$ rpki-client -vvf rpki.apnic.net/member_repository/A91ADE0A/43567EE43D2811ECBEF77C76C4F9AE02/B3789882F23211EC9A7DB924C4F9AE02.roa File: B3789882F23211EC9A7DB924C4F9AE02.roa (raw, json) Hash identifier: mHbYCPxnBj3PWJdh7qbfDGDK73T1pf2kWSW1uT2gXIg= Subject key identifier: 37:B2:E3:51:AC:8B:F2:5A:70:10:8B:D6:48:43:D6:21:43:2D:4B:FF Certificate issuer: /CN=A91ADE0A/serialNumber=46B4FF8DC9167A777D98D85F2F521DD1367073B3 Certificate serial: 046D Authority key identifier: 46:B4:FF:8D:C9:16:7A:77:7D:98:D8:5F:2F:52:1D:D1:36:70:73:B3 Authority info access: rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/RrT_jckWend9mNhfL1Id0TZwc7M.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91ADE0A/43567EE43D2811ECBEF77C76C4F9AE02/B3789882F23211EC9A7DB924C4F9AE02.roa Signing time: Thu 20 Feb 2025 16:23:07 +0000 ROA not before: Thu 20 Feb 2025 16:23:07 +0000 ROA not after: Fri 01 May 2026 00:00:00 +0000 asID: 133334 IP address blocks: 2.58.228.0/22 maxlen: 22 2.58.228.0/24 maxlen: 24 2.58.229.0/24 maxlen: 24 2.58.230.0/24 maxlen: 24 2.58.231.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91ADE0A/43567EE43D2811ECBEF77C76C4F9AE02/RrT_jckWend9mNhfL1Id0TZwc7M.crl rsync://rpki.apnic.net/member_repository/A91ADE0A/43567EE43D2811ECBEF77C76C4F9AE02/RrT_jckWend9mNhfL1Id0TZwc7M.mft rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/RrT_jckWend9mNhfL1Id0TZwc7M.cer rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.crl rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 15:56:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1133 (0x46d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91ADE0A, serialNumber=46B4FF8DC9167A777D98D85F2F521DD1367073B3 Validity Not Before: Feb 20 16:23:07 2025 GMT Not After : May 1 00:00:00 2026 GMT Subject: CN=67b756eb-7249 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:1f:72:f7:1c:d7:34:fd:98:39:d5:df:63:f7: cc:03:a1:4b:f5:8d:c9:c2:56:bb:0b:75:60:e3:c6: 01:e4:84:c6:93:cb:d2:0c:3c:40:76:d5:96:08:cb: 45:f5:f9:61:d9:fb:14:45:ed:d4:da:21:19:f7:a5: aa:5d:9c:0c:1a:b5:35:0c:d7:93:e3:c9:24:57:b8: 5b:f3:3a:0b:44:37:6b:a1:f4:80:27:bf:3a:d3:56: 47:08:3a:ce:3f:f4:20:f3:aa:e3:1d:ea:5f:48:a6: 35:4c:28:9a:d5:ca:91:95:e3:44:62:53:1c:3f:48: 90:e9:f9:94:52:6a:38:8b:c1:e1:f5:b6:6c:51:59: 28:46:2a:1b:2a:44:fc:56:28:9c:7b:ef:ad:55:86: 54:79:c6:0c:dd:49:04:4e:ad:79:a7:cf:87:5c:ad: 1e:9c:cd:97:f3:f1:03:14:a1:58:06:85:8c:f7:a5: f1:09:9b:d9:bd:ea:46:80:cd:9e:4a:c0:80:89:c6: 89:4a:95:09:8e:6f:b2:6c:55:54:9b:86:46:84:af: b9:c8:73:86:fb:85:9c:0d:27:ef:a8:24:3b:bd:d8: 1d:40:ac:3e:ce:71:59:4f:0e:cc:ab:15:c3:db:9d: f6:98:4a:10:dc:73:84:9e:df:e3:8e:53:d0:bb:85: e6:05 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 37:B2:E3:51:AC:8B:F2:5A:70:10:8B:D6:48:43:D6:21:43:2D:4B:FF X509v3 Authority Key Identifier: keyid:46:B4:FF:8D:C9:16:7A:77:7D:98:D8:5F:2F:52:1D:D1:36:70:73:B3 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91ADE0A/43567EE43D2811ECBEF77C76C4F9AE02/RrT_jckWend9mNhfL1Id0TZwc7M.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/RrT_jckWend9mNhfL1Id0TZwc7M.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91ADE0A/43567EE43D2811ECBEF77C76C4F9AE02/B3789882F23211EC9A7DB924C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 2.58.228.0/22 Signature Algorithm: sha256WithRSAEncryption 43:ac:da:bc:f6:00:44:41:ff:13:65:13:98:ea:03:20:41:43: d1:8f:67:77:c8:84:1d:f4:03:30:2a:f4:6f:cf:08:c9:05:54: f3:61:4b:1d:fd:6f:35:72:6d:85:55:cd:7b:b1:30:7b:2b:4e: 53:91:48:1f:2a:df:cc:ff:4c:b5:f9:d2:66:dd:f0:fd:2e:51: 58:a4:82:8a:27:ed:12:0b:fd:35:7f:fd:b2:ac:84:4e:64:7b: a2:e6:fe:bd:0d:9d:1e:27:dd:ba:d4:32:3a:33:14:6e:18:fe: b9:66:de:ee:1b:52:6b:f7:b7:39:ca:a6:d2:6a:fe:e4:fe:cc: 25:f5:fb:bc:b7:6b:09:2c:ad:a6:96:2b:9e:50:ff:7c:2a:71: ee:6e:d0:b9:92:df:0f:07:f5:74:5f:63:b6:ff:72:67:71:d2: a1:c9:03:d2:f6:56:b0:e5:98:ee:ad:ff:47:46:80:4a:5d:3d: 75:bd:84:64:92:f3:41:97:fa:25:ef:49:ce:fc:f2:23:44:66: 4f:73:4d:ee:fb:16:d7:56:c8:bd:95:0d:cd:7c:63:99:15:8d: ea:59:02:33:78:d6:11:db:b7:ef:98:15:23:45:99:36:35:36: d2:f2:e6:86:72:04:53:87:99:ad:f6:dc:65:ec:7c:3c:76:b3: d8:bf:f9:bf -----BEGIN CERTIFICATE----- MIIFcTCCBFmgAwIBAgICBG0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QURFMEExMTAvBgNVBAUTKDQ2QjRGRjhEQzkxNjdBNzc3RDk4RDg1RjJGNTIxREQx MzY3MDczQjMwHhcNMjUwMjIwMTYyMzA3WhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD VQQDEw02N2I3NTZlYi03MjQ5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxB9y9xzXNP2YOdXfY/fMA6FL9Y3Jwla7C3Vg48YB5ITGk8vSDDxAdtWWCMtF 9flh2fsURe3U2iEZ96WqXZwMGrU1DNeT48kkV7hb8zoLRDdrofSAJ78601ZHCDrO P/Qg86rjHepfSKY1TCia1cqRleNEYlMcP0iQ6fmUUmo4i8Hh9bZsUVkoRiobKkT8 Viice++tVYZUecYM3UkETq15p8+HXK0enM2X8/EDFKFYBoWM96XxCZvZvepGgM2e SsCAicaJSpUJjm+ybFVUm4ZGhK+5yHOG+4WcDSfvqCQ7vdgdQKw+znFZTw7MqxXD 2532mEoQ3HOEnt/jjlPQu4XmBQIDAQABo4IClTCCApEwHQYDVR0OBBYEFDey41Gs i/JacBCL1khD1iFDLUv/MB8GA1UdIwQYMBaAFEa0/43JFnp3fZjYXy9SHdE2cHOz MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBREUwQS80MzU2N0VFNDNE MjgxMUVDQkVGNzdDNzZDNEY5QUUwMi9SclRfamNrV2VuZDltTmhmTDFJZDBUWndj N00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzMjJBNUY0MUQ2NjExRTJBM0YyN0Y3Qzcy RkQxRkYyL1JyVF9qY2tXZW5kOW1OaGZMMUlkMFRad2M3TS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QURFMEEvNDM1NjdFRTQzRDI4MTFFQ0JFRjc3Qzc2QzRGOUFFMDIvQjM3ODk4ODJG MjMyMTFFQzlBN0RCOTI0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E EDAOMAwEAgABMAYDBAICOuQwDQYJKoZIhvcNAQELBQADggEBAEOs2rz2AERB/xNl E5jqAyBBQ9GPZ3fIhB30AzAq9G/PCMkFVPNhSx39bzVybYVVzXuxMHsrTlORSB8q 38z/TLX50mbd8P0uUVikgoon7RIL/TV//bKshE5ke6Lm/r0NnR4n3brUMjozFG4Y /rlm3u4bUmv3tznKptJq/uT+zCX1+7y3awksraaWK55Q/3wqce5u0LmS3w8H9XRf Y7b/cmdx0qHJA9L2VrDlmO6t/0dGgEpdPXW9hGSS80GX+iXvSc788iNEZk9zTe77 FtdWyL2VDc18Y5kVjepZAjN41hHbt++YFSNFmTY1NtLy5oZyBFOHma323GXsfDx2 s9i/+b8= -----END CERTIFICATE-----Generated at Wed Nov 5 19:23:09 2025 by rpki-client