$ rpki-client -vvf rpki.apnic.net/member_repository/A912A5D4/650B4DE8F3CE11EF914EF644C4F9AE02/25922C44F3CF11EFBCC75246C4F9AE02.roa File: 25922C44F3CF11EFBCC75246C4F9AE02.roa (raw, json) Hash identifier: zMJUwcQ85fc9WyQBZ4Df3FrM+qiFXLoVLbfqvgsrYLQ= Subject key identifier: D1:09:F1:36:14:22:4F:85:CF:65:4E:96:6B:30:65:A9:35:88:68:8B Certificate issuer: /CN=A912A5D4/serialNumber=66134DA1BFEDAC0C919D26B1F7F9E168AF9D2B4E Certificate serial: 32 Authority key identifier: 66:13:4D:A1:BF:ED:AC:0C:91:9D:26:B1:F7:F9:E1:68:AF:9D:2B:4E Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ZhNNob_trAyRnSax9_nhaK-dK04.cer Subject info access: rsync://rpki.apnic.net/member_repository/A912A5D4/650B4DE8F3CE11EF914EF644C4F9AE02/25922C44F3CF11EFBCC75246C4F9AE02.roa Signing time: Wed 14 May 2025 06:49:01 +0000 ROA not before: Wed 14 May 2025 06:49:01 +0000 ROA not after: Mon 01 Dec 2025 00:00:00 +0000 asID: 140637 IP address blocks: 143.188.148.0/22 maxlen: 23 143.188.152.0/22 maxlen: 23 143.188.156.0/22 maxlen: 23 143.188.160.0/23 maxlen: 26 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A912A5D4/650B4DE8F3CE11EF914EF644C4F9AE02/ZhNNob_trAyRnSax9_nhaK-dK04.crl rsync://rpki.apnic.net/member_repository/A912A5D4/650B4DE8F3CE11EF914EF644C4F9AE02/ZhNNob_trAyRnSax9_nhaK-dK04.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ZhNNob_trAyRnSax9_nhaK-dK04.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 24 May 2025 07:10:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 50 (0x32) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A912A5D4, serialNumber=66134DA1BFEDAC0C919D26B1F7F9E168AF9D2B4E Validity Not Before: May 14 06:49:01 2025 GMT Not After : Dec 1 00:00:00 2025 GMT Subject: CN=68243cdc-af12 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:d9:55:f3:a1:fd:31:55:41:68:42:ce:81:b6: e5:77:64:b0:83:23:c0:32:31:80:2d:e6:f8:56:6c: 2a:80:80:73:72:2b:95:81:79:e9:62:a3:dd:2a:8b: 36:cb:a5:c7:aa:34:b0:1f:5f:6e:6b:7d:ec:7d:19: c2:af:98:a6:90:13:fe:3d:17:bb:51:47:5d:19:17: e0:ec:7f:a8:31:6b:7c:94:7a:c1:ad:04:bc:95:47: a4:ce:f4:8f:5c:6b:6e:54:0c:0e:a1:3f:d0:3f:1e: d6:98:be:ab:a7:c1:94:1b:30:fb:52:e0:f9:e1:32: cd:08:ea:a6:fe:84:e5:3f:3b:6b:fd:a8:cd:c3:db: c1:a4:30:da:fe:b0:6d:0a:e2:e1:93:78:4b:17:83: 53:63:14:8d:e6:7a:36:a7:1e:28:23:c5:bb:bb:a3: 3a:de:48:e2:df:04:0e:21:d6:ed:63:42:e5:ab:a1: ce:f5:91:a3:47:2c:44:c3:91:6f:c6:3c:8c:58:01: 40:7c:48:71:67:61:09:61:24:a0:c2:ca:de:f7:d8: 3b:42:f1:71:dd:8d:f9:fa:0d:b7:b4:a0:ad:68:1d: 2e:8b:e8:6c:c5:8c:0e:a1:72:83:78:34:5d:3e:d0: 8e:69:7a:78:a7:c5:d1:51:f1:7d:ca:9a:b4:7f:70: ae:8d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D1:09:F1:36:14:22:4F:85:CF:65:4E:96:6B:30:65:A9:35:88:68:8B X509v3 Authority Key Identifier: keyid:66:13:4D:A1:BF:ED:AC:0C:91:9D:26:B1:F7:F9:E1:68:AF:9D:2B:4E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A912A5D4/650B4DE8F3CE11EF914EF644C4F9AE02/ZhNNob_trAyRnSax9_nhaK-dK04.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ZhNNob_trAyRnSax9_nhaK-dK04.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912A5D4/650B4DE8F3CE11EF914EF644C4F9AE02/25922C44F3CF11EFBCC75246C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 143.188.148.0-143.188.161.255 Signature Algorithm: sha256WithRSAEncryption 04:08:03:00:04:5c:dc:e2:1e:1f:61:ea:ff:62:32:4e:41:0b: 23:88:6c:68:66:55:83:a7:31:9e:84:5f:27:88:20:6c:e4:d5: ad:f2:2d:9e:05:37:1c:81:62:b1:96:d6:62:ea:cc:07:03:31: 9b:17:ee:bd:18:68:83:d1:2d:68:d8:20:99:84:f6:1b:e9:5a: be:35:65:1b:6b:cd:5b:09:96:37:1f:ff:d9:08:15:95:8c:28: 8e:fe:8e:30:70:49:bf:b3:0b:72:f5:df:fc:48:37:ff:e8:c6: 7d:f2:98:28:74:3a:28:60:50:66:29:25:40:0e:a4:18:1f:59: 5d:3b:00:09:7b:ba:56:d3:10:f7:c1:e6:6d:cf:07:cf:55:f1: d9:77:5b:eb:f0:8d:89:9f:87:5b:51:b7:34:3e:2f:52:43:59: bd:c1:f4:23:31:90:26:f1:47:35:ae:50:6a:d6:86:27:27:c8: c5:34:12:a3:1c:0e:a4:8a:b0:75:2a:77:fb:b2:99:8d:f9:6c: 9e:4b:4e:63:b6:09:f2:96:49:4f:04:13:66:ff:70:27:28:bc: 3c:a1:10:79:c9:86:e2:08:b8:ca:01:2a:05:22:ee:b1:1b:7c: e7:77:78:4c:4d:58:7f:48:77:73:23:00:d0:8f:be:96:c7:6e: 49:4c:95:56 -----BEGIN CERTIFICATE----- MIIFeDCCBGCgAwIBAgIBMjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEy QTVENDExMC8GA1UEBRMoNjYxMzREQTFCRkVEQUMwQzkxOUQyNkIxRjdGOUUxNjhB RjlEMkI0RTAeFw0yNTA1MTQwNjQ5MDFaFw0yNTEyMDEwMDAwMDBaMBgxFjAUBgNV BAMTDTY4MjQzY2RjLWFmMTIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCl2VXzof0xVUFoQs6BtuV3ZLCDI8AyMYAt5vhWbCqAgHNyK5WBeelio90qizbL pceqNLAfX25rfex9GcKvmKaQE/49F7tRR10ZF+Dsf6gxa3yUesGtBLyVR6TO9I9c a25UDA6hP9A/HtaYvqunwZQbMPtS4PnhMs0I6qb+hOU/O2v9qM3D28GkMNr+sG0K 4uGTeEsXg1NjFI3mejanHigjxbu7ozreSOLfBA4h1u1jQuWroc71kaNHLETDkW/G PIxYAUB8SHFnYQlhJKDCyt732DtC8XHdjfn6Dbe0oK1oHS6L6GzFjA6hcoN4NF0+ 0I5peninxdFR8X3KmrR/cK6NAgMBAAGjggKdMIICmTAdBgNVHQ4EFgQU0QnxNhQi T4XPZU6WazBlqTWIaIswHwYDVR0jBBgwFoAUZhNNob/trAyRnSax9/nhaK+dK04w DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTJBNUQ0LzY1MEI0REU4RjND RTExRUY5MTRFRjY0NEM0RjlBRTAyL1poTk5vYl90ckF5Um5TYXg5X25oYUstZEsw NC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvWmhOTm9iX3RyQXlSblNheDlfbmhhSy1kSzA0LmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy QTVENC82NTBCNERFOEYzQ0UxMUVGOTE0RUY2NDRDNEY5QUUwMi8yNTkyMkM0NEYz Q0YxMUVGQkNDNzUyNDZDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAnBggrBgEFBQcBBwEB/wQY MBYwFAQCAAEwDjAMAwQCj7yUAwQBj7ygMA0GCSqGSIb3DQEBCwUAA4IBAQAECAMA BFzc4h4fYer/YjJOQQsjiGxoZlWDpzGehF8niCBs5NWt8i2eBTccgWKxltZi6swH AzGbF+69GGiD0S1o2CCZhPYb6Vq+NWUba81bCZY3H//ZCBWVjCiO/o4wcEm/swty 9d/8SDf/6MZ98pgodDooYFBmKSVADqQYH1ldOwAJe7pW0xD3weZtzwfPVfHZd1vr 8I2Jn4dbUbc0Pi9SQ1m9wfQjMZAm8Uc1rlBq1oYnJ8jFNBKjHA6kirB1Knf7spmN +WyeS05jtgnylklPBBNm/3AnKLw8oRB5yYbiCLjKASoFIu6xG3znd3hMTVh/SHdz IwDQj76Wx25JTJVW -----END CERTIFICATE-----Generated at Sat May 17 18:08:57 2025 by rpki-client