$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/3BC0C42E814E11EFBDAC5230C4F9AE02.roa File: 3BC0C42E814E11EFBDAC5230C4F9AE02.roa (raw, json) Hash identifier: Fx/R25W/ToR7nqgXuHpazJQgTlvd0ymBUY71DLxiIE4= Subject key identifier: 80:79:AB:86:91:67:5A:66:39:B0:4D:59:E1:51:66:46:19:60:92:E7 Certificate issuer: /CN=A918EDB2/serialNumber=A7AE474416B0E8AD3A89E86774A640FEBE6973F9 Certificate serial: 1D97 Authority key identifier: A7:AE:47:44:16:B0:E8:AD:3A:89:E8:67:74:A6:40:FE:BE:69:73:F9 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/p65HRBaw6K06iehndKZA_r5pc_k.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/3BC0C42E814E11EFBDAC5230C4F9AE02.roa Signing time: Thu 08 May 2025 15:53:23 +0000 ROA not before: Thu 08 May 2025 15:53:23 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 150577 IP address blocks: 160.25.172.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/p65HRBaw6K06iehndKZA_r5pc_k.crl rsync://rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/p65HRBaw6K06iehndKZA_r5pc_k.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/p65HRBaw6K06iehndKZA_r5pc_k.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 20 May 2025 10:53:01 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7575 (0x1d97) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918EDB2, serialNumber=A7AE474416B0E8AD3A89E86774A640FEBE6973F9 Validity Not Before: May 8 15:53:23 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=681cd373-072f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:02:ac:99:d6:14:a8:aa:55:c7:3f:fd:9c:2a: 35:79:6f:79:21:ad:ef:02:ac:dc:45:8e:c8:1a:e2: c0:9a:29:ca:08:78:c1:d2:ed:ba:e5:c5:01:52:0f: c3:ed:b2:7f:83:1f:50:ac:fe:80:1f:6c:7d:24:69: 61:fa:8f:ff:d7:55:57:f8:89:00:2b:67:8a:21:3c: f7:09:a7:34:80:ad:2b:5a:cc:81:fb:9e:12:e7:de: 5a:b3:1e:fa:4e:b1:30:e5:aa:c3:a3:b7:73:d7:e9: 4e:91:25:94:45:5f:45:4e:aa:b1:56:24:e2:85:87: 80:29:65:5c:f7:06:d0:40:ec:7e:5d:9e:7a:15:7e: 03:8e:8a:27:c2:0c:a7:4f:91:3a:b1:d8:8b:e0:dc: ba:94:23:d3:81:7e:16:95:48:cc:0a:dc:78:60:88: f4:5d:e4:97:3a:75:64:fc:b9:14:d3:07:f9:c1:67: 31:26:2b:4c:55:6f:e8:b3:fd:d0:e7:10:e6:e8:21: c6:92:53:f9:9d:02:09:2c:07:c1:a1:fb:43:fe:8f: bc:0e:0e:6d:83:62:36:56:15:41:02:89:bd:a2:3c: 31:ee:4c:43:7f:e3:15:96:91:ed:de:e4:be:11:99: b5:56:3d:30:79:67:6d:7a:4b:d4:09:5a:ed:da:55: bd:8f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 80:79:AB:86:91:67:5A:66:39:B0:4D:59:E1:51:66:46:19:60:92:E7 X509v3 Authority Key Identifier: keyid:A7:AE:47:44:16:B0:E8:AD:3A:89:E8:67:74:A6:40:FE:BE:69:73:F9 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/p65HRBaw6K06iehndKZA_r5pc_k.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/p65HRBaw6K06iehndKZA_r5pc_k.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/3BC0C42E814E11EFBDAC5230C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 160.25.172.0/24 Signature Algorithm: sha256WithRSAEncryption 0d:55:5f:0b:33:6c:95:de:4c:b8:d8:4d:d2:da:c4:ff:d5:7d: bf:9a:2c:b8:86:77:44:0f:78:ac:88:f2:6b:61:9c:ac:7d:de: ca:15:89:1a:1c:4f:ad:e2:4a:7d:75:e4:3b:2a:c9:1c:5e:6e: fc:69:84:8c:74:2a:7b:47:32:fe:69:69:0e:33:ff:07:21:74: 72:00:87:b8:be:87:bc:5e:37:3d:36:2e:7c:8d:a5:6a:a0:7c: 34:f0:84:2f:2d:38:8c:fb:75:5a:68:dd:d6:78:a4:2e:0e:80: a9:8a:ce:81:4e:4b:9e:27:ea:fa:08:0e:35:89:7c:14:b7:4b: 9f:aa:6f:fe:24:1a:a9:85:aa:83:f0:94:02:f3:12:ca:cf:21: c9:c1:d1:a6:c9:9e:1c:2b:a0:6a:7a:85:05:0c:09:bf:0b:f1: fa:94:76:22:7c:e2:8a:19:68:cb:05:c9:7b:d8:41:1c:38:ca: bc:37:7a:9e:1a:11:d7:0f:75:63:9b:69:ed:59:3e:e8:7e:12: de:57:19:65:23:22:be:cc:60:1e:0f:d4:79:bd:eb:7b:52:78: 42:fb:0a:00:dd:47:48:86:fc:7a:21:a2:8d:2a:5d:ed:36:72: f5:91:f1:b1:3a:3f:47:51:94:9b:a2:47:ac:00:b7:2c:39:91: 7c:d6:90:f8 -----BEGIN CERTIFICATE----- MIIFcTCCBFmgAwIBAgICHZcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OEVEQjIxMTAvBgNVBAUTKEE3QUU0NzQ0MTZCMEU4QUQzQTg5RTg2Nzc0QTY0MEZF QkU2OTczRjkwHhcNMjUwNTA4MTU1MzIzWhcNMjYwNzAxMDAwMDAwWjAYMRYwFAYD VQQDEw02ODFjZDM3My0wNzJmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAuwKsmdYUqKpVxz/9nCo1eW95Ia3vAqzcRY7IGuLAminKCHjB0u265cUBUg/D 7bJ/gx9QrP6AH2x9JGlh+o//11VX+IkAK2eKITz3Cac0gK0rWsyB+54S595asx76 TrEw5arDo7dz1+lOkSWURV9FTqqxViTihYeAKWVc9wbQQOx+XZ56FX4Djoonwgyn T5E6sdiL4Ny6lCPTgX4WlUjMCtx4YIj0XeSXOnVk/LkU0wf5wWcxJitMVW/os/3Q 5xDm6CHGklP5nQIJLAfBoftD/o+8Dg5tg2I2VhVBAom9ojwx7kxDf+MVlpHt3uS+ EZm1Vj0weWdtekvUCVrt2lW9jwIDAQABo4IClTCCApEwHQYDVR0OBBYEFIB5q4aR Z1pmObBNWeFRZkYZYJLnMB8GA1UdIwQYMBaAFKeuR0QWsOitOonoZ3SmQP6+aXP5 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8xQzU3Q0VBQzcw RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9wNjVIUkJhdzZLMDZpZWhuZEtaQV9yNXBj X2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL3A2NUhSQmF3NkswNmllaG5kS1pBX3I1cGNfay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx OEVEQjIvMUM1N0NFQUM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvM0JDMEM0MkU4 MTRFMTFFRkJEQUM1MjMwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E EDAOMAwEAgABMAYDBACgGawwDQYJKoZIhvcNAQELBQADggEBAA1VXwszbJXeTLjY TdLaxP/Vfb+aLLiGd0QPeKyI8mthnKx93soViRocT63iSn115DsqyRxebvxphIx0 KntHMv5paQ4z/wchdHIAh7i+h7xeNz02LnyNpWqgfDTwhC8tOIz7dVpo3dZ4pC4O gKmKzoFOS54n6voIDjWJfBS3S5+qb/4kGqmFqoPwlALzEsrPIcnB0abJnhwroGp6 hQUMCb8L8fqUdiJ84ooZaMsFyXvYQRw4yrw3ep4aEdcPdWObae1ZPuh+Et5XGWUj Ir7MYB4P1Hm963tSeEL7CgDdR0iG/Hohoo0qXe02cvWR8bE6P0dRlJuiR6wAtyw5 kXzWkPg= -----END CERTIFICATE-----Generated at Wed May 14 03:37:33 2025 by rpki-client