$ rpki-client -vvf rpki.apnic.net/member_repository/A91E9467/770B4F1A526F11ECBC50EB17C4F9AE02/F63AA888900F11ED8B4CB41DC4F9AE02.roa File: F63AA888900F11ED8B4CB41DC4F9AE02.roa (raw, json) Hash identifier: 4GFmq+y/6BnQNNwGjl1gbuy3YynLJ9fv1uZb3cM+3cw= Subject key identifier: 82:13:2A:95:30:47:D9:F4:BB:75:15:6F:93:D2:CC:6C:23:03:75:F6 Certificate issuer: /CN=A91E9467/serialNumber=52BE9DDE9568FE4ADCA0F345B3617A63C3075845 Certificate serial: 0486 Authority key identifier: 52:BE:9D:DE:95:68:FE:4A:DC:A0:F3:45:B3:61:7A:63:C3:07:58:45 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ur6d3pVo_krcoPNFs2F6Y8MHWEU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E9467/770B4F1A526F11ECBC50EB17C4F9AE02/F63AA888900F11ED8B4CB41DC4F9AE02.roa Signing time: Sun 01 Jun 2025 00:34:15 +0000 ROA not before: Sun 01 Jun 2025 00:34:14 +0000 ROA not after: Thu 30 Jul 2026 00:00:00 +0000 asID: 133660 IP address blocks: 45.112.200.0/22 maxlen: 22 45.112.200.0/23 maxlen: 23 45.112.200.0/24 maxlen: 24 45.112.201.0/24 maxlen: 24 45.112.202.0/23 maxlen: 23 45.112.202.0/24 maxlen: 24 45.112.203.0/24 maxlen: 24 103.42.84.0/22 maxlen: 22 103.42.84.0/23 maxlen: 23 103.42.84.0/24 maxlen: 24 103.42.85.0/24 maxlen: 24 103.42.86.0/23 maxlen: 23 103.42.86.0/24 maxlen: 24 103.42.87.0/24 maxlen: 24 2406:640::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E9467/770B4F1A526F11ECBC50EB17C4F9AE02/Ur6d3pVo_krcoPNFs2F6Y8MHWEU.crl rsync://rpki.apnic.net/member_repository/A91E9467/770B4F1A526F11ECBC50EB17C4F9AE02/Ur6d3pVo_krcoPNFs2F6Y8MHWEU.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ur6d3pVo_krcoPNFs2F6Y8MHWEU.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 10 Jun 2025 00:24:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1158 (0x486) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E9467, serialNumber=52BE9DDE9568FE4ADCA0F345B3617A63C3075845 Validity Not Before: Jun 1 00:34:14 2025 GMT Not After : Jul 30 00:00:00 2026 GMT Subject: CN=683ba006-3499 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ed:7d:b6:0e:4f:f7:cb:9c:c4:b0:ff:2d:3e:62: c8:73:34:08:1d:4a:5b:be:d8:27:5e:09:7e:65:82: 4f:f1:f0:09:2a:02:01:5a:6f:a7:d5:37:3d:89:9a: 0f:34:97:fa:86:a1:0d:1d:bb:22:9a:69:bc:8f:59: 34:7a:5f:c1:0f:bc:58:c7:8c:0c:f5:82:9e:c2:5a: ba:32:87:b6:b0:26:59:3a:03:e9:ca:0d:43:75:3c: 26:4e:21:29:42:55:a2:48:4c:17:c6:89:05:03:1d: 3f:9a:21:2a:61:a7:9c:c1:af:90:6c:74:b9:9b:fe: d6:ce:7f:ff:ca:a8:39:76:b3:32:1f:07:b8:54:6b: 37:75:bc:2e:f4:3c:36:41:c1:3a:d1:fa:93:c4:fb: 11:32:f0:83:d1:3b:5e:f8:8b:85:80:4b:4b:dc:6a: 4c:63:f8:b7:4d:7e:6d:8a:d7:3d:68:ea:8e:98:fe: 9c:d8:cc:00:97:f6:fd:52:9b:f2:d8:0a:cb:88:0b: f0:41:c3:f8:91:51:30:15:98:7c:d1:11:c3:14:f0: 6f:c0:fe:a6:6e:b4:eb:9a:98:56:b5:52:35:54:04: 2a:50:c8:76:4e:cc:76:02:49:37:a8:36:43:68:1e: 72:c5:eb:0e:de:e7:36:1c:94:d9:08:5a:09:e7:ea: 80:05 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 82:13:2A:95:30:47:D9:F4:BB:75:15:6F:93:D2:CC:6C:23:03:75:F6 X509v3 Authority Key Identifier: keyid:52:BE:9D:DE:95:68:FE:4A:DC:A0:F3:45:B3:61:7A:63:C3:07:58:45 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E9467/770B4F1A526F11ECBC50EB17C4F9AE02/Ur6d3pVo_krcoPNFs2F6Y8MHWEU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ur6d3pVo_krcoPNFs2F6Y8MHWEU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E9467/770B4F1A526F11ECBC50EB17C4F9AE02/F63AA888900F11ED8B4CB41DC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 45.112.200.0/22 103.42.84.0/22 IPv6: 2406:640::/32 Signature Algorithm: sha256WithRSAEncryption 7a:a5:35:33:d2:50:a0:69:4b:73:4e:ec:ed:0b:72:cc:bf:56: e6:19:ad:cd:20:cf:fd:99:b6:79:f0:64:45:f7:8c:1a:22:6a: a0:96:d0:bf:be:d0:5e:1c:44:75:72:9d:b8:81:22:1d:24:fb: 5c:5a:06:22:1e:2c:e8:83:9b:a2:c2:66:42:50:e1:90:b0:f1: c6:db:db:e3:62:66:c6:cc:8e:ff:5b:20:67:1d:8d:77:48:94: b2:9c:45:32:90:06:10:af:cc:1b:82:55:09:a5:b5:62:2d:0a: 98:8d:17:ce:a9:ad:99:92:2d:62:6f:87:a8:64:4f:22:d0:e4: da:4c:d6:7e:92:08:2c:ee:ec:57:73:bf:70:33:fd:22:bb:47: 68:91:47:1d:12:2d:cd:80:e2:7f:6c:9b:eb:42:69:13:ce:d3: 2d:e8:f9:65:14:03:31:0f:04:09:bc:a5:a1:2b:94:18:9c:b1: 91:e9:78:48:9c:f6:3b:ea:2b:cb:cb:f5:d4:7b:42:e7:4f:24: 9a:8a:8c:ba:6f:d3:a5:44:c5:94:3c:1a:b6:5e:2a:cd:91:32: a2:28:21:15:f8:79:36:05:b7:bb:68:6b:28:92:9a:15:84:f6: aa:6f:b3:e4:7c:2d:d8:41:ae:cc:2d:dd:97:00:cb:14:d7:4a: 5e:32:89:ab -----BEGIN CERTIFICATE----- MIIFhjCCBG6gAwIBAgICBIYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTk0NjcxMTAvBgNVBAUTKDUyQkU5RERFOTU2OEZFNEFEQ0EwRjM0NUIzNjE3QTYz QzMwNzU4NDUwHhcNMjUwNjAxMDAzNDE0WhcNMjYwNzMwMDAwMDAwWjAYMRYwFAYD VQQDEw02ODNiYTAwNi0zNDk5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA7X22Dk/3y5zEsP8tPmLIczQIHUpbvtgnXgl+ZYJP8fAJKgIBWm+n1Tc9iZoP NJf6hqENHbsimmm8j1k0el/BD7xYx4wM9YKewlq6Moe2sCZZOgPpyg1DdTwmTiEp QlWiSEwXxokFAx0/miEqYaecwa+QbHS5m/7Wzn//yqg5drMyHwe4VGs3dbwu9Dw2 QcE60fqTxPsRMvCD0Tte+IuFgEtL3GpMY/i3TX5titc9aOqOmP6c2MwAl/b9Upvy 2ArLiAvwQcP4kVEwFZh80RHDFPBvwP6mbrTrmphWtVI1VAQqUMh2Tsx2Akk3qDZD aB5yxesO3uc2HJTZCFoJ5+qABQIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFIITKpUw R9n0u3UVb5PSzGwjA3X2MB8GA1UdIwQYMBaAFFK+nd6VaP5K3KDzRbNhemPDB1hF MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFOTQ2Ny83NzBCNEYxQTUy NkYxMUVDQkM1MEVCMTdDNEY5QUUwMi9VcjZkM3BWb19rcmNvUE5GczJGNlk4TUhX RVUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1VyNmQzcFZvX2tyY29QTkZzMkY2WThNSFdFVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RTk0NjcvNzcwQjRGMUE1MjZGMTFFQ0JDNTBFQjE3QzRGOUFFMDIvRjYzQUE4ODg5 MDBGMTFFRDhCNENCNDFEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E JTAjMBIEAgABMAwDBAItcMgDBAJnKlQwDQQCAAIwBwMFACQGBkAwDQYJKoZIhvcN AQELBQADggEBAHqlNTPSUKBpS3NO7O0Lcsy/VuYZrc0gz/2ZtnnwZEX3jBoiaqCW 0L++0F4cRHVynbiBIh0k+1xaBiIeLOiDm6LCZkJQ4ZCw8cbb2+NiZsbMjv9bIGcd jXdIlLKcRTKQBhCvzBuCVQmltWItCpiNF86prZmSLWJvh6hkTyLQ5NpM1n6SCCzu 7Fdzv3Az/SK7R2iRRx0SLc2A4n9sm+tCaRPO0y3o+WUUAzEPBAm8paErlBicsZHp eEic9jvqK8vL9dR7QudPJJqKjLpv06VExZQ8GrZeKs2RMqIoIRX4eTYFt7toayiS mhWE9qpvs+R8LdhBrswt3ZcAyxTXSl4yias= -----END CERTIFICATE-----Generated at Tue Jun 3 23:54:19 2025 by rpki-client