwSN0926X0ePH9KIqGGLqfq6o.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FEB37/3CB779E0F5F711EFB82EFD6BC4F9AE02/0FED0338F66C11EFA1F5216AC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 157.10.224.0/23 Signature Algorithm: sha256WithRSAEncryption 62:b8:7a:9d:7d:1b:4b:64:f3:81:cd:8f:31:04:37:52:26:31: d5:f8:9e:01:6b:2d:b5:66:b3:cd:ad:f6:0a:58:99:df:ee:3e: c8:87:3a:1c:41:f9:bf:69:80:8f:95:72:f8:6c:1a:85:94:04: a1:36:81:91:43:4d:6e:ba:8c:58:78:13:de:47:79:48:f3:8c: cb:98:d6:1e:de:30:f7:e5:67:89:e7:e5:ca:2c:10:24:ff:6d: e5:94:a2:d2:dc:cf:ff:12:b7:79:80:27:2f:fe:c0:63:26:29: 81:2b:ca:7f:d6:eb:70:9c:d8:d7:ee:6d:4a:0a:37:ef:7f:34: 52:aa:63:0e:90:4d:41:fb:a3:61:cc:1c:02:e2:12:91:e9:d4: 36:20:ae:b5:13:a2:af:e4:83:d1:0e:f1:bd:61:fc:a3:07:ea: f6:bf:7a:fc:5f:cd:7f:31:5c:c6:a2:22:c7:65:dd:1b:b2:d0: 7f:a4:c8:75:66:a3:17:9e:1b:cb:ee:0a:a3:ee:88:df:c5:c8: 61:7b:7c:20:4e:86:85:69:09:72:9f:71:af:67:0b:a5:6f:d8: 48:2e:09:32:bb:44:49:67:22:07:da:4d:64:95:82:bf:55:4a: dd:1e:31:92:89:5f:0d:2e:ea:6e:67:95:8e:1f:94:8e:4f:c3: 56:67:0e:29 -----BEGIN CERTIFICATE----- MIIFcDCCBFigAwIBAgIBCTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFG RUIzNzExMC8GA1UEBRMoNEU2OEIwNDhERDNEREJBNUY0NzhGMUZEMjg4QTg2MThC QTlGQUJBQTAeFw0yNTAzMDEwNzA5NTJaFw0yNjA1MDEwMDAwMDBaMBgxFjAUBgNV BAMTDTY3YzJiMmMwLTZhMzcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQC6NxtOtdpn23pr6tkaGc5JlFB3JVeqOPKJtpMS+aeECVSwb1exlDngjusLo5xD 01IY6jubO9Xc9rXXaOzeB0CiGAr/5xo07A7DXWiQWwVRGM4egO6l8PI94nKQvSpI rS6E1AztlmDbtzBNUE8uE4Ap6xCvCvZIjopBaWG0/1+cMtsEKjby/6uHPBujghDh 2yOwywBDIxk4FLEWhsN31vl03l7sNN8XBIeWaRoA4pBVhBv0ndlxXZF8c2N0PjY5 aEERSrUZJiN6Ay64+mFxb6qcJC/M1rAu1fhUFNl/qitLJw+nhVPZlGVFudu8ipwv Qo5uwPidnLS5Jdu/VtNX+WqdAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUNw1Q8nj7 ClRatt1o5Q1k8Lt35uQwHwYDVR0jBBgwFoAUTmiwSN0926X0ePH9KIqGGLqfq6ow DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUZFQjM3LzNDQjc3OUUwRjVG NzExRUZCODJFRkQ2QkM0RjlBRTAyL1RtaXdTTjA5MjZYMGVQSDlLSXFHR0xxZnE2 by5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvVG1pd1NOMDkyNlgwZVBIOUtJcUdHTHFmcTZvLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG RUIzNy8zQ0I3NzlFMEY1RjcxMUVGQjgyRUZENkJDNEY5QUUwMi8wRkVEMDMzOEY2 NkMxMUVGQTFGNTIxNkFDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ MA4wDAQCAAEwBgMEAZ0K4DANBgkqhkiG9w0BAQsFAAOCAQEAYrh6nX0bS2Tzgc2P MQQ3UiYx1fieAWsttWazza32CliZ3+4+yIc6HEH5v2mAj5Vy+GwahZQEoTaBkUNN brqMWHgT3kd5SPOMy5jWHt4w9+VnieflyiwQJP9t5ZSi0tzP/xK3eYAnL/7AYyYp gSvKf9brcJzY1+5tSgo37380UqpjDpBNQfujYcwcAuISkenUNiCutROir+SD0Q7x vWH8owfq9r96/F/NfzFcxqIix2XdG7LQf6TIdWajF54by+4Ko+6I38XIYXt8IE6G hWkJcp9xr2cLpW/YSC4JMrtESWciB9pNZJWCv1VK3R4xkolfDS7qbmeVjh+Ujk/D VmcOKQ== -----END CERTIFICATE-----Generated at Tue Apr 22 23:17:47 2025 by rpki-client