$ rpki-client -vvf rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/C5EBF14444EB11F088B1CD7BC4F9AE02.roa File: C5EBF14444EB11F088B1CD7BC4F9AE02.roa (raw, json) Hash identifier: vYPTk8DeybchQbWmzm6OvgmG52jtWSXdlFBmu3Fnbjo= Subject key identifier: CE:EF:94:59:51:30:33:56:10:3D:B7:11:79:E0:1A:D3:3F:16:64:9B Certificate issuer: /CN=A91A560A/serialNumber=8AC721298F92E10A2EE3051AFBC9114284F80E12 Certificate serial: 05F8 Authority key identifier: 8A:C7:21:29:8F:92:E1:0A:2E:E3:05:1A:FB:C9:11:42:84:F8:0E:12 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ischKY-S4Qou4wUa-8kRQoT4DhI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/C5EBF14444EB11F088B1CD7BC4F9AE02.roa Signing time: Mon 09 Jun 2025 04:39:48 +0000 ROA not before: Mon 09 Jun 2025 04:39:48 +0000 ROA not after: Fri 31 Oct 2025 00:00:00 +0000 asID: 151872 IP address blocks: 157.66.198.0/23 maxlen: 23 157.66.220.0/24 maxlen: 24 157.66.221.0/24 maxlen: 24 160.22.74.0/23 maxlen: 24 160.22.80.0/24 maxlen: 24 160.22.81.0/24 maxlen: 24 160.22.118.0/24 maxlen: 24 160.22.119.0/24 maxlen: 24 160.30.10.0/24 maxlen: 24 160.30.11.0/24 maxlen: 24 160.30.22.0/24 maxlen: 24 160.30.23.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/ischKY-S4Qou4wUa-8kRQoT4DhI.crl rsync://rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/ischKY-S4Qou4wUa-8kRQoT4DhI.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ischKY-S4Qou4wUa-8kRQoT4DhI.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 21 Jun 2025 14:33:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1528 (0x5f8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A560A, serialNumber=8AC721298F92E10A2EE3051AFBC9114284F80E12 Validity Not Before: Jun 9 04:39:48 2025 GMT Not After : Oct 31 00:00:00 2025 GMT Subject: CN=68466593-6de0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:da:b5:2d:9d:5a:10:9e:1a:eb:f0:21:bd:46:9a: 83:fc:8b:2d:86:19:c7:9c:04:be:ae:6b:80:40:f2: 7f:7e:70:78:9c:fb:31:7e:fa:23:df:bb:b8:b2:b0: ab:6b:fb:9c:b2:32:21:af:c0:f5:cb:dd:c4:8e:66: a1:5c:97:f1:15:ed:06:d6:c8:68:12:c8:fe:d0:5a: ba:97:ed:1c:4e:8f:0c:79:c6:0d:ae:f6:41:37:74: 85:2b:c6:3e:ac:19:4c:c8:5f:09:2d:92:c2:15:bf: 8e:8f:4d:33:f5:f8:bd:08:bb:28:c4:0f:78:21:2e: 67:19:ff:3d:bb:d2:49:fe:db:e8:d9:e6:c1:4e:3d: 95:df:76:de:b0:9f:8e:de:29:1a:ec:87:c6:07:1c: c3:d7:7d:fd:31:ad:ac:4d:5a:36:1b:1e:0f:f2:f0: 50:dd:7e:a4:b4:d9:02:be:ee:73:00:90:13:bf:31: 03:e6:12:a6:d7:17:90:ec:4c:db:c6:38:d9:ae:4b: 29:6f:ed:e6:c9:ba:1a:2c:5a:fa:5e:0a:61:a1:57: 4a:a3:ff:42:ab:9e:00:18:a4:69:8e:e6:47:e9:c2: d2:85:5b:4c:f7:bc:33:8b:93:df:dc:6e:11:c3:59: 73:7a:ae:77:7c:9d:57:0b:0d:5b:a5:f7:95:89:3b: 4f:d7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CE:EF:94:59:51:30:33:56:10:3D:B7:11:79:E0:1A:D3:3F:16:64:9B X509v3 Authority Key Identifier: keyid:8A:C7:21:29:8F:92:E1:0A:2E:E3:05:1A:FB:C9:11:42:84:F8:0E:12 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/ischKY-S4Qou4wUa-8kRQoT4DhI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ischKY-S4Qou4wUa-8kRQoT4DhI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/C5EBF14444EB11F088B1CD7BC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 157.66.198.0/23 157.66.220.0/23 160.22.74.0/23 160.22.80.0/23 160.22.118.0/23 160.30.10.0/23 160.30.22.0/23 Signature Algorithm: sha256WithRSAEncryption 55:ff:45:1e:85:ef:a9:36:d2:c7:2e:41:d4:49:5d:8c:be:13: d5:36:ac:12:01:5d:db:62:59:12:86:68:e9:ba:6c:4b:54:57: c2:78:05:22:5a:41:73:ea:f3:36:0a:e7:dc:1d:d4:dd:30:87: 7e:d2:3c:5e:aa:ed:9e:67:3b:03:58:0c:8c:05:39:ac:9e:6c: bf:70:80:fb:9e:9d:a6:a9:a4:76:ed:e5:3b:23:7a:9b:bb:0d: 64:f9:e4:9a:98:f1:0b:7e:5a:aa:9a:e5:75:e8:e9:6b:e2:55: f5:b1:5f:84:27:b8:28:92:2d:2d:43:e5:42:bf:51:25:8f:de: 6f:90:9c:be:08:49:6b:58:66:da:28:10:12:00:3f:de:f5:92: 68:92:ab:b2:11:c9:3b:d9:11:a2:64:62:ab:8e:fa:67:18:26: 16:67:ac:f3:48:1b:83:a8:31:4e:94:b9:0b:57:13:57:44:9e: 6a:2e:99:ee:ec:fa:7c:ae:13:e9:8b:bb:67:c4:c9:23:45:24: 9d:69:28:29:72:43:26:c3:6b:d2:d4:10:0f:6b:08:e3:cc:6f: bc:3b:ee:55:9e:55:a6:88:1f:c2:5c:bd:6d:4b:1e:a2:ce:9f: 12:b8:bf:47:d1:19:58:af:a6:6f:1f:11:d5:35:e5:dc:08:c1: a9:c2:06:1b -----BEGIN CERTIFICATE----- MIIFlTCCBH2gAwIBAgICBfgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTU2MEExMTAvBgNVBAUTKDhBQzcyMTI5OEY5MkUxMEEyRUUzMDUxQUZCQzkxMTQy ODRGODBFMTIwHhcNMjUwNjA5MDQzOTQ4WhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD VQQDEw02ODQ2NjU5My02ZGUwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA2rUtnVoQnhrr8CG9RpqD/IsthhnHnAS+rmuAQPJ/fnB4nPsxfvoj37u4srCr a/ucsjIhr8D1y93EjmahXJfxFe0G1shoEsj+0Fq6l+0cTo8MecYNrvZBN3SFK8Y+ rBlMyF8JLZLCFb+Oj00z9fi9CLsoxA94IS5nGf89u9JJ/tvo2ebBTj2V33besJ+O 3ika7IfGBxzD1339Ma2sTVo2Gx4P8vBQ3X6ktNkCvu5zAJATvzED5hKm1xeQ7Ezb xjjZrkspb+3myboaLFr6XgphoVdKo/9Cq54AGKRpjuZH6cLShVtM97wzi5Pf3G4R w1lzeq53fJ1XCw1bpfeViTtP1wIDAQABo4ICuTCCArUwHQYDVR0OBBYEFM7vlFlR MDNWED23EXngGtM/FmSbMB8GA1UdIwQYMBaAFIrHISmPkuEKLuMFGvvJEUKE+A4S MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTYwQS8yMDk1ODYxOEE5 REYxMUVFQTM1NkE0M0VDNEY5QUUwMi9pc2NoS1ktUzRRb3U0d1VhLThrUlFvVDRE aEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL2lzY2hLWS1TNFFvdTR3VWEtOGtSUW9UNERoSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QTU2MEEvMjA5NTg2MThBOURGMTFFRUEzNTZBNDNFQzRGOUFFMDIvQzVFQkYxNDQ0 NEVCMTFGMDg4QjFDRDdCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQwYIKwYBBQUHAQcBAf8E NDAyMDAEAgABMCoDBAGdQsYDBAGdQtwDBAGgFkoDBAGgFlADBAGgFnYDBAGgHgoD BAGgHhYwDQYJKoZIhvcNAQELBQADggEBAFX/RR6F76k20scuQdRJXYy+E9U2rBIB XdtiWRKGaOm6bEtUV8J4BSJaQXPq8zYK59wd1N0wh37SPF6q7Z5nOwNYDIwFOaye bL9wgPuenaappHbt5Tsjepu7DWT55JqY8Qt+Wqqa5XXo6WviVfWxX4QnuCiSLS1D 5UK/USWP3m+QnL4ISWtYZtooEBIAP971kmiSq7IRyTvZEaJkYquO+mcYJhZnrPNI G4OoMU6UuQtXE1dEnmoume7s+nyuE+mLu2fEySNFJJ1pKClyQybDa9LUEA9rCOPM b7w77lWeVaaIH8JcvW1LHqLOnxK4v0fRGVivpm8fEdU15dwIwanCBhs= -----END CERTIFICATE-----Generated at Mon Jun 16 10:34:47 2025 by rpki-client