$ rpki-client -vvf rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/CE76D260A87511EF9905FE0AC4F9AE02.roa File: CE76D260A87511EF9905FE0AC4F9AE02.roa (raw, json) Hash identifier: 6JIc4d8BNf2O/EKySQKpM6o2IKpn3xNSeM6FADMCvYI= Subject key identifier: B1:07:B2:A3:CB:82:5C:E0:23:DA:BF:38:6A:4D:19:DF:36:02:87:92 Certificate issuer: /CN=A91A560A/serialNumber=8AC721298F92E10A2EE3051AFBC9114284F80E12 Certificate serial: 05EC Authority key identifier: 8A:C7:21:29:8F:92:E1:0A:2E:E3:05:1A:FB:C9:11:42:84:F8:0E:12 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ischKY-S4Qou4wUa-8kRQoT4DhI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/CE76D260A87511EF9905FE0AC4F9AE02.roa Signing time: Thu 29 May 2025 08:47:23 +0000 ROA not before: Thu 29 May 2025 08:47:23 +0000 ROA not after: Fri 31 Oct 2025 00:00:00 +0000 asID: 150820 IP address blocks: 157.15.38.0/23 maxlen: 23 157.20.62.0/23 maxlen: 23 157.66.252.0/23 maxlen: 23 160.22.172.0/23 maxlen: 23 160.22.174.0/23 maxlen: 23 160.30.190.0/23 maxlen: 23 160.187.120.0/23 maxlen: 23 160.191.176.0/23 maxlen: 23 160.191.240.0/23 maxlen: 23 160.250.46.0/23 maxlen: 23 161.248.208.0/23 maxlen: 23 165.99.14.0/23 maxlen: 23 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/ischKY-S4Qou4wUa-8kRQoT4DhI.crl rsync://rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/ischKY-S4Qou4wUa-8kRQoT4DhI.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ischKY-S4Qou4wUa-8kRQoT4DhI.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 09 Jun 2025 14:35:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1516 (0x5ec) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A560A, serialNumber=8AC721298F92E10A2EE3051AFBC9114284F80E12 Validity Not Before: May 29 08:47:23 2025 GMT Not After : Oct 31 00:00:00 2025 GMT Subject: CN=68381f1a-53af Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:06:65:11:7a:ed:ca:69:54:3c:3b:50:f4:7d: d2:f4:c7:35:69:7f:4c:54:89:a1:a5:e0:f6:00:4d: 4c:96:9e:cb:cf:37:60:2f:b9:eb:3b:ff:f3:f5:73: d5:66:cc:85:c9:c9:3f:ce:f6:0a:6e:6a:71:fa:af: 11:2b:0c:1f:f2:b6:74:57:80:ff:83:f4:18:ea:c3: 2e:db:c7:0c:fe:94:e5:0e:9a:ad:43:73:b7:b7:38: 4d:2f:ba:36:4d:40:cd:5e:9c:6d:56:36:b0:b1:55: b1:a8:a7:1e:f5:29:32:83:8f:69:fd:65:81:68:e1: 1e:f2:d2:dd:03:2e:25:f9:ca:ad:27:75:2a:22:55: 67:ab:1e:cf:25:2b:dd:ff:cc:0f:8c:2a:01:d5:0a: f2:80:62:51:16:d5:5c:5e:f3:25:54:e3:c4:c9:e2: 21:69:33:e1:05:0b:c3:5d:d2:21:c2:c5:6c:45:80: 3c:ab:d2:b5:61:be:55:26:0f:4c:92:8a:16:2f:48: a5:cf:64:93:6c:ea:7a:2a:1e:eb:7c:ef:97:ca:4a: 13:8c:9b:49:f6:14:70:01:0c:24:51:02:d4:09:cb: 03:b1:bd:87:7a:75:c9:0c:65:57:81:4c:75:5b:3e: f5:96:d2:2e:e4:5c:20:8a:c3:16:83:b2:55:64:cd: 14:ef Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B1:07:B2:A3:CB:82:5C:E0:23:DA:BF:38:6A:4D:19:DF:36:02:87:92 X509v3 Authority Key Identifier: keyid:8A:C7:21:29:8F:92:E1:0A:2E:E3:05:1A:FB:C9:11:42:84:F8:0E:12 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/ischKY-S4Qou4wUa-8kRQoT4DhI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ischKY-S4Qou4wUa-8kRQoT4DhI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/CE76D260A87511EF9905FE0AC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 157.15.38.0/23 157.20.62.0/23 157.66.252.0/23 160.22.172.0/22 160.30.190.0/23 160.187.120.0/23 160.191.176.0/23 160.191.240.0/23 160.250.46.0/23 161.248.208.0/23 165.99.14.0/23 Signature Algorithm: sha256WithRSAEncryption ab:89:52:18:1c:21:3e:a8:40:ae:56:f7:a8:f7:38:84:ae:06: 42:8e:2c:97:b9:a9:2d:fc:f5:c5:70:dd:d9:aa:c3:ba:9f:45: d1:ce:64:ea:d3:8d:11:67:36:8b:bd:7d:ad:32:40:af:b3:f3: bc:ab:ef:3b:f2:46:bc:9d:37:68:d2:56:c8:21:2c:f3:b4:f4: 77:86:c5:b4:e8:f3:e3:72:dc:2a:02:f7:af:c8:9f:78:58:91: 04:66:c3:e3:5f:2b:4b:11:46:3e:d8:ab:05:81:92:16:f1:28: 74:af:73:6c:24:6a:05:8a:94:3b:ca:b9:98:10:79:e2:7e:4c: d0:d7:0f:e9:a6:06:0e:3e:46:e6:9d:6d:1c:0b:c4:d3:2e:e2: a9:4b:3b:1d:71:89:d9:14:44:47:6e:3d:56:d8:7f:e9:fe:3f: a3:ab:4b:1f:7e:2e:58:0e:88:bd:39:80:58:cd:59:a5:12:84: 86:a8:fa:bb:cb:3a:67:f3:c1:c7:7e:a1:9e:3a:09:b8:32:3e: ef:51:38:b3:91:a7:23:35:9b:de:60:7b:81:cf:6a:d8:58:92: 84:5a:84:69:fc:12:51:30:07:a0:1f:af:52:91:1c:11:e9:13: 26:d6:2c:91:e5:c0:36:1a:b1:e5:22:a3:15:3c:31:10:34:88: fc:69:62:af -----BEGIN CERTIFICATE----- MIIFrTCCBJWgAwIBAgICBewwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTU2MEExMTAvBgNVBAUTKDhBQzcyMTI5OEY5MkUxMEEyRUUzMDUxQUZCQzkxMTQy ODRGODBFMTIwHhcNMjUwNTI5MDg0NzIzWhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD VQQDEw02ODM4MWYxYS01M2FmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEApAZlEXrtymlUPDtQ9H3S9Mc1aX9MVImhpeD2AE1Mlp7LzzdgL7nrO//z9XPV ZsyFyck/zvYKbmpx+q8RKwwf8rZ0V4D/g/QY6sMu28cM/pTlDpqtQ3O3tzhNL7o2 TUDNXpxtVjawsVWxqKce9Skyg49p/WWBaOEe8tLdAy4l+cqtJ3UqIlVnqx7PJSvd /8wPjCoB1QrygGJRFtVcXvMlVOPEyeIhaTPhBQvDXdIhwsVsRYA8q9K1Yb5VJg9M kooWL0ilz2STbOp6Kh7rfO+XykoTjJtJ9hRwAQwkUQLUCcsDsb2HenXJDGVXgUx1 Wz71ltIu5FwgisMWg7JVZM0U7wIDAQABo4IC0TCCAs0wHQYDVR0OBBYEFLEHsqPL glzgI9q/OGpNGd82AoeSMB8GA1UdIwQYMBaAFIrHISmPkuEKLuMFGvvJEUKE+A4S MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTYwQS8yMDk1ODYxOEE5 REYxMUVFQTM1NkE0M0VDNEY5QUUwMi9pc2NoS1ktUzRRb3U0d1VhLThrUlFvVDRE aEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL2lzY2hLWS1TNFFvdTR3VWEtOGtSUW9UNERoSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QTU2MEEvMjA5NTg2MThBOURGMTFFRUEzNTZBNDNFQzRGOUFFMDIvQ0U3NkQyNjBB ODc1MTFFRjk5MDVGRTBBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwWwYIKwYBBQUHAQcBAf8E TDBKMEgEAgABMEIDBAGdDyYDBAGdFD4DBAGdQvwDBAKgFqwDBAGgHr4DBAGgu3gD BAGgv7ADBAGgv/ADBAGg+i4DBAGh+NADBAGlYw4wDQYJKoZIhvcNAQELBQADggEB AKuJUhgcIT6oQK5W96j3OISuBkKOLJe5qS389cVw3dmqw7qfRdHOZOrTjRFnNou9 fa0yQK+z87yr7zvyRrydN2jSVsghLPO09HeGxbTo8+Ny3CoC96/In3hYkQRmw+Nf K0sRRj7YqwWBkhbxKHSvc2wkagWKlDvKuZgQeeJ+TNDXD+mmBg4+RuadbRwLxNMu 4qlLOx1xidkUREduPVbYf+n+P6OrSx9+LlgOiL05gFjNWaUShIao+rvLOmfzwcd+ oZ46CbgyPu9ROLORpyM1m95ge4HPathYkoRahGn8ElEwB6Afr1KRHBHpEybWLJHl wDYaseUioxU8MRA0iPxpYq8= -----END CERTIFICATE-----Generated at Wed Jun 4 12:24:43 2025 by rpki-client