$ rpki-client -vvf rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/0CA13B5E204211F08913AD7EC4F9AE02.roa File: 0CA13B5E204211F08913AD7EC4F9AE02.roa (raw, json) Hash identifier: Z1Sr7v7B5X0gptNz8O3a/LI7uJqeiBgmcVw94I47NgQ= Subject key identifier: 50:66:1B:89:59:2F:CF:57:F3:3C:32:BF:E2:AC:20:4C:DC:52:B7:2C Certificate issuer: /CN=A915A0CD/serialNumber=38193720821E07D6918E3A79FBE0823C6732E264 Certificate serial: 0D2B Authority key identifier: 38:19:37:20:82:1E:07:D6:91:8E:3A:79:FB:E0:82:3C:67:32:E2:64 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OBk3IIIeB9aRjjp5--CCPGcy4mQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/0CA13B5E204211F08913AD7EC4F9AE02.roa Signing time: Thu 24 Apr 2025 07:54:58 +0000 ROA not before: Thu 24 Apr 2025 07:54:58 +0000 ROA not after: Tue 30 Sep 2025 00:00:00 +0000 asID: 55154 IP address blocks: 14.192.152.0/24 maxlen: 24 111.92.128.0/24 maxlen: 24 111.92.140.0/24 maxlen: 24 111.92.150.0/24 maxlen: 24 111.92.152.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/OBk3IIIeB9aRjjp5--CCPGcy4mQ.crl rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/OBk3IIIeB9aRjjp5--CCPGcy4mQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OBk3IIIeB9aRjjp5--CCPGcy4mQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 19:59:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3371 (0xd2b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A915A0CD, serialNumber=38193720821E07D6918E3A79FBE0823C6732E264 Validity Not Before: Apr 24 07:54:58 2025 GMT Not After : Sep 30 00:00:00 2025 GMT Subject: CN=6809ee52-fe3a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:41:c5:a6:a6:ac:10:3a:63:95:66:7f:e3:21: fd:28:2c:d6:08:08:31:23:75:af:dd:7b:62:ba:3d: fa:94:35:a4:9d:24:91:13:84:24:06:2b:07:d3:8f: 3e:44:d6:ed:60:45:3e:68:93:3d:70:b9:34:9e:69: fb:6a:81:0c:9e:a1:2d:88:ad:0b:7f:bf:9b:ef:0d: 09:d8:f8:29:03:0a:a7:06:3b:1b:70:df:d6:e9:16: 5f:60:dc:3c:3d:fd:63:64:1d:7d:91:03:fa:b9:20: 91:e7:1a:9c:7c:4c:dd:60:0c:db:ce:31:55:0d:ff: 41:8d:36:d5:09:62:23:fc:fe:05:72:75:66:2b:b4: 5f:34:5a:f6:c4:c0:7a:8f:12:42:b1:30:3a:f7:5e: 60:78:c4:9c:34:a0:93:6a:37:82:3c:ef:ed:45:31: 39:97:c9:cb:b4:f9:8c:21:ac:74:f4:26:66:9c:db: 90:6a:6b:65:f9:86:e8:ee:76:c7:3a:24:38:14:78: fa:7e:c9:73:64:cd:9c:3f:92:ed:d9:c3:73:a5:90: 11:2f:d8:d3:69:77:62:50:0f:68:1c:bb:5f:0f:6d: fa:fc:15:eb:96:5f:ce:9f:63:4a:9c:72:58:e0:49: 33:dd:dd:2b:cf:7a:8d:fa:e4:15:5b:63:04:69:e7: 4f:f3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 50:66:1B:89:59:2F:CF:57:F3:3C:32:BF:E2:AC:20:4C:DC:52:B7:2C X509v3 Authority Key Identifier: keyid:38:19:37:20:82:1E:07:D6:91:8E:3A:79:FB:E0:82:3C:67:32:E2:64 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/OBk3IIIeB9aRjjp5--CCPGcy4mQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OBk3IIIeB9aRjjp5--CCPGcy4mQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/0CA13B5E204211F08913AD7EC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 14.192.152.0/24 111.92.128.0/24 111.92.140.0/24 111.92.150.0/24 111.92.152.0/24 Signature Algorithm: sha256WithRSAEncryption ba:c8:57:6b:0b:4d:91:da:92:81:0d:dc:3e:2c:43:22:5c:1d: f4:55:36:ae:c5:a8:bc:05:ac:af:48:45:6d:e4:48:b3:86:12: c4:da:a2:2f:c1:e5:6a:22:ce:22:79:4a:bf:0e:ec:26:41:5a: 75:6d:71:99:d6:1a:53:a2:2f:05:86:c8:f4:18:9e:62:16:66: 8a:54:6b:45:c3:fa:4d:d7:14:e9:04:5d:f1:07:b5:30:f7:4c: 65:7e:30:20:40:29:6e:e7:38:49:2f:f3:d1:0e:c8:89:86:4d: f9:d7:d1:c5:59:b5:af:18:21:f8:96:95:4d:d5:be:97:b2:71: dd:a1:54:73:bf:be:ce:55:61:6b:d7:a8:94:27:df:6e:62:53: cb:ab:e9:41:b3:f3:f3:60:44:22:51:2d:58:2f:12:47:d7:5e: 32:5d:a4:c7:d6:9d:3a:02:4b:7a:f5:74:2f:10:26:70:f9:59: 0e:be:2b:aa:5b:04:f4:13:3b:f0:bc:23:de:9e:6c:f6:e6:b8: f7:79:a4:79:bb:76:f9:af:99:c0:8d:e3:ac:b8:0d:37:f6:f7: 76:f3:bf:a5:b6:d2:4a:25:7a:0c:1d:7c:8f:67:0b:e2:25:d0: ad:d0:e1:75:98:51:da:eb:0a:c6:67:99:9d:84:3f:f7:42:88: 4f:f6:26:33 -----BEGIN CERTIFICATE----- MIIFiTCCBHGgAwIBAgICDSswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NUEwQ0QxMTAvBgNVBAUTKDM4MTkzNzIwODIxRTA3RDY5MThFM0E3OUZCRTA4MjND NjczMkUyNjQwHhcNMjUwNDI0MDc1NDU4WhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD VQQDEw02ODA5ZWU1Mi1mZTNhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA2EHFpqasEDpjlWZ/4yH9KCzWCAgxI3Wv3Xtiuj36lDWknSSRE4QkBisH048+ RNbtYEU+aJM9cLk0nmn7aoEMnqEtiK0Lf7+b7w0J2PgpAwqnBjsbcN/W6RZfYNw8 Pf1jZB19kQP6uSCR5xqcfEzdYAzbzjFVDf9BjTbVCWIj/P4FcnVmK7RfNFr2xMB6 jxJCsTA6915geMScNKCTajeCPO/tRTE5l8nLtPmMIax09CZmnNuQamtl+Ybo7nbH OiQ4FHj6fslzZM2cP5Lt2cNzpZARL9jTaXdiUA9oHLtfD236/BXrll/On2NKnHJY 4Ekz3d0rz3qN+uQVW2MEaedP8wIDAQABo4ICrTCCAqkwHQYDVR0OBBYEFFBmG4lZ L89X8zwyv+KsIEzcUrcsMB8GA1UdIwQYMBaAFDgZNyCCHgfWkY46efvggjxnMuJk MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1QTBDRC80NjcyM0YxRTg5 RUMxMUVBODFDMDRGMUVDNEY5QUUwMi9PQmszSUlJZUI5YVJqanA1LS1DQ1BHY3k0 bVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL09CazNJSUllQjlhUmpqcDUtLUNDUEdjeTRtUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NUEwQ0QvNDY3MjNGMUU4OUVDMTFFQTgxQzA0RjFFQzRGOUFFMDIvMENBMTNCNUUy MDQyMTFGMDg5MTNBRDdFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNwYIKwYBBQUHAQcBAf8E KDAmMCQEAgABMB4DBAAOwJgDBABvXIADBABvXIwDBABvXJYDBABvXJgwDQYJKoZI hvcNAQELBQADggEBALrIV2sLTZHakoEN3D4sQyJcHfRVNq7FqLwFrK9IRW3kSLOG EsTaoi/B5WoiziJ5Sr8O7CZBWnVtcZnWGlOiLwWGyPQYnmIWZopUa0XD+k3XFOkE XfEHtTD3TGV+MCBAKW7nOEkv89EOyImGTfnX0cVZta8YIfiWlU3Vvpeycd2hVHO/ vs5VYWvXqJQn325iU8ur6UGz8/NgRCJRLVgvEkfXXjJdpMfWnToCS3r1dC8QJnD5 WQ6+K6pbBPQTO/C8I96ebPbmuPd5pHm7dvmvmcCN46y4DTf293bzv6W20kolegwd fI9nC+Il0K3Q4XWYUdrrCsZnmZ2EP/dCiE/2JjM= -----END CERTIFICATE-----Generated at Sat Apr 26 07:59:26 2025 by rpki-client