$ rpki-client -vvf rpki.apnic.net/member_repository/A9154340/F8E7607CA67711EB8B4BB13EC4F9AE02/8BF559B2A70111EBBAA7C612C4F9AE02.roa File: 8BF559B2A70111EBBAA7C612C4F9AE02.roa (raw, json) Hash identifier: f8Wgv+IoxprOJRGqIQDg8nNXDjXWODO4WSnYU8FiMVw= Subject key identifier: 56:8D:28:60:B2:05:35:16:DE:1D:6F:C5:A3:84:5B:92:BB:D1:64:6D Certificate issuer: /CN=A9154340/serialNumber=196CEE25F7D1B7EA708CE1887337143392CE471C Certificate serial: 05FF Authority key identifier: 19:6C:EE:25:F7:D1:B7:EA:70:8C:E1:88:73:37:14:33:92:CE:47:1C Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/GWzuJffRt-pwjOGIczcUM5LORxw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9154340/F8E7607CA67711EB8B4BB13EC4F9AE02/8BF559B2A70111EBBAA7C612C4F9AE02.roa Signing time: Thu 24 Apr 2025 22:53:18 +0000 ROA not before: Thu 24 Apr 2025 22:53:18 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 142002 IP address blocks: 165.154.192.0/24 maxlen: 24 165.154.193.0/24 maxlen: 24 165.154.194.0/24 maxlen: 24 165.154.195.0/24 maxlen: 24 165.154.196.0/24 maxlen: 24 165.154.197.0/24 maxlen: 24 165.154.198.0/24 maxlen: 24 165.154.199.0/24 maxlen: 24 165.154.200.0/24 maxlen: 24 165.154.201.0/24 maxlen: 24 165.154.202.0/24 maxlen: 24 165.154.203.0/24 maxlen: 24 165.154.204.0/24 maxlen: 24 165.154.205.0/24 maxlen: 24 165.154.206.0/24 maxlen: 24 165.154.207.0/24 maxlen: 24 165.154.208.0/24 maxlen: 24 165.154.209.0/24 maxlen: 24 165.154.210.0/24 maxlen: 24 165.154.211.0/24 maxlen: 24 165.154.212.0/24 maxlen: 24 165.154.213.0/24 maxlen: 24 165.154.214.0/24 maxlen: 24 165.154.215.0/24 maxlen: 24 165.154.216.0/24 maxlen: 24 165.154.217.0/24 maxlen: 24 165.154.224.0/19 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9154340/F8E7607CA67711EB8B4BB13EC4F9AE02/GWzuJffRt-pwjOGIczcUM5LORxw.crl rsync://rpki.apnic.net/member_repository/A9154340/F8E7607CA67711EB8B4BB13EC4F9AE02/GWzuJffRt-pwjOGIczcUM5LORxw.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/GWzuJffRt-pwjOGIczcUM5LORxw.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 22:53:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1535 (0x5ff) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9154340, serialNumber=196CEE25F7D1B7EA708CE1887337143392CE471C Validity Not Before: Apr 24 22:53:18 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=680ac0de-3260 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:b5:0c:5a:4e:54:74:f7:c5:3c:dd:c4:11:26: c7:82:7e:ba:fe:50:7d:87:06:ea:55:e3:e8:14:b5: c4:10:a1:06:21:41:07:2e:0e:d9:6a:d6:fc:81:2b: 95:25:0c:81:8c:a0:f0:1f:47:08:f8:d0:1b:3e:67: db:56:94:6f:ef:1b:74:75:cd:d9:08:87:02:3a:e8: 2d:28:cc:aa:6f:8a:3d:96:a0:2f:b7:82:b4:0e:a5: f9:50:bb:25:67:91:6f:6f:0d:8e:a1:7b:18:02:18: e4:01:ab:74:49:39:a2:38:c0:7c:68:ee:75:f3:61: 4a:ef:c0:50:34:b1:c7:fe:b2:8c:e6:b5:8f:03:68: 98:8b:ac:f0:98:6b:0a:79:bc:a9:69:25:a8:3c:2f: 1c:6b:70:3d:74:48:c5:1b:0f:07:0d:63:66:cf:95: 4f:84:41:5f:62:4f:59:9d:e3:31:91:67:93:42:a7: a7:96:d3:8a:51:fb:f9:26:5c:38:c5:6c:a4:1b:2f: 14:35:d8:37:ae:e7:5d:aa:05:87:7c:b1:ac:f4:d1: fa:34:42:92:05:0f:41:87:ff:a3:89:d5:61:f7:aa: c6:23:4e:0e:a8:87:33:c0:32:d9:24:14:18:52:14: c6:51:cd:84:84:04:06:c8:75:fe:aa:69:b7:2a:06: b7:d5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 56:8D:28:60:B2:05:35:16:DE:1D:6F:C5:A3:84:5B:92:BB:D1:64:6D X509v3 Authority Key Identifier: keyid:19:6C:EE:25:F7:D1:B7:EA:70:8C:E1:88:73:37:14:33:92:CE:47:1C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9154340/F8E7607CA67711EB8B4BB13EC4F9AE02/GWzuJffRt-pwjOGIczcUM5LORxw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/GWzuJffRt-pwjOGIczcUM5LORxw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9154340/F8E7607CA67711EB8B4BB13EC4F9AE02/8BF559B2A70111EBBAA7C612C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 165.154.192.0-165.154.217.255 165.154.224.0/19 Signature Algorithm: sha256WithRSAEncryption 56:86:2e:a2:64:8c:0e:86:7e:05:00:5d:e9:3e:a6:86:0e:86: d1:f2:77:3e:d8:16:cc:8c:36:d0:00:fc:a1:1b:ce:b2:43:ee: f0:7a:62:06:70:e4:87:71:3d:69:d1:d5:94:ca:71:cf:3a:82: 5f:51:a7:d9:39:de:d1:78:4c:2e:ae:a4:fb:e4:52:d7:9b:b4: a6:93:84:47:4e:fb:4a:b0:9c:d4:f9:52:c2:b2:74:3c:ba:8d: 7e:9e:ef:94:16:c5:6c:d7:94:3c:b0:70:53:28:87:88:7a:b1: 6f:60:4b:90:fd:31:32:c0:a9:47:80:6b:43:0b:14:68:ed:97: d9:a8:c6:91:30:17:ac:d3:99:1a:00:37:0a:41:aa:0e:32:e3: e4:0c:d2:03:d5:23:a4:e7:c5:08:b0:5f:6e:9a:1a:80:f3:7d: 2c:85:1f:71:fb:0e:ae:33:a9:92:27:04:af:db:2b:d8:15:3b: d5:0b:3c:a5:e8:20:18:77:c7:77:58:af:96:33:5f:1c:57:47: a2:73:4b:cc:fb:7e:70:ed:ba:14:ca:56:4e:fa:12:0c:a9:d9: 72:ec:eb:85:a7:b1:84:f8:c9:a6:c5:3d:eb:e4:9a:f5:73:30: 78:73:27:62:42:78:79:d4:be:64:66:d8:e0:c7:d4:60:14:3f: 6b:b5:3e:5d -----BEGIN CERTIFICATE----- MIIFfzCCBGegAwIBAgICBf8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTQzNDAxMTAvBgNVBAUTKDE5NkNFRTI1RjdEMUI3RUE3MDhDRTE4ODczMzcxNDMz OTJDRTQ3MUMwHhcNMjUwNDI0MjI1MzE4WhcNMjYwNzAxMDAwMDAwWjAYMRYwFAYD VQQDEw02ODBhYzBkZS0zMjYwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAo7UMWk5UdPfFPN3EESbHgn66/lB9hwbqVePoFLXEEKEGIUEHLg7Zatb8gSuV JQyBjKDwH0cI+NAbPmfbVpRv7xt0dc3ZCIcCOugtKMyqb4o9lqAvt4K0DqX5ULsl Z5Fvbw2OoXsYAhjkAat0STmiOMB8aO5182FK78BQNLHH/rKM5rWPA2iYi6zwmGsK ebypaSWoPC8ca3A9dEjFGw8HDWNmz5VPhEFfYk9ZneMxkWeTQqenltOKUfv5Jlw4 xWykGy8UNdg3ruddqgWHfLGs9NH6NEKSBQ9Bh/+jidVh96rGI04OqIczwDLZJBQY UhTGUc2EhAQGyHX+qmm3Kga31QIDAQABo4ICozCCAp8wHQYDVR0OBBYEFFaNKGCy BTUW3h1vxaOEW5K70WRtMB8GA1UdIwQYMBaAFBls7iX30bfqcIzhiHM3FDOSzkcc MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1NDM0MC9GOEU3NjA3Q0E2 NzcxMUVCOEI0QkIxM0VDNEY5QUUwMi9HV3p1SmZmUnQtcHdqT0dJY3pjVU01TE9S eHcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL0dXenVKZmZSdC1wd2pPR0ljemNVTTVMT1J4dy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NTQzNDAvRjhFNzYwN0NBNjc3MTFFQjhCNEJCMTNFQzRGOUFFMDIvOEJGNTU5QjJB NzAxMTFFQkJBQTdDNjEyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLQYIKwYBBQUHAQcBAf8E HjAcMBoEAgABMBQwDAMEBqWawAMEAaWa2AMEBaWa4DANBgkqhkiG9w0BAQsFAAOC AQEAVoYuomSMDoZ+BQBd6T6mhg6G0fJ3PtgWzIw20AD8oRvOskPu8HpiBnDkh3E9 adHVlMpxzzqCX1Gn2Tne0XhMLq6k++RS15u0ppOER077SrCc1PlSwrJ0PLqNfp7v lBbFbNeUPLBwUyiHiHqxb2BLkP0xMsCpR4BrQwsUaO2X2ajGkTAXrNOZGgA3CkGq DjLj5AzSA9UjpOfFCLBfbpoagPN9LIUfcfsOrjOpkicEr9sr2BU71Qs8peggGHfH d1ivljNfHFdHonNLzPt+cO26FMpWTvoSDKnZcuzrhaexhPjJpsU96+Sa9XMweHMn YkJ4edS+ZGbY4MfUYBQ/a7U+XQ== -----END CERTIFICATE-----Generated at Sat Apr 26 15:26:49 2025 by rpki-client