$ rpki-client -vvf rpki.apnic.net/member_repository/A912FCD6/1E9E1AACD2EA11E5AFB1E24CC4F9AE02/434C7B222F6111F0AB3C5B1BC4F9AE02.roa File: 434C7B222F6111F0AB3C5B1BC4F9AE02.roa (raw, json) Hash identifier: fwOU6SMuGIfnRx8ElM0s5UgERJgy1IXQoBAamSLc/Tc= Subject key identifier: 8D:B3:AC:E4:2A:E3:20:8A:EC:DD:69:89:62:7F:C8:52:55:4D:91:B8 Certificate issuer: /CN=A912FCD6/serialNumber=53BF0DD780DB038ECE14D40459BAB9C68F69853B Certificate serial: 224D Authority key identifier: 53:BF:0D:D7:80:DB:03:8E:CE:14:D4:04:59:BA:B9:C6:8F:69:85:3B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U78N14DbA47OFNQEWbq5xo9phTs.cer Subject info access: rsync://rpki.apnic.net/member_repository/A912FCD6/1E9E1AACD2EA11E5AFB1E24CC4F9AE02/434C7B222F6111F0AB3C5B1BC4F9AE02.roa Signing time: Sat 14 Jun 2025 05:04:32 +0000 ROA not before: Sat 14 Jun 2025 05:04:32 +0000 ROA not after: Thu 30 Jul 2026 00:00:00 +0000 asID: 834 IP address blocks: 59.153.30.0/24 maxlen: 24 59.153.31.0/24 maxlen: 24 180.210.222.0/24 maxlen: 24 180.210.223.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A912FCD6/1E9E1AACD2EA11E5AFB1E24CC4F9AE02/U78N14DbA47OFNQEWbq5xo9phTs.crl rsync://rpki.apnic.net/member_repository/A912FCD6/1E9E1AACD2EA11E5AFB1E24CC4F9AE02/U78N14DbA47OFNQEWbq5xo9phTs.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U78N14DbA47OFNQEWbq5xo9phTs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 25 Jun 2025 15:53:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8781 (0x224d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A912FCD6, serialNumber=53BF0DD780DB038ECE14D40459BAB9C68F69853B Validity Not Before: Jun 14 05:04:32 2025 GMT Not After : Jul 30 00:00:00 2026 GMT Subject: CN=684d02e0-93f1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:db:27:1e:57:14:e2:11:46:0d:e7:ad:3b:ef: 2d:64:74:a9:f0:77:e5:e8:28:8a:06:07:b1:f6:a8: c5:ed:34:41:2a:7b:88:91:ff:2d:65:37:ac:f7:18: c0:6c:66:f7:ca:b0:23:f2:d7:ed:de:a6:3c:c7:9e: eb:80:7c:c0:fe:cc:e9:64:35:aa:5f:43:0a:a6:b7: 80:a4:f7:5a:1b:45:4b:36:99:31:d0:c1:3c:a0:86: e2:cc:46:8e:30:c0:16:45:25:80:bf:bc:e3:97:f1: 64:70:4d:b9:4b:4d:fb:25:e5:6b:26:71:4b:42:4e: 39:03:87:0b:14:5a:ed:28:d2:6f:ab:e8:d9:49:d2: 78:6e:9d:c3:94:52:4b:5d:e7:d3:bd:c7:f3:c1:c8: 1f:6c:fe:5c:1e:79:c7:11:ed:a2:70:1a:2f:17:f0: ab:6c:18:73:f5:b2:70:45:7f:ea:e8:44:08:f7:fd: d4:0a:6d:97:57:07:ec:52:ef:f3:d5:dd:ae:02:8a: 56:03:e5:fa:56:97:f2:7f:a6:3e:59:10:39:9f:23: 1b:db:45:b2:61:1d:88:81:13:63:18:65:19:8a:9e: 43:0d:4e:5e:5a:62:d1:e1:d6:4c:57:77:57:58:a8: 84:10:08:2a:90:b0:b0:02:ba:c9:0b:40:6f:0c:fe: ab:77 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8D:B3:AC:E4:2A:E3:20:8A:EC:DD:69:89:62:7F:C8:52:55:4D:91:B8 X509v3 Authority Key Identifier: keyid:53:BF:0D:D7:80:DB:03:8E:CE:14:D4:04:59:BA:B9:C6:8F:69:85:3B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A912FCD6/1E9E1AACD2EA11E5AFB1E24CC4F9AE02/U78N14DbA47OFNQEWbq5xo9phTs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U78N14DbA47OFNQEWbq5xo9phTs.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912FCD6/1E9E1AACD2EA11E5AFB1E24CC4F9AE02/434C7B222F6111F0AB3C5B1BC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 59.153.30.0/23 180.210.222.0/23 Signature Algorithm: sha256WithRSAEncryption 67:a5:46:7b:8b:0e:9d:64:7a:b8:16:c1:e6:a9:75:a2:6c:25: 01:a0:82:8c:72:0e:30:08:29:72:f0:ee:ac:05:63:4a:1f:16: 93:7b:ed:5e:ac:a5:3e:9c:59:94:8a:d9:0e:e5:f6:8c:1c:a4: 4a:26:39:4b:7f:cb:92:26:12:52:dc:36:35:28:43:00:b7:3b: 37:56:46:67:d7:60:33:12:41:64:61:72:28:13:cb:ad:f0:c7: e8:9d:13:dc:5a:6b:03:bc:c0:c0:62:e5:83:62:c0:15:bd:91: 99:b0:fc:c1:22:85:8b:92:f5:f7:8c:7b:94:78:49:0b:f4:ac: 26:b1:b8:5a:5c:bb:fe:d1:ac:21:43:79:ee:cd:50:7c:54:d2: 5f:1a:91:7a:e7:d7:8c:16:42:52:74:0d:2e:44:12:82:1e:68: 39:55:38:7c:23:48:ab:43:f2:5e:7c:23:3a:ac:2d:e9:f5:2d: 47:4d:aa:3a:82:90:3a:6e:d3:10:d6:47:c0:10:11:7a:23:93: 2f:ed:11:16:71:99:f9:4b:10:b9:48:f6:61:25:2a:b0:38:92: d9:50:da:11:0f:61:41:f3:01:94:3a:fc:d9:fe:f3:7b:ab:18: 91:3e:f3:57:1b:9c:2c:b0:90:df:55:c7:30:4c:44:07:96:ef: 5c:97:ee:ce -----BEGIN CERTIFICATE----- MIIFdzCCBF+gAwIBAgICIk0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MkZDRDYxMTAvBgNVBAUTKDUzQkYwREQ3ODBEQjAzOEVDRTE0RDQwNDU5QkFCOUM2 OEY2OTg1M0IwHhcNMjUwNjE0MDUwNDMyWhcNMjYwNzMwMDAwMDAwWjAYMRYwFAYD VQQDEw02ODRkMDJlMC05M2YxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAs9snHlcU4hFGDeetO+8tZHSp8Hfl6CiKBgex9qjF7TRBKnuIkf8tZTes9xjA bGb3yrAj8tft3qY8x57rgHzA/szpZDWqX0MKpreApPdaG0VLNpkx0ME8oIbizEaO MMAWRSWAv7zjl/FkcE25S037JeVrJnFLQk45A4cLFFrtKNJvq+jZSdJ4bp3DlFJL XefTvcfzwcgfbP5cHnnHEe2icBovF/CrbBhz9bJwRX/q6EQI9/3UCm2XVwfsUu/z 1d2uAopWA+X6Vpfyf6Y+WRA5nyMb20WyYR2IgRNjGGUZip5DDU5eWmLR4dZMV3dX WKiEEAgqkLCwArrJC0BvDP6rdwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFI2zrOQq 4yCK7N1piWJ/yFJVTZG4MB8GA1UdIwQYMBaAFFO/DdeA2wOOzhTUBFm6ucaPaYU7 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyRkNENi8xRTlFMUFBQ0Qy RUExMUU1QUZCMUUyNENDNEY5QUUwMi9VNzhOMTREYkE0N09GTlFFV2JxNXhvOXBo VHMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1U3OE4xNERiQTQ3T0ZOUUVXYnE1eG85cGhUcy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MkZDRDYvMUU5RTFBQUNEMkVBMTFFNUFGQjFFMjRDQzRGOUFFMDIvNDM0QzdCMjIy RjYxMTFGMEFCM0M1QjFCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E FjAUMBIEAgABMAwDBAE7mR4DBAG00t4wDQYJKoZIhvcNAQELBQADggEBAGelRnuL Dp1kergWweapdaJsJQGggoxyDjAIKXLw7qwFY0ofFpN77V6spT6cWZSK2Q7l9owc pEomOUt/y5ImElLcNjUoQwC3OzdWRmfXYDMSQWRhcigTy63wx+idE9xaawO8wMBi 5YNiwBW9kZmw/MEihYuS9feMe5R4SQv0rCaxuFpcu/7RrCFDee7NUHxU0l8akXrn 14wWQlJ0DS5EEoIeaDlVOHwjSKtD8l58IzqsLen1LUdNqjqCkDpu0xDWR8AQEXoj ky/tERZxmflLELlI9mElKrA4ktlQ2hEPYUHzAZQ6/Nn+83urGJE+81cbnCywkN9V xzBMRAeW71yX7s4= -----END CERTIFICATE-----Generated at Fri Jun 20 16:16:09 2025 by rpki-client