$ rpki-client -vvf rpki.apnic.net/member_repository/A9178EB0/65D1DB2CDAEA11EA958EB35BC4F9AE02/23CDAE44F89B11EFA0888D74C4F9AE02.roa File: 23CDAE44F89B11EFA0888D74C4F9AE02.roa (raw, json) Hash identifier: QEmg34gYMLcRImmZXOGPqukjodjpiHJ4l1SGgXAsmiI= Subject key identifier: A3:0A:B4:02:52:B0:3E:06:10:F8:2B:C1:9B:23:74:EE:18:3C:0D:19 Certificate issuer: /CN=A9178EB0/serialNumber=AAA62DB47F012B26DD8698E2CC35DE8F29437761 Certificate serial: 082A Authority key identifier: AA:A6:2D:B4:7F:01:2B:26:DD:86:98:E2:CC:35:DE:8F:29:43:77:61 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qqYttH8BKybdhpjizDXejylDd2E.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9178EB0/65D1DB2CDAEA11EA958EB35BC4F9AE02/23CDAE44F89B11EFA0888D74C4F9AE02.roa Signing time: Wed 07 May 2025 02:07:09 +0000 ROA not before: Wed 07 May 2025 02:07:09 +0000 ROA not after: Sat 31 Jan 2026 00:00:00 +0000 asID: 963 IP address blocks: 112.121.184.0/22 maxlen: 24 180.178.32.0/20 maxlen: 24 180.178.48.0/21 maxlen: 24 180.178.56.0/22 maxlen: 24 180.178.60.0/22 maxlen: 24 182.16.0.0/17 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9178EB0/65D1DB2CDAEA11EA958EB35BC4F9AE02/qqYttH8BKybdhpjizDXejylDd2E.crl rsync://rpki.apnic.net/member_repository/A9178EB0/65D1DB2CDAEA11EA958EB35BC4F9AE02/qqYttH8BKybdhpjizDXejylDd2E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qqYttH8BKybdhpjizDXejylDd2E.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 19 May 2025 20:41:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2090 (0x82a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9178EB0, serialNumber=AAA62DB47F012B26DD8698E2CC35DE8F29437761 Validity Not Before: May 7 02:07:09 2025 GMT Not After : Jan 31 00:00:00 2026 GMT Subject: CN=681ac04c-3735 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:96:4b:73:f9:58:2d:5f:fc:e2:cc:f4:05:3a: 52:49:a7:51:4d:44:1e:1c:68:6d:a8:8c:08:e8:d6: ca:10:a9:8c:0c:39:c4:2d:ba:0f:52:84:e4:67:87: c5:de:fc:5d:a8:05:57:7b:cc:e0:7d:13:1b:96:ca: 6c:1f:e1:d2:7b:71:00:7e:1a:51:ad:7e:2e:e8:1a: 16:53:37:9c:9d:2a:ad:24:88:83:e0:49:73:bd:2f: c6:6e:4e:80:9c:43:a9:e9:c5:45:83:ac:10:2a:a3: 99:10:d7:83:31:0c:e8:2f:7a:31:fb:69:19:ad:9d: f7:b4:8f:77:bc:f2:07:3e:26:35:0f:d5:94:a1:fb: 28:19:cf:c0:53:75:45:17:36:5c:24:e0:48:07:49: 48:d8:8a:9e:a2:71:72:0e:c5:90:32:6d:3c:17:ba: 45:cf:a8:d4:61:7b:fc:52:a4:7a:04:6c:5e:9c:ea: be:7b:16:98:6f:71:80:45:e5:42:d0:1b:61:72:e4: 25:a5:7b:aa:2f:87:82:24:94:64:19:37:5a:51:e0: 0f:93:e0:5b:ab:2a:83:b2:1e:b2:cb:65:9f:17:6e: cf:bc:e0:1d:34:c3:89:50:e9:a6:44:5a:f4:c7:bf: 19:21:de:6f:95:8c:0a:1e:f7:c6:8a:22:8d:62:5b: a0:87 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A3:0A:B4:02:52:B0:3E:06:10:F8:2B:C1:9B:23:74:EE:18:3C:0D:19 X509v3 Authority Key Identifier: keyid:AA:A6:2D:B4:7F:01:2B:26:DD:86:98:E2:CC:35:DE:8F:29:43:77:61 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9178EB0/65D1DB2CDAEA11EA958EB35BC4F9AE02/qqYttH8BKybdhpjizDXejylDd2E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qqYttH8BKybdhpjizDXejylDd2E.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9178EB0/65D1DB2CDAEA11EA958EB35BC4F9AE02/23CDAE44F89B11EFA0888D74C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 112.121.184.0/22 180.178.32.0/19 182.16.0.0/17 Signature Algorithm: sha256WithRSAEncryption 36:3c:9b:b1:93:4d:4d:c2:33:ab:8d:c5:19:98:d0:c0:dd:4a: 9c:0b:8b:ab:d0:e8:46:32:3a:e4:28:cb:36:81:5b:64:2e:bf: 69:6d:f4:74:0b:1a:8f:5e:a9:72:e2:c0:a9:e0:9d:91:e4:5e: ce:fa:da:7d:75:d8:e0:c1:00:ab:96:ca:ab:fd:1a:66:cb:62: c3:d9:e2:17:ce:2f:14:cc:56:38:95:de:67:46:a4:54:d2:08: 4e:da:0b:a9:04:c2:cf:a4:de:51:55:3c:94:10:5e:02:f2:e3: 37:44:ef:22:d9:2c:77:b1:37:51:7e:bf:ac:26:c0:7b:bf:2a: 26:f2:3f:78:13:db:40:10:b7:41:cc:b0:b3:dc:69:09:58:8d: 15:9f:f6:05:3a:16:6a:ff:27:41:94:9b:33:f3:0a:4c:78:b8: 63:ed:6a:c6:e2:de:cb:28:06:c1:f8:a7:a3:9f:a5:0a:52:6a: f3:cd:12:c5:77:f8:90:d7:f1:49:9c:82:61:cf:2f:c5:68:99: 3e:a4:5e:77:2c:47:29:1a:cc:b6:e6:f3:95:b5:36:13:5d:76: 78:e6:01:5c:17:25:33:d9:46:57:3d:d5:ad:f4:49:1d:1b:24: 8e:a7:db:d9:a5:b1:0e:07:3a:00:75:86:94:11:2a:01:66:86: 0c:7c:55:15 -----BEGIN CERTIFICATE----- MIIFfTCCBGWgAwIBAgICCCowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NzhFQjAxMTAvBgNVBAUTKEFBQTYyREI0N0YwMTJCMjZERDg2OThFMkNDMzVERThG Mjk0Mzc3NjEwHhcNMjUwNTA3MDIwNzA5WhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD VQQDEw02ODFhYzA0Yy0zNzM1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAuJZLc/lYLV/84sz0BTpSSadRTUQeHGhtqIwI6NbKEKmMDDnELboPUoTkZ4fF 3vxdqAVXe8zgfRMblspsH+HSe3EAfhpRrX4u6BoWUzecnSqtJIiD4ElzvS/Gbk6A nEOp6cVFg6wQKqOZENeDMQzoL3ox+2kZrZ33tI93vPIHPiY1D9WUofsoGc/AU3VF FzZcJOBIB0lI2IqeonFyDsWQMm08F7pFz6jUYXv8UqR6BGxenOq+exaYb3GAReVC 0BthcuQlpXuqL4eCJJRkGTdaUeAPk+BbqyqDsh6yy2WfF27PvOAdNMOJUOmmRFr0 x78ZId5vlYwKHvfGiiKNYlughwIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFKMKtAJS sD4GEPgrwZsjdO4YPA0ZMB8GA1UdIwQYMBaAFKqmLbR/ASsm3YaY4sw13o8pQ3dh MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3OEVCMC82NUQxREIyQ0RB RUExMUVBOTU4RUIzNUJDNEY5QUUwMi9xcVl0dEg4Qkt5YmRocGppekRYZWp5bERk MkUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3FxWXR0SDhCS3liZGhwaml6RFhlanlsRGQyRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NzhFQjAvNjVEMURCMkNEQUVBMTFFQTk1OEVCMzVCQzRGOUFFMDIvMjNDREFFNDRG ODlCMTFFRkEwODg4RDc0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E HDAaMBgEAgABMBIDBAJwebgDBAW0siADBAe2EAAwDQYJKoZIhvcNAQELBQADggEB ADY8m7GTTU3CM6uNxRmY0MDdSpwLi6vQ6EYyOuQoyzaBW2Quv2lt9HQLGo9eqXLi wKngnZHkXs762n112ODBAKuWyqv9GmbLYsPZ4hfOLxTMVjiV3mdGpFTSCE7aC6kE ws+k3lFVPJQQXgLy4zdE7yLZLHexN1F+v6wmwHu/KibyP3gT20AQt0HMsLPcaQlY jRWf9gU6Fmr/J0GUmzPzCkx4uGPtasbi3ssoBsH4p6OfpQpSavPNEsV3+JDX8Umc gmHPL8VomT6kXncsRykazLbm85W1NhNddnjmAVwXJTPZRlc91a30SR0bJI6n29ml sQ4HOgB1hpQRKgFmhgx8VRU= -----END CERTIFICATE-----Generated at Tue May 13 19:43:17 2025 by rpki-client