$ rpki-client -vvf rpki.apnic.net/member_repository/A91972DF/27E3EDA4983311EF83189A57C4F9AE02/D2D7B762995611EFADA5D754C4F9AE02.roa File: D2D7B762995611EFADA5D754C4F9AE02.roa (raw, json) Hash identifier: P8Uz392/KpNavGqAZa2GAkqPLrN5Wfcp0qzBrJpnBuA= Subject key identifier: 43:A1:B1:16:18:55:6F:6C:BD:26:24:E2:73:76:36:E5:21:09:8F:F7 Certificate issuer: /CN=A91972DF/serialNumber=4720A2B78C78239926FDEE7344A3680DA0D8071D Certificate serial: 7C Authority key identifier: 47:20:A2:B7:8C:78:23:99:26:FD:EE:73:44:A3:68:0D:A0:D8:07:1D Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/RyCit4x4I5km_e5zRKNoDaDYBx0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91972DF/27E3EDA4983311EF83189A57C4F9AE02/D2D7B762995611EFADA5D754C4F9AE02.roa Signing time: Tue 03 Jun 2025 08:43:36 +0000 ROA not before: Tue 03 Jun 2025 08:43:36 +0000 ROA not after: Sat 31 Jan 2026 00:00:00 +0000 asID: 136574 IP address blocks: 160.191.154.0/23 maxlen: 23 160.191.154.0/24 maxlen: 24 160.191.155.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91972DF/27E3EDA4983311EF83189A57C4F9AE02/RyCit4x4I5km_e5zRKNoDaDYBx0.crl rsync://rpki.apnic.net/member_repository/A91972DF/27E3EDA4983311EF83189A57C4F9AE02/RyCit4x4I5km_e5zRKNoDaDYBx0.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/RyCit4x4I5km_e5zRKNoDaDYBx0.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 12 Jun 2025 05:59:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 124 (0x7c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91972DF, serialNumber=4720A2B78C78239926FDEE7344A3680DA0D8071D Validity Not Before: Jun 3 08:43:36 2025 GMT Not After : Jan 31 00:00:00 2026 GMT Subject: CN=683eb5b8-929d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:3d:41:d9:46:09:95:8c:0a:43:f2:db:15:69: 29:78:c2:64:f8:05:eb:cf:10:4e:0f:e6:70:c4:20: ce:df:84:6c:75:18:f6:19:df:ea:39:d2:8f:28:45: 61:9a:44:d9:c9:c3:9a:18:e2:e4:24:79:ba:a8:7d: e6:89:38:24:c5:3e:d2:b9:82:cb:c2:ba:e9:21:64: eb:47:04:64:a1:e6:0c:68:aa:ca:14:55:1d:24:2b: bf:18:2a:21:ab:85:77:bf:e0:71:3e:6d:8c:1f:65: 9e:b3:be:ed:e4:88:33:3e:95:2a:da:c4:87:58:c4: da:31:10:b8:01:1c:9f:c9:b2:23:69:bb:7b:dc:bf: 43:49:0a:1d:e0:c8:bd:07:b0:6d:e7:12:77:0f:be: ba:67:5d:63:77:5a:9f:85:84:a8:9b:c7:8e:6e:b4: a9:34:32:e4:04:c0:f7:70:6a:4b:3a:b2:8c:7d:fc: 75:9b:e7:e4:f5:b1:45:ea:e8:a2:d4:87:f7:dd:52: d5:23:28:7e:95:7f:81:6a:27:51:d5:3c:09:9f:83: 13:7b:5a:b0:1f:ba:0d:ed:29:e0:20:f4:64:d6:9a: 32:c0:76:9c:ea:f7:47:25:c6:d9:af:07:0e:cb:b8: 08:18:cb:7b:42:ef:d7:15:47:2e:96:df:ec:2f:4a: f3:bf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 43:A1:B1:16:18:55:6F:6C:BD:26:24:E2:73:76:36:E5:21:09:8F:F7 X509v3 Authority Key Identifier: keyid:47:20:A2:B7:8C:78:23:99:26:FD:EE:73:44:A3:68:0D:A0:D8:07:1D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91972DF/27E3EDA4983311EF83189A57C4F9AE02/RyCit4x4I5km_e5zRKNoDaDYBx0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/RyCit4x4I5km_e5zRKNoDaDYBx0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91972DF/27E3EDA4983311EF83189A57C4F9AE02/D2D7B762995611EFADA5D754C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 160.191.154.0/23 Signature Algorithm: sha256WithRSAEncryption cd:a2:55:ae:31:25:9a:20:5e:2c:4d:97:a3:50:e9:0c:fb:6f: 20:4b:d3:a9:a1:1c:3f:2e:ec:d2:63:d0:1e:d2:43:d1:ba:b1: 32:48:7e:3a:6c:8e:c0:e6:6d:a9:7b:8f:51:98:e8:77:4f:10: 53:84:86:85:6b:bb:c7:a8:da:d3:71:7c:58:d8:86:60:02:18: 23:25:0f:cb:0a:df:d6:f1:22:d3:ef:cf:ca:61:f1:1d:47:5e: e8:66:36:12:44:c5:44:ca:d8:b6:23:91:e9:53:29:aa:cb:f2: fc:b2:a0:6d:fa:e6:c7:10:a0:25:16:6b:9d:f7:c1:ca:9b:13: 8f:91:d4:c3:30:d6:06:8a:27:7c:92:af:39:bb:42:89:ad:e1: 5e:ca:30:6f:18:ad:79:d2:15:b2:86:81:c7:ec:88:9f:b8:9a: 21:22:33:5f:89:56:e6:94:10:09:ca:0b:30:0c:9b:27:0b:0c: 41:80:68:8d:e1:7d:61:31:2f:bb:eb:ff:ee:f6:af:7c:c4:d3: 72:60:67:b3:fc:b4:e9:ef:84:61:a4:c0:bb:2f:b0:0e:67:ae: 8e:12:2b:6c:e5:42:02:0c:5d:1b:da:59:3a:c5:e3:a8:e9:fd: 10:ab:d8:0c:5f:3c:bf:71:6c:91:40:a4:89:33:7f:b1:d1:b7: 4d:ca:05:69 -----BEGIN CERTIFICATE----- MIIFcDCCBFigAwIBAgIBfDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE5 NzJERjExMC8GA1UEBRMoNDcyMEEyQjc4Qzc4MjM5OTI2RkRFRTczNDRBMzY4MERB MEQ4MDcxRDAeFw0yNTA2MDMwODQzMzZaFw0yNjAxMzEwMDAwMDBaMBgxFjAUBgNV BAMTDTY4M2ViNWI4LTkyOWQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQC+PUHZRgmVjApD8tsVaSl4wmT4BevPEE4P5nDEIM7fhGx1GPYZ3+o50o8oRWGa RNnJw5oY4uQkebqofeaJOCTFPtK5gsvCuukhZOtHBGSh5gxoqsoUVR0kK78YKiGr hXe/4HE+bYwfZZ6zvu3kiDM+lSraxIdYxNoxELgBHJ/JsiNpu3vcv0NJCh3gyL0H sG3nEncPvrpnXWN3Wp+FhKibx45utKk0MuQEwPdwaks6sox9/HWb5+T1sUXq6KLU h/fdUtUjKH6Vf4FqJ1HVPAmfgxN7WrAfug3tKeAg9GTWmjLAdpzq90clxtmvBw7L uAgYy3tC79cVRy6W3+wvSvO/AgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUQ6GxFhhV b2y9JiTic3Y25SEJj/cwHwYDVR0jBBgwFoAURyCit4x4I5km/e5zRKNoDaDYBx0w DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTk3MkRGLzI3RTNFREE0OTgz MzExRUY4MzE4OUE1N0M0RjlBRTAyL1J5Q2l0NHg0STVrbV9lNXpSS05vRGFEWUJ4 MC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvUnlDaXQ0eDRJNWttX2U1elJLTm9EYURZQngwLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5 NzJERi8yN0UzRURBNDk4MzMxMUVGODMxODlBNTdDNEY5QUUwMi9EMkQ3Qjc2Mjk5 NTYxMUVGQURBNUQ3NTRDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ MA4wDAQCAAEwBgMEAaC/mjANBgkqhkiG9w0BAQsFAAOCAQEAzaJVrjElmiBeLE2X o1DpDPtvIEvTqaEcPy7s0mPQHtJD0bqxMkh+OmyOwOZtqXuPUZjod08QU4SGhWu7 x6ja03F8WNiGYAIYIyUPywrf1vEi0+/PymHxHUde6GY2EkTFRMrYtiOR6VMpqsvy /LKgbfrmxxCgJRZrnffBypsTj5HUwzDWBoonfJKvObtCia3hXsowbxitedIVsoaB x+yIn7iaISIzX4lW5pQQCcoLMAybJwsMQYBojeF9YTEvu+v/7vavfMTTcmBns/y0 6e+EYaTAuy+wDmeujhIrbOVCAgxdG9pZOsXjqOn9EKvYDF88v3FskUCkiTN/sdG3 TcoFaQ== -----END CERTIFICATE-----Generated at Thu Jun 5 19:19:26 2025 by rpki-client