$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/EF2F049E74C411EFBE28DF30C4F9AE02.roa File: EF2F049E74C411EFBE28DF30C4F9AE02.roa (raw, json) Hash identifier: xZrdIf6sdl3xi+TC8msUPXrS2opipu3uwMRdR+OZ0yA= Subject key identifier: 37:75:83:A3:BD:46:CE:A0:A7:46:44:EB:6D:1B:B2:DD:F5:7F:DA:83 Certificate issuer: /CN=A918EDB2/serialNumber=A7AE474416B0E8AD3A89E86774A640FEBE6973F9 Certificate serial: 1E49 Authority key identifier: A7:AE:47:44:16:B0:E8:AD:3A:89:E8:67:74:A6:40:FE:BE:69:73:F9 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/p65HRBaw6K06iehndKZA_r5pc_k.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/EF2F049E74C411EFBE28DF30C4F9AE02.roa Signing time: Tue 13 May 2025 09:25:58 +0000 ROA not before: Tue 13 May 2025 09:25:58 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 151690 IP address blocks: 160.187.48.0/24 maxlen: 24 160.187.207.0/24 maxlen: 24 160.191.124.0/24 maxlen: 24 160.191.125.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/p65HRBaw6K06iehndKZA_r5pc_k.crl rsync://rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/p65HRBaw6K06iehndKZA_r5pc_k.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/p65HRBaw6K06iehndKZA_r5pc_k.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 10 Jun 2025 12:41:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7753 (0x1e49) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918EDB2, serialNumber=A7AE474416B0E8AD3A89E86774A640FEBE6973F9 Validity Not Before: May 13 09:25:58 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=68231026-7188 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:7f:2d:5b:15:fe:e3:76:6c:b5:0a:bd:3c:87: 73:92:9f:90:2d:40:ae:a7:a2:50:0b:e0:a8:22:41: 76:c0:23:d8:68:b8:00:93:56:57:43:83:e0:ed:b1: 0b:90:7a:7c:83:79:80:38:a0:04:eb:98:59:7a:cb: ae:8c:4b:03:d8:83:f1:47:28:90:fb:32:78:24:bd: ab:aa:a1:a9:83:4d:c6:06:28:b1:65:a2:5b:c5:b0: cb:6c:6f:48:90:a8:9f:34:56:50:cf:21:7c:eb:e2: 97:bf:e0:25:df:b6:5b:c5:23:0d:e4:cf:8c:59:e2: 00:01:52:0a:c9:75:44:70:5a:39:fd:8a:19:b8:7a: 6b:8f:14:9b:2a:41:4e:0a:d6:5d:a8:48:b2:2e:90: 6d:d1:91:47:8a:c9:38:ce:3f:ab:ff:00:75:a0:fb: b1:00:01:5c:54:5d:c7:dc:02:3b:2a:67:38:f5:c1: ae:8f:66:07:b0:02:7a:19:6c:c6:4e:7b:45:94:f5: f4:ea:4f:c6:17:a0:00:0f:1c:a9:ee:6f:56:19:93: c2:3e:37:25:94:07:6b:82:c1:e5:4f:cf:f0:c5:5b: ab:05:61:f3:3b:cf:20:49:81:84:08:1f:fa:01:ec: 9c:62:06:63:f5:1b:f4:30:75:f4:28:fd:c4:cb:ac: 65:a7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 37:75:83:A3:BD:46:CE:A0:A7:46:44:EB:6D:1B:B2:DD:F5:7F:DA:83 X509v3 Authority Key Identifier: keyid:A7:AE:47:44:16:B0:E8:AD:3A:89:E8:67:74:A6:40:FE:BE:69:73:F9 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/p65HRBaw6K06iehndKZA_r5pc_k.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/p65HRBaw6K06iehndKZA_r5pc_k.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/EF2F049E74C411EFBE28DF30C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 160.187.48.0/24 160.187.207.0/24 160.191.124.0/23 Signature Algorithm: sha256WithRSAEncryption 99:d7:f1:15:dc:21:c8:66:2e:8f:6b:7e:8c:73:ee:70:d9:4e: dc:59:9a:c1:b9:73:bb:78:72:0f:3c:8c:86:c3:38:57:b5:19: f5:d8:b0:1f:25:94:d6:af:9e:6d:76:f8:e2:c0:78:fb:b3:cd: 1c:fc:a3:28:1d:aa:23:cf:7a:5f:b2:c9:dc:8b:99:55:33:27: d2:0a:eb:9a:e0:bf:61:e6:d7:65:65:ea:dc:9d:fd:06:9e:07: bf:9c:c9:58:53:f6:d0:fb:d9:64:fb:04:c0:8b:cf:7a:e3:8b: 9c:82:1d:f5:2b:5d:02:1d:35:dc:ec:df:8b:eb:9a:1e:c6:4a: 65:61:42:5c:15:7c:6c:70:96:51:ca:81:36:a7:d4:c1:0f:79: 6e:84:1b:ce:02:8c:11:b4:4e:9d:88:fc:24:e7:2e:7b:41:59: a2:ac:54:f9:e9:c5:0a:3c:32:08:b2:96:55:c0:1b:df:a6:f8: e6:4b:cf:63:1e:66:69:9e:57:b0:c0:f8:d5:d0:fc:38:1c:1b: 0b:90:29:51:b7:78:78:6d:c7:e3:5f:4b:29:76:ea:09:6a:29: a5:b0:b6:59:69:2c:e8:8e:6a:dc:c5:21:0e:e0:95:0b:64:27: 4a:27:71:26:37:91:0a:ec:58:de:d3:7e:97:67:28:f9:dd:fe: 55:f4:78:26 -----BEGIN CERTIFICATE----- MIIFfTCCBGWgAwIBAgICHkkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OEVEQjIxMTAvBgNVBAUTKEE3QUU0NzQ0MTZCMEU4QUQzQTg5RTg2Nzc0QTY0MEZF QkU2OTczRjkwHhcNMjUwNTEzMDkyNTU4WhcNMjYwNzAxMDAwMDAwWjAYMRYwFAYD VQQDEw02ODIzMTAyNi03MTg4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEArn8tWxX+43ZstQq9PIdzkp+QLUCup6JQC+CoIkF2wCPYaLgAk1ZXQ4Pg7bEL kHp8g3mAOKAE65hZesuujEsD2IPxRyiQ+zJ4JL2rqqGpg03GBiixZaJbxbDLbG9I kKifNFZQzyF86+KXv+Al37ZbxSMN5M+MWeIAAVIKyXVEcFo5/YoZuHprjxSbKkFO CtZdqEiyLpBt0ZFHisk4zj+r/wB1oPuxAAFcVF3H3AI7Kmc49cGuj2YHsAJ6GWzG TntFlPX06k/GF6AADxyp7m9WGZPCPjcllAdrgsHlT8/wxVurBWHzO88gSYGECB/6 AeycYgZj9Rv0MHX0KP3Ey6xlpwIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFDd1g6O9 Rs6gp0ZE620bst31f9qDMB8GA1UdIwQYMBaAFKeuR0QWsOitOonoZ3SmQP6+aXP5 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8xQzU3Q0VBQzcw RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9wNjVIUkJhdzZLMDZpZWhuZEtaQV9yNXBj X2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL3A2NUhSQmF3NkswNmllaG5kS1pBX3I1cGNfay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx OEVEQjIvMUM1N0NFQUM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvRUYyRjA0OUU3 NEM0MTFFRkJFMjhERjMwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E HDAaMBgEAgABMBIDBACguzADBACgu88DBAGgv3wwDQYJKoZIhvcNAQELBQADggEB AJnX8RXcIchmLo9rfoxz7nDZTtxZmsG5c7t4cg88jIbDOFe1GfXYsB8llNavnm12 +OLAePuzzRz8oygdqiPPel+yydyLmVUzJ9IK65rgv2Hm12Vl6tyd/QaeB7+cyVhT 9tD72WT7BMCLz3rji5yCHfUrXQIdNdzs34vrmh7GSmVhQlwVfGxwllHKgTan1MEP eW6EG84CjBG0Tp2I/CTnLntBWaKsVPnpxQo8MgiyllXAG9+m+OZLz2MeZmmeV7DA +NXQ/DgcGwuQKVG3eHhtx+NfSyl26glqKaWwtllpLOiOatzFIQ7glQtkJ0oncSY3 kQrsWN7TfpdnKPnd/lX0eCY= -----END CERTIFICATE-----Generated at Wed Jun 4 11:49:09 2025 by rpki-client