$ rpki-client -vvf rpki.apnic.net/member_repository/A91DF93A/F7DFA72EE5F311EAB3A91561C4F9AE02/9A5AEF6A452E11F0A0265759C4F9AE02.roa File: 9A5AEF6A452E11F0A0265759C4F9AE02.roa (raw, json) Hash identifier: evo1DThwmmRaCGD9K8Z+dugTCV26GijVnnsAhKLoEaQ= Subject key identifier: 2F:7F:E9:B2:2C:16:51:8F:24:AD:C1:88:BD:80:A2:72:ED:87:2A:D7 Certificate issuer: /CN=A91DF93A/serialNumber=7E244310D7A456EB127B926C42F26D79E9ACDB88 Certificate serial: 08BD Authority key identifier: 7E:24:43:10:D7:A4:56:EB:12:7B:92:6C:42:F2:6D:79:E9:AC:DB:88 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/fiRDENekVusSe5JsQvJteems24g.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91DF93A/F7DFA72EE5F311EAB3A91561C4F9AE02/9A5AEF6A452E11F0A0265759C4F9AE02.roa Signing time: Wed 18 Jun 2025 21:07:53 +0000 ROA not before: Wed 18 Jun 2025 21:07:52 +0000 ROA not after: Mon 31 Aug 2026 00:00:00 +0000 asID: 21859 IP address blocks: 169.136.82.0/24 maxlen: 24 169.136.85.0/24 maxlen: 24 169.136.105.0/24 maxlen: 24 169.136.109.0/24 maxlen: 24 169.136.122.0/24 maxlen: 24 169.136.128.0/24 maxlen: 24 169.136.129.0/24 maxlen: 24 169.136.130.0/24 maxlen: 24 169.136.134.0/24 maxlen: 24 169.136.135.0/24 maxlen: 24 169.136.143.0/24 maxlen: 24 169.136.191.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91DF93A/F7DFA72EE5F311EAB3A91561C4F9AE02/fiRDENekVusSe5JsQvJteems24g.crl rsync://rpki.apnic.net/member_repository/A91DF93A/F7DFA72EE5F311EAB3A91561C4F9AE02/fiRDENekVusSe5JsQvJteems24g.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/fiRDENekVusSe5JsQvJteems24g.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 25 Jun 2025 21:08:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2237 (0x8bd) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91DF93A, serialNumber=7E244310D7A456EB127B926C42F26D79E9ACDB88 Validity Not Before: Jun 18 21:07:52 2025 GMT Not After : Aug 31 00:00:00 2026 GMT Subject: CN=68532aa8-c41b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:ec:9b:9f:f2:c8:fa:d0:85:48:a6:b4:e9:42: 50:a6:15:de:4a:55:f8:c4:9a:ba:a2:cd:91:16:67: 72:39:7f:0c:c7:6d:d9:60:6a:8a:0f:c0:f1:37:d1: 5e:f3:1a:74:3f:ac:13:f7:59:ed:9d:5a:64:d2:61: c7:14:aa:88:d4:3a:8e:be:e9:f2:cd:4c:d8:a8:a1: bf:cd:be:93:9c:49:27:a2:3c:b7:59:f7:10:73:da: 42:d2:dc:96:d5:c0:4f:e6:11:3e:16:54:31:45:93: ae:be:75:b9:83:f1:16:c8:5a:85:3e:57:26:81:23: e1:c6:53:2e:15:a0:ad:b4:01:e5:08:82:0e:8b:9d: bc:3d:6b:07:65:99:e4:6f:fd:2a:4d:3e:71:c0:6d: 8c:0d:4d:f9:e4:83:a8:b3:2d:66:53:ac:a9:7e:f3: 88:34:75:8d:fd:cc:73:8d:67:f2:42:86:01:a3:f3: e9:39:ed:4a:be:1d:65:31:b5:79:07:7e:64:9d:84: fb:51:08:2d:a6:ac:56:b6:eb:df:7f:27:54:20:1f: 35:d8:ad:61:17:46:f0:0e:58:bf:61:75:4a:3f:7f: 01:87:b8:fa:7d:30:26:08:3a:8b:b6:fa:2a:3a:3f: 48:31:28:19:3a:99:1a:04:f8:1b:36:55:8e:4f:eb: 9e:b1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2F:7F:E9:B2:2C:16:51:8F:24:AD:C1:88:BD:80:A2:72:ED:87:2A:D7 X509v3 Authority Key Identifier: keyid:7E:24:43:10:D7:A4:56:EB:12:7B:92:6C:42:F2:6D:79:E9:AC:DB:88 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91DF93A/F7DFA72EE5F311EAB3A91561C4F9AE02/fiRDENekVusSe5JsQvJteems24g.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/fiRDENekVusSe5JsQvJteems24g.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DF93A/F7DFA72EE5F311EAB3A91561C4F9AE02/9A5AEF6A452E11F0A0265759C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 169.136.82.0/24 169.136.85.0/24 169.136.105.0/24 169.136.109.0/24 169.136.122.0/24 169.136.128.0-169.136.130.255 169.136.134.0/23 169.136.143.0/24 169.136.191.0/24 Signature Algorithm: sha256WithRSAEncryption 2a:01:9b:e1:08:1e:5a:5e:0c:3e:0a:7f:c8:47:15:86:c0:91: bc:cc:4d:23:65:1d:f9:18:c3:27:0d:fa:a1:e3:72:ad:ca:37: 85:8a:4f:b2:b5:fc:86:44:9c:f2:45:2c:bf:ae:94:98:a7:bd: 5e:3d:41:10:2d:96:dc:15:9c:31:a9:77:6d:60:2e:f3:0b:7a: 6e:f4:f8:47:d6:69:6a:f1:07:0a:62:11:5f:38:00:b2:a5:5a: 5e:ea:30:38:1c:d5:50:0d:d8:c3:6c:d7:94:20:49:a5:8f:d5: 20:04:82:82:eb:ec:c1:ac:10:8d:a8:7e:28:1a:82:1f:28:9d: a4:9b:1a:ca:57:0e:df:59:23:d7:2d:61:c4:19:77:9e:8f:a9: 7b:b7:0d:2a:23:56:7f:d7:e8:b8:db:0d:3b:e7:2d:06:34:9a: f9:12:3c:a4:16:cc:53:e5:d3:ab:77:ba:63:37:c4:9d:21:1b: 55:d2:d5:d2:ad:d3:71:2d:e0:6b:d5:3c:2f:03:f1:c7:0f:03: ca:e1:e1:7b:3e:bd:7d:e2:7e:d7:a1:35:78:f1:c8:1d:8c:8d: b0:bc:ac:4d:42:0f:46:88:d4:a4:1c:01:6c:6e:3a:75:f2:05: 8d:ff:83:bb:f5:70:b9:4d:30:8d:e9:b0:b4:b4:11:22:f7:c3: 34:47:53:70 -----BEGIN CERTIFICATE----- MIIFqTCCBJGgAwIBAgICCL0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx REY5M0ExMTAvBgNVBAUTKDdFMjQ0MzEwRDdBNDU2RUIxMjdCOTI2QzQyRjI2RDc5 RTlBQ0RCODgwHhcNMjUwNjE4MjEwNzUyWhcNMjYwODMxMDAwMDAwWjAYMRYwFAYD VQQDEw02ODUzMmFhOC1jNDFiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAweybn/LI+tCFSKa06UJQphXeSlX4xJq6os2RFmdyOX8Mx23ZYGqKD8DxN9Fe 8xp0P6wT91ntnVpk0mHHFKqI1DqOvunyzUzYqKG/zb6TnEknojy3WfcQc9pC0tyW 1cBP5hE+FlQxRZOuvnW5g/EWyFqFPlcmgSPhxlMuFaCttAHlCIIOi528PWsHZZnk b/0qTT5xwG2MDU355IOosy1mU6ypfvOINHWN/cxzjWfyQoYBo/PpOe1Kvh1lMbV5 B35knYT7UQgtpqxWtuvffydUIB812K1hF0bwDli/YXVKP38Bh7j6fTAmCDqLtvoq Oj9IMSgZOpkaBPgbNlWOT+uesQIDAQABo4ICzTCCAskwHQYDVR0OBBYEFC9/6bIs FlGPJK3BiL2AonLthyrXMB8GA1UdIwQYMBaAFH4kQxDXpFbrEnuSbELybXnprNuI MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFERjkzQS9GN0RGQTcyRUU1 RjMxMUVBQjNBOTE1NjFDNEY5QUUwMi9maVJERU5la1Z1c1NlNUpzUXZKdGVlbXMy NGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL2ZpUkRFTmVrVnVzU2U1SnNRdkp0ZWVtczI0Zy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx REY5M0EvRjdERkE3MkVFNUYzMTFFQUIzQTkxNTYxQzRGOUFFMDIvOUE1QUVGNkE0 NTJFMTFGMEEwMjY1NzU5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwVwYIKwYBBQUHAQcBAf8E SDBGMEQEAgABMD4DBACpiFIDBACpiFUDBACpiGkDBACpiG0DBACpiHowDAMEB6mI gAMEAKmIggMEAamIhgMEAKmIjwMEAKmIvzANBgkqhkiG9w0BAQsFAAOCAQEAKgGb 4QgeWl4MPgp/yEcVhsCRvMxNI2Ud+RjDJw36oeNyrco3hYpPsrX8hkSc8kUsv66U mKe9Xj1BEC2W3BWcMal3bWAu8wt6bvT4R9ZpavEHCmIRXzgAsqVaXuowOBzVUA3Y w2zXlCBJpY/VIASCguvswawQjah+KBqCHyidpJsaylcO31kj1y1hxBl3no+pe7cN KiNWf9fouNsNO+ctBjSa+RI8pBbMU+XTq3e6YzfEnSEbVdLV0q3TcS3ga9U8LwPx xw8DyuHhez69feJ+16E1ePHIHYyNsLysTUIPRojUpBwBbG46dfIFjf+Du/VwuU0w jemwtLQRIvfDNEdTcA== -----END CERTIFICATE-----Generated at Fri Jun 20 14:55:58 2025 by rpki-client