$ rpki-client -vvf rpki.apnic.net/member_repository/A91342C5/1F404E30A4E911ECAF3FB152C4F9AE02/A7FBA00E778811EDAE39280CC4F9AE02.roa File: A7FBA00E778811EDAE39280CC4F9AE02.roa (raw, json) Hash identifier: A66Rcwdstkb/5EinIJWrWOuekP0qJLH5hk4F7NZimSw= Subject key identifier: 25:E7:4A:6F:5A:E2:8E:29:17:29:58:25:BD:8F:23:9B:1C:71:11:C9 Certificate issuer: /CN=A91342C5/serialNumber=85F2BAF1B7DF1DAA8C88AB6C5E78C1FCC3F78D08 Certificate serial: 038D Authority key identifier: 85:F2:BA:F1:B7:DF:1D:AA:8C:88:AB:6C:5E:78:C1:FC:C3:F7:8D:08 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/hfK68bffHaqMiKtsXnjB_MP3jQg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91342C5/1F404E30A4E911ECAF3FB152C4F9AE02/A7FBA00E778811EDAE39280CC4F9AE02.roa Signing time: Wed 09 Apr 2025 01:07:27 +0000 ROA not before: Wed 09 Apr 2025 01:07:27 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 142005 IP address blocks: 64.25.32.0/20 maxlen: 24 206.127.144.0/20 maxlen: 24 209.35.96.0/23 maxlen: 24 209.35.114.0/23 maxlen: 24 209.35.156.0/23 maxlen: 24 209.35.188.0/23 maxlen: 24 216.107.240.0/20 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91342C5/1F404E30A4E911ECAF3FB152C4F9AE02/hfK68bffHaqMiKtsXnjB_MP3jQg.crl rsync://rpki.apnic.net/member_repository/A91342C5/1F404E30A4E911ECAF3FB152C4F9AE02/hfK68bffHaqMiKtsXnjB_MP3jQg.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/hfK68bffHaqMiKtsXnjB_MP3jQg.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 22 Apr 2025 00:39:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 909 (0x38d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91342C5, serialNumber=85F2BAF1B7DF1DAA8C88AB6C5E78C1FCC3F78D08 Validity Not Before: Apr 9 01:07:27 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=67f5c84e-c4c6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:6d:78:4c:53:49:a0:38:37:b4:15:e3:8a:0d: ac:11:08:98:63:b7:52:9d:ac:17:a2:79:bd:e3:5b: 35:29:ad:ed:4e:8f:24:c8:97:f7:99:dd:6e:4d:15: 55:7e:c5:f1:0a:86:7b:68:56:eb:0a:2a:0a:7f:b8: af:c7:d8:87:9c:4a:76:24:35:65:52:b1:3a:aa:54: 89:c1:e2:45:bc:98:88:6a:b3:a9:7f:5c:ae:5b:0e: e0:d6:fb:f0:ad:59:49:c6:dc:7a:aa:58:f3:12:d2: 76:ee:67:58:71:89:63:c1:b2:c2:d8:2e:d0:79:22: 71:28:43:de:6f:0b:00:d2:67:c5:f4:e0:c9:dd:db: ce:93:70:8e:03:c4:2c:02:1d:d9:b6:f0:db:65:f3: 66:76:8b:4e:bb:b5:b2:48:5d:b7:a0:4f:40:0d:35: fc:06:02:07:da:27:e5:7a:79:c3:c1:34:a0:2c:1a: 51:fa:a6:c8:d7:ac:8b:9d:41:65:f5:69:17:61:03: 90:15:ef:c8:24:50:14:db:6c:dc:4a:bb:3e:60:41: fa:c2:73:45:4a:8d:1d:60:ac:fe:bf:f9:2a:e4:4b: b5:21:14:34:c1:d4:f7:36:79:96:e9:47:a8:ca:ad: 39:63:48:8e:90:bc:32:13:7c:7d:dc:a1:e1:a6:b6: 03:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 25:E7:4A:6F:5A:E2:8E:29:17:29:58:25:BD:8F:23:9B:1C:71:11:C9 X509v3 Authority Key Identifier: keyid:85:F2:BA:F1:B7:DF:1D:AA:8C:88:AB:6C:5E:78:C1:FC:C3:F7:8D:08 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91342C5/1F404E30A4E911ECAF3FB152C4F9AE02/hfK68bffHaqMiKtsXnjB_MP3jQg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/hfK68bffHaqMiKtsXnjB_MP3jQg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91342C5/1F404E30A4E911ECAF3FB152C4F9AE02/A7FBA00E778811EDAE39280CC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 64.25.32.0/20 206.127.144.0/20 209.35.96.0/23 209.35.114.0/23 209.35.156.0/23 209.35.188.0/23 216.107.240.0/20 Signature Algorithm: sha256WithRSAEncryption 08:56:47:bd:21:48:b5:1e:f9:99:ce:cf:03:74:eb:7b:1b:73: 66:73:d3:8a:87:e0:38:af:d5:91:a8:16:b0:e9:99:0e:c6:dd: 45:1b:33:9d:9f:1f:ba:0f:fa:18:29:a2:31:d1:9b:db:80:f1: 46:6e:22:ff:9c:1f:ed:59:75:72:10:b6:2f:0c:82:8b:cd:a8: 4d:2d:ce:77:6d:57:97:7f:16:7c:6f:18:0a:0f:89:e7:ca:99: 71:cc:cf:d4:22:66:4e:9e:31:a5:c7:d6:6f:18:ec:69:02:98: 00:61:d7:29:35:6b:28:b7:4c:aa:88:39:eb:54:30:b9:08:31: 2b:b4:c1:81:10:30:1e:5b:02:d3:d4:72:bb:59:84:1f:25:52: b3:fb:c5:d4:2d:81:f5:5c:cf:e5:e7:fd:77:81:a5:5a:37:87: 54:05:6b:c5:fb:5c:1c:9b:4a:2a:fe:47:96:12:c0:0b:11:77: b4:d0:8f:44:00:71:a8:4f:90:61:f8:88:ad:d5:b9:f2:5b:6d: 7e:9d:1e:84:e2:16:9f:e0:24:0b:37:3b:0b:42:76:3b:08:e2: 3a:cf:17:8e:ce:06:77:b7:65:b9:50:9e:0c:94:25:88:8f:4f: c9:62:4c:c0:15:29:da:de:7c:ca:7e:a0:c0:99:31:51:7f:e3: e6:02:27:21 -----BEGIN CERTIFICATE----- MIIFlTCCBH2gAwIBAgICA40wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MzQyQzUxMTAvBgNVBAUTKDg1RjJCQUYxQjdERjFEQUE4Qzg4QUI2QzVFNzhDMUZD QzNGNzhEMDgwHhcNMjUwNDA5MDEwNzI3WhcNMjYwNzAxMDAwMDAwWjAYMRYwFAYD VQQDEw02N2Y1Yzg0ZS1jNGM2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAv214TFNJoDg3tBXjig2sEQiYY7dSnawXonm941s1Ka3tTo8kyJf3md1uTRVV fsXxCoZ7aFbrCioKf7ivx9iHnEp2JDVlUrE6qlSJweJFvJiIarOpf1yuWw7g1vvw rVlJxtx6qljzEtJ27mdYcYljwbLC2C7QeSJxKEPebwsA0mfF9ODJ3dvOk3COA8Qs Ah3ZtvDbZfNmdotOu7WySF23oE9ADTX8BgIH2iflennDwTSgLBpR+qbI16yLnUFl 9WkXYQOQFe/IJFAU22zcSrs+YEH6wnNFSo0dYKz+v/kq5Eu1IRQ0wdT3NnmW6Ueo yq05Y0iOkLwyE3x93KHhprYDZQIDAQABo4ICuTCCArUwHQYDVR0OBBYEFCXnSm9a 4o4pFylYJb2PI5sccRHJMB8GA1UdIwQYMBaAFIXyuvG33x2qjIirbF54wfzD940I MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzNDJDNS8xRjQwNEUzMEE0 RTkxMUVDQUYzRkIxNTJDNEY5QUUwMi9oZks2OGJmZkhhcU1pS3RzWG5qQl9NUDNq UWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL2hmSzY4YmZmSGFxTWlLdHNYbmpCX01QM2pRZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MzQyQzUvMUY0MDRFMzBBNEU5MTFFQ0FGM0ZCMTUyQzRGOUFFMDIvQTdGQkEwMEU3 Nzg4MTFFREFFMzkyODBDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQwYIKwYBBQUHAQcBAf8E NDAyMDAEAgABMCoDBARAGSADBATOf5ADBAHRI2ADBAHRI3IDBAHRI5wDBAHRI7wD BATYa/AwDQYJKoZIhvcNAQELBQADggEBAAhWR70hSLUe+ZnOzwN063sbc2Zz04qH 4Div1ZGoFrDpmQ7G3UUbM52fH7oP+hgpojHRm9uA8UZuIv+cH+1ZdXIQti8MgovN qE0tzndtV5d/FnxvGAoPiefKmXHMz9QiZk6eMaXH1m8Y7GkCmABh1yk1ayi3TKqI OetUMLkIMSu0wYEQMB5bAtPUcrtZhB8lUrP7xdQtgfVcz+Xn/XeBpVo3h1QFa8X7 XBybSir+R5YSwAsRd7TQj0QAcahPkGH4iK3VufJbbX6dHoTiFp/gJAs3OwtCdjsI 4jrPF47OBne3ZblQngyUJYiPT8liTMAVKdrefMp+oMCZMVF/4+YCJyE= -----END CERTIFICATE-----Generated at Tue Apr 15 13:04:46 2025 by rpki-client