$ rpki-client -vvf rpki.apnic.net/member_repository/A917E0A8/6EFC0BEE984C11EB8A41FA20C4F9AE02/F9C23E2A3ACB11EC9FEBB367C4F9AE02.roa File: F9C23E2A3ACB11EC9FEBB367C4F9AE02.roa (raw, json) Hash identifier: nh7VvVbwlcEI7LPWlEzxHGSM7ZH4CPOm9G5I1MGrFHY= Subject key identifier: E6:C4:9D:90:A9:E1:4E:57:DF:64:8E:AB:49:65:E3:39:72:39:BB:12 Certificate issuer: /CN=A917E0A8/serialNumber=74D44D968AF463EFB17C080D5FAD010C4AC097AA Certificate serial: 063F Authority key identifier: 74:D4:4D:96:8A:F4:63:EF:B1:7C:08:0D:5F:AD:01:0C:4A:C0:97:AA Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dNRNlor0Y--xfAgNX60BDErAl6o.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917E0A8/6EFC0BEE984C11EB8A41FA20C4F9AE02/F9C23E2A3ACB11EC9FEBB367C4F9AE02.roa Signing time: Wed 30 Apr 2025 19:29:42 +0000 ROA not before: Wed 30 Apr 2025 19:29:42 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 133752 IP address blocks: 192.131.142.0/24 maxlen: 24 205.189.160.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917E0A8/6EFC0BEE984C11EB8A41FA20C4F9AE02/dNRNlor0Y--xfAgNX60BDErAl6o.crl rsync://rpki.apnic.net/member_repository/A917E0A8/6EFC0BEE984C11EB8A41FA20C4F9AE02/dNRNlor0Y--xfAgNX60BDErAl6o.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dNRNlor0Y--xfAgNX60BDErAl6o.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 19 May 2025 19:31:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1599 (0x63f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917E0A8, serialNumber=74D44D968AF463EFB17C080D5FAD010C4AC097AA Validity Not Before: Apr 30 19:29:42 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=68127a26-2814 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dc:ce:48:7e:46:bc:e9:46:c8:0a:e6:3c:e5:cf: 4a:e8:a8:f4:5b:fe:ed:99:2c:64:50:ad:e6:48:a6: ed:d6:6f:d1:b4:99:8b:6b:d3:5e:d0:36:0c:f5:cf: 16:d8:cc:a2:77:c1:a3:fc:bc:42:5f:45:ec:85:76: 2c:ba:45:18:5f:5a:a2:03:91:b7:e4:cb:31:fd:9b: b2:9d:6f:84:b5:be:ea:aa:50:71:d4:71:69:98:ad: ca:20:41:50:47:34:22:3f:51:16:82:55:c9:d8:32: c9:75:07:4d:c0:de:50:0b:a3:76:82:8a:30:b1:77: be:f5:38:b8:61:92:00:4b:bc:e6:d3:38:3d:97:f4: b7:ef:57:1f:9a:96:ed:ab:2a:de:ec:be:2c:9f:fb: 45:9b:e9:38:77:e6:c0:bd:8c:17:4a:24:7a:85:02: 53:bd:f5:63:b6:30:20:7a:eb:bb:1a:48:8b:cf:02: 43:6e:b5:f9:5a:64:f1:0c:b7:8a:16:92:a8:3e:2a: 3a:6c:26:2c:e1:d1:fb:4a:57:1d:39:d4:79:10:61: 6a:e4:da:ab:2d:3d:27:1a:c8:e0:33:0c:fc:35:ec: 06:61:f2:67:1f:8a:b2:78:3c:a1:33:0f:7c:88:3e: 85:91:6a:a2:fd:e3:0f:07:04:cc:dd:22:83:08:fd: d9:63 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E6:C4:9D:90:A9:E1:4E:57:DF:64:8E:AB:49:65:E3:39:72:39:BB:12 X509v3 Authority Key Identifier: keyid:74:D4:4D:96:8A:F4:63:EF:B1:7C:08:0D:5F:AD:01:0C:4A:C0:97:AA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917E0A8/6EFC0BEE984C11EB8A41FA20C4F9AE02/dNRNlor0Y--xfAgNX60BDErAl6o.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dNRNlor0Y--xfAgNX60BDErAl6o.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917E0A8/6EFC0BEE984C11EB8A41FA20C4F9AE02/F9C23E2A3ACB11EC9FEBB367C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 192.131.142.0/24 205.189.160.0/24 Signature Algorithm: sha256WithRSAEncryption 19:99:60:25:05:a8:c2:76:c9:f9:c2:fa:0f:b6:7f:20:31:ea: 67:ed:36:61:25:69:2c:a2:bd:3b:55:7b:18:e3:f7:fc:47:6e: 34:5c:ef:1d:58:5e:3e:3f:0e:e6:f8:fe:fa:c8:ff:27:90:a7: fb:70:92:1a:23:9d:5c:7f:07:44:5b:1a:90:57:4e:6d:2b:3d: 3c:6e:74:50:b0:ee:37:54:49:06:bb:d7:cf:00:96:83:6d:33: 63:fc:21:64:93:e2:02:c8:c0:99:80:97:05:6d:a0:b7:04:46: 0f:ce:3a:82:f7:7a:9b:50:a6:19:1d:b5:36:ac:e0:15:b3:33: da:37:b5:6c:80:ab:03:6e:15:ed:1b:7a:1b:d1:33:fb:13:9d: e6:fd:98:38:10:19:1a:d5:4a:b1:49:91:8d:34:a4:cc:b6:72: a8:e9:30:8c:d4:70:69:cd:17:16:6d:9d:1d:1f:15:3c:5d:b6: ab:8e:1a:ad:d9:e6:43:42:c5:b8:79:0f:3d:ce:2d:63:53:c9: a4:15:90:da:48:2b:bf:f8:25:77:6b:b2:1a:59:ba:8b:aa:ac: 85:f5:22:f6:62:6b:68:28:e4:d0:ed:3f:b0:23:4e:a9:d8:fe: 22:f8:2f:c3:37:98:14:d7:ac:b9:e9:3a:aa:f4:3d:ad:5f:81: 41:2b:38:89 -----BEGIN CERTIFICATE----- MIIFdzCCBF+gAwIBAgICBj8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0UwQTgxMTAvBgNVBAUTKDc0RDQ0RDk2OEFGNDYzRUZCMTdDMDgwRDVGQUQwMTBD NEFDMDk3QUEwHhcNMjUwNDMwMTkyOTQyWhcNMjYwNzAxMDAwMDAwWjAYMRYwFAYD VQQDEw02ODEyN2EyNi0yODE0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA3M5Ifka86UbICuY85c9K6Kj0W/7tmSxkUK3mSKbt1m/RtJmLa9Ne0DYM9c8W 2Myid8Gj/LxCX0XshXYsukUYX1qiA5G35Msx/ZuynW+Etb7qqlBx1HFpmK3KIEFQ RzQiP1EWglXJ2DLJdQdNwN5QC6N2goowsXe+9Ti4YZIAS7zm0zg9l/S371cfmpbt qyre7L4sn/tFm+k4d+bAvYwXSiR6hQJTvfVjtjAgeuu7GkiLzwJDbrX5WmTxDLeK FpKoPio6bCYs4dH7SlcdOdR5EGFq5NqrLT0nGsjgMwz8NewGYfJnH4qyeDyhMw98 iD6FkWqi/eMPBwTM3SKDCP3ZYwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFObEnZCp 4U5X32SOq0ll4zlyObsSMB8GA1UdIwQYMBaAFHTUTZaK9GPvsXwIDV+tAQxKwJeq MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3RTBBOC82RUZDMEJFRTk4 NEMxMUVCOEE0MUZBMjBDNEY5QUUwMi9kTlJObG9yMFktLXhmQWdOWDYwQkRFckFs Nm8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL2ROUk5sb3IwWS0teGZBZ05YNjBCREVyQWw2by5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx N0UwQTgvNkVGQzBCRUU5ODRDMTFFQjhBNDFGQTIwQzRGOUFFMDIvRjlDMjNFMkEz QUNCMTFFQzlGRUJCMzY3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E FjAUMBIEAgABMAwDBADAg44DBADNvaAwDQYJKoZIhvcNAQELBQADggEBABmZYCUF qMJ2yfnC+g+2fyAx6mftNmElaSyivTtVexjj9/xHbjRc7x1YXj4/Dub4/vrI/yeQ p/twkhojnVx/B0RbGpBXTm0rPTxudFCw7jdUSQa7188AloNtM2P8IWST4gLIwJmA lwVtoLcERg/OOoL3eptQphkdtTas4BWzM9o3tWyAqwNuFe0behvRM/sTneb9mDgQ GRrVSrFJkY00pMy2cqjpMIzUcGnNFxZtnR0fFTxdtquOGq3Z5kNCxbh5Dz3OLWNT yaQVkNpIK7/4JXdrshpZuouqrIX1IvZia2go5NDtP7AjTqnY/iL4L8M3mBTXrLnp Oqr0Pa1fgUErOIk= -----END CERTIFICATE-----Generated at Wed May 14 17:09:59 2025 by rpki-client