$ rpki-client -vvf rpki.apnic.net/member_repository/A919A713/34994CB4E0DA11EC94C7E062C4F9AE02/8F2728B45C8511EDA172EE5CC4F9AE02.roa File: 8F2728B45C8511EDA172EE5CC4F9AE02.roa (raw, json) Hash identifier: 9BTKbr2sPCRbMfdTVmqWj3bTlg1bAkaWUGIvP2XMEnE= Subject key identifier: 22:7E:2E:7B:54:96:3D:AC:44:5E:FA:3C:01:9C:BB:18:5B:0E:70:02 Certificate issuer: /CN=A919A713/serialNumber=24C8BBF930CD2D12399ABDF9C9CAB14B1CD79F6B Certificate serial: 02DB Authority key identifier: 24:C8:BB:F9:30:CD:2D:12:39:9A:BD:F9:C9:CA:B1:4B:1C:D7:9F:6B Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/JMi7-TDNLRI5mr35ycqxSxzXn2s.cer Subject info access: rsync://rpki.apnic.net/member_repository/A919A713/34994CB4E0DA11EC94C7E062C4F9AE02/8F2728B45C8511EDA172EE5CC4F9AE02.roa Signing time: Fri 31 Jan 2025 01:44:59 +0000 ROA not before: Fri 31 Jan 2025 01:44:59 +0000 ROA not after: Tue 31 Mar 2026 00:00:00 +0000 asID: 34051 IP address blocks: 168.153.144.0/24 maxlen: 24 168.153.145.0/24 maxlen: 24 168.153.146.0/24 maxlen: 24 168.153.160.0/24 maxlen: 24 168.153.161.0/24 maxlen: 24 168.153.162.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A919A713/34994CB4E0DA11EC94C7E062C4F9AE02/JMi7-TDNLRI5mr35ycqxSxzXn2s.crl rsync://rpki.apnic.net/member_repository/A919A713/34994CB4E0DA11EC94C7E062C4F9AE02/JMi7-TDNLRI5mr35ycqxSxzXn2s.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/JMi7-TDNLRI5mr35ycqxSxzXn2s.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 01:07:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 731 (0x2db) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A919A713, serialNumber=24C8BBF930CD2D12399ABDF9C9CAB14B1CD79F6B Validity Not Before: Jan 31 01:44:59 2025 GMT Not After : Mar 31 00:00:00 2026 GMT Subject: CN=679c2b1a-6bea Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:5f:e6:aa:1f:11:c0:51:b6:87:f4:5a:36:e2: de:c0:fe:1b:75:b1:bc:b9:3e:68:71:32:cb:52:23: 17:8b:b4:a8:c6:cc:41:0e:ef:fe:2d:49:cd:c8:8f: db:48:fc:1a:c8:06:7b:23:91:37:3b:bb:d2:c3:b7: d5:c2:79:37:98:b7:c2:96:05:9d:42:94:e2:7d:bc: 0b:d2:03:6e:d9:b1:7d:61:d0:f4:ac:cc:0d:ad:d2: ce:83:74:09:3b:06:58:44:0b:3a:fd:34:ed:ce:0d: b4:70:e2:2a:2b:49:56:9b:fb:ab:67:af:2e:fa:bd: 0f:92:be:c5:ba:c1:bb:d6:fa:61:a7:f9:3d:58:f9: 80:bd:1f:40:48:53:59:f1:77:88:47:7b:8c:41:cd: d0:f5:35:e4:e6:b1:a8:2d:8b:75:c6:37:7a:11:79: 53:6b:e2:58:95:4b:68:50:10:a2:4c:36:05:77:13: b0:91:e0:0e:b0:f1:06:0a:1d:f6:24:e3:57:e9:ed: 16:f0:96:6e:12:68:4c:2d:4f:2c:a2:2a:da:d9:19: 9b:20:da:51:ce:39:18:15:78:59:e6:b1:2e:5f:bf: 7b:3e:9c:7e:25:79:0a:3b:57:90:cb:5e:bc:4b:3a: 57:14:c2:89:f5:b6:40:a0:f2:e5:05:70:97:52:c5: 98:79 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 22:7E:2E:7B:54:96:3D:AC:44:5E:FA:3C:01:9C:BB:18:5B:0E:70:02 X509v3 Authority Key Identifier: keyid:24:C8:BB:F9:30:CD:2D:12:39:9A:BD:F9:C9:CA:B1:4B:1C:D7:9F:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A919A713/34994CB4E0DA11EC94C7E062C4F9AE02/JMi7-TDNLRI5mr35ycqxSxzXn2s.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/JMi7-TDNLRI5mr35ycqxSxzXn2s.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919A713/34994CB4E0DA11EC94C7E062C4F9AE02/8F2728B45C8511EDA172EE5CC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 168.153.144.0-168.153.146.255 168.153.160.0-168.153.162.255 Signature Algorithm: sha256WithRSAEncryption 89:b8:c5:5d:e3:ee:1a:f1:37:69:45:90:22:1b:6d:3f:9d:7b: 3c:02:b7:9e:70:dd:b2:f6:c8:b2:c4:2b:65:4e:1f:38:41:44: 2c:07:8f:51:83:f3:c7:d1:81:6d:d7:aa:b4:83:8e:8f:19:11: b7:02:3c:ac:47:3b:8a:16:b8:5b:a1:79:d1:c2:89:c8:18:72: 2f:02:e8:ef:91:94:4b:81:1e:90:c2:1b:a0:93:cb:c0:6d:4a: 21:d1:7e:44:66:0b:c0:78:9b:4c:06:c0:e5:c7:f8:9d:78:56: 01:e1:21:68:80:e1:78:0f:5a:d4:a1:f9:cd:c3:51:4b:e3:3d: c3:ba:38:30:0f:ca:4a:e8:48:b6:5a:b1:3a:03:60:00:b7:95: c9:d5:81:1e:fa:11:1a:ad:85:da:86:eb:cc:b9:3d:4c:83:0d: f8:50:1c:19:a2:f1:db:4c:cf:92:0e:a5:c1:8e:60:76:f5:c7: 05:a9:9a:d5:52:a5:ef:4c:ae:ad:e3:8b:3f:38:d9:7d:4c:9c: bb:da:e6:f1:d5:1b:70:5f:ac:f8:48:f6:b5:58:7c:2c:12:da: 2b:42:b8:82:8f:18:2f:c6:8c:2f:3b:09:c6:83:f8:88:c6:0e: 9d:69:ca:9e:56:28:97:65:7e:ae:a8:91:f6:ad:b2:93:3c:76: 21:a0:1b:b5 -----BEGIN CERTIFICATE----- MIIFhzCCBG+gAwIBAgICAtswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OUE3MTMxMTAvBgNVBAUTKDI0QzhCQkY5MzBDRDJEMTIzOTlBQkRGOUM5Q0FCMTRC MUNENzlGNkIwHhcNMjUwMTMxMDE0NDU5WhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NzljMmIxYS02YmVhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA1F/mqh8RwFG2h/RaNuLewP4bdbG8uT5ocTLLUiMXi7SoxsxBDu/+LUnNyI/b SPwayAZ7I5E3O7vSw7fVwnk3mLfClgWdQpTifbwL0gNu2bF9YdD0rMwNrdLOg3QJ OwZYRAs6/TTtzg20cOIqK0lWm/urZ68u+r0Pkr7FusG71vphp/k9WPmAvR9ASFNZ 8XeIR3uMQc3Q9TXk5rGoLYt1xjd6EXlTa+JYlUtoUBCiTDYFdxOwkeAOsPEGCh32 JONX6e0W8JZuEmhMLU8soira2RmbINpRzjkYFXhZ5rEuX797Ppx+JXkKO1eQy168 SzpXFMKJ9bZAoPLlBXCXUsWYeQIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFCJ+LntU lj2sRF76PAGcuxhbDnACMB8GA1UdIwQYMBaAFCTIu/kwzS0SOZq9+cnKsUsc159r MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5QTcxMy8zNDk5NENCNEUw REExMUVDOTRDN0UwNjJDNEY5QUUwMi9KTWk3LVRETkxSSTVtcjM1eWNxeFN4elhu MnMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL0pNaTctVEROTFJJNW1yMzV5Y3F4U3h6WG4ycy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx OUE3MTMvMzQ5OTRDQjRFMERBMTFFQzk0QzdFMDYyQzRGOUFFMDIvOEYyNzI4QjQ1 Qzg1MTFFREExNzJFRTVDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNQYIKwYBBQUHAQcBAf8E JjAkMCIEAgABMBwwDAMEBKiZkAMEAKiZkjAMAwQFqJmgAwQAqJmiMA0GCSqGSIb3 DQEBCwUAA4IBAQCJuMVd4+4a8TdpRZAiG20/nXs8AreecN2y9siyxCtlTh84QUQs B49Rg/PH0YFt16q0g46PGRG3AjysRzuKFrhboXnRwonIGHIvAujvkZRLgR6Qwhug k8vAbUoh0X5EZgvAeJtMBsDlx/ideFYB4SFogOF4D1rUofnNw1FL4z3DujgwD8pK 6Ei2WrE6A2AAt5XJ1YEe+hEarYXahuvMuT1Mgw34UBwZovHbTM+SDqXBjmB29ccF qZrVUqXvTK6t44s/ONl9TJy72ubx1RtwX6z4SPa1WHwsEtorQriCjxgvxowvOwnG g/iIxg6dacqeViiXZX6uqJH2rbKTPHYhoBu1 -----END CERTIFICATE-----Generated at Sat Apr 26 17:06:01 2025 by rpki-client