$ rpki-client -vvf rpki.apnic.net/member_repository/A918D0AA/2C75FEC87A3C11ED861B2933C4F9AE02/B6C4F8787A5911EDB8C4E04FC4F9AE02.roa File: B6C4F8787A5911EDB8C4E04FC4F9AE02.roa (raw, json) Hash identifier: 7d+9V95blk3EIKh2Ixj3Euh7Ce2kReodQwZ4pY3gbnI= Subject key identifier: EC:DC:81:2A:B8:6C:00:8A:72:4D:9A:09:00:4C:5D:9E:A2:13:8F:1E Certificate issuer: /CN=A918D0AA/serialNumber=60BADC042C377B86C0DC9EEB89512725CE3E2336 Certificate serial: 01DC Authority key identifier: 60:BA:DC:04:2C:37:7B:86:C0:DC:9E:EB:89:51:27:25:CE:3E:23:36 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YLrcBCw3e4bA3J7riVEnJc4-IzY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918D0AA/2C75FEC87A3C11ED861B2933C4F9AE02/B6C4F8787A5911EDB8C4E04FC4F9AE02.roa Signing time: Wed 21 May 2025 18:28:34 +0000 ROA not before: Wed 21 May 2025 18:28:34 +0000 ROA not after: Tue 31 Mar 2026 00:00:00 +0000 asID: 9555 IP address blocks: 152.91.0.0/16 maxlen: 17 152.91.8.0/24 maxlen: 24 152.91.9.0/24 maxlen: 24 152.91.11.0/24 maxlen: 24 152.91.14.0/24 maxlen: 24 152.91.45.0/24 maxlen: 24 152.91.69.0/24 maxlen: 24 152.91.79.0/24 maxlen: 24 152.91.80.0/24 maxlen: 24 152.91.81.0/24 maxlen: 24 152.91.82.0/24 maxlen: 24 152.91.89.0/24 maxlen: 24 152.91.254.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918D0AA/2C75FEC87A3C11ED861B2933C4F9AE02/YLrcBCw3e4bA3J7riVEnJc4-IzY.crl rsync://rpki.apnic.net/member_repository/A918D0AA/2C75FEC87A3C11ED861B2933C4F9AE02/YLrcBCw3e4bA3J7riVEnJc4-IzY.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YLrcBCw3e4bA3J7riVEnJc4-IzY.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 26 Jun 2025 02:14:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 476 (0x1dc) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918D0AA, serialNumber=60BADC042C377B86C0DC9EEB89512725CE3E2336 Validity Not Before: May 21 18:28:34 2025 GMT Not After : Mar 31 00:00:00 2026 GMT Subject: CN=682e1b52-1341 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:6f:91:f9:11:59:fa:8c:9d:9e:39:44:95:4f: 7b:87:55:2c:4b:65:8d:aa:f7:22:cf:48:f8:45:9d: 7c:3e:9e:6a:1a:97:f0:cc:bd:a9:03:0f:73:68:e3: c2:0a:ab:32:5b:7a:25:fe:ce:17:2b:61:85:7a:62: d5:2a:6f:50:c2:1b:73:8b:a2:c8:d6:c0:7d:9e:db: 07:34:01:25:fa:85:74:3f:00:5e:62:a1:cc:61:df: d2:c1:c1:48:d5:4d:61:9a:7a:6d:7c:2b:3c:de:13: da:f2:4e:11:16:b9:bf:4b:b8:75:ac:07:77:9b:e3: b8:9d:05:ad:b3:8a:9f:89:81:22:b5:3d:b3:e2:94: 43:1a:58:ae:40:e3:25:00:d3:82:ad:a5:7b:51:a4: ed:23:59:7e:8a:92:4d:90:3e:4f:68:f0:60:55:d1: f8:92:c8:11:f7:66:01:9e:0f:9c:04:be:f4:81:59: 26:9b:6e:b2:3c:c5:76:d0:09:d8:23:82:82:07:3e: 38:92:26:72:c8:75:15:1c:06:80:1d:81:ed:c6:25: 3c:f9:f3:fc:4a:6c:b1:31:0e:cc:64:f5:85:09:79: 2b:83:37:6f:53:5e:0b:9c:d3:9a:95:02:f1:37:87: b7:28:5e:59:2e:b3:e2:1e:7f:db:b1:aa:3e:69:87: 79:99 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EC:DC:81:2A:B8:6C:00:8A:72:4D:9A:09:00:4C:5D:9E:A2:13:8F:1E X509v3 Authority Key Identifier: keyid:60:BA:DC:04:2C:37:7B:86:C0:DC:9E:EB:89:51:27:25:CE:3E:23:36 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918D0AA/2C75FEC87A3C11ED861B2933C4F9AE02/YLrcBCw3e4bA3J7riVEnJc4-IzY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YLrcBCw3e4bA3J7riVEnJc4-IzY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918D0AA/2C75FEC87A3C11ED861B2933C4F9AE02/B6C4F8787A5911EDB8C4E04FC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 152.91.0.0/16 Signature Algorithm: sha256WithRSAEncryption ae:a3:f6:a1:b9:79:12:ee:8a:90:68:e8:87:3e:8f:47:d9:d4: 56:72:44:fb:ad:29:2a:4e:4b:34:f2:44:c0:cd:c7:e9:d6:19: d4:d0:ee:74:26:59:2b:22:a8:5e:84:15:e4:04:19:e8:d4:81: 5f:68:fc:af:6c:91:e1:34:a3:37:55:a5:80:47:24:ee:da:be: 29:98:0d:c7:43:b4:9f:ed:21:f4:39:6f:c3:2a:ed:93:9e:f5: 5f:98:3e:b6:54:3f:8e:8d:07:57:e7:d5:8d:f9:14:3a:7b:e3: ab:69:09:ea:50:c6:c6:bc:73:e6:9c:c7:c8:31:1a:08:33:3d: b0:18:22:d0:7f:f0:6d:d2:c6:33:4a:5c:59:f6:9e:dd:7e:2e: 5f:09:13:bc:03:08:29:f9:59:2e:34:83:b3:58:b1:6b:bb:d3: dd:54:d4:09:2b:f8:99:8f:13:22:e0:52:18:a3:c3:eb:fb:3a: db:83:c7:c4:fb:f6:5e:d4:56:8a:41:77:a5:d1:35:15:dd:e4: 06:39:3a:d7:31:52:93:b3:9f:7b:87:ca:36:98:ce:ed:f1:38: 95:ee:49:26:36:16:f4:24:ca:0c:5c:c5:03:d9:25:7f:6f:91: 8d:81:1b:48:63:4d:1e:88:a8:8c:ef:6f:4b:32:0c:5a:45:0d: dc:2c:bc:75 -----BEGIN CERTIFICATE----- MIIFcDCCBFigAwIBAgICAdwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OEQwQUExMTAvBgNVBAUTKDYwQkFEQzA0MkMzNzdCODZDMERDOUVFQjg5NTEyNzI1 Q0UzRTIzMzYwHhcNMjUwNTIxMTgyODM0WhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD VQQDEw02ODJlMWI1Mi0xMzQxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAzG+R+RFZ+oydnjlElU97h1UsS2WNqvciz0j4RZ18Pp5qGpfwzL2pAw9zaOPC CqsyW3ol/s4XK2GFemLVKm9Qwhtzi6LI1sB9ntsHNAEl+oV0PwBeYqHMYd/SwcFI 1U1hmnptfCs83hPa8k4RFrm/S7h1rAd3m+O4nQWts4qfiYEitT2z4pRDGliuQOMl ANOCraV7UaTtI1l+ipJNkD5PaPBgVdH4ksgR92YBng+cBL70gVkmm26yPMV20AnY I4KCBz44kiZyyHUVHAaAHYHtxiU8+fP8SmyxMQ7MZPWFCXkrgzdvU14LnNOalQLx N4e3KF5ZLrPiHn/bsao+aYd5mQIDAQABo4IClDCCApAwHQYDVR0OBBYEFOzcgSq4 bACKck2aCQBMXZ6iE48eMB8GA1UdIwQYMBaAFGC63AQsN3uGwNye64lRJyXOPiM2 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RDBBQS8yQzc1RkVDODdB M0MxMUVEODYxQjI5MzNDNEY5QUUwMi9ZTHJjQkN3M2U0YkEzSjdyaVZFbkpjNC1J elkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL1lMcmNCQ3czZTRiQTNKN3JpVkVuSmM0LUl6WS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx OEQwQUEvMkM3NUZFQzg3QTNDMTFFRDg2MUIyOTMzQzRGOUFFMDIvQjZDNEY4Nzg3 QTU5MTFFREI4QzRFMDRGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHgYIKwYBBQUHAQcBAf8E DzANMAsEAgABMAUDAwCYWzANBgkqhkiG9w0BAQsFAAOCAQEArqP2obl5Eu6KkGjo hz6PR9nUVnJE+60pKk5LNPJEwM3H6dYZ1NDudCZZKyKoXoQV5AQZ6NSBX2j8r2yR 4TSjN1WlgEck7tq+KZgNx0O0n+0h9Dlvwyrtk571X5g+tlQ/jo0HV+fVjfkUOnvj q2kJ6lDGxrxz5pzHyDEaCDM9sBgi0H/wbdLGM0pcWfae3X4uXwkTvAMIKflZLjSD s1ixa7vT3VTUCSv4mY8TIuBSGKPD6/s624PHxPv2XtRWikF3pdE1Fd3kBjk61zFS k7Ofe4fKNpjO7fE4le5JJjYW9CTKDFzFA9klf2+RjYEbSGNNHoiojO9vSzIMWkUN 3Cy8dQ== -----END CERTIFICATE-----Generated at Thu Jun 19 12:12:52 2025 by rpki-client