$ rpki-client -vvf rpki.apnic.net/member_repository/A915D0AC/9A5F0E1A152411EE9D70C968C4F9AE02/44DD2C9ABD2811EE9E6BD047C4F9AE02.roa File: 44DD2C9ABD2811EE9E6BD047C4F9AE02.roa (raw, json) Hash identifier: 5ZJCdzpl4XWTpRPY+o2rNRK6qDdlu92LlwpKc1ioNfk= Subject key identifier: 70:43:18:DF:FA:4C:BF:1C:03:BF:FE:C0:25:08:94:3A:E7:68:4B:07 Certificate issuer: /CN=A915D0AC/serialNumber=86CAEF96739EF49A514FE9F90B6FE9509D3CC953 Certificate serial: 015E Authority key identifier: 86:CA:EF:96:73:9E:F4:9A:51:4F:E9:F9:0B:6F:E9:50:9D:3C:C9:53 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/hsrvlnOe9JpRT-n5C2_pUJ08yVM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A915D0AC/9A5F0E1A152411EE9D70C968C4F9AE02/44DD2C9ABD2811EE9E6BD047C4F9AE02.roa Signing time: Wed 09 Apr 2025 03:09:29 +0000 ROA not before: Wed 09 Apr 2025 03:09:29 +0000 ROA not after: Thu 28 May 2026 00:00:00 +0000 asID: 19905 IP address blocks: 168.168.128.0/20 maxlen: 20 168.168.254.0/23 maxlen: 23 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A915D0AC/9A5F0E1A152411EE9D70C968C4F9AE02/hsrvlnOe9JpRT-n5C2_pUJ08yVM.crl rsync://rpki.apnic.net/member_repository/A915D0AC/9A5F0E1A152411EE9D70C968C4F9AE02/hsrvlnOe9JpRT-n5C2_pUJ08yVM.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/hsrvlnOe9JpRT-n5C2_pUJ08yVM.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 03:12:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 350 (0x15e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A915D0AC, serialNumber=86CAEF96739EF49A514FE9F90B6FE9509D3CC953 Validity Not Before: Apr 9 03:09:29 2025 GMT Not After : May 28 00:00:00 2026 GMT Subject: CN=67f5e4e9-d30c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:ad:58:6a:5c:ba:94:41:37:e2:38:a8:ed:3b: 88:2a:43:68:82:6e:a9:4f:75:e5:17:ef:d9:8b:54: c8:c5:47:2d:bd:55:4c:dc:86:c5:d0:2f:f7:04:6f: 31:9f:37:30:8d:31:f9:80:3c:90:be:62:ff:7f:53: f1:9c:f9:82:75:b9:2d:9e:16:13:d1:0a:c8:2d:db: 32:f5:21:00:2c:6f:0f:30:c4:92:66:cc:6e:5c:ad: c1:d6:50:69:ea:98:95:82:71:df:85:26:c8:73:bd: 9e:18:94:c2:d7:ac:b7:4e:9c:87:1e:48:4a:5f:6a: 82:b2:76:06:e1:4b:fe:8c:70:89:42:f7:87:43:eb: 00:5b:4f:35:d8:16:68:d9:53:de:a6:6a:6e:e1:9b: 67:b9:c9:a3:56:fc:41:12:20:54:b1:a0:9f:e8:88: ee:61:26:2b:19:8c:3c:30:41:d4:a4:92:4f:8c:a8: b8:b7:7a:5b:9e:9e:e0:a0:d2:4e:f1:d9:0b:b2:b0: b8:db:60:52:1a:43:8c:b1:4e:e6:fc:52:e3:b3:b4: 0f:e2:5c:08:28:3f:d8:92:d1:b8:e0:e4:51:13:48: 88:7d:3a:3c:14:ed:64:a6:9a:e8:66:b8:28:74:d9: f2:61:fa:a7:51:91:26:f7:01:cb:ab:9c:95:70:02: 63:5b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 70:43:18:DF:FA:4C:BF:1C:03:BF:FE:C0:25:08:94:3A:E7:68:4B:07 X509v3 Authority Key Identifier: keyid:86:CA:EF:96:73:9E:F4:9A:51:4F:E9:F9:0B:6F:E9:50:9D:3C:C9:53 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A915D0AC/9A5F0E1A152411EE9D70C968C4F9AE02/hsrvlnOe9JpRT-n5C2_pUJ08yVM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/hsrvlnOe9JpRT-n5C2_pUJ08yVM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915D0AC/9A5F0E1A152411EE9D70C968C4F9AE02/44DD2C9ABD2811EE9E6BD047C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 168.168.128.0/20 168.168.254.0/23 Signature Algorithm: sha256WithRSAEncryption 5e:da:7a:95:db:f2:14:7c:0a:34:b5:47:78:70:42:3e:38:79: 0b:92:f7:08:dc:af:64:af:fb:d8:eb:d0:92:ba:4c:03:3c:9b: f8:cb:bb:89:ff:13:a8:9e:21:13:6d:49:42:49:bb:09:6e:48: e8:7c:de:09:d7:a0:09:3a:0c:76:09:a5:3e:f2:fe:13:25:88: c0:02:a9:36:24:64:72:da:c4:a3:df:fb:c6:ab:51:25:ba:7c: 07:b0:0e:6d:db:ba:4c:aa:3a:b5:2b:53:93:be:f7:99:ff:a5: 94:3c:c7:38:94:be:c6:f6:cc:51:a7:f9:55:d4:78:8b:18:c6: 67:ba:08:22:ce:52:8c:1f:a3:18:20:d3:23:82:ed:65:2e:a6: 77:1b:b3:88:b1:de:63:fa:5d:56:65:82:59:2d:4a:6a:bd:49: 1f:87:b6:15:d5:57:18:4c:b5:a6:8a:5a:ac:e3:9e:cb:63:30: 27:75:4b:90:49:f7:4a:19:93:f7:ce:1a:22:34:95:dd:c9:0c: 1a:3c:0c:30:fe:6b:44:be:e4:a8:e6:54:8b:23:f8:4e:dc:07: 76:e3:a1:05:dd:0d:66:c9:da:3b:c2:a5:76:0a:a7:1e:b9:d3: 9b:49:ab:c8:bf:ef:58:4d:0c:11:f3:64:cb:b4:c3:13:05:bc: 1d:7d:f8:68 -----BEGIN CERTIFICATE----- MIIFdzCCBF+gAwIBAgICAV4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NUQwQUMxMTAvBgNVBAUTKDg2Q0FFRjk2NzM5RUY0OUE1MTRGRTlGOTBCNkZFOTUw OUQzQ0M5NTMwHhcNMjUwNDA5MDMwOTI5WhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD VQQDEw02N2Y1ZTRlOS1kMzBjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAra1Yaly6lEE34jio7TuIKkNogm6pT3XlF+/Zi1TIxUctvVVM3IbF0C/3BG8x nzcwjTH5gDyQvmL/f1PxnPmCdbktnhYT0QrILdsy9SEALG8PMMSSZsxuXK3B1lBp 6piVgnHfhSbIc72eGJTC16y3TpyHHkhKX2qCsnYG4Uv+jHCJQveHQ+sAW0812BZo 2VPepmpu4ZtnucmjVvxBEiBUsaCf6IjuYSYrGYw8MEHUpJJPjKi4t3pbnp7goNJO 8dkLsrC422BSGkOMsU7m/FLjs7QP4lwIKD/YktG44ORRE0iIfTo8FO1kpproZrgo dNnyYfqnUZEm9wHLq5yVcAJjWwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFHBDGN/6 TL8cA7/+wCUIlDrnaEsHMB8GA1UdIwQYMBaAFIbK75ZznvSaUU/p+Qtv6VCdPMlT MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1RDBBQy85QTVGMEUxQTE1 MjQxMUVFOUQ3MEM5NjhDNEY5QUUwMi9oc3J2bG5PZTlKcFJULW41QzJfcFVKMDh5 Vk0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL2hzcnZsbk9lOUpwUlQtbjVDMl9wVUowOHlWTS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NUQwQUMvOUE1RjBFMUExNTI0MTFFRTlENzBDOTY4QzRGOUFFMDIvNDRERDJDOUFC RDI4MTFFRTlFNkJEMDQ3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E FjAUMBIEAgABMAwDBASoqIADBAGoqP4wDQYJKoZIhvcNAQELBQADggEBAF7aepXb 8hR8CjS1R3hwQj44eQuS9wjcr2Sv+9jr0JK6TAM8m/jLu4n/E6ieIRNtSUJJuwlu SOh83gnXoAk6DHYJpT7y/hMliMACqTYkZHLaxKPf+8arUSW6fAewDm3bukyqOrUr U5O+95n/pZQ8xziUvsb2zFGn+VXUeIsYxme6CCLOUowfoxgg0yOC7WUupncbs4ix 3mP6XVZlglktSmq9SR+HthXVVxhMtaaKWqzjnstjMCd1S5BJ90oZk/fOGiI0ld3J DBo8DDD+a0S+5KjmVIsj+E7cB3bjoQXdDWbJ2jvCpXYKpx6505tJq8i/71hNDBHz ZMu0wxMFvB19+Gg= -----END CERTIFICATE-----Generated at Sat Apr 26 17:22:02 2025 by rpki-client