$ rpki-client -vvf rpki.apnic.net/member_repository/A917E4BA/C952AC9E52DC11EA82601B0FC4F9AE02/66F91334ED4911ED9A90391BC4F9AE02.roa File: 66F91334ED4911ED9A90391BC4F9AE02.roa (raw, json) Hash identifier: DjUQP/nHkYcgIi1MW0o7fyHbM5U6rKdni2IBdc+KG/Q= Subject key identifier: 00:0C:6B:0B:7F:90:55:98:11:4F:6E:9B:58:B1:DD:6C:13:F3:B0:11 Certificate issuer: /CN=A917E4BA/serialNumber=3C6EC09B095FA5F513615108A5447CACB71AB1A1 Certificate serial: 0AB9 Authority key identifier: 3C:6E:C0:9B:09:5F:A5:F5:13:61:51:08:A5:44:7C:AC:B7:1A:B1:A1 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/PG7AmwlfpfUTYVEIpUR8rLcasaE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917E4BA/C952AC9E52DC11EA82601B0FC4F9AE02/66F91334ED4911ED9A90391BC4F9AE02.roa Signing time: Fri 30 May 2025 02:13:57 +0000 ROA not before: Fri 30 May 2025 02:13:57 +0000 ROA not after: Sat 31 Jan 2026 00:00:00 +0000 asID: 9650 IP address blocks: 131.242.0.0/16 maxlen: 16 131.242.21.0/24 maxlen: 24 131.242.22.0/24 maxlen: 24 131.242.23.0/24 maxlen: 24 131.242.26.0/24 maxlen: 24 131.242.30.0/24 maxlen: 24 131.242.55.0/24 maxlen: 24 131.242.68.0/24 maxlen: 24 131.242.132.0/24 maxlen: 24 131.242.144.0/22 maxlen: 22 131.242.176.0/20 maxlen: 20 131.242.230.0/24 maxlen: 24 131.242.231.0/24 maxlen: 24 147.132.0.0/16 maxlen: 16 161.143.0.0/16 maxlen: 16 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917E4BA/C952AC9E52DC11EA82601B0FC4F9AE02/PG7AmwlfpfUTYVEIpUR8rLcasaE.crl rsync://rpki.apnic.net/member_repository/A917E4BA/C952AC9E52DC11EA82601B0FC4F9AE02/PG7AmwlfpfUTYVEIpUR8rLcasaE.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/PG7AmwlfpfUTYVEIpUR8rLcasaE.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 11 Jun 2025 19:25:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2745 (0xab9) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917E4BA, serialNumber=3C6EC09B095FA5F513615108A5447CACB71AB1A1 Validity Not Before: May 30 02:13:57 2025 GMT Not After : Jan 31 00:00:00 2026 GMT Subject: CN=68391465-e175 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:eb:6a:4c:6b:12:39:9e:f4:88:d1:f1:fc:34: ea:ef:e0:b7:ad:9d:f1:3f:03:cc:29:d6:79:7c:e5: 18:f7:be:bb:f3:23:52:0a:68:8a:a4:b6:d2:f6:08: 62:eb:06:06:ac:42:06:73:8e:72:3e:e9:9f:a1:cf: 62:c7:71:54:85:a6:06:e7:68:60:53:53:7a:ac:08: ca:45:8d:63:15:17:7f:eb:9c:7f:bf:0f:6c:d2:18: 58:8a:c8:47:e4:74:78:70:fa:52:ee:21:07:f2:47: 35:5a:39:14:74:5a:1e:2f:3f:06:0c:ec:40:5d:92: cf:7c:00:05:32:95:88:16:46:4b:34:dc:44:7a:03: 13:90:10:cc:5d:74:01:d2:b7:f9:5d:00:28:f1:3a: 78:8d:8e:eb:81:93:ba:5b:71:e6:6b:4f:1a:36:39: fd:12:cc:7e:78:09:cd:cd:4f:7d:a3:80:c6:d0:c7: 8f:b5:11:2b:a7:fe:c2:43:71:3b:95:14:81:ec:fd: 43:50:4e:4c:e2:bd:7e:9b:a5:ee:57:34:87:9c:9a: 91:3b:6f:af:8f:79:eb:36:9b:9a:97:a0:04:8d:80: 3d:7a:25:c1:a0:33:0e:27:de:57:91:95:9f:18:e2: 59:aa:3d:bd:47:07:28:51:84:b1:49:45:3d:d1:02: 1a:c3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 00:0C:6B:0B:7F:90:55:98:11:4F:6E:9B:58:B1:DD:6C:13:F3:B0:11 X509v3 Authority Key Identifier: keyid:3C:6E:C0:9B:09:5F:A5:F5:13:61:51:08:A5:44:7C:AC:B7:1A:B1:A1 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917E4BA/C952AC9E52DC11EA82601B0FC4F9AE02/PG7AmwlfpfUTYVEIpUR8rLcasaE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/PG7AmwlfpfUTYVEIpUR8rLcasaE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917E4BA/C952AC9E52DC11EA82601B0FC4F9AE02/66F91334ED4911ED9A90391BC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 131.242.0.0/16 147.132.0.0/16 161.143.0.0/16 Signature Algorithm: sha256WithRSAEncryption 9a:14:eb:af:d9:38:af:33:e4:bb:f0:c8:5b:a1:b7:ad:43:e2: 72:25:04:31:1c:0d:62:8e:c1:33:fa:11:d4:f9:2d:1c:ef:2c: b8:f1:cb:8e:06:8e:cf:b1:ce:d2:5d:30:9e:49:5c:22:82:a4: d1:b9:30:d4:87:18:9a:29:84:18:40:11:01:9d:f9:9f:83:84: 64:8f:95:56:08:c6:c1:9c:81:27:32:58:e9:f4:43:a1:97:7a: 38:1f:10:18:30:23:ec:86:4b:b8:e2:dd:3a:b7:42:40:4c:d1: 5d:64:3a:c3:5d:77:ad:bb:af:dc:73:c8:d8:ec:ad:ae:12:45: da:82:15:39:a4:6a:fd:ac:47:63:b5:9d:64:27:7f:0c:e8:62: 52:94:df:ed:be:32:f7:be:b4:c8:a7:0e:3f:f3:6e:04:d9:cb: 52:20:48:09:6a:f2:ac:f8:39:49:7c:b3:47:40:5b:92:e4:2a: df:3f:73:ef:92:44:3e:ac:47:34:07:37:99:73:c9:7c:9f:6c: 1d:2f:f0:4c:2c:ad:d1:a8:91:2d:05:63:4d:32:c1:72:d7:7f: 62:d7:d4:aa:b5:08:e1:4b:ee:c3:8e:03:c4:80:7f:e0:18:8e: bc:10:52:30:29:1b:88:5d:07:fd:7b:22:7d:67:1f:14:18:0b: 1e:32:ee:cc -----BEGIN CERTIFICATE----- MIIFejCCBGKgAwIBAgICCrkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0U0QkExMTAvBgNVBAUTKDNDNkVDMDlCMDk1RkE1RjUxMzYxNTEwOEE1NDQ3Q0FD QjcxQUIxQTEwHhcNMjUwNTMwMDIxMzU3WhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD VQQDEw02ODM5MTQ2NS1lMTc1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA2OtqTGsSOZ70iNHx/DTq7+C3rZ3xPwPMKdZ5fOUY97678yNSCmiKpLbS9ghi 6wYGrEIGc45yPumfoc9ix3FUhaYG52hgU1N6rAjKRY1jFRd/65x/vw9s0hhYishH 5HR4cPpS7iEH8kc1WjkUdFoeLz8GDOxAXZLPfAAFMpWIFkZLNNxEegMTkBDMXXQB 0rf5XQAo8Tp4jY7rgZO6W3Hma08aNjn9Esx+eAnNzU99o4DG0MePtRErp/7CQ3E7 lRSB7P1DUE5M4r1+m6XuVzSHnJqRO2+vj3nrNpual6AEjYA9eiXBoDMOJ95XkZWf GOJZqj29RwcoUYSxSUU90QIawwIDAQABo4ICnjCCApowHQYDVR0OBBYEFAAMawt/ kFWYEU9um1ix3WwT87ARMB8GA1UdIwQYMBaAFDxuwJsJX6X1E2FRCKVEfKy3GrGh MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3RTRCQS9DOTUyQUM5RTUy REMxMUVBODI2MDFCMEZDNEY5QUUwMi9QRzdBbXdsZnBmVVRZVkVJcFVSOHJMY2Fz YUUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL1BHN0Ftd2xmcGZVVFlWRUlwVVI4ckxjYXNhRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx N0U0QkEvQzk1MkFDOUU1MkRDMTFFQTgyNjAxQjBGQzRGOUFFMDIvNjZGOTEzMzRF RDQ5MTFFRDlBOTAzOTFCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKAYIKwYBBQUHAQcBAf8E GTAXMBUEAgABMA8DAwCD8gMDAJOEAwMAoY8wDQYJKoZIhvcNAQELBQADggEBAJoU 66/ZOK8z5LvwyFuht61D4nIlBDEcDWKOwTP6EdT5LRzvLLjxy44Gjs+xztJdMJ5J XCKCpNG5MNSHGJophBhAEQGd+Z+DhGSPlVYIxsGcgScyWOn0Q6GXejgfEBgwI+yG S7ji3Tq3QkBM0V1kOsNdd627r9xzyNjsra4SRdqCFTmkav2sR2O1nWQnfwzoYlKU 3+2+Mve+tMinDj/zbgTZy1IgSAlq8qz4OUl8s0dAW5LkKt8/c++SRD6sRzQHN5lz yXyfbB0v8EwsrdGokS0FY00ywXLXf2LX1Kq1COFL7sOOA8SAf+AYjrwQUjApG4hd B/17In1nHxQYCx4y7sw= -----END CERTIFICATE-----Generated at Thu Jun 5 17:57:40 2025 by rpki-client