$ rpki-client -vvf rpki.apnic.net/member_repository/A91F0578/003A79DACF3D11EF91380E11C4F9AE02/8B349526E61B11EFA5CFAA1CC4F9AE02.roa File: 8B349526E61B11EFA5CFAA1CC4F9AE02.roa (raw, json) Hash identifier: ne8tUgudan5gCr0Fj4AbK9IugW5sTtsGHmdJgQPhqp8= Subject key identifier: A2:54:5D:2D:BC:E2:70:0F:3D:D4:B6:10:62:40:4C:72:4A:FD:98:08 Certificate issuer: /CN=A91F0578/serialNumber=1D3DAEF7D2788373EDDFCB1AD5C4C2356C57ADED Certificate serial: 18 Authority key identifier: 1D:3D:AE:F7:D2:78:83:73:ED:DF:CB:1A:D5:C4:C2:35:6C:57:AD:ED Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/HT2u99J4g3Pt38sa1cTCNWxXre0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F0578/003A79DACF3D11EF91380E11C4F9AE02/8B349526E61B11EFA5CFAA1CC4F9AE02.roa Signing time: Sat 08 Feb 2025 12:52:25 +0000 ROA not before: Sat 08 Feb 2025 12:52:25 +0000 ROA not after: Fri 01 May 2026 00:00:00 +0000 asID: 150001 IP address blocks: 161.248.155.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F0578/003A79DACF3D11EF91380E11C4F9AE02/HT2u99J4g3Pt38sa1cTCNWxXre0.crl rsync://rpki.apnic.net/member_repository/A91F0578/003A79DACF3D11EF91380E11C4F9AE02/HT2u99J4g3Pt38sa1cTCNWxXre0.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/HT2u99J4g3Pt38sa1cTCNWxXre0.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 12 Nov 2025 06:35:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 24 (0x18) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F0578, serialNumber=1D3DAEF7D2788373EDDFCB1AD5C4C2356C57ADED Validity Not Before: Feb 8 12:52:25 2025 GMT Not After : May 1 00:00:00 2026 GMT Subject: CN=67a75388-8857 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:a9:e5:5e:26:3c:9e:cb:11:f0:cc:2c:e9:00: 99:18:55:05:ec:2d:3a:6a:e6:81:4c:ed:c8:76:18: 95:8d:75:b6:15:8d:72:ec:8f:76:af:80:bc:d1:54: 56:2d:f0:7e:ac:bb:6f:2c:fd:f9:10:64:9d:f2:61: cf:51:c2:70:bb:95:4b:62:cf:61:13:f1:aa:cb:ab: 38:34:85:1d:b9:71:cc:cd:09:0a:1c:d4:d9:a3:b5: 34:cd:9c:c3:e0:40:f6:5b:1e:d6:81:20:2f:d6:7f: d1:a4:4b:3f:1d:a1:3e:36:e7:2c:1e:d4:c6:e7:37: 88:72:84:f6:d1:46:fc:93:90:23:99:f5:bd:18:e6: 1a:b8:18:39:ca:54:df:64:67:92:d2:34:21:eb:e9: 63:df:0c:58:97:eb:24:bd:69:07:29:0e:dc:d7:5a: 2a:c5:59:0f:f3:58:78:65:db:ad:45:00:15:ce:14: f7:cd:96:84:ee:b6:e4:85:e7:65:42:2f:3c:93:af: aa:2a:e9:7c:b5:ec:f2:87:d2:84:6e:ab:7b:85:f6: a7:25:01:a8:ef:31:23:b3:a9:82:b9:48:c4:56:7f: 60:4f:d9:3c:d9:e4:0e:e1:fc:09:93:da:cc:1a:11: cb:07:df:67:e1:ad:4a:65:9b:eb:b8:34:3f:f2:f2: 3f:b3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A2:54:5D:2D:BC:E2:70:0F:3D:D4:B6:10:62:40:4C:72:4A:FD:98:08 X509v3 Authority Key Identifier: keyid:1D:3D:AE:F7:D2:78:83:73:ED:DF:CB:1A:D5:C4:C2:35:6C:57:AD:ED X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F0578/003A79DACF3D11EF91380E11C4F9AE02/HT2u99J4g3Pt38sa1cTCNWxXre0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/HT2u99J4g3Pt38sa1cTCNWxXre0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F0578/003A79DACF3D11EF91380E11C4F9AE02/8B349526E61B11EFA5CFAA1CC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 161.248.155.0/24 Signature Algorithm: sha256WithRSAEncryption a5:f9:04:21:8f:73:8f:dd:8c:73:60:61:d1:07:13:46:bc:c9: 39:1e:6a:6a:1e:96:40:9a:7b:c2:c9:ac:37:95:e6:50:66:9e: bd:8f:a3:23:af:04:4f:bd:0b:ff:b8:18:9c:fa:3e:5f:20:8e: 85:39:67:89:58:1a:65:1f:9d:ca:0a:99:aa:1d:55:e1:66:74: e8:50:db:31:a5:71:a5:62:6f:f6:19:84:7e:4b:bc:ee:8d:c9: 68:d4:a4:43:0a:15:1e:5a:d6:ff:43:52:a8:36:71:fe:1f:6f: 97:d0:d2:34:7d:96:ec:01:f0:d4:53:49:cc:4e:83:4d:5b:61: 1a:18:81:2a:40:ad:e6:34:43:e3:04:9c:63:35:93:b0:99:77: 0a:b3:6f:6a:de:75:73:db:3a:b5:1b:47:e9:36:0e:12:c8:9a: 2e:ad:b6:25:6a:67:1a:01:bf:72:c0:5d:b3:b9:48:74:32:34: e0:3b:7f:2f:ed:76:5f:7a:48:9b:43:1a:4e:f1:a0:5b:d4:e6: 04:bd:50:c1:33:c7:4a:5f:79:a0:86:15:a6:74:f1:ee:0c:87: 0e:86:d4:37:89:bc:fd:c2:0e:ed:8f:92:7d:39:f1:b2:75:9d: 86:3a:27:c2:4e:62:54:6d:a0:05:82:a9:2b:04:70:66:7b:25: 27:44:be:07 -----BEGIN CERTIFICATE----- MIIFcDCCBFigAwIBAgIBGDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFG MDU3ODExMC8GA1UEBRMoMUQzREFFRjdEMjc4ODM3M0VEREZDQjFBRDVDNEMyMzU2 QzU3QURFRDAeFw0yNTAyMDgxMjUyMjVaFw0yNjA1MDEwMDAwMDBaMBgxFjAUBgNV BAMTDTY3YTc1Mzg4LTg4NTcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDXqeVeJjyeyxHwzCzpAJkYVQXsLTpq5oFM7ch2GJWNdbYVjXLsj3avgLzRVFYt 8H6su28s/fkQZJ3yYc9RwnC7lUtiz2ET8arLqzg0hR25cczNCQoc1NmjtTTNnMPg QPZbHtaBIC/Wf9GkSz8doT425ywe1MbnN4hyhPbRRvyTkCOZ9b0Y5hq4GDnKVN9k Z5LSNCHr6WPfDFiX6yS9aQcpDtzXWirFWQ/zWHhl261FABXOFPfNloTutuSF52VC LzyTr6oq6Xy17PKH0oRuq3uF9qclAajvMSOzqYK5SMRWf2BP2TzZ5A7h/AmT2swa EcsH32fhrUplm+u4ND/y8j+zAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUolRdLbzi cA891LYQYkBMckr9mAgwHwYDVR0jBBgwFoAUHT2u99J4g3Pt38sa1cTCNWxXre0w DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUYwNTc4LzAwM0E3OURBQ0Yz RDExRUY5MTM4MEUxMUM0RjlBRTAyL0hUMnU5OUo0ZzNQdDM4c2ExY1RDTld4WHJl MC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvSFQydTk5SjRnM1B0MzhzYTFjVENOV3hYcmUwLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG MDU3OC8wMDNBNzlEQUNGM0QxMUVGOTEzODBFMTFDNEY5QUUwMi84QjM0OTUyNkU2 MUIxMUVGQTVDRkFBMUNDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ MA4wDAQCAAEwBgMEAKH4mzANBgkqhkiG9w0BAQsFAAOCAQEApfkEIY9zj92Mc2Bh 0QcTRrzJOR5qah6WQJp7wsmsN5XmUGaevY+jI68ET70L/7gYnPo+XyCOhTlniVga ZR+dygqZqh1V4WZ06FDbMaVxpWJv9hmEfku87o3JaNSkQwoVHlrW/0NSqDZx/h9v l9DSNH2W7AHw1FNJzE6DTVthGhiBKkCt5jRD4wScYzWTsJl3CrNvat51c9s6tRtH 6TYOEsiaLq22JWpnGgG/csBds7lIdDI04Dt/L+12X3pIm0MaTvGgW9TmBL1QwTPH Sl95oIYVpnTx7gyHDobUN4m8/cIO7Y+SfTnxsnWdhjonwk5iVG2gBYKpKwRwZnsl J0S+Bw== -----END CERTIFICATE-----Generated at Wed Nov 5 17:07:53 2025 by rpki-client