$ rpki-client -vvf rpki.apnic.net/member_repository/A91144C9/7BA3E70C0EC911F0A26FF144C4F9AE02/9F25E6340ECA11F0BAAE344AC4F9AE02.roa File: 9F25E6340ECA11F0BAAE344AC4F9AE02.roa (raw, json) Hash identifier: ctz1y0Mr+YfqZCN/LBNWAf/NG7xW8jY2ZkFpiLOFBtc= Subject key identifier: B0:BA:40:30:7D:3C:BB:01:AB:45:2B:90:20:1F:28:77:44:44:21:F2 Certificate issuer: /CN=A91144C9/serialNumber=B0D525EA99D4C8EC75607126A49EF6707BD6F4AD Certificate serial: 02 Authority key identifier: B0:D5:25:EA:99:D4:C8:EC:75:60:71:26:A4:9E:F6:70:7B:D6:F4:AD Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/sNUl6pnUyOx1YHEmpJ72cHvW9K0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91144C9/7BA3E70C0EC911F0A26FF144C4F9AE02/9F25E6340ECA11F0BAAE344AC4F9AE02.roa Signing time: Tue 01 Apr 2025 07:26:27 +0000 ROA not before: Tue 01 Apr 2025 07:26:27 +0000 ROA not after: Wed 30 Jul 2025 00:00:00 +0000 asID: 10099 IP address blocks: 162.219.32.0/21 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91144C9/7BA3E70C0EC911F0A26FF144C4F9AE02/sNUl6pnUyOx1YHEmpJ72cHvW9K0.crl rsync://rpki.apnic.net/member_repository/A91144C9/7BA3E70C0EC911F0A26FF144C4F9AE02/sNUl6pnUyOx1YHEmpJ72cHvW9K0.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/sNUl6pnUyOx1YHEmpJ72cHvW9K0.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 07:04:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2 (0x2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91144C9, serialNumber=B0D525EA99D4C8EC75607126A49EF6707BD6F4AD Validity Not Before: Apr 1 07:26:27 2025 GMT Not After : Jul 30 00:00:00 2025 GMT Subject: CN=67eb9522-c0da Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:a4:a3:82:6a:1c:20:0f:61:83:3e:82:0b:1a: 08:60:c6:7f:a2:ef:7c:d2:b8:ab:9b:47:ee:e4:51: 53:6a:fe:fc:df:d8:65:71:43:d9:25:b5:ff:c3:f1: c9:af:bf:82:71:02:3c:62:b0:36:64:93:e4:4b:ac: a5:1b:c1:50:9b:d2:6f:87:06:de:54:4d:a3:fe:ab: ff:7f:f7:46:43:f1:74:60:7a:a3:42:bb:78:fb:98: 37:a7:34:e1:d1:01:80:65:72:67:72:29:c5:d1:34: fe:e5:8e:21:f4:55:1e:c3:53:22:81:fc:37:64:c1: e0:e1:62:2e:fb:32:e7:67:70:4b:b6:b2:e5:34:9f: 41:f3:ea:e5:d3:57:24:e9:48:68:97:5b:fb:c5:59: 67:ce:e0:e3:37:a7:f9:a4:2a:83:75:99:6a:ae:d4: b7:27:61:5d:4f:d8:d1:85:0e:f6:e4:f3:06:75:65: 78:d1:a0:cb:8f:e1:09:10:27:37:9e:0b:21:28:7b: 0d:0e:d1:15:bb:41:fb:72:91:d6:f9:2c:ec:73:a5: 38:a3:6c:14:07:67:88:e7:5c:36:a4:7b:b6:f5:9f: 33:cd:86:e6:bb:3d:32:ea:a1:00:d8:76:99:7e:c1: 84:58:f1:e8:b1:2f:6e:dd:02:84:e5:e4:de:ba:f6: 2c:e3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B0:BA:40:30:7D:3C:BB:01:AB:45:2B:90:20:1F:28:77:44:44:21:F2 X509v3 Authority Key Identifier: keyid:B0:D5:25:EA:99:D4:C8:EC:75:60:71:26:A4:9E:F6:70:7B:D6:F4:AD X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91144C9/7BA3E70C0EC911F0A26FF144C4F9AE02/sNUl6pnUyOx1YHEmpJ72cHvW9K0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/sNUl6pnUyOx1YHEmpJ72cHvW9K0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91144C9/7BA3E70C0EC911F0A26FF144C4F9AE02/9F25E6340ECA11F0BAAE344AC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 162.219.32.0/21 Signature Algorithm: sha256WithRSAEncryption 50:f9:40:87:29:33:80:dc:36:ef:ac:b4:cc:bb:48:45:cc:14: 8e:41:32:05:34:23:67:c6:8b:f4:8f:63:5b:a6:e3:bf:33:9a: 87:16:e9:16:30:21:52:c3:2d:cd:98:19:88:30:e7:7b:84:ff: a7:70:43:fd:95:1e:28:72:b9:c0:f1:3a:80:d5:73:b4:c7:24: 07:09:e3:83:37:f7:a2:7d:2d:0a:cc:02:45:e3:33:fa:bf:b8: da:94:e5:b2:91:0f:c6:aa:4d:ba:e0:84:96:06:fd:a4:ce:a1: 0c:98:81:0a:fd:27:a2:c6:6a:d4:35:7e:05:e6:86:01:97:4e: 06:10:a4:ed:8a:db:c0:61:18:4d:3c:bc:80:2a:49:18:b8:01: f4:fb:10:f6:25:5f:4e:12:48:51:38:cd:da:bc:c8:cc:39:c9: 17:f0:97:58:0e:f2:f5:44:4e:9a:ae:b2:b1:0b:b1:f7:ef:5e: 94:75:f4:8e:74:16:e5:af:1f:b6:95:99:8b:d4:d2:a9:34:9f: 95:89:68:6b:21:7b:ca:fd:c8:db:f1:4c:a3:9d:4f:80:a8:b2: f4:8a:43:29:7e:02:c9:c3:2a:32:9e:74:1f:1b:45:ce:89:6d: ac:f3:c9:c5:f6:a5:93:93:69:6f:78:5a:e3:64:64:af:6f:e7: 81:ed:b4:3f -----BEGIN CERTIFICATE----- MIIFcDCCBFigAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEx NDRDOTExMC8GA1UEBRMoQjBENTI1RUE5OUQ0QzhFQzc1NjA3MTI2QTQ5RUY2NzA3 QkQ2RjRBRDAeFw0yNTA0MDEwNzI2MjdaFw0yNTA3MzAwMDAwMDBaMBgxFjAUBgNV BAMTDTY3ZWI5NTIyLWMwZGEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCvpKOCahwgD2GDPoILGghgxn+i73zSuKubR+7kUVNq/vzf2GVxQ9kltf/D8cmv v4JxAjxisDZkk+RLrKUbwVCb0m+HBt5UTaP+q/9/90ZD8XRgeqNCu3j7mDenNOHR AYBlcmdyKcXRNP7ljiH0VR7DUyKB/DdkweDhYi77MudncEu2suU0n0Hz6uXTVyTp SGiXW/vFWWfO4OM3p/mkKoN1mWqu1LcnYV1P2NGFDvbk8wZ1ZXjRoMuP4QkQJzee CyEoew0O0RW7Qftykdb5LOxzpTijbBQHZ4jnXDake7b1nzPNhua7PTLqoQDYdpl+ wYRY8eixL27dAoTl5N669izjAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUsLpAMH08 uwGrRSuQIB8od0REIfIwHwYDVR0jBBgwFoAUsNUl6pnUyOx1YHEmpJ72cHvW9K0w DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTE0NEM5LzdCQTNFNzBDMEVD OTExRjBBMjZGRjE0NEM0RjlBRTAyL3NOVWw2cG5VeU94MVlIRW1wSjcyY0h2VzlL MC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvc05VbDZwblV5T3gxWUhFbXBKNzJjSHZXOUswLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx NDRDOS83QkEzRTcwQzBFQzkxMUYwQTI2RkYxNDRDNEY5QUUwMi85RjI1RTYzNDBF Q0ExMUYwQkFBRTM0NEFDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ MA4wDAQCAAEwBgMEA6LbIDANBgkqhkiG9w0BAQsFAAOCAQEAUPlAhykzgNw276y0 zLtIRcwUjkEyBTQjZ8aL9I9jW6bjvzOahxbpFjAhUsMtzZgZiDDne4T/p3BD/ZUe KHK5wPE6gNVztMckBwnjgzf3on0tCswCReMz+r+42pTlspEPxqpNuuCElgb9pM6h DJiBCv0nosZq1DV+BeaGAZdOBhCk7YrbwGEYTTy8gCpJGLgB9PsQ9iVfThJIUTjN 2rzIzDnJF/CXWA7y9UROmq6ysQux9+9elHX0jnQW5a8ftpWZi9TSqTSflYloayF7 yv3I2/FMo51PgKiy9IpDKX4CycMqMp50HxtFzoltrPPJxfalk5Npb3ha42Rkr2/n ge20Pw== -----END CERTIFICATE-----Generated at Sat Apr 26 12:59:28 2025 by rpki-client