$ rpki-client -vvf rpki.apnic.net/member_repository/A91C3B8A/08C43924384D11EAA4F55B73C4F9AE02/BFE21FE09B0511EDB2F0BD4EC4F9AE02.roa File: BFE21FE09B0511EDB2F0BD4EC4F9AE02.roa (raw, json) Hash identifier: uxCtCSV+O4TDyj5SgoE3dM5DZOqE4xyThfn972D+Swk= Subject key identifier: 0A:C9:8F:F1:62:2A:EB:14:51:3F:06:2D:4A:0B:55:C5:2A:C4:14:40 Certificate issuer: /CN=A91C3B8A/serialNumber=4550C69051BAA18AF112DC76B5F5DF9E6B7940D5 Certificate serial: 0B41 Authority key identifier: 45:50:C6:90:51:BA:A1:8A:F1:12:DC:76:B5:F5:DF:9E:6B:79:40:D5 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/RVDGkFG6oYrxEtx2tfXfnmt5QNU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C3B8A/08C43924384D11EAA4F55B73C4F9AE02/BFE21FE09B0511EDB2F0BD4EC4F9AE02.roa Signing time: Tue 04 Mar 2025 20:27:54 +0000 ROA not before: Tue 04 Mar 2025 20:27:54 +0000 ROA not after: Fri 01 May 2026 00:00:00 +0000 asID: 15083 IP address blocks: 116.193.156.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C3B8A/08C43924384D11EAA4F55B73C4F9AE02/RVDGkFG6oYrxEtx2tfXfnmt5QNU.crl rsync://rpki.apnic.net/member_repository/A91C3B8A/08C43924384D11EAA4F55B73C4F9AE02/RVDGkFG6oYrxEtx2tfXfnmt5QNU.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/RVDGkFG6oYrxEtx2tfXfnmt5QNU.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 11 Apr 2025 19:20:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2881 (0xb41) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C3B8A Validity Not Before: Mar 4 20:27:54 2025 GMT Not After : May 1 00:00:00 2026 GMT Subject: CN=67c7624a-cdd3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e4:27:db:d0:24:46:f8:89:1d:bc:44:89:3c:8a: f4:36:ac:d2:3e:17:04:4b:7e:1a:08:4f:32:60:78: 79:7b:53:ad:0e:26:58:35:57:1d:4d:fd:86:d2:26: 7c:91:c4:b0:27:05:0b:ca:b7:58:90:e5:99:be:ca: 1f:7f:5a:d2:5d:50:5f:55:dc:b7:1c:74:4d:4a:92: df:d0:7e:0c:0c:a8:0b:d2:ca:ca:1f:0b:c1:9b:38: 10:66:10:17:ce:f5:53:59:dc:40:35:3f:c2:fc:30: 8b:8e:14:3f:72:03:85:75:92:b5:2c:99:ba:cb:a0: 39:71:24:0d:53:12:53:0e:2d:9f:b4:98:9e:e0:92: 4a:d2:ef:e0:c4:1c:f1:7f:2a:a4:0e:8f:34:78:7b: 43:de:1c:33:49:fa:ac:d9:3c:50:a2:3d:6b:02:43: f4:d6:d2:29:d9:f8:b2:b3:e2:e6:21:5c:ea:ea:6d: 4f:bf:9f:68:85:27:61:f1:47:b5:b9:05:52:7e:f2: 64:ae:c8:9d:90:f8:d3:49:27:76:90:dc:7d:58:ce: c0:cc:d2:4a:b8:0d:9e:45:27:42:73:fe:33:6d:1b: 4a:06:86:3e:6f:1f:14:5a:1c:9e:ff:22:8e:ec:62: c7:bb:72:5d:04:52:4f:e5:f5:a2:35:01:ea:e5:ba: 82:9b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0A:C9:8F:F1:62:2A:EB:14:51:3F:06:2D:4A:0B:55:C5:2A:C4:14:40 X509v3 Authority Key Identifier: keyid:45:50:C6:90:51:BA:A1:8A:F1:12:DC:76:B5:F5:DF:9E:6B:79:40:D5 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C3B8A/08C43924384D11EAA4F55B73C4F9AE02/RVDGkFG6oYrxEtx2tfXfnmt5QNU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/RVDGkFG6oYrxEtx2tfXfnmt5QNU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C3B8A/08C43924384D11EAA4F55B73C4F9AE02/BFE21FE09B0511EDB2F0BD4EC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 116.193.156.0/24 Signature Algorithm: sha256WithRSAEncryption c2:5f:46:6d:be:04:a9:b5:6a:4c:ff:c2:f4:34:85:b9:ac:a6: 8a:a2:94:28:88:42:e9:78:8d:2c:fd:ca:5c:b7:b1:05:f0:20: dc:2a:bc:93:02:46:24:f5:a3:5f:ef:56:8a:8b:d9:1c:21:28: b2:1a:97:5c:7b:15:67:82:ac:ad:cf:5c:67:dc:4a:eb:47:e5: a2:5d:46:c8:94:76:c5:32:38:f1:77:38:59:b5:88:bc:f0:1e: 57:cf:72:03:33:00:96:95:a2:54:77:fc:18:5a:90:ab:12:7e: bf:42:a3:c4:4e:d1:5d:f2:85:5c:f0:4c:53:61:6b:1b:2b:18: 31:1e:50:51:19:f9:eb:b7:0e:ab:6d:fc:95:95:42:9c:78:e4: a2:4e:5f:ae:f9:c7:cd:bf:05:51:b8:57:f1:ce:b1:5b:de:57: 7c:ba:f6:1b:2a:99:46:1f:35:a7:4f:93:67:95:a6:4a:54:ff: 78:f0:ee:ff:2d:24:69:f1:82:8d:53:96:1b:d9:e5:47:ba:05: b2:5e:9e:b9:9d:fc:94:3c:4e:52:ce:6c:03:77:16:15:61:cd: c4:c1:2b:56:2d:a1:b1:7a:62:4a:aa:21:50:7c:59:d6:4d:8a: d4:23:be:24:ac:1b:06:7a:92:ea:7f:aa:09:3c:0e:68:d1:a9: 7e:52:9a:1f -----BEGIN CERTIFICATE----- MIIFcTCCBFmgAwIBAgICC0EwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QzNCOEExMTAvBgNVBAUTKDQ1NTBDNjkwNTFCQUExOEFGMTEyREM3NkI1RjVERjlF NkI3OTQwRDUwHhcNMjUwMzA0MjAyNzU0WhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD VQQDEw02N2M3NjI0YS1jZGQzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA5Cfb0CRG+IkdvESJPIr0NqzSPhcES34aCE8yYHh5e1OtDiZYNVcdTf2G0iZ8 kcSwJwULyrdYkOWZvsoff1rSXVBfVdy3HHRNSpLf0H4MDKgL0srKHwvBmzgQZhAX zvVTWdxANT/C/DCLjhQ/cgOFdZK1LJm6y6A5cSQNUxJTDi2ftJie4JJK0u/gxBzx fyqkDo80eHtD3hwzSfqs2TxQoj1rAkP01tIp2fiys+LmIVzq6m1Pv59ohSdh8Ue1 uQVSfvJkrsidkPjTSSd2kNx9WM7AzNJKuA2eRSdCc/4zbRtKBoY+bx8UWhye/yKO 7GLHu3JdBFJP5fWiNQHq5bqCmwIDAQABo4IClTCCApEwHQYDVR0OBBYEFArJj/Fi KusUUT8GLUoLVcUqxBRAMB8GA1UdIwQYMBaAFEVQxpBRuqGK8RLcdrX1355reUDV MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDM0I4QS8wOEM0MzkyNDM4 NEQxMUVBQTRGNTVCNzNDNEY5QUUwMi9SVkRHa0ZHNm9ZcnhFdHgydGZYZm5tdDVR TlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1JWREdrRkc2b1lyeEV0eDJ0Zlhmbm10NVFOVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QzNCOEEvMDhDNDM5MjQzODREMTFFQUE0RjU1QjczQzRGOUFFMDIvQkZFMjFGRTA5 QjA1MTFFREIyRjBCRDRFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E EDAOMAwEAgABMAYDBAB0wZwwDQYJKoZIhvcNAQELBQADggEBAMJfRm2+BKm1akz/ wvQ0hbmspoqilCiIQul4jSz9yly3sQXwINwqvJMCRiT1o1/vVoqL2RwhKLIal1x7 FWeCrK3PXGfcSutH5aJdRsiUdsUyOPF3OFm1iLzwHlfPcgMzAJaVolR3/BhakKsS fr9Co8RO0V3yhVzwTFNhaxsrGDEeUFEZ+eu3Dqtt/JWVQpx45KJOX675x82/BVG4 V/HOsVveV3y69hsqmUYfNadPk2eVpkpU/3jw7v8tJGnxgo1TlhvZ5Ue6BbJenrmd /JQ8TlLObAN3FhVhzcTBK1YtobF6YkqqIVB8WdZNitQjviSsGwZ6kup/qgk8DmjR qX5Smh8= -----END CERTIFICATE-----Generated at Sat Apr 5 18:27:30 2025 by rpki-client