$ rpki-client -vvf rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/BD3F9B2CB9F511EEA9136568C4F9AE02.roa File: BD3F9B2CB9F511EEA9136568C4F9AE02.roa (raw, json) Hash identifier: n7WPU0mJDN9BwPQ1LP+ttCIpcTFphW/51Bb80EMGWr0= Subject key identifier: F1:37:F0:43:B0:A5:33:76:ED:23:21:F4:21:A6:8F:4B:18:E9:C3:6A Certificate issuer: /CN=A91A560A/serialNumber=8AC721298F92E10A2EE3051AFBC9114284F80E12 Certificate serial: 045D Authority key identifier: 8A:C7:21:29:8F:92:E1:0A:2E:E3:05:1A:FB:C9:11:42:84:F8:0E:12 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ischKY-S4Qou4wUa-8kRQoT4DhI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/BD3F9B2CB9F511EEA9136568C4F9AE02.roa Signing time: Tue 03 Dec 2024 03:10:06 +0000 ROA not before: Tue 03 Dec 2024 03:10:06 +0000 ROA not after: Fri 31 Oct 2025 00:00:00 +0000 asID: 140815 IP address blocks: 157.10.170.0/23 maxlen: 24 157.10.196.0/23 maxlen: 24 157.10.202.0/23 maxlen: 24 157.20.224.0/23 maxlen: 24 157.66.162.0/23 maxlen: 24 157.66.194.0/23 maxlen: 24 157.66.196.0/23 maxlen: 24 160.22.158.0/23 maxlen: 24 160.25.82.0/23 maxlen: 24 160.25.84.0/23 maxlen: 24 160.25.206.0/23 maxlen: 24 160.30.48.0/23 maxlen: 24 160.191.34.0/23 maxlen: 24 160.191.112.0/23 maxlen: 24 160.250.62.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/ischKY-S4Qou4wUa-8kRQoT4DhI.crl rsync://rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/ischKY-S4Qou4wUa-8kRQoT4DhI.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ischKY-S4Qou4wUa-8kRQoT4DhI.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 14:32:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1117 (0x45d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A560A, serialNumber=8AC721298F92E10A2EE3051AFBC9114284F80E12 Validity Not Before: Dec 3 03:10:06 2024 GMT Not After : Oct 31 00:00:00 2025 GMT Subject: CN=674e768e-8808 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f5:81:a3:36:8f:7a:cd:fa:24:77:6e:29:15:d7: 5e:38:15:2f:36:d4:0c:16:1e:48:30:7f:c9:9d:ab: 65:c8:67:bb:18:b8:2d:b2:67:29:b7:4c:87:9d:be: d4:46:e2:3b:a3:8a:08:d4:36:8f:c4:18:54:f4:db: 11:14:1b:25:6c:36:4c:ff:f3:58:63:ae:04:c0:38: 93:0d:c0:03:cc:12:52:80:24:80:c2:fd:1c:82:f1: 7c:4e:85:f4:f2:4b:2d:3c:0d:2b:eb:2c:01:cd:e0: c5:91:2b:3e:c9:ca:04:e5:c5:15:3e:61:44:66:70: d1:1c:18:d7:ff:d7:ab:b2:83:7f:4b:5c:b5:9a:45: a4:ed:2a:2d:db:ee:f1:d9:67:20:2e:32:94:13:66: c1:7c:d3:9a:c8:f2:12:06:8d:83:43:9e:95:39:2e: 83:72:f8:bf:82:7d:08:c4:0b:80:a2:0d:06:56:05: d5:87:85:cd:5a:10:f2:d7:13:2c:b8:02:a3:9c:25: c8:6e:71:61:60:4a:68:86:c9:28:78:ad:a9:11:e7: e6:b8:df:5b:9c:64:46:31:c5:58:92:e1:39:5a:49: 32:3d:3c:2d:6d:51:91:c5:f8:61:e5:95:c4:83:b5: bd:e4:f1:97:00:aa:cb:16:34:eb:37:e6:c8:85:e6: ab:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F1:37:F0:43:B0:A5:33:76:ED:23:21:F4:21:A6:8F:4B:18:E9:C3:6A X509v3 Authority Key Identifier: keyid:8A:C7:21:29:8F:92:E1:0A:2E:E3:05:1A:FB:C9:11:42:84:F8:0E:12 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/ischKY-S4Qou4wUa-8kRQoT4DhI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ischKY-S4Qou4wUa-8kRQoT4DhI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/BD3F9B2CB9F511EEA9136568C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 157.10.170.0/23 157.10.196.0/23 157.10.202.0/23 157.20.224.0/23 157.66.162.0/23 157.66.194.0-157.66.197.255 160.22.158.0/23 160.25.82.0-160.25.85.255 160.25.206.0/23 160.30.48.0/23 160.191.34.0/23 160.191.112.0/23 160.250.62.0/23 Signature Algorithm: sha256WithRSAEncryption 40:5a:4a:2f:99:a1:cb:0f:8d:8f:06:d3:32:7c:df:00:6d:c9: 7b:15:3a:c2:62:28:70:28:28:46:cf:6f:2e:d5:83:bf:66:f6: 63:49:69:18:b4:97:a1:87:6d:80:dc:81:33:6c:fb:8b:3b:a2: 01:41:f8:1d:29:ee:c8:4f:57:d3:d1:ec:cb:90:4c:07:1a:10: 15:4d:59:84:b5:a6:a2:7d:8d:cc:47:a8:e0:c1:c7:a9:af:78: 68:93:08:81:45:68:05:47:51:8a:54:54:f5:b3:e1:b4:a3:35: e5:9f:77:d6:c2:40:f9:c2:2a:59:fe:34:9d:e6:a1:6b:20:df: 80:9d:eb:61:5d:4d:d4:83:0c:91:f2:18:b9:5d:33:af:48:65: fd:40:ce:0b:90:ec:6e:41:51:62:2b:01:7f:ef:5a:e9:cd:69: e6:35:d5:3e:34:96:9f:5e:6a:a6:08:30:ed:53:84:da:8b:bb: 4f:da:bb:44:c0:63:67:e2:e8:c1:14:67:3d:2d:2d:7f:ec:76: e0:22:56:d8:3c:9d:ff:32:a9:c8:9e:49:df:6d:cb:d9:cf:cb: 4f:bb:ce:32:c2:ba:81:1c:d2:24:96:59:52:47:c0:4d:44:cb: ba:af:83:b6:04:5f:7e:ed:d7:56:22:ca:cc:fe:fc:2f:1f:3f: eb:e8:bd:ab -----BEGIN CERTIFICATE----- MIIFyTCCBLGgAwIBAgICBF0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTU2MEExMTAvBgNVBAUTKDhBQzcyMTI5OEY5MkUxMEEyRUUzMDUxQUZCQzkxMTQy ODRGODBFMTIwHhcNMjQxMjAzMDMxMDA2WhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NzRlNzY4ZS04ODA4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA9YGjNo96zfokd24pFddeOBUvNtQMFh5IMH/JnatlyGe7GLgtsmcpt0yHnb7U RuI7o4oI1DaPxBhU9NsRFBslbDZM//NYY64EwDiTDcADzBJSgCSAwv0cgvF8ToX0 8kstPA0r6ywBzeDFkSs+ycoE5cUVPmFEZnDRHBjX/9ersoN/S1y1mkWk7Sot2+7x 2WcgLjKUE2bBfNOayPISBo2DQ56VOS6Dcvi/gn0IxAuAog0GVgXVh4XNWhDy1xMs uAKjnCXIbnFhYEpohskoeK2pEefmuN9bnGRGMcVYkuE5WkkyPTwtbVGRxfhh5ZXE g7W95PGXAKrLFjTrN+bIhearMwIDAQABo4IC7TCCAukwHQYDVR0OBBYEFPE38EOw pTN27SMh9CGmj0sY6cNqMB8GA1UdIwQYMBaAFIrHISmPkuEKLuMFGvvJEUKE+A4S MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTYwQS8yMDk1ODYxOEE5 REYxMUVFQTM1NkE0M0VDNEY5QUUwMi9pc2NoS1ktUzRRb3U0d1VhLThrUlFvVDRE aEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL2lzY2hLWS1TNFFvdTR3VWEtOGtSUW9UNERoSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QTU2MEEvMjA5NTg2MThBOURGMTFFRUEzNTZBNDNFQzRGOUFFMDIvQkQzRjlCMkNC OUY1MTFFRUE5MTM2NTY4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwdwYIKwYBBQUHAQcBAf8E aDBmMGQEAgABMF4DBAGdCqoDBAGdCsQDBAGdCsoDBAGdFOADBAGdQqIwDAMEAZ1C wgMEAZ1CxAMEAaAWnjAMAwQBoBlSAwQBoBlUAwQBoBnOAwQBoB4wAwQBoL8iAwQB oL9wAwQBoPo+MA0GCSqGSIb3DQEBCwUAA4IBAQBAWkovmaHLD42PBtMyfN8Abcl7 FTrCYihwKChGz28u1YO/ZvZjSWkYtJehh22A3IEzbPuLO6IBQfgdKe7IT1fT0ezL kEwHGhAVTVmEtaaifY3MR6jgwcepr3hokwiBRWgFR1GKVFT1s+G0ozXln3fWwkD5 wipZ/jSd5qFrIN+AnethXU3UgwyR8hi5XTOvSGX9QM4LkOxuQVFiKwF/71rpzWnm NdU+NJafXmqmCDDtU4Tai7tP2rtEwGNn4ujBFGc9LS1/7HbgIlbYPJ3/MqnInknf bcvZz8tPu84ywrqBHNIklllSR8BNRMu6r4O2BF9+7ddWIsrM/vwvHz/r6L2r -----END CERTIFICATE-----Generated at Sat Apr 26 13:05:21 2025 by rpki-client