$ rpki-client -vvf rpki.apnic.net/member_repository/A91B6F87/A7EA755C268811EBBE7C682BC4F9AE02/69BA51482C9C11EBB49A3A32C4F9AE02.roa File: 69BA51482C9C11EBB49A3A32C4F9AE02.roa (raw, json) Hash identifier: WfvvNRnELrbKdyHT2PbPWY6aXdMt2YiJ74YgfGsw5Hw= Subject key identifier: 0C:E1:D2:8E:C6:A0:4A:6C:F7:5C:FC:E6:39:F4:1D:C7:92:BD:24:87 Certificate issuer: /CN=A91B6F87/serialNumber=7ED17AFD7370A6A908D8262B86DABC7EED3D6140 Certificate serial: 075A Authority key identifier: 7E:D1:7A:FD:73:70:A6:A9:08:D8:26:2B:86:DA:BC:7E:ED:3D:61:40 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ftF6_XNwpqkI2CYrhtq8fu09YUA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B6F87/A7EA755C268811EBBE7C682BC4F9AE02/69BA51482C9C11EBB49A3A32C4F9AE02.roa Signing time: Sat 31 May 2025 21:49:31 +0000 ROA not before: Sat 31 May 2025 21:49:31 +0000 ROA not after: Wed 01 Oct 2025 00:00:00 +0000 asID: 45178 IP address blocks: 64.207.208.0/21 maxlen: 21 64.207.208.0/22 maxlen: 22 64.207.208.0/23 maxlen: 23 64.207.208.0/24 maxlen: 24 64.207.209.0/24 maxlen: 24 64.207.210.0/23 maxlen: 23 64.207.210.0/24 maxlen: 24 64.207.211.0/24 maxlen: 24 64.207.212.0/23 maxlen: 23 64.207.212.0/24 maxlen: 24 64.207.213.0/24 maxlen: 24 64.207.214.0/23 maxlen: 23 64.207.214.0/24 maxlen: 24 64.207.215.0/24 maxlen: 24 74.118.80.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B6F87/A7EA755C268811EBBE7C682BC4F9AE02/ftF6_XNwpqkI2CYrhtq8fu09YUA.crl rsync://rpki.apnic.net/member_repository/A91B6F87/A7EA755C268811EBBE7C682BC4F9AE02/ftF6_XNwpqkI2CYrhtq8fu09YUA.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ftF6_XNwpqkI2CYrhtq8fu09YUA.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 09 Jun 2025 21:52:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1882 (0x75a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B6F87, serialNumber=7ED17AFD7370A6A908D8262B86DABC7EED3D6140 Validity Not Before: May 31 21:49:31 2025 GMT Not After : Oct 1 00:00:00 2025 GMT Subject: CN=683b796b-3ca5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:d5:98:80:fc:99:5a:e9:8d:ae:5a:6f:70:af: ce:eb:13:af:33:7f:10:f4:0c:96:ac:c0:df:5a:f1: 7d:03:18:75:1c:a4:75:c7:db:9b:a3:21:84:08:65: eb:43:88:87:49:ad:2c:36:4d:f6:50:f6:cf:34:59: 01:00:69:27:52:23:7c:87:11:3b:1a:64:09:31:bc: 28:5e:4d:df:28:41:dd:62:c4:fc:d2:ca:c7:d3:a0: 77:71:34:70:17:e1:0f:f1:47:87:27:b9:18:6c:fa: c8:ac:2a:3c:7c:3f:f2:8c:80:d8:e1:25:e1:4c:10: 1d:18:68:00:9d:97:ee:ad:73:b0:ee:f8:5f:4b:b0: b5:ac:91:e9:4a:ea:e0:c4:d3:b6:8d:8c:6f:82:05: ba:c8:50:9f:19:e3:87:a9:a2:67:45:e2:a5:61:77: 8d:c0:59:5e:27:78:4d:46:1e:43:15:f6:8a:5f:1e: 07:48:dc:bf:83:dd:d2:ab:bc:74:c5:c9:7d:3d:03: a4:38:65:c0:6b:a4:51:dd:3e:6c:1a:43:06:9c:51: 64:4f:bc:c8:4e:50:28:02:9b:90:27:f3:f0:64:16: a4:98:80:88:16:99:36:cc:c7:9c:00:11:7d:93:29: 55:a7:3c:4e:9d:4d:2d:99:d5:88:fb:13:8e:68:cd: 69:23 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0C:E1:D2:8E:C6:A0:4A:6C:F7:5C:FC:E6:39:F4:1D:C7:92:BD:24:87 X509v3 Authority Key Identifier: keyid:7E:D1:7A:FD:73:70:A6:A9:08:D8:26:2B:86:DA:BC:7E:ED:3D:61:40 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B6F87/A7EA755C268811EBBE7C682BC4F9AE02/ftF6_XNwpqkI2CYrhtq8fu09YUA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ftF6_XNwpqkI2CYrhtq8fu09YUA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B6F87/A7EA755C268811EBBE7C682BC4F9AE02/69BA51482C9C11EBB49A3A32C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 64.207.208.0/21 74.118.80.0/22 Signature Algorithm: sha256WithRSAEncryption 2b:f3:e6:d6:e9:96:6b:f4:c9:54:df:ce:98:a1:aa:2c:63:b0: dc:ad:5b:7b:ed:e7:51:a5:82:39:44:8f:5d:3c:32:3f:a4:0b: a9:64:77:c9:bb:8b:ac:40:4f:9a:c5:ab:27:65:fc:cf:7c:c0: 94:8c:4a:e2:cc:fd:f9:5f:eb:49:82:c6:8b:82:df:55:58:08: f4:18:55:fa:e4:a2:9d:cc:58:de:14:ac:12:3c:79:2f:5e:3e: 9b:54:9d:77:e6:da:af:7f:5c:0e:1f:af:01:01:3c:79:04:1f: eb:e9:b3:45:bc:6d:0f:8c:fb:80:38:fd:70:e3:c1:0e:c8:9b: 60:9f:37:52:42:6e:e8:ce:83:66:70:51:52:72:bf:d7:fb:36: 78:b4:5b:c3:95:12:d4:35:a4:e7:bc:5a:e1:06:7a:cb:eb:a9: 2f:b1:75:7b:80:06:ab:dc:a4:a2:2b:a0:ff:48:1e:9e:26:c8: 8a:42:5d:30:b3:b2:e2:47:65:83:20:e0:f5:e1:f9:92:02:c3: 0c:46:ba:8b:9e:04:37:9b:c5:bd:62:2f:e8:86:3a:b9:66:1a: d5:2b:39:aa:99:73:6c:8f:60:1e:4f:59:e2:f4:a6:37:80:27: ea:7f:09:81:3a:fd:6f:fd:45:2d:ee:a5:7e:20:a6:bb:5c:8a: 40:9e:0d:22 -----BEGIN CERTIFICATE----- MIIFdzCCBF+gAwIBAgICB1owDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjZGODcxMTAvBgNVBAUTKDdFRDE3QUZENzM3MEE2QTkwOEQ4MjYyQjg2REFCQzdF RUQzRDYxNDAwHhcNMjUwNTMxMjE0OTMxWhcNMjUxMDAxMDAwMDAwWjAYMRYwFAYD VQQDEw02ODNiNzk2Yi0zY2E1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAudWYgPyZWumNrlpvcK/O6xOvM38Q9AyWrMDfWvF9Axh1HKR1x9uboyGECGXr Q4iHSa0sNk32UPbPNFkBAGknUiN8hxE7GmQJMbwoXk3fKEHdYsT80srH06B3cTRw F+EP8UeHJ7kYbPrIrCo8fD/yjIDY4SXhTBAdGGgAnZfurXOw7vhfS7C1rJHpSurg xNO2jYxvggW6yFCfGeOHqaJnReKlYXeNwFleJ3hNRh5DFfaKXx4HSNy/g93Sq7x0 xcl9PQOkOGXAa6RR3T5sGkMGnFFkT7zITlAoApuQJ/PwZBakmICIFpk2zMecABF9 kylVpzxOnU0tmdWI+xOOaM1pIwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFAzh0o7G oEps91z85jn0HceSvSSHMB8GA1UdIwQYMBaAFH7Rev1zcKapCNgmK4bavH7tPWFA MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNkY4Ny9BN0VBNzU1QzI2 ODgxMUVCQkU3QzY4MkJDNEY5QUUwMi9mdEY2X1hOd3Bxa0kyQ1lyaHRxOGZ1MDlZ VUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL2Z0RjZfWE53cHFrSTJDWXJodHE4ZnUwOVlVQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QjZGODcvQTdFQTc1NUMyNjg4MTFFQkJFN0M2ODJCQzRGOUFFMDIvNjlCQTUxNDgy QzlDMTFFQkI0OUEzQTMyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E FjAUMBIEAgABMAwDBANAz9ADBAJKdlAwDQYJKoZIhvcNAQELBQADggEBACvz5tbp lmv0yVTfzpihqixjsNytW3vt51GlgjlEj108Mj+kC6lkd8m7i6xAT5rFqydl/M98 wJSMSuLM/flf60mCxouC31VYCPQYVfrkop3MWN4UrBI8eS9ePptUnXfm2q9/XA4f rwEBPHkEH+vps0W8bQ+M+4A4/XDjwQ7Im2CfN1JCbujOg2ZwUVJyv9f7Nni0W8OV EtQ1pOe8WuEGesvrqS+xdXuABqvcpKIroP9IHp4myIpCXTCzsuJHZYMg4PXh+ZIC wwxGuoueBDebxb1iL+iGOrlmGtUrOaqZc2yPYB5PWeL0pjeAJ+p/CYE6/W/9RS3u pX4gprtcikCeDSI= -----END CERTIFICATE-----Generated at Wed Jun 4 12:30:17 2025 by rpki-client