$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/2F8ECC8C19EC11F0AD003527C4F9AE02.roa File: 2F8ECC8C19EC11F0AD003527C4F9AE02.roa (raw, json) Hash identifier: 6cH56hTLA7dRVXPmioJlFabzTom8uaHSuBnjlJSZDw8= Subject key identifier: C4:7B:D2:31:3E:9B:AF:E6:9A:E6:31:57:A2:96:52:1E:C6:F3:5A:C2 Certificate issuer: /CN=A91E6134/serialNumber=9A73F1A919FBF46C872E38805B1650B5F88276D3 Certificate serial: 102A Authority key identifier: 9A:73:F1:A9:19:FB:F4:6C:87:2E:38:80:5B:16:50:B5:F8:82:76:D3 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mnPxqRn79GyHLjiAWxZQtfiCdtM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/2F8ECC8C19EC11F0AD003527C4F9AE02.roa Signing time: Tue 15 Apr 2025 12:00:47 +0000 ROA not before: Tue 15 Apr 2025 12:00:47 +0000 ROA not after: Wed 30 Jul 2025 00:00:00 +0000 asID: 43260 IP address blocks: 139.190.8.0/24 maxlen: 24 139.190.13.0/24 maxlen: 24 139.190.15.0/24 maxlen: 24 139.190.17.0/24 maxlen: 24 139.190.20.0/24 maxlen: 24 139.190.24.0/22 maxlen: 22 139.190.30.0/24 maxlen: 24 139.190.31.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/mnPxqRn79GyHLjiAWxZQtfiCdtM.crl rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/mnPxqRn79GyHLjiAWxZQtfiCdtM.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mnPxqRn79GyHLjiAWxZQtfiCdtM.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 10:49:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4138 (0x102a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E6134, serialNumber=9A73F1A919FBF46C872E38805B1650B5F88276D3 Validity Not Before: Apr 15 12:00:47 2025 GMT Not After : Jul 30 00:00:00 2025 GMT Subject: CN=67fe4a6f-1442 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:96:ae:54:e4:90:72:90:f5:ea:24:1f:68:37: 2a:a4:64:3b:29:b3:72:36:4b:7b:b8:60:af:18:f3: b1:c4:76:36:10:4c:e9:0e:82:52:e7:96:85:3c:13: e2:0e:53:3c:9a:6f:ef:ec:5d:7a:e2:bc:c5:a7:de: 23:db:7d:c9:a1:f0:2a:4c:7e:88:51:cd:a0:42:51: 20:78:61:31:11:0f:4d:d1:ca:50:1b:c9:13:03:86: a9:f0:2f:09:e4:f2:27:91:08:d8:e8:0d:3e:e0:a3: ba:51:58:f7:c8:b7:d5:38:24:df:80:8f:80:9d:d4: 42:0f:e4:ec:7d:58:65:b7:36:39:93:89:ad:1f:a4: d6:38:a9:2d:e2:63:95:58:fd:95:7e:77:a2:82:71: f2:5a:c2:1c:62:23:c6:af:43:9c:ca:e5:e5:ec:65: 01:d4:26:1a:be:19:ee:7a:45:55:bf:65:6d:b1:ce: 8b:33:e8:01:f2:63:d4:51:af:26:2e:d0:6f:13:3d: d6:cd:50:43:65:5d:fe:51:68:b2:e1:f1:8a:ea:81: 4a:77:e4:69:32:6f:2e:a3:9a:a3:5f:cf:97:24:8f: 8e:39:36:20:17:2b:ea:56:2d:5c:2d:3b:cc:f7:b6: 4e:07:bc:66:76:a2:4c:c0:31:a1:86:ba:53:a0:8d: 25:87 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C4:7B:D2:31:3E:9B:AF:E6:9A:E6:31:57:A2:96:52:1E:C6:F3:5A:C2 X509v3 Authority Key Identifier: keyid:9A:73:F1:A9:19:FB:F4:6C:87:2E:38:80:5B:16:50:B5:F8:82:76:D3 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/mnPxqRn79GyHLjiAWxZQtfiCdtM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mnPxqRn79GyHLjiAWxZQtfiCdtM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/2F8ECC8C19EC11F0AD003527C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 139.190.8.0/24 139.190.13.0/24 139.190.15.0/24 139.190.17.0/24 139.190.20.0/24 139.190.24.0/22 139.190.30.0/23 Signature Algorithm: sha256WithRSAEncryption 43:a6:8b:3b:1b:9f:fe:ea:70:ae:e9:79:ed:8c:f7:bb:1e:6c: 52:58:f2:dd:01:3b:39:13:88:7c:38:11:11:cf:4e:d2:8c:a2: da:04:45:e0:06:bf:76:2d:20:75:5f:c0:48:9a:8e:3e:0f:29: f9:f4:1d:5d:93:f9:c6:c9:0f:84:c9:cf:01:d7:d3:82:93:34: e1:8c:e2:71:b6:df:19:bd:6b:fb:01:d1:81:dd:22:10:9f:10: 13:d4:12:f1:01:7a:94:e7:f3:62:5a:89:3d:e5:6d:56:45:46: 74:3b:1c:27:3d:fb:85:3b:0f:07:47:dc:88:06:b6:25:50:92: c9:4b:0d:5c:7b:ab:e8:50:38:8d:e9:8f:07:d2:3c:2c:e4:63: 76:79:67:32:0d:12:7e:37:bd:67:49:c3:f7:80:bc:15:ac:31: 56:0f:19:d6:67:45:f3:b1:ed:be:e9:c5:aa:b0:3e:98:f5:9e: bc:17:5f:eb:52:00:7a:34:c0:a5:ed:25:58:f9:9e:1f:c0:a1: f9:80:2e:24:c6:1a:47:78:01:2a:a3:f8:b2:eb:f5:60:44:de: 9f:1d:3e:ce:05:cd:74:ec:e7:14:06:d2:40:92:dc:f4:68:24: 3a:60:91:d4:bc:e8:a5:30:88:b0:7d:c7:10:a3:84:4e:d9:54: bc:18:6a:99 -----BEGIN CERTIFICATE----- MIIFlTCCBH2gAwIBAgICECowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTYxMzQxMTAvBgNVBAUTKDlBNzNGMUE5MTlGQkY0NkM4NzJFMzg4MDVCMTY1MEI1 Rjg4Mjc2RDMwHhcNMjUwNDE1MTIwMDQ3WhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD VQQDEw02N2ZlNGE2Zi0xNDQyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAupauVOSQcpD16iQfaDcqpGQ7KbNyNkt7uGCvGPOxxHY2EEzpDoJS55aFPBPi DlM8mm/v7F164rzFp94j233JofAqTH6IUc2gQlEgeGExEQ9N0cpQG8kTA4ap8C8J 5PInkQjY6A0+4KO6UVj3yLfVOCTfgI+AndRCD+TsfVhltzY5k4mtH6TWOKkt4mOV WP2VfneignHyWsIcYiPGr0OcyuXl7GUB1CYavhnuekVVv2Vtsc6LM+gB8mPUUa8m LtBvEz3WzVBDZV3+UWiy4fGK6oFKd+RpMm8uo5qjX8+XJI+OOTYgFyvqVi1cLTvM 97ZOB7xmdqJMwDGhhrpToI0lhwIDAQABo4ICuTCCArUwHQYDVR0OBBYEFMR70jE+ m6/mmuYxV6KWUh7G81rCMB8GA1UdIwQYMBaAFJpz8akZ+/Rshy44gFsWULX4gnbT MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNjEzNC81N0IzRTBCQ0My QTgxMUVBQTc5MThBMkVDNEY5QUUwMi9tblB4cVJuNzlHeUhMamlBV3haUXRmaUNk dE0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL21uUHhxUm43OUd5SExqaUFXeFpRdGZpQ2R0TS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RTYxMzQvNTdCM0UwQkNDMkE4MTFFQUE3OTE4QTJFQzRGOUFFMDIvMkY4RUNDOEMx OUVDMTFGMEFEMDAzNTI3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQwYIKwYBBQUHAQcBAf8E NDAyMDAEAgABMCoDBACLvggDBACLvg0DBACLvg8DBACLvhEDBACLvhQDBAKLvhgD BAGLvh4wDQYJKoZIhvcNAQELBQADggEBAEOmizsbn/7qcK7pee2M97sebFJY8t0B OzkTiHw4ERHPTtKMotoEReAGv3YtIHVfwEiajj4PKfn0HV2T+cbJD4TJzwHX04KT NOGM4nG23xm9a/sB0YHdIhCfEBPUEvEBepTn82JaiT3lbVZFRnQ7HCc9+4U7DwdH 3IgGtiVQkslLDVx7q+hQOI3pjwfSPCzkY3Z5ZzINEn43vWdJw/eAvBWsMVYPGdZn RfOx7b7pxaqwPpj1nrwXX+tSAHo0wKXtJVj5nh/AofmALiTGGkd4ASqj+LLr9WBE 3p8dPs4FzXTs5xQG0kCS3PRoJDpgkdS86KUwiLB9xxCjhE7ZVLwYapk= -----END CERTIFICATE-----Generated at Sat Apr 26 16:17:56 2025 by rpki-client