$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/B0260988BDDE11EA9977C550C4F9AE02.roa File: B0260988BDDE11EA9977C550C4F9AE02.roa (raw, json) Hash identifier: UbnVn8dj9A5utP3UJJdmCmMmgNnuewnyjf6CtE52050= Subject key identifier: AE:B2:BD:F1:75:88:BB:35:D8:BD:D4:94:36:A4:C7:FF:1B:C2:60:1D Certificate issuer: /CN=A918EDB2/serialNumber=A7AE474416B0E8AD3A89E86774A640FEBE6973F9 Certificate serial: 1D3E Authority key identifier: A7:AE:47:44:16:B0:E8:AD:3A:89:E8:67:74:A6:40:FE:BE:69:73:F9 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/p65HRBaw6K06iehndKZA_r5pc_k.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/B0260988BDDE11EA9977C550C4F9AE02.roa Signing time: Thu 08 May 2025 15:52:01 +0000 ROA not before: Thu 08 May 2025 15:52:01 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 132524 IP address blocks: 158.144.0.0/21 maxlen: 24 158.144.8.0/23 maxlen: 24 158.144.10.0/24 maxlen: 24 158.144.21.0/24 maxlen: 24 158.144.22.0/23 maxlen: 24 158.144.24.0/24 maxlen: 24 158.144.26.0/23 maxlen: 24 158.144.28.0/22 maxlen: 24 158.144.32.0/21 maxlen: 24 158.144.40.0/23 maxlen: 24 158.144.47.0/24 maxlen: 24 158.144.48.0/20 maxlen: 24 158.144.64.0/18 maxlen: 24 158.144.128.0/19 maxlen: 24 158.144.160.0/22 maxlen: 24 158.144.184.0/24 maxlen: 24 158.144.192.0/24 maxlen: 24 158.144.200.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/p65HRBaw6K06iehndKZA_r5pc_k.crl rsync://rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/p65HRBaw6K06iehndKZA_r5pc_k.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/p65HRBaw6K06iehndKZA_r5pc_k.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 20 May 2025 10:53:01 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7486 (0x1d3e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918EDB2, serialNumber=A7AE474416B0E8AD3A89E86774A640FEBE6973F9 Validity Not Before: May 8 15:52:01 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=681cd321-5c1f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dd:dc:2e:c9:da:4e:a7:9e:2a:21:2c:c9:af:85: 90:bb:97:9d:30:28:17:6d:77:64:66:ed:f7:8e:61: 1a:97:a2:37:a6:5d:63:12:4d:99:b4:47:7c:50:9a: c2:cb:95:8d:f0:3e:c5:5c:e2:7d:ab:7b:66:e8:50: 19:d9:d9:c7:26:39:a9:da:0d:4c:16:59:58:b8:b0: 72:d9:29:cc:41:ae:88:77:30:fb:dd:75:7d:78:0d: 1f:50:f7:05:12:d8:c9:2b:10:41:1a:5d:fe:68:6a: 38:4f:e0:d5:1d:3d:f4:38:63:c3:f3:fa:81:ab:20: 85:7a:2b:e3:5f:4d:55:36:79:c3:d2:60:ff:e8:dd: 5c:d1:02:34:25:06:18:52:e5:17:fb:a7:b9:cf:be: c3:95:96:58:87:f0:71:84:69:02:7b:d2:a4:53:8e: 72:e9:47:f6:0b:41:28:fc:5b:bf:51:81:7b:eb:62: 4c:05:a8:ae:96:1a:b9:65:4c:31:32:96:10:7f:f9: d5:01:de:07:58:29:f3:0f:35:89:e5:b4:12:fa:e7: 31:4e:4f:48:b9:eb:61:84:1c:0a:7d:76:aa:ab:dd: 40:a5:7d:3c:95:bf:49:55:b0:3d:a1:40:cf:fb:d4: 6a:fb:6f:d1:2f:65:c1:af:76:c6:7c:df:31:56:1e: 1d:09 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AE:B2:BD:F1:75:88:BB:35:D8:BD:D4:94:36:A4:C7:FF:1B:C2:60:1D X509v3 Authority Key Identifier: keyid:A7:AE:47:44:16:B0:E8:AD:3A:89:E8:67:74:A6:40:FE:BE:69:73:F9 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/p65HRBaw6K06iehndKZA_r5pc_k.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/p65HRBaw6K06iehndKZA_r5pc_k.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/B0260988BDDE11EA9977C550C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 158.144.0.0-158.144.10.255 158.144.21.0-158.144.24.255 158.144.26.0-158.144.41.255 158.144.47.0-158.144.163.255 158.144.184.0/24 158.144.192.0/24 158.144.200.0/22 Signature Algorithm: sha256WithRSAEncryption 36:50:52:1b:03:b2:af:e7:8d:19:84:1e:87:b7:4e:0f:1d:04: a3:74:93:11:d9:42:5b:11:93:15:d3:fd:d4:6f:41:1a:b0:ef: 81:34:d3:99:5c:5d:98:67:e6:06:dc:68:86:10:37:ee:32:ae: 0c:31:60:34:43:14:c4:af:a6:08:d9:a4:c5:40:0c:c1:b0:90: 42:92:0e:db:4a:2e:38:2c:d8:a7:3e:c3:51:5a:6b:03:3d:96: f8:0f:b0:58:bd:5c:db:9d:f0:a8:73:8c:02:c7:24:71:22:9c: 53:8e:37:d1:8c:f3:51:3c:dc:54:6f:70:86:70:22:9d:25:b2: db:7b:37:1e:7e:fd:7b:e8:14:20:e5:21:11:e3:23:fb:d4:49: 8b:ba:ef:d7:80:e5:09:16:d2:2c:6b:1e:28:ba:7c:e4:88:f0: 4d:0d:b0:8c:45:03:9c:5c:e4:e4:42:8f:74:59:fa:4f:a8:f4: c2:7d:c3:76:0e:63:d0:36:dc:89:98:dc:b2:f0:da:37:77:8f: 18:b1:06:bd:74:b6:64:10:f4:57:8d:44:08:28:3d:27:82:db: ee:f6:f5:3c:9e:c8:61:4c:5e:78:e1:b4:4f:57:8d:31:51:16: ff:7c:91:88:22:8d:d2:0b:6e:10:67:9e:c7:4e:e8:97:4e:45: bf:95:bc:72 -----BEGIN CERTIFICATE----- MIIFtDCCBJygAwIBAgICHT4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OEVEQjIxMTAvBgNVBAUTKEE3QUU0NzQ0MTZCMEU4QUQzQTg5RTg2Nzc0QTY0MEZF QkU2OTczRjkwHhcNMjUwNTA4MTU1MjAxWhcNMjYwNzAxMDAwMDAwWjAYMRYwFAYD VQQDEw02ODFjZDMyMS01YzFmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA3dwuydpOp54qISzJr4WQu5edMCgXbXdkZu33jmEal6I3pl1jEk2ZtEd8UJrC y5WN8D7FXOJ9q3tm6FAZ2dnHJjmp2g1MFllYuLBy2SnMQa6IdzD73XV9eA0fUPcF EtjJKxBBGl3+aGo4T+DVHT30OGPD8/qBqyCFeivjX01VNnnD0mD/6N1c0QI0JQYY UuUX+6e5z77DlZZYh/BxhGkCe9KkU45y6Uf2C0Eo/Fu/UYF762JMBaiulhq5ZUwx MpYQf/nVAd4HWCnzDzWJ5bQS+ucxTk9IuethhBwKfXaqq91ApX08lb9JVbA9oUDP +9Rq+2/RL2XBr3bGfN8xVh4dCQIDAQABo4IC2DCCAtQwHQYDVR0OBBYEFK6yvfF1 iLs12L3UlDakx/8bwmAdMB8GA1UdIwQYMBaAFKeuR0QWsOitOonoZ3SmQP6+aXP5 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8xQzU3Q0VBQzcw RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9wNjVIUkJhdzZLMDZpZWhuZEtaQV9yNXBj X2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL3A2NUhSQmF3NkswNmllaG5kS1pBX3I1cGNfay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx OEVEQjIvMUM1N0NFQUM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvQjAyNjA5ODhC RERFMTFFQTk5NzdDNTUwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwYgYIKwYBBQUHAQcBAf8E UzBRME8EAgABMEkwCwMDBJ6QAwQAnpAKMAwDBACekBUDBACekBgwDAMEAZ6QGgME AZ6QKDAMAwQAnpAvAwQCnpCgAwQAnpC4AwQAnpDAAwQCnpDIMA0GCSqGSIb3DQEB CwUAA4IBAQA2UFIbA7Kv540ZhB6Ht04PHQSjdJMR2UJbEZMV0/3Ub0EasO+BNNOZ XF2YZ+YG3GiGEDfuMq4MMWA0QxTEr6YI2aTFQAzBsJBCkg7bSi44LNinPsNRWmsD PZb4D7BYvVzbnfCoc4wCxyRxIpxTjjfRjPNRPNxUb3CGcCKdJbLbezcefv176BQg 5SER4yP71EmLuu/XgOUJFtIsax4ounzkiPBNDbCMRQOcXOTkQo90WfpPqPTCfcN2 DmPQNtyJmNyy8No3d48YsQa9dLZkEPRXjUQIKD0ngtvu9vU8nshhTF544bRPV40x URb/fJGIIo3SC24QZ57HTuiXTkW/lbxy -----END CERTIFICATE-----Generated at Wed May 14 14:05:46 2025 by rpki-client