$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/FF20DEA0767511F0A9F58113C4F9AE02.roa File: FF20DEA0767511F0A9F58113C4F9AE02.roa (raw, json) Hash identifier: gkwPglwtOPQwLcd16gF/QLt5SU+9dewdyybqbuKh0PY= Subject key identifier: 9A:ED:0B:71:91:F1:38:C0:9D:73:54:ED:01:FB:41:2C:76:83:76:75 Certificate issuer: /CN=A918EDB2/serialNumber=A7AE474416B0E8AD3A89E86774A640FEBE6973F9 Certificate serial: 1F56 Authority key identifier: A7:AE:47:44:16:B0:E8:AD:3A:89:E8:67:74:A6:40:FE:BE:69:73:F9 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/p65HRBaw6K06iehndKZA_r5pc_k.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/FF20DEA0767511F0A9F58113C4F9AE02.roa Signing time: Mon 11 Aug 2025 05:42:41 +0000 ROA not before: Mon 11 Aug 2025 05:42:41 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 154108 IP address blocks: 192.172.245.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/p65HRBaw6K06iehndKZA_r5pc_k.crl rsync://rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/p65HRBaw6K06iehndKZA_r5pc_k.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/p65HRBaw6K06iehndKZA_r5pc_k.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Aug 2025 15:25:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8022 (0x1f56) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918EDB2, serialNumber=A7AE474416B0E8AD3A89E86774A640FEBE6973F9 Validity Not Before: Aug 11 05:42:41 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=689982d1-b1b0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:55:b1:33:2a:ca:23:3f:3b:04:82:b1:1b:20: 59:53:4c:53:86:6a:bb:23:d1:3e:f6:1d:d4:ce:65: 0f:d0:0a:52:a8:f8:f8:2f:9e:4e:5e:36:5d:17:1a: 5e:06:c5:98:f2:89:cc:42:5f:df:13:92:fb:d1:0f: 2f:f5:89:8b:b7:9c:62:ba:38:1d:fa:62:7f:b4:6f: 70:df:37:06:1d:11:67:32:52:62:b2:c8:95:d5:05: cc:6f:33:b2:d4:a3:b5:ae:ca:2c:18:d2:c1:b8:4e: e4:66:4c:d5:b8:3e:c7:b5:07:89:d0:6d:8d:b2:e4: 8b:b6:78:f5:0a:be:7b:10:d4:7e:f3:eb:f9:fa:91: f3:b2:83:cc:59:79:25:20:cb:9e:42:59:47:bb:de: 4c:af:2f:82:06:27:81:30:3c:f5:43:4a:b1:06:53: a1:23:1e:73:7a:73:1b:57:9d:b7:97:77:f3:90:06: 61:cf:63:76:93:ed:88:c6:cc:7d:15:26:c7:aa:df: cd:8a:ea:ea:47:32:72:16:95:23:bb:f7:2a:01:77: 87:3e:44:0b:b9:a2:74:ab:94:4a:e5:e4:96:9d:b5: eb:4c:aa:96:2f:d1:a1:5e:73:ab:ad:f5:d4:28:86: 51:35:37:a6:0e:e3:c3:dd:aa:b2:33:c9:cc:f5:41: 21:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9A:ED:0B:71:91:F1:38:C0:9D:73:54:ED:01:FB:41:2C:76:83:76:75 X509v3 Authority Key Identifier: keyid:A7:AE:47:44:16:B0:E8:AD:3A:89:E8:67:74:A6:40:FE:BE:69:73:F9 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/p65HRBaw6K06iehndKZA_r5pc_k.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/p65HRBaw6K06iehndKZA_r5pc_k.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/FF20DEA0767511F0A9F58113C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 192.172.245.0/24 Signature Algorithm: sha256WithRSAEncryption c9:39:c2:23:f1:f9:e8:bb:82:f2:3c:83:cf:17:30:bb:44:f3: b4:7c:d3:be:d0:bd:3b:1f:23:94:c2:b6:b6:fb:2a:9c:e6:53: e6:85:5f:6e:99:ea:bb:a8:59:8f:25:7a:8c:07:d5:68:12:23: 90:a4:48:7f:b0:fe:0d:54:a6:57:bc:13:5d:16:85:6c:52:01: 77:b4:f7:f9:98:b0:f0:92:d5:c3:71:e9:41:bb:a4:a3:92:a1: 9a:f4:8c:bc:6e:7e:80:cd:29:00:0a:a9:e9:bd:92:fd:a1:4e: 1f:1a:d3:ed:81:12:27:84:1c:60:11:0c:83:52:66:a8:23:2a: c7:9a:79:1d:09:3d:5c:07:13:b5:fb:06:3d:f1:9c:4c:4f:b6: b6:3b:fc:50:d2:83:e1:be:89:15:e2:16:6f:04:af:df:16:ca: d5:92:5e:82:98:a2:63:48:b5:c7:19:10:22:01:c0:36:8b:64: 1a:7b:e9:0d:d8:f5:19:00:2d:25:46:01:58:e8:48:eb:05:ec: 93:2e:90:4c:7a:3c:e1:ae:ce:42:05:69:5c:59:5f:39:1b:0c: d6:db:b4:9d:c1:bf:5a:25:84:64:65:2c:bd:b8:54:70:9d:c0: f9:dc:eb:db:b5:75:54:0d:3e:29:ff:ef:ac:6f:77:2d:24:79: e9:5a:60:c0 -----BEGIN CERTIFICATE----- MIIFcTCCBFmgAwIBAgICH1YwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OEVEQjIxMTAvBgNVBAUTKEE3QUU0NzQ0MTZCMEU4QUQzQTg5RTg2Nzc0QTY0MEZF QkU2OTczRjkwHhcNMjUwODExMDU0MjQxWhcNMjYwNzAxMDAwMDAwWjAYMRYwFAYD VQQDEw02ODk5ODJkMS1iMWIwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAy1WxMyrKIz87BIKxGyBZU0xThmq7I9E+9h3UzmUP0ApSqPj4L55OXjZdFxpe BsWY8onMQl/fE5L70Q8v9YmLt5xiujgd+mJ/tG9w3zcGHRFnMlJissiV1QXMbzOy 1KO1rsosGNLBuE7kZkzVuD7HtQeJ0G2NsuSLtnj1Cr57ENR+8+v5+pHzsoPMWXkl IMueQllHu95Mry+CBieBMDz1Q0qxBlOhIx5zenMbV523l3fzkAZhz2N2k+2Ixsx9 FSbHqt/NiurqRzJyFpUju/cqAXeHPkQLuaJ0q5RK5eSWnbXrTKqWL9GhXnOrrfXU KIZRNTemDuPD3aqyM8nM9UEhawIDAQABo4IClTCCApEwHQYDVR0OBBYEFJrtC3GR 8TjAnXNU7QH7QSx2g3Z1MB8GA1UdIwQYMBaAFKeuR0QWsOitOonoZ3SmQP6+aXP5 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8xQzU3Q0VBQzcw RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9wNjVIUkJhdzZLMDZpZWhuZEtaQV9yNXBj X2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL3A2NUhSQmF3NkswNmllaG5kS1pBX3I1cGNfay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx OEVEQjIvMUM1N0NFQUM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvRkYyMERFQTA3 Njc1MTFGMEE5RjU4MTEzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E EDAOMAwEAgABMAYDBADArPUwDQYJKoZIhvcNAQELBQADggEBAMk5wiPx+ei7gvI8 g88XMLtE87R8077QvTsfI5TCtrb7KpzmU+aFX26Z6ruoWY8leowH1WgSI5CkSH+w /g1Uple8E10WhWxSAXe09/mYsPCS1cNx6UG7pKOSoZr0jLxufoDNKQAKqem9kv2h Th8a0+2BEieEHGARDINSZqgjKseaeR0JPVwHE7X7Bj3xnExPtrY7/FDSg+G+iRXi Fm8Er98WytWSXoKYomNItccZECIBwDaLZBp76Q3Y9RkALSVGAVjoSOsF7JMukEx6 POGuzkIFaVxZXzkbDNbbtJ3Bv1olhGRlLL24VHCdwPnc69u1dVQNPin/76xvdy0k eelaYMA= -----END CERTIFICATE-----Generated at Sat Aug 23 17:22:33 2025 by rpki-client