$ rpki-client -vvf rpki.apnic.net/member_repository/A912434D/FC20913858DD11F08FAADE66C4F9AE02/CD9B554E58DF11F0A0F08D09C4F9AE02.roa File: CD9B554E58DF11F0A0F08D09C4F9AE02.roa (raw, json) Hash identifier: O8Z/SaLnBNWGRjL6AfyE+33fscQi14WCCS2K6DsHHDc= Subject key identifier: 42:D5:67:12:27:D2:3C:83:54:CB:F6:60:B1:9E:3F:1E:11:18:7E:54 Certificate issuer: /CN=A912434D/serialNumber=30D719F9C6D37E2AC9F4D6D4B1F7D978EC2A3289 Certificate serial: 02 Authority key identifier: 30:D7:19:F9:C6:D3:7E:2A:C9:F4:D6:D4:B1:F7:D9:78:EC:2A:32:89 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/MNcZ-cbTfirJ9NbUsffZeOwqMok.cer Subject info access: rsync://rpki.apnic.net/member_repository/A912434D/FC20913858DD11F08FAADE66C4F9AE02/CD9B554E58DF11F0A0F08D09C4F9AE02.roa Signing time: Fri 04 Jul 2025 14:04:30 +0000 ROA not before: Fri 04 Jul 2025 14:04:30 +0000 ROA not after: Sat 31 Jan 2026 00:00:00 +0000 asID: 150161 IP address blocks: 160.191.24.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A912434D/FC20913858DD11F08FAADE66C4F9AE02/MNcZ-cbTfirJ9NbUsffZeOwqMok.crl rsync://rpki.apnic.net/member_repository/A912434D/FC20913858DD11F08FAADE66C4F9AE02/MNcZ-cbTfirJ9NbUsffZeOwqMok.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/MNcZ-cbTfirJ9NbUsffZeOwqMok.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 28 Jul 2025 07:27:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2 (0x2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A912434D, serialNumber=30D719F9C6D37E2AC9F4D6D4B1F7D978EC2A3289 Validity Not Before: Jul 4 14:04:30 2025 GMT Not After : Jan 31 00:00:00 2026 GMT Subject: CN=6867df6e-b00f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:8f:7b:a5:bc:45:24:e4:b2:47:a7:e3:70:97: 85:fe:38:91:76:23:47:8a:52:6f:cd:49:e0:03:3c: 5e:16:ca:21:7c:11:5d:44:ef:32:9b:cd:16:ab:04: bc:b2:55:f6:30:38:fa:10:5a:a6:ee:47:0d:81:d6: 21:d9:10:b0:5a:68:54:32:25:00:fb:ea:0c:9a:c8: 65:17:d3:cd:f1:ab:79:67:42:ea:df:3a:ef:4f:94: 10:50:ec:3b:cf:58:cf:74:12:af:f5:86:2f:e9:73: 19:95:c6:18:ff:05:54:cb:4f:69:06:91:a7:53:09: fb:d5:ed:80:f3:17:2d:0d:ee:65:58:00:e5:77:29: 77:35:bc:c5:e8:5e:3c:a7:57:ff:23:46:cb:a6:c1: c7:f4:2b:13:5d:6c:79:07:61:ab:c6:e4:f3:2d:e8: b6:ab:f0:52:a9:3f:40:47:31:31:d2:2b:90:82:91: fb:ad:58:87:dc:55:71:ce:dd:5b:2e:6e:c7:34:3f: 31:4b:ec:e9:2f:d1:78:17:66:34:b5:b8:8d:26:6b: 98:77:4d:7d:ba:ad:66:a1:db:cf:33:f8:80:72:66: 92:23:c3:61:aa:ec:06:ce:10:2a:81:9a:d1:6d:9d: e5:73:23:2d:13:21:4b:28:75:d1:74:ed:ff:cd:71: 79:b1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 42:D5:67:12:27:D2:3C:83:54:CB:F6:60:B1:9E:3F:1E:11:18:7E:54 X509v3 Authority Key Identifier: keyid:30:D7:19:F9:C6:D3:7E:2A:C9:F4:D6:D4:B1:F7:D9:78:EC:2A:32:89 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A912434D/FC20913858DD11F08FAADE66C4F9AE02/MNcZ-cbTfirJ9NbUsffZeOwqMok.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/MNcZ-cbTfirJ9NbUsffZeOwqMok.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912434D/FC20913858DD11F08FAADE66C4F9AE02/CD9B554E58DF11F0A0F08D09C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 160.191.24.0/23 Signature Algorithm: sha256WithRSAEncryption 5a:c5:da:09:6d:37:55:f0:8e:02:27:b2:05:a6:21:e0:e3:40: 2d:ea:a4:ff:4b:9f:24:6b:ea:29:d8:95:ec:1f:59:29:3e:49: eb:87:b3:ad:0e:ef:46:83:e2:4d:43:f7:e2:33:42:81:f6:66: 86:da:91:ca:cc:08:1b:ef:99:85:96:0a:22:b6:f8:ea:72:a2: eb:36:92:49:a2:db:7f:0e:f6:eb:68:a4:ca:59:a6:0d:da:a8: b2:93:4e:b7:4f:eb:66:5c:21:8c:aa:fc:1a:01:0f:77:51:f2: 9e:00:ab:dd:6a:22:13:4a:db:37:e5:72:07:e0:46:dd:96:48: 51:5f:aa:9b:90:8c:02:b7:de:0a:e4:f7:55:25:4f:61:f6:9f: 7b:a7:d0:ff:e7:65:72:21:0e:a5:4f:4c:a1:80:09:d9:ec:89: a3:7e:40:a2:62:38:f2:f4:2a:ef:97:c3:ad:e7:4e:2b:8f:ef: 49:7d:9d:18:03:08:5d:2f:5d:ce:b9:e9:22:99:3f:ef:e0:b8: c7:f4:89:10:60:d1:7e:c5:d0:a3:de:24:f3:9d:3e:59:f6:c5: 90:2b:a0:ab:ab:48:64:d6:bd:5b:cc:41:d9:18:ec:b7:49:c7: 0a:db:da:d2:33:19:35:5d:4e:b2:a8:ca:fd:e0:f5:63:fa:ed: 68:92:98:92 -----BEGIN CERTIFICATE----- MIIFcDCCBFigAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEy NDM0RDExMC8GA1UEBRMoMzBENzE5RjlDNkQzN0UyQUM5RjRENkQ0QjFGN0Q5NzhF QzJBMzI4OTAeFw0yNTA3MDQxNDA0MzBaFw0yNjAxMzEwMDAwMDBaMBgxFjAUBgNV BAMTDTY4NjdkZjZlLWIwMGYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDEj3ulvEUk5LJHp+Nwl4X+OJF2I0eKUm/NSeADPF4WyiF8EV1E7zKbzRarBLyy VfYwOPoQWqbuRw2B1iHZELBaaFQyJQD76gyayGUX083xq3lnQurfOu9PlBBQ7DvP WM90Eq/1hi/pcxmVxhj/BVTLT2kGkadTCfvV7YDzFy0N7mVYAOV3KXc1vMXoXjyn V/8jRsumwcf0KxNdbHkHYavG5PMt6Lar8FKpP0BHMTHSK5CCkfutWIfcVXHO3Vsu bsc0PzFL7Okv0XgXZjS1uI0ma5h3TX26rWah288z+IByZpIjw2Gq7AbOECqBmtFt neVzIy0TIUsoddF07f/NcXmxAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUQtVnEifS PINUy/ZgsZ4/HhEYflQwHwYDVR0jBBgwFoAUMNcZ+cbTfirJ9NbUsffZeOwqMokw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTI0MzREL0ZDMjA5MTM4NThE RDExRjA4RkFBREU2NkM0RjlBRTAyL01OY1otY2JUZmlySjlOYlVzZmZaZU93cU1v ay5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvTU5jWi1jYlRmaXJKOU5iVXNmZlplT3dxTW9rLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy NDM0RC9GQzIwOTEzODU4REQxMUYwOEZBQURFNjZDNEY5QUUwMi9DRDlCNTU0RTU4 REYxMUYwQTBGMDhEMDlDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ MA4wDAQCAAEwBgMEAaC/GDANBgkqhkiG9w0BAQsFAAOCAQEAWsXaCW03VfCOAiey BaYh4ONALeqk/0ufJGvqKdiV7B9ZKT5J64ezrQ7vRoPiTUP34jNCgfZmhtqRyswI G++ZhZYKIrb46nKi6zaSSaLbfw7262ikylmmDdqospNOt0/rZlwhjKr8GgEPd1Hy ngCr3WoiE0rbN+VyB+BG3ZZIUV+qm5CMArfeCuT3VSVPYfafe6fQ/+dlciEOpU9M oYAJ2eyJo35AomI48vQq75fDredOK4/vSX2dGAMIXS9dzrnpIpk/7+C4x/SJEGDR fsXQo94k850+WfbFkCugq6tIZNa9W8xB2Rjst0nHCtva0jMZNV1OsqjK/eD1Y/rt aJKYkg== -----END CERTIFICATE-----Generated at Mon Jul 21 10:42:41 2025 by rpki-client