$ rpki-client -vvf rpki.apnic.net/member_repository/A915D0AC/9A5F0E1A152411EE9D70C968C4F9AE02/44DD2C9ABD2811EE9E6BD047C4F9AE02.roa File: 44DD2C9ABD2811EE9E6BD047C4F9AE02.roa (raw, json) Hash identifier: 5/eMUVmevequFuGJFSqiqzgHPak9nF5vFMfMZWfmlQA= Subject key identifier: 93:9B:D3:E6:DB:A2:94:03:E2:1C:5A:16:62:2B:42:6B:46:B1:6E:7C Certificate issuer: /CN=A915D0AC/serialNumber=86CAEF96739EF49A514FE9F90B6FE9509D3CC953 Certificate serial: 017D Authority key identifier: 86:CA:EF:96:73:9E:F4:9A:51:4F:E9:F9:0B:6F:E9:50:9D:3C:C9:53 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/hsrvlnOe9JpRT-n5C2_pUJ08yVM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A915D0AC/9A5F0E1A152411EE9D70C968C4F9AE02/44DD2C9ABD2811EE9E6BD047C4F9AE02.roa Signing time: Fri 06 Jun 2025 14:05:26 +0000 ROA not before: Fri 06 Jun 2025 14:05:26 +0000 ROA not after: Thu 28 May 2026 00:00:00 +0000 asID: 19905 IP address blocks: 168.168.128.0/20 maxlen: 20 168.168.150.0/24 maxlen: 24 168.168.200.0/24 maxlen: 24 168.168.254.0/23 maxlen: 23 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A915D0AC/9A5F0E1A152411EE9D70C968C4F9AE02/hsrvlnOe9JpRT-n5C2_pUJ08yVM.crl rsync://rpki.apnic.net/member_repository/A915D0AC/9A5F0E1A152411EE9D70C968C4F9AE02/hsrvlnOe9JpRT-n5C2_pUJ08yVM.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/hsrvlnOe9JpRT-n5C2_pUJ08yVM.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 13 Jun 2025 02:50:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 381 (0x17d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A915D0AC, serialNumber=86CAEF96739EF49A514FE9F90B6FE9509D3CC953 Validity Not Before: Jun 6 14:05:26 2025 GMT Not After : May 28 00:00:00 2026 GMT Subject: CN=6842f5a6-2485 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:40:d8:3d:fb:6f:3f:20:c2:7e:13:99:47:b8: 50:18:6b:9d:5f:44:8d:d1:de:d3:97:73:17:50:b9: d9:b1:d0:7f:bf:d6:2b:1f:7b:ff:79:9b:dd:d5:b8: ab:79:00:e4:72:ae:ff:fa:20:7d:5b:f5:8b:89:cc: 43:51:96:4e:05:1b:4d:d2:5d:63:5b:62:df:65:60: 77:7a:33:7c:d8:46:d7:a2:6f:cc:d4:87:4c:6a:84: 89:5c:9e:57:4a:76:8a:fd:33:84:f9:f1:6a:b0:84: cd:4d:c8:7a:bd:9e:45:f8:f4:38:70:9d:a8:63:e2: d4:35:65:ac:47:83:88:b0:58:3a:b1:4d:8b:ec:e4: 08:6e:3c:d3:fd:de:df:5d:cc:8f:b3:a6:27:67:79: 3f:27:c4:a2:ed:8f:36:da:f7:02:6b:5e:61:33:b7: b3:de:ed:a0:10:c8:be:08:0f:91:8b:6d:f7:50:b0: 82:d6:e0:ab:df:d2:6c:a8:63:14:e2:2e:f0:45:15: 01:66:43:dd:13:70:a4:fb:ab:84:c3:32:81:4d:2d: 57:5a:83:60:c3:4c:b0:35:c9:54:0b:40:42:e0:fc: f0:d0:67:9a:36:6c:d6:c9:dd:bb:2a:11:7a:c5:1d: 86:8b:84:a1:dd:ff:12:2b:20:b8:5e:cd:31:4c:ce: 02:07 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 93:9B:D3:E6:DB:A2:94:03:E2:1C:5A:16:62:2B:42:6B:46:B1:6E:7C X509v3 Authority Key Identifier: keyid:86:CA:EF:96:73:9E:F4:9A:51:4F:E9:F9:0B:6F:E9:50:9D:3C:C9:53 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A915D0AC/9A5F0E1A152411EE9D70C968C4F9AE02/hsrvlnOe9JpRT-n5C2_pUJ08yVM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/hsrvlnOe9JpRT-n5C2_pUJ08yVM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915D0AC/9A5F0E1A152411EE9D70C968C4F9AE02/44DD2C9ABD2811EE9E6BD047C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 168.168.128.0/20 168.168.150.0/24 168.168.200.0/24 168.168.254.0/23 Signature Algorithm: sha256WithRSAEncryption 0b:75:fb:e5:f5:32:a6:a0:7f:cc:1b:7f:12:a3:c6:4f:ea:61: ec:02:43:51:a5:6c:cf:ed:22:d4:27:5c:cb:4d:d9:10:d8:5d: 6f:ac:00:f8:54:bf:aa:6b:39:a5:89:d7:e3:19:0a:6c:e8:19: 21:e9:b3:26:68:9d:60:75:0e:51:53:08:4f:f6:80:d1:e9:d7: ac:98:3e:ae:2b:b4:8a:53:ae:82:a7:a1:93:c2:f9:26:3c:68: 7b:ff:4c:4c:52:77:a9:f7:55:b3:c9:a8:20:2e:b2:44:3b:00: 6e:4d:9a:87:51:cb:62:68:79:92:e4:9e:ae:01:ca:89:e2:56: a1:cc:76:c6:95:1f:b8:b6:40:04:74:d4:1d:00:23:28:f2:c8: 74:84:b5:cb:62:f5:7f:4b:f0:77:3a:85:94:90:dc:b8:6b:cb: f1:4e:78:c3:78:97:09:3d:a2:1c:df:8b:84:19:78:91:8d:17: 3a:b1:48:ce:48:55:13:b1:4e:d8:5b:6d:76:f5:78:72:8d:f4: c6:d7:ed:4a:12:7c:6b:73:84:01:f7:44:d7:28:99:e2:12:10: 65:fa:8f:a8:b1:28:9e:59:a6:59:f4:89:f3:f1:9e:1e:bd:b2: 43:d4:17:0c:29:b5:db:5b:3c:36:e8:84:9f:03:d6:1e:29:cd: 19:8a:3e:94 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgICAX0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NUQwQUMxMTAvBgNVBAUTKDg2Q0FFRjk2NzM5RUY0OUE1MTRGRTlGOTBCNkZFOTUw OUQzQ0M5NTMwHhcNMjUwNjA2MTQwNTI2WhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD VQQDEw02ODQyZjVhNi0yNDg1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAu0DYPftvPyDCfhOZR7hQGGudX0SN0d7Tl3MXULnZsdB/v9YrH3v/eZvd1bir eQDkcq7/+iB9W/WLicxDUZZOBRtN0l1jW2LfZWB3ejN82EbXom/M1IdMaoSJXJ5X SnaK/TOE+fFqsITNTch6vZ5F+PQ4cJ2oY+LUNWWsR4OIsFg6sU2L7OQIbjzT/d7f XcyPs6YnZ3k/J8Si7Y822vcCa15hM7ez3u2gEMi+CA+Ri233ULCC1uCr39JsqGMU 4i7wRRUBZkPdE3Ck+6uEwzKBTS1XWoNgw0ywNclUC0BC4Pzw0GeaNmzWyd27KhF6 xR2Gi4Sh3f8SKyC4Xs0xTM4CBwIDAQABo4ICpzCCAqMwHQYDVR0OBBYEFJOb0+bb opQD4hxaFmIrQmtGsW58MB8GA1UdIwQYMBaAFIbK75ZznvSaUU/p+Qtv6VCdPMlT MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1RDBBQy85QTVGMEUxQTE1 MjQxMUVFOUQ3MEM5NjhDNEY5QUUwMi9oc3J2bG5PZTlKcFJULW41QzJfcFVKMDh5 Vk0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL2hzcnZsbk9lOUpwUlQtbjVDMl9wVUowOHlWTS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NUQwQUMvOUE1RjBFMUExNTI0MTFFRTlENzBDOTY4QzRGOUFFMDIvNDRERDJDOUFC RDI4MTFFRTlFNkJEMDQ3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMQYIKwYBBQUHAQcBAf8E IjAgMB4EAgABMBgDBASoqIADBACoqJYDBACoqMgDBAGoqP4wDQYJKoZIhvcNAQEL BQADggEBAAt1++X1Mqagf8wbfxKjxk/qYewCQ1GlbM/tItQnXMtN2RDYXW+sAPhU v6prOaWJ1+MZCmzoGSHpsyZonWB1DlFTCE/2gNHp16yYPq4rtIpTroKnoZPC+SY8 aHv/TExSd6n3VbPJqCAuskQ7AG5NmodRy2JoeZLknq4ByoniVqHMdsaVH7i2QAR0 1B0AIyjyyHSEtcti9X9L8Hc6hZSQ3Lhry/FOeMN4lwk9ohzfi4QZeJGNFzqxSM5I VROxTthbbXb1eHKN9MbX7UoSfGtzhAH3RNcomeISEGX6j6ixKJ5Zpln0ifPxnh69 skPUFwwptdtbPDbohJ8D1h4pzRmKPpQ= -----END CERTIFICATE-----Generated at Fri Jun 6 17:36:01 2025 by rpki-client