$ rpki-client -vvf rpki.apnic.net/member_repository/A9157D67/60286638442A11EB9599AD38C4F9AE02/AA3A944A27EA11ECB1EBEA82C4F9AE02.roa File: AA3A944A27EA11ECB1EBEA82C4F9AE02.roa (raw, json) Hash identifier: 2jsCymQavrx92Kq4v6h75mDYqdyK8XpnNBvpUzJpvhE= Subject key identifier: 7C:A1:11:2E:6C:F0:89:8B:56:59:B7:58:D7:FA:DA:5F:ED:B1:0F:30 Certificate issuer: /CN=A9157D67/serialNumber=029B8CE2E95F45858462E9070B1B5153AC913FE8 Certificate serial: 0726 Authority key identifier: 02:9B:8C:E2:E9:5F:45:85:84:62:E9:07:0B:1B:51:53:AC:91:3F:E8 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ApuM4ulfRYWEYukHCxtRU6yRP-g.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9157D67/60286638442A11EB9599AD38C4F9AE02/AA3A944A27EA11ECB1EBEA82C4F9AE02.roa Signing time: Tue 10 Jun 2025 22:10:04 +0000 ROA not before: Tue 10 Jun 2025 22:10:04 +0000 ROA not after: Mon 31 Aug 2026 00:00:00 +0000 asID: 132203 IP address blocks: 129.226.144.0/20 maxlen: 20 129.226.152.0/24 maxlen: 24 162.62.48.0/20 maxlen: 24 162.62.64.0/20 maxlen: 24 162.62.80.0/20 maxlen: 23 162.62.96.0/19 maxlen: 24 162.62.128.0/19 maxlen: 24 162.62.208.0/20 maxlen: 20 162.62.255.0/24 maxlen: 24 170.106.149.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9157D67/60286638442A11EB9599AD38C4F9AE02/ApuM4ulfRYWEYukHCxtRU6yRP-g.crl rsync://rpki.apnic.net/member_repository/A9157D67/60286638442A11EB9599AD38C4F9AE02/ApuM4ulfRYWEYukHCxtRU6yRP-g.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ApuM4ulfRYWEYukHCxtRU6yRP-g.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 19 Jun 2025 21:34:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1830 (0x726) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9157D67, serialNumber=029B8CE2E95F45858462E9070B1B5153AC913FE8 Validity Not Before: Jun 10 22:10:04 2025 GMT Not After : Aug 31 00:00:00 2026 GMT Subject: CN=6848ad3c-185b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:4b:c7:3a:87:ba:5e:63:d8:69:ef:70:54:48: f4:10:d1:71:49:a2:a4:97:b9:e4:28:a6:dd:7d:83: 8b:7b:2b:6c:a0:61:6d:0a:cd:c0:d3:99:4b:27:1d: 45:e0:41:59:e2:88:bb:e9:32:d3:34:35:65:f4:e1: 14:cf:bd:fc:6a:39:9b:96:d1:f2:d6:f9:69:db:5d: b7:4d:26:70:10:17:06:13:53:57:ab:39:c5:94:d6: 01:98:b0:3a:69:b3:2e:3f:9d:2b:fb:c4:a4:e7:b3: 67:a6:d4:08:45:eb:e9:8e:03:97:50:64:2d:07:08: 3e:43:26:01:9b:4a:dc:8c:6c:5b:db:5f:b4:97:82: 54:31:27:db:46:07:28:b0:5a:29:6b:53:7e:32:5b: dc:04:d8:28:28:f4:c9:e4:a9:6b:4f:2d:34:52:8e: af:79:02:f2:0e:0b:46:a5:33:a0:fe:fa:60:ea:e9: 40:b4:fa:1b:11:5b:a2:2c:08:dd:c0:71:10:12:c3: f1:36:9c:e3:2b:e3:be:96:a1:83:3d:16:71:22:ec: db:26:c8:e2:ad:bc:f0:46:79:f2:bc:87:be:d5:52: 61:fe:62:b3:bb:ab:20:75:a4:bb:de:31:f2:b8:45: 8e:a2:9a:a9:c1:59:d3:90:40:1a:1c:56:68:72:24: 78:85 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7C:A1:11:2E:6C:F0:89:8B:56:59:B7:58:D7:FA:DA:5F:ED:B1:0F:30 X509v3 Authority Key Identifier: keyid:02:9B:8C:E2:E9:5F:45:85:84:62:E9:07:0B:1B:51:53:AC:91:3F:E8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9157D67/60286638442A11EB9599AD38C4F9AE02/ApuM4ulfRYWEYukHCxtRU6yRP-g.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ApuM4ulfRYWEYukHCxtRU6yRP-g.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9157D67/60286638442A11EB9599AD38C4F9AE02/AA3A944A27EA11ECB1EBEA82C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 129.226.144.0/20 162.62.48.0-162.62.159.255 162.62.208.0/20 162.62.255.0/24 170.106.149.0/24 Signature Algorithm: sha256WithRSAEncryption 0e:c5:ba:96:fb:8d:d2:a0:89:eb:9b:cb:0d:2a:4f:5b:31:90: 63:fe:77:c3:54:06:d5:93:43:2f:37:2f:b8:63:2c:b3:0b:a2: 1f:95:b5:58:35:3d:93:c6:aa:9d:ca:67:43:4f:46:f1:87:5c: 6d:66:c2:ce:ce:2c:36:e8:5c:ea:3e:6a:54:f2:1a:df:fb:9d: aa:da:34:a7:27:4c:c0:a4:18:73:2a:5e:c9:b1:6b:81:9f:2d: 88:d1:f2:d7:a3:10:44:2b:ca:0b:33:91:5f:f9:42:a6:f2:db: b6:29:40:32:f3:fd:2d:7e:b1:50:40:64:5f:10:83:3e:00:69: 93:e1:19:7e:3e:99:ff:e8:a0:00:66:d8:e4:e0:9a:d9:66:40: 7f:7d:87:7b:d3:08:69:83:92:af:82:ee:7d:6c:a7:d1:6a:a7: 2e:0c:f6:bd:75:04:19:51:c3:62:e7:c6:e6:82:5e:f7:a0:15: 77:6c:2f:c2:d8:7a:58:02:82:63:ba:62:89:d6:f3:24:bd:12: 84:4e:43:17:c3:a1:49:ec:0a:0b:62:cc:df:f6:f9:c5:c4:ca: 35:b4:64:5b:9c:d2:28:ee:dc:eb:25:69:9d:21:51:a4:fd:cb: a5:6c:b8:cf:61:2b:69:f4:ad:95:b1:fc:e7:c6:5f:b7:c7:90: 17:03:f3:fa -----BEGIN CERTIFICATE----- MIIFkTCCBHmgAwIBAgICByYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTdENjcxMTAvBgNVBAUTKDAyOUI4Q0UyRTk1RjQ1ODU4NDYyRTkwNzBCMUI1MTUz QUM5MTNGRTgwHhcNMjUwNjEwMjIxMDA0WhcNMjYwODMxMDAwMDAwWjAYMRYwFAYD VQQDEw02ODQ4YWQzYy0xODViMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwkvHOoe6XmPYae9wVEj0ENFxSaKkl7nkKKbdfYOLeytsoGFtCs3A05lLJx1F 4EFZ4oi76TLTNDVl9OEUz738ajmbltHy1vlp2123TSZwEBcGE1NXqznFlNYBmLA6 abMuP50r+8Sk57NnptQIRevpjgOXUGQtBwg+QyYBm0rcjGxb21+0l4JUMSfbRgco sFopa1N+MlvcBNgoKPTJ5KlrTy00Uo6veQLyDgtGpTOg/vpg6ulAtPobEVuiLAjd wHEQEsPxNpzjK+O+lqGDPRZxIuzbJsjirbzwRnnyvIe+1VJh/mKzu6sgdaS73jHy uEWOopqpwVnTkEAaHFZociR4hQIDAQABo4ICtTCCArEwHQYDVR0OBBYEFHyhES5s 8ImLVlm3WNf62l/tsQ8wMB8GA1UdIwQYMBaAFAKbjOLpX0WFhGLpBwsbUVOskT/o MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1N0Q2Ny82MDI4NjYzODQ0 MkExMUVCOTU5OUFEMzhDNEY5QUUwMi9BcHVNNHVsZlJZV0VZdWtIQ3h0UlU2eVJQ LWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL0FwdU00dWxmUllXRVl1a0hDeHRSVTZ5UlAtZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NTdENjcvNjAyODY2Mzg0NDJBMTFFQjk1OTlBRDM4QzRGOUFFMDIvQUEzQTk0NEEy N0VBMTFFQ0IxRUJFQTgyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwPwYIKwYBBQUHAQcBAf8E MDAuMCwEAgABMCYDBASB4pAwDAMEBKI+MAMEBaI+gAMEBKI+0AMEAKI+/wMEAKpq lTANBgkqhkiG9w0BAQsFAAOCAQEADsW6lvuN0qCJ65vLDSpPWzGQY/53w1QG1ZND LzcvuGMsswuiH5W1WDU9k8aqncpnQ09G8YdcbWbCzs4sNuhc6j5qVPIa3/udqto0 pydMwKQYcypeybFrgZ8tiNHy16MQRCvKCzORX/lCpvLbtilAMvP9LX6xUEBkXxCD PgBpk+EZfj6Z/+igAGbY5OCa2WZAf32He9MIaYOSr4LufWyn0WqnLgz2vXUEGVHD YufG5oJe96AVd2wvwth6WAKCY7piidbzJL0ShE5DF8OhSewKC2LM3/b5xcTKNbRk W5zSKO7c6yVpnSFRpP3LpWy4z2ErafStlbH858Zft8eQFwPz+g== -----END CERTIFICATE-----Generated at Sat Jun 14 20:38:59 2025 by rpki-client