$ rpki-client -vvf rpki.apnic.net/member_repository/A9157DA0/3A0D93101D8C11E28EFF57E708B02CD2/E52708AADFCE11EFBC4CD631C4F9AE02.roa File: E52708AADFCE11EFBC4CD631C4F9AE02.roa (raw, json) Hash identifier: /pC0o36JZbc/+sMAFn6ZasM1rRw+KC7uxqzujpRX3bY= Subject key identifier: EB:6D:5A:20:E6:47:31:2B:81:ED:17:B1:8C:10:A1:BA:ED:68:BA:58 Certificate issuer: /CN=A9157DA0/serialNumber=8887CF6CF5102F0FB713F4C4A1BDE389481F1C44 Certificate serial: 3487 Authority key identifier: 88:87:CF:6C:F5:10:2F:0F:B7:13:F4:C4:A1:BD:E3:89:48:1F:1C:44 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iIfPbPUQLw-3E_TEob3jiUgfHEQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9157DA0/3A0D93101D8C11E28EFF57E708B02CD2/E52708AADFCE11EFBC4CD631C4F9AE02.roa Signing time: Mon 14 Apr 2025 14:50:44 +0000 ROA not before: Mon 14 Apr 2025 14:50:44 +0000 ROA not after: Thu 30 Jul 2026 00:00:00 +0000 asID: 38875 IP address blocks: 43.248.156.0/23 maxlen: 23 119.252.120.0/23 maxlen: 23 119.252.120.0/24 maxlen: 24 119.252.121.0/24 maxlen: 24 124.109.12.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9157DA0/3A0D93101D8C11E28EFF57E708B02CD2/iIfPbPUQLw-3E_TEob3jiUgfHEQ.crl rsync://rpki.apnic.net/member_repository/A9157DA0/3A0D93101D8C11E28EFF57E708B02CD2/iIfPbPUQLw-3E_TEob3jiUgfHEQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iIfPbPUQLw-3E_TEob3jiUgfHEQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 14:35:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13447 (0x3487) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9157DA0, serialNumber=8887CF6CF5102F0FB713F4C4A1BDE389481F1C44 Validity Not Before: Apr 14 14:50:44 2025 GMT Not After : Jul 30 00:00:00 2026 GMT Subject: CN=67fd20c4-717a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:77:63:d0:b2:51:3e:5d:69:9b:ab:19:81:c9: 10:71:98:ad:1a:5c:2d:9e:75:8e:4d:ea:df:ce:57: 1a:d3:14:91:43:e5:98:37:de:cb:be:12:35:e8:8d: 72:83:26:1f:1b:b7:a9:41:a1:ec:5d:c1:b0:a6:13: 21:39:11:71:1c:e4:bd:f7:43:d8:e4:3d:52:cb:79: c1:f0:2e:4e:22:7b:4f:85:06:8b:dc:a9:bc:63:06: 93:b3:a8:97:dd:55:61:77:7a:a0:07:32:01:34:67: 1c:31:35:0d:97:08:89:b2:3a:8a:e5:fa:d6:bc:04: 06:9b:cf:86:99:f9:de:62:27:4e:03:eb:ba:9b:04: bb:08:51:e4:20:19:dc:29:b3:74:d9:ac:9e:89:88: ce:c0:0b:75:57:91:b4:8f:39:57:78:31:94:e6:a7: ff:44:6a:35:b7:ac:ee:20:5a:30:79:d1:e6:29:8b: d6:5f:44:6f:ee:7d:df:0c:c9:43:78:ec:29:c5:6d: 4a:d6:de:ff:35:50:95:61:8b:f8:dd:c8:62:48:ac: d4:1d:e2:d3:83:37:38:36:e7:27:10:a8:e0:fd:e3: 7e:be:40:24:2c:ce:e9:37:e4:18:4d:4c:f9:35:13: b8:34:c2:00:c0:5b:27:b8:7e:f1:55:ab:29:6c:06: 40:31 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EB:6D:5A:20:E6:47:31:2B:81:ED:17:B1:8C:10:A1:BA:ED:68:BA:58 X509v3 Authority Key Identifier: keyid:88:87:CF:6C:F5:10:2F:0F:B7:13:F4:C4:A1:BD:E3:89:48:1F:1C:44 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9157DA0/3A0D93101D8C11E28EFF57E708B02CD2/iIfPbPUQLw-3E_TEob3jiUgfHEQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iIfPbPUQLw-3E_TEob3jiUgfHEQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9157DA0/3A0D93101D8C11E28EFF57E708B02CD2/E52708AADFCE11EFBC4CD631C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.248.156.0/23 119.252.120.0/23 124.109.12.0/22 Signature Algorithm: sha256WithRSAEncryption 65:ad:5a:df:1f:ac:30:25:fd:e2:1e:60:85:f5:86:00:ef:b8: e4:4b:5f:59:86:16:48:dd:47:0c:7b:e5:53:47:9c:2f:bb:bc: b5:6d:1e:35:9a:31:85:01:c1:bb:88:a3:32:aa:bd:3f:c1:76: b4:3f:b4:08:fd:41:76:19:e1:a1:55:9f:e8:53:83:e9:58:a1: fc:4c:33:44:f5:62:e2:ba:ce:93:06:8c:e0:9a:4b:ab:16:74: 27:0a:c9:cc:74:db:c0:c5:e4:86:3a:1f:74:16:ac:a8:62:db: 10:29:ab:14:03:05:85:9d:86:04:fd:86:a6:eb:da:72:2e:4d: 1d:df:12:15:b7:89:b5:2f:c9:fd:78:ea:8e:3d:69:d1:9e:8b: de:63:dc:ac:8a:fc:f7:69:28:6d:06:34:19:21:90:f9:ca:79: e0:41:78:46:94:cf:f0:29:06:d6:4d:72:81:a3:e2:6e:82:93: e7:e3:52:cb:89:ed:90:ba:1c:f7:a9:15:51:80:65:f4:3c:01: b4:07:7b:3f:1f:77:78:82:17:66:bf:36:57:2d:80:d5:c8:d6: 23:42:3a:62:54:5f:69:70:28:b0:db:90:f7:83:7b:ad:f7:03: 08:b7:7d:93:db:a0:1e:3a:5a:43:59:88:0b:99:96:bc:d5:af: 8f:b6:ed:c0 -----BEGIN CERTIFICATE----- MIIFfTCCBGWgAwIBAgICNIcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTdEQTAxMTAvBgNVBAUTKDg4ODdDRjZDRjUxMDJGMEZCNzEzRjRDNEExQkRFMzg5 NDgxRjFDNDQwHhcNMjUwNDE0MTQ1MDQ0WhcNMjYwNzMwMDAwMDAwWjAYMRYwFAYD VQQDEw02N2ZkMjBjNC03MTdhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAzXdj0LJRPl1pm6sZgckQcZitGlwtnnWOTerfzlca0xSRQ+WYN97LvhI16I1y gyYfG7epQaHsXcGwphMhORFxHOS990PY5D1Sy3nB8C5OIntPhQaL3Km8YwaTs6iX 3VVhd3qgBzIBNGccMTUNlwiJsjqK5frWvAQGm8+GmfneYidOA+u6mwS7CFHkIBnc KbN02ayeiYjOwAt1V5G0jzlXeDGU5qf/RGo1t6zuIFowedHmKYvWX0Rv7n3fDMlD eOwpxW1K1t7/NVCVYYv43chiSKzUHeLTgzc4NucnEKjg/eN+vkAkLM7pN+QYTUz5 NRO4NMIAwFsnuH7xVaspbAZAMQIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFOttWiDm RzErge0XsYwQobrtaLpYMB8GA1UdIwQYMBaAFIiHz2z1EC8PtxP0xKG944lIHxxE MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1N0RBMC8zQTBEOTMxMDFE OEMxMUUyOEVGRjU3RTcwOEIwMkNEMi9pSWZQYlBVUUx3LTNFX1RFb2IzamlVZ2ZI RVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2lJZlBiUFVRTHctM0VfVEVvYjNqaVVnZkhFUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NTdEQTAvM0EwRDkzMTAxRDhDMTFFMjhFRkY1N0U3MDhCMDJDRDIvRTUyNzA4QUFE RkNFMTFFRkJDNENENjMxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E HDAaMBgEAgABMBIDBAEr+JwDBAF3/HgDBAJ8bQwwDQYJKoZIhvcNAQELBQADggEB AGWtWt8frDAl/eIeYIX1hgDvuORLX1mGFkjdRwx75VNHnC+7vLVtHjWaMYUBwbuI ozKqvT/BdrQ/tAj9QXYZ4aFVn+hTg+lYofxMM0T1YuK6zpMGjOCaS6sWdCcKycx0 28DF5IY6H3QWrKhi2xApqxQDBYWdhgT9hqbr2nIuTR3fEhW3ibUvyf146o49adGe i95j3KyK/PdpKG0GNBkhkPnKeeBBeEaUz/ApBtZNcoGj4m6Ck+fjUsuJ7ZC6HPep FVGAZfQ8AbQHez8fd3iCF2a/NlctgNXI1iNCOmJUX2lwKLDbkPeDe633Awi3fZPb oB46WkNZiAuZlrzVr4+27cA= -----END CERTIFICATE-----Generated at Sat Apr 26 13:49:33 2025 by rpki-client