$ rpki-client -vvf rpki.apnic.net/member_repository/A912698E/095F6C8C267C11F09677F80BC4F9AE02/87087F00267E11F09183092AC4F9AE02.roa File: 87087F00267E11F09183092AC4F9AE02.roa (raw, json) Hash identifier: vPD3MBlV+VYxtTk5npGCIsRmwvlSAFp0uTh8dXUbHV8= Subject key identifier: 12:0D:9A:60:A0:F2:03:94:AB:FB:B6:5E:05:9C:B6:25:1B:5B:28:61 Certificate issuer: /CN=A912698E/serialNumber=5DB75B2DF94D04474A6E5E2D4B78CC084BFC2A6C Certificate serial: 02 Authority key identifier: 5D:B7:5B:2D:F9:4D:04:47:4A:6E:5E:2D:4B:78:CC:08:4B:FC:2A:6C Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/XbdbLflNBEdKbl4tS3jMCEv8Kmw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A912698E/095F6C8C267C11F09677F80BC4F9AE02/87087F00267E11F09183092AC4F9AE02.roa Signing time: Thu 01 May 2025 11:22:12 +0000 ROA not before: Thu 01 May 2025 11:22:12 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 997 IP address blocks: 205.210.164.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A912698E/095F6C8C267C11F09677F80BC4F9AE02/XbdbLflNBEdKbl4tS3jMCEv8Kmw.crl rsync://rpki.apnic.net/member_repository/A912698E/095F6C8C267C11F09677F80BC4F9AE02/XbdbLflNBEdKbl4tS3jMCEv8Kmw.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/XbdbLflNBEdKbl4tS3jMCEv8Kmw.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 19 May 2025 17:38:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2 (0x2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A912698E, serialNumber=5DB75B2DF94D04474A6E5E2D4B78CC084BFC2A6C Validity Not Before: May 1 11:22:12 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=68135964-1b80 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:49:62:0b:86:58:76:08:7f:2b:a8:3c:41:99: d1:7e:dd:f3:88:0a:1c:5f:ab:3e:be:09:3c:e3:f7: c5:57:08:dd:61:e7:75:a9:cd:3c:52:11:b5:76:2a: 8e:f5:ec:f0:ca:76:3a:80:1d:d2:e0:5d:18:d1:47: 52:f7:e8:dc:5c:b5:a6:5a:d3:7d:56:b0:90:43:fd: e2:7f:f8:ed:7c:43:70:d0:2f:c8:08:a9:53:05:b9: 14:89:d2:07:fa:56:18:80:cb:95:46:46:b3:59:36: 64:6e:21:d1:7e:d9:5a:57:43:dd:1f:3e:0d:3b:c4: 9d:d7:04:4e:c2:d1:4f:8c:dd:7d:d3:c1:7a:7c:e6: b1:06:e6:14:74:c0:0d:36:84:43:e2:dc:ae:d4:34: 8d:ef:82:12:94:54:26:41:87:39:78:0d:06:fd:d7: fe:b2:b7:79:e4:e1:b1:11:6e:fa:7a:b0:5c:5d:d1: 6e:47:e9:b5:51:58:7d:7e:81:25:60:69:17:32:fb: 8f:0b:d6:5f:f9:aa:24:ef:0e:aa:30:59:0f:ee:3f: 05:b4:e2:50:d0:a9:67:19:df:b5:d0:1d:85:82:ab: 26:91:f8:d7:7f:98:73:87:d4:b3:6d:b6:78:fb:9e: ff:21:81:74:22:53:04:20:04:fc:a2:d0:4c:f7:04: f5:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 12:0D:9A:60:A0:F2:03:94:AB:FB:B6:5E:05:9C:B6:25:1B:5B:28:61 X509v3 Authority Key Identifier: keyid:5D:B7:5B:2D:F9:4D:04:47:4A:6E:5E:2D:4B:78:CC:08:4B:FC:2A:6C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A912698E/095F6C8C267C11F09677F80BC4F9AE02/XbdbLflNBEdKbl4tS3jMCEv8Kmw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/XbdbLflNBEdKbl4tS3jMCEv8Kmw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912698E/095F6C8C267C11F09677F80BC4F9AE02/87087F00267E11F09183092AC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 205.210.164.0/22 Signature Algorithm: sha256WithRSAEncryption 08:07:ee:29:04:76:f4:dc:fb:44:d7:c3:49:37:49:c2:0b:44: 84:1a:87:2e:3a:7a:0c:22:8d:ed:b3:16:cf:04:54:fe:49:09: e5:6c:b5:a5:6a:c4:b1:08:f0:aa:54:bc:ae:b6:a5:04:76:e5: 48:c1:9a:72:47:99:97:24:f2:9c:ab:32:53:43:31:e4:7a:5e: 8e:ee:4c:bc:cd:3e:06:0d:fe:ab:3d:92:35:17:f1:b9:8a:c5: 07:7f:9c:90:8a:c9:0a:12:e0:c4:23:8a:a9:ab:b8:68:97:1b: 5a:c1:85:89:0d:08:d2:e0:31:1e:04:a8:a9:72:c3:03:c7:01: 6e:ac:f2:5a:6b:ba:f3:d0:d1:86:e3:33:db:e5:7f:98:83:7d: 6c:de:a3:1f:27:45:15:5e:cf:4a:e1:25:99:64:7b:81:cb:88: 35:da:3c:80:5d:dd:5d:20:6b:f7:5d:2f:7c:0c:34:d3:b8:54: 1e:4c:08:c5:c2:5c:f2:55:34:a3:91:2b:0d:aa:9d:7e:6d:3d: 64:fe:fa:e9:9e:5b:92:b5:8d:5c:e3:0f:9e:34:23:25:7d:e6: d2:26:24:dc:75:ae:e1:8b:7e:60:f9:3f:96:ba:ad:ce:66:84: 74:43:2c:89:56:f1:a9:65:4d:cc:3c:ce:9d:0b:90:89:e2:11: 15:c3:2a:0b -----BEGIN CERTIFICATE----- MIIFcDCCBFigAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEy Njk4RTExMC8GA1UEBRMoNURCNzVCMkRGOTREMDQ0NzRBNkU1RTJENEI3OENDMDg0 QkZDMkE2QzAeFw0yNTA1MDExMTIyMTJaFw0yNjA3MDEwMDAwMDBaMBgxFjAUBgNV BAMTDTY4MTM1OTY0LTFiODAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQC2SWILhlh2CH8rqDxBmdF+3fOIChxfqz6+CTzj98VXCN1h53WpzTxSEbV2Ko71 7PDKdjqAHdLgXRjRR1L36NxctaZa031WsJBD/eJ/+O18Q3DQL8gIqVMFuRSJ0gf6 VhiAy5VGRrNZNmRuIdF+2VpXQ90fPg07xJ3XBE7C0U+M3X3TwXp85rEG5hR0wA02 hEPi3K7UNI3vghKUVCZBhzl4DQb91/6yt3nk4bERbvp6sFxd0W5H6bVRWH1+gSVg aRcy+48L1l/5qiTvDqowWQ/uPwW04lDQqWcZ37XQHYWCqyaR+Nd/mHOH1LNttnj7 nv8hgXQiUwQgBPyi0Ez3BPVrAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUEg2aYKDy A5Sr+7ZeBZy2JRtbKGEwHwYDVR0jBBgwFoAUXbdbLflNBEdKbl4tS3jMCEv8Kmww DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTI2OThFLzA5NUY2QzhDMjY3 QzExRjA5Njc3RjgwQkM0RjlBRTAyL1hiZGJMZmxOQkVkS2JsNHRTM2pNQ0V2OEtt dy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvWGJkYkxmbE5CRWRLYmw0dFMzak1DRXY4S213LmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy Njk4RS8wOTVGNkM4QzI2N0MxMUYwOTY3N0Y4MEJDNEY5QUUwMi84NzA4N0YwMDI2 N0UxMUYwOTE4MzA5MkFDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ MA4wDAQCAAEwBgMEAs3SpDANBgkqhkiG9w0BAQsFAAOCAQEACAfuKQR29Nz7RNfD STdJwgtEhBqHLjp6DCKN7bMWzwRU/kkJ5Wy1pWrEsQjwqlS8rralBHblSMGackeZ lyTynKsyU0Mx5Hpeju5MvM0+Bg3+qz2SNRfxuYrFB3+ckIrJChLgxCOKqau4aJcb WsGFiQ0I0uAxHgSoqXLDA8cBbqzyWmu689DRhuMz2+V/mIN9bN6jHydFFV7PSuEl mWR7gcuINdo8gF3dXSBr910vfAw007hUHkwIxcJc8lU0o5ErDaqdfm09ZP766Z5b krWNXOMPnjQjJX3m0iYk3HWu4Yt+YPk/lrqtzmaEdEMsiVbxqWVNzDzOnQuQieIR FcMqCw== -----END CERTIFICATE-----Generated at Wed May 14 12:54:39 2025 by rpki-client