$ rpki-client -vvf rpki.apnic.net/member_repository/A9120AC1/359065A6309711ECB285A64BC4F9AE02/EBF4C0063C8811EC889B9D78C4F9AE02.roa File: EBF4C0063C8811EC889B9D78C4F9AE02.roa (raw, json) Hash identifier: xSXFEgaEwRI11lRD4Ufv2Q0UsgFam8SFWBwH7ownsu0= Subject key identifier: 22:0D:BF:C9:2D:5E:A4:3D:40:00:4F:8F:6B:36:56:4B:E7:56:44:E5 Certificate issuer: /CN=A9120AC1/serialNumber=7740CE0E6CD054C432DE46D4C3EDA14F642FDA14 Certificate serial: 047E Authority key identifier: 77:40:CE:0E:6C:D0:54:C4:32:DE:46:D4:C3:ED:A1:4F:64:2F:DA:14 Authority info access: rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/d0DODmzQVMQy3kbUw-2hT2Qv2hQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9120AC1/359065A6309711ECB285A64BC4F9AE02/EBF4C0063C8811EC889B9D78C4F9AE02.roa Signing time: Tue 04 Feb 2025 23:42:51 +0000 ROA not before: Tue 04 Feb 2025 23:42:51 +0000 ROA not after: Tue 31 Mar 2026 00:00:00 +0000 asID: 45753 IP address blocks: 141.193.152.0/21 maxlen: 21 141.193.152.0/24 maxlen: 24 141.193.153.0/24 maxlen: 24 141.193.154.0/24 maxlen: 24 141.193.155.0/24 maxlen: 24 141.193.156.0/24 maxlen: 24 141.193.157.0/24 maxlen: 24 141.193.158.0/24 maxlen: 24 141.193.159.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9120AC1/359065A6309711ECB285A64BC4F9AE02/d0DODmzQVMQy3kbUw-2hT2Qv2hQ.crl rsync://rpki.apnic.net/member_repository/A9120AC1/359065A6309711ECB285A64BC4F9AE02/d0DODmzQVMQy3kbUw-2hT2Qv2hQ.mft rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/d0DODmzQVMQy3kbUw-2hT2Qv2hQ.cer rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.crl rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 26 Oct 2025 01:28:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1150 (0x47e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9120AC1, serialNumber=7740CE0E6CD054C432DE46D4C3EDA14F642FDA14 Validity Not Before: Feb 4 23:42:51 2025 GMT Not After : Mar 31 00:00:00 2026 GMT Subject: CN=67a2a5fb-5b53 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:57:f0:72:67:93:73:3a:94:0d:c2:59:44:4d: 4a:09:52:c5:f4:97:55:93:62:12:3d:5d:2e:2e:1e: 6e:7c:03:a2:b9:55:19:21:48:a9:0a:d8:ae:9c:bc: e9:60:31:6b:a6:dc:c7:71:7b:02:d4:39:62:52:3f: 77:e0:32:59:0d:90:a6:05:3a:1a:01:49:c4:a3:ee: 25:73:c3:b1:ca:b1:12:fb:d4:94:e1:b6:f3:b0:ab: e0:03:e9:82:71:1b:35:0a:ae:9d:29:d2:9b:7c:38: 47:17:ee:e7:d3:e8:5b:01:80:dc:7c:fa:22:96:b4: 25:ee:56:c1:68:d9:ce:54:3d:5b:1e:84:d1:1e:52: f0:18:6b:c3:86:07:99:b3:e9:e8:ed:89:8c:d8:1a: 72:83:c8:d5:48:65:b2:6a:03:e1:96:b7:e3:28:61: 27:6e:c9:a2:07:05:49:17:08:54:9b:ea:6f:6a:0a: 4e:64:ed:f5:81:df:9a:25:a8:e0:5f:ac:06:f1:18: bd:4f:ea:a2:17:d4:88:f4:83:2d:96:7a:3f:46:c3: 54:dc:5f:17:bc:18:b9:bc:3d:d6:b7:48:a2:c6:c6: a0:5f:0e:c1:bc:c9:7e:8d:66:fe:69:94:fd:18:3b: 7b:fd:15:27:51:58:3d:eb:5c:e6:3c:e8:17:29:29: 62:85 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 22:0D:BF:C9:2D:5E:A4:3D:40:00:4F:8F:6B:36:56:4B:E7:56:44:E5 X509v3 Authority Key Identifier: keyid:77:40:CE:0E:6C:D0:54:C4:32:DE:46:D4:C3:ED:A1:4F:64:2F:DA:14 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9120AC1/359065A6309711ECB285A64BC4F9AE02/d0DODmzQVMQy3kbUw-2hT2Qv2hQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/d0DODmzQVMQy3kbUw-2hT2Qv2hQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9120AC1/359065A6309711ECB285A64BC4F9AE02/EBF4C0063C8811EC889B9D78C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 141.193.152.0/21 Signature Algorithm: sha256WithRSAEncryption b8:ca:8e:7c:85:18:08:72:e1:cd:78:45:c6:d8:36:c4:9a:6a: e5:c4:7a:9d:1a:a1:dc:60:f0:08:8a:6e:ad:34:f3:12:76:13: c4:12:d8:88:a2:5f:fd:28:9e:80:88:c0:ab:00:a7:89:ef:f9: 84:0c:34:2d:47:c6:40:1d:16:c5:b6:66:4b:b9:fa:33:98:73: af:bc:ec:e7:b3:e9:08:37:50:31:15:f7:1e:c8:06:1c:2c:f9: b1:e3:33:52:73:8e:6e:6e:37:ba:28:d9:78:f0:1e:1e:d6:7b: a0:3c:f8:e8:3e:4c:9a:e7:29:fc:b6:aa:1d:34:ff:b3:fa:30: 29:3b:db:d3:31:90:aa:96:8b:87:aa:8e:3b:b4:55:e4:98:b4: 87:30:bf:49:36:2b:e0:11:38:89:46:cb:87:8c:1b:9a:31:3a: 16:c0:50:3c:0b:af:96:28:2c:ef:15:57:c1:0b:be:10:58:e6: fd:b6:be:63:5a:5c:38:e1:58:21:ed:e5:2f:b7:ef:e2:35:70: f5:01:19:03:b6:db:f7:f7:6f:eb:a1:9a:2c:fc:09:ef:3a:32: 6b:03:98:b5:6c:c9:37:f9:10:a6:d2:7c:bc:9c:08:e4:06:b3: 8e:c7:a3:ef:d3:0f:11:41:b3:f1:21:11:3e:a4:7a:48:d1:dc: 5f:28:cf:02 -----BEGIN CERTIFICATE----- MIIFcTCCBFmgAwIBAgICBH4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MjBBQzExMTAvBgNVBAUTKDc3NDBDRTBFNkNEMDU0QzQzMkRFNDZENEMzRURBMTRG NjQyRkRBMTQwHhcNMjUwMjA0MjM0MjUxWhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD VQQDEw02N2EyYTVmYi01YjUzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwlfwcmeTczqUDcJZRE1KCVLF9JdVk2ISPV0uLh5ufAOiuVUZIUipCtiunLzp YDFrptzHcXsC1DliUj934DJZDZCmBToaAUnEo+4lc8OxyrES+9SU4bbzsKvgA+mC cRs1Cq6dKdKbfDhHF+7n0+hbAYDcfPoilrQl7lbBaNnOVD1bHoTRHlLwGGvDhgeZ s+no7YmM2Bpyg8jVSGWyagPhlrfjKGEnbsmiBwVJFwhUm+pvagpOZO31gd+aJajg X6wG8Ri9T+qiF9SI9IMtlno/RsNU3F8XvBi5vD3Wt0iixsagXw7BvMl+jWb+aZT9 GDt7/RUnUVg961zmPOgXKSlihQIDAQABo4IClTCCApEwHQYDVR0OBBYEFCINv8kt XqQ9QABPj2s2VkvnVkTlMB8GA1UdIwQYMBaAFHdAzg5s0FTEMt5G1MPtoU9kL9oU MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyMEFDMS8zNTkwNjVBNjMw OTcxMUVDQjI4NUE2NEJDNEY5QUUwMi9kMERPRG16UVZNUXkza2JVdy0yaFQyUXYy aFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzMjJBNUY0MUQ2NjExRTJBM0YyN0Y3Qzcy RkQxRkYyL2QwRE9EbXpRVk1ReTNrYlV3LTJoVDJRdjJoUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MjBBQzEvMzU5MDY1QTYzMDk3MTFFQ0IyODVBNjRCQzRGOUFFMDIvRUJGNEMwMDYz Qzg4MTFFQzg4OUI5RDc4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E EDAOMAwEAgABMAYDBAONwZgwDQYJKoZIhvcNAQELBQADggEBALjKjnyFGAhy4c14 RcbYNsSaauXEep0aodxg8AiKbq008xJ2E8QS2IiiX/0onoCIwKsAp4nv+YQMNC1H xkAdFsW2Zku5+jOYc6+87Oez6Qg3UDEV9x7IBhws+bHjM1Jzjm5uN7oo2XjwHh7W e6A8+Og+TJrnKfy2qh00/7P6MCk729MxkKqWi4eqjju0VeSYtIcwv0k2K+AROIlG y4eMG5oxOhbAUDwLr5YoLO8VV8ELvhBY5v22vmNaXDjhWCHt5S+37+I1cPUBGQO2 2/f3b+uhmiz8Ce86MmsDmLVsyTf5EKbSfLycCOQGs47Ho+/TDxFBs/EhET6kekjR 3F8ozwI= -----END CERTIFICATE-----Generated at Mon Oct 20 19:11:42 2025 by rpki-client