$ rpki-client -vvf rpki.apnic.net/member_repository/A918495F/848C857CDFEC11E7A27A2213C4F9AE02/DD145D6E023A11EBBDF8B35FC4F9AE02.roa File: DD145D6E023A11EBBDF8B35FC4F9AE02.roa (raw, json) Hash identifier: Ki+ZYv+WbFodfUBA0Z9kcHIRNA0D2B2/Fqh0gMIddSg= Subject key identifier: E5:D9:DB:9F:9E:07:F2:56:0D:FF:87:A2:D7:D1:42:03:AF:45:5F:CE Certificate issuer: /CN=A918495F/serialNumber=90C22F7393850E8ECF6B5F1E320D07B2D1ACD8FD Certificate serial: 17D8 Authority key identifier: 90:C2:2F:73:93:85:0E:8E:CF:6B:5F:1E:32:0D:07:B2:D1:AC:D8:FD Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kMIvc5OFDo7Pa18eMg0HstGs2P0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918495F/848C857CDFEC11E7A27A2213C4F9AE02/DD145D6E023A11EBBDF8B35FC4F9AE02.roa Signing time: Thu 08 May 2025 17:17:51 +0000 ROA not before: Thu 08 May 2025 17:17:51 +0000 ROA not after: Thu 30 Jul 2026 00:00:00 +0000 asID: 9444 IP address blocks: 1.65.190.0/23 maxlen: 24 116.48.208.0/21 maxlen: 21 116.48.213.0/24 maxlen: 24 116.48.214.0/23 maxlen: 23 116.48.215.0/24 maxlen: 24 116.48.224.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918495F/848C857CDFEC11E7A27A2213C4F9AE02/kMIvc5OFDo7Pa18eMg0HstGs2P0.crl rsync://rpki.apnic.net/member_repository/A918495F/848C857CDFEC11E7A27A2213C4F9AE02/kMIvc5OFDo7Pa18eMg0HstGs2P0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kMIvc5OFDo7Pa18eMg0HstGs2P0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 19 May 2025 16:33:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6104 (0x17d8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918495F, serialNumber=90C22F7393850E8ECF6B5F1E320D07B2D1ACD8FD Validity Not Before: May 8 17:17:51 2025 GMT Not After : Jul 30 00:00:00 2026 GMT Subject: CN=681ce73f-ddb7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f4:02:a5:93:f4:9b:f0:37:88:30:2e:ad:3b:ab: fb:a2:59:03:66:e3:9f:21:e3:7b:86:ed:86:02:b4: 88:5f:44:d2:77:25:7d:6b:fd:5e:a5:5e:c2:3f:c1: 46:59:eb:ad:19:57:2f:14:36:c4:7e:f4:ca:db:9c: 4a:69:a7:0c:d5:c9:b1:9f:77:67:f2:19:c6:c1:dd: c9:15:f8:c2:95:ab:9b:62:e2:3a:eb:b0:62:dd:f2: 60:69:61:4e:5f:ab:ae:37:31:61:11:9c:d3:e6:20: 69:8d:90:89:2c:e9:1a:53:67:a1:26:51:c2:ad:c9: 9f:bf:67:1f:e8:5e:d4:fc:1d:5f:5c:dd:d8:ab:0a: 79:f3:b7:e2:c2:89:a0:72:97:1c:47:e9:8e:18:df: ea:f5:1d:af:ff:8f:4d:f1:e3:be:14:fc:e3:92:9e: cc:8e:f1:5b:e9:e0:18:bd:9c:81:5e:1c:a8:35:5c: 77:d9:89:33:9b:c8:1b:ad:b3:a9:2c:67:47:98:ee: 6a:a9:1f:71:aa:7e:54:db:ff:27:09:2c:d0:cb:62: d7:c1:96:57:d2:99:2a:95:0d:7e:0b:ca:8c:61:14: 25:da:72:9a:6d:ba:75:7a:3d:61:6d:9f:c9:c2:ac: 34:14:af:bd:d6:0d:46:c8:23:73:f6:9f:76:77:dc: 4b:1f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E5:D9:DB:9F:9E:07:F2:56:0D:FF:87:A2:D7:D1:42:03:AF:45:5F:CE X509v3 Authority Key Identifier: keyid:90:C2:2F:73:93:85:0E:8E:CF:6B:5F:1E:32:0D:07:B2:D1:AC:D8:FD X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918495F/848C857CDFEC11E7A27A2213C4F9AE02/kMIvc5OFDo7Pa18eMg0HstGs2P0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kMIvc5OFDo7Pa18eMg0HstGs2P0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918495F/848C857CDFEC11E7A27A2213C4F9AE02/DD145D6E023A11EBBDF8B35FC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 1.65.190.0/23 116.48.208.0/21 116.48.224.0/22 Signature Algorithm: sha256WithRSAEncryption 6d:1b:50:db:cb:cf:f4:33:69:ec:c8:d4:02:06:c9:5c:bf:d3: df:a7:d1:d4:33:b5:89:9e:d3:76:17:14:b1:b3:f1:0d:9a:1a: a5:c3:48:73:c2:80:04:10:d1:6c:a1:5c:bb:65:88:29:25:9c: 41:e3:f7:aa:99:51:b8:ec:9f:a2:87:d0:fd:fe:3e:65:28:5d: ca:46:65:32:60:ca:d8:9f:23:39:9d:6f:63:48:38:02:5c:76: 79:42:13:1a:48:b5:f3:11:c1:90:10:04:0f:78:4e:f7:79:40: f6:4d:0d:57:5b:73:e3:26:d6:64:a0:ef:67:9e:f4:21:69:64: 5b:48:9f:76:a2:fd:e3:7d:21:3a:a3:80:87:ad:5f:1b:aa:e6: 31:5f:83:da:da:c5:d7:b7:12:01:c5:1d:71:d7:f7:10:5a:e0: d7:73:e6:98:e7:66:cd:ba:18:43:2c:23:89:e7:92:c0:6f:8c: b7:d4:e8:5f:46:65:c6:d3:c9:95:f7:4b:26:ed:b7:6e:05:fd: 48:b1:bc:12:97:49:70:a9:5a:72:f1:cf:8b:12:f7:f6:55:f7: ce:01:0b:d4:0d:e5:97:af:92:f2:ca:6b:d6:60:05:b4:50:aa: 55:85:4d:4d:2b:22:09:9b:ae:56:0e:77:35:04:a6:6c:dc:da: 98:11:36:72 -----BEGIN CERTIFICATE----- MIIFfTCCBGWgAwIBAgICF9gwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx ODQ5NUYxMTAvBgNVBAUTKDkwQzIyRjczOTM4NTBFOEVDRjZCNUYxRTMyMEQwN0Iy RDFBQ0Q4RkQwHhcNMjUwNTA4MTcxNzUxWhcNMjYwNzMwMDAwMDAwWjAYMRYwFAYD VQQDEw02ODFjZTczZi1kZGI3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA9AKlk/Sb8DeIMC6tO6v7olkDZuOfIeN7hu2GArSIX0TSdyV9a/1epV7CP8FG WeutGVcvFDbEfvTK25xKaacM1cmxn3dn8hnGwd3JFfjClaubYuI667Bi3fJgaWFO X6uuNzFhEZzT5iBpjZCJLOkaU2ehJlHCrcmfv2cf6F7U/B1fXN3Yqwp587fiwomg cpccR+mOGN/q9R2v/49N8eO+FPzjkp7MjvFb6eAYvZyBXhyoNVx32Ykzm8gbrbOp LGdHmO5qqR9xqn5U2/8nCSzQy2LXwZZX0pkqlQ1+C8qMYRQl2nKabbp1ej1hbZ/J wqw0FK+91g1GyCNz9p92d9xLHwIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFOXZ25+e B/JWDf+HotfRQgOvRV/OMB8GA1UdIwQYMBaAFJDCL3OThQ6Oz2tfHjINB7LRrNj9 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4NDk1Ri84NDhDODU3Q0RG RUMxMUU3QTI3QTIyMTNDNEY5QUUwMi9rTUl2YzVPRkRvN1BhMThlTWcwSHN0R3My UDAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2tNSXZjNU9GRG83UGExOGVNZzBIc3RHczJQMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx ODQ5NUYvODQ4Qzg1N0NERkVDMTFFN0EyN0EyMjEzQzRGOUFFMDIvREQxNDVENkUw MjNBMTFFQkJERjhCMzVGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E HDAaMBgEAgABMBIDBAEBQb4DBAN0MNADBAJ0MOAwDQYJKoZIhvcNAQELBQADggEB AG0bUNvLz/QzaezI1AIGyVy/09+n0dQztYme03YXFLGz8Q2aGqXDSHPCgAQQ0Wyh XLtliCklnEHj96qZUbjsn6KH0P3+PmUoXcpGZTJgytifIzmdb2NIOAJcdnlCExpI tfMRwZAQBA94Tvd5QPZNDVdbc+Mm1mSg72ee9CFpZFtIn3ai/eN9ITqjgIetXxuq 5jFfg9raxde3EgHFHXHX9xBa4Ndz5pjnZs26GEMsI4nnksBvjLfU6F9GZcbTyZX3 Sybtt24F/UixvBKXSXCpWnLxz4sS9/ZV984BC9QN5ZevkvLKa9ZgBbRQqlWFTU0r IgmbrlYOdzUEpmzc2pgRNnI= -----END CERTIFICATE-----Generated at Mon May 12 19:59:38 2025 by rpki-client