$ rpki-client -vvf rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/742C40C0AE0A11EF9B1A9B3FC4F9AE02.roa File: 742C40C0AE0A11EF9B1A9B3FC4F9AE02.roa (raw, json) Hash identifier: sWEx00tnB6BgePhUJ/4cAmgTUJyPhGPeHQTFiHEaPRY= Subject key identifier: A2:CA:DA:7D:8F:46:6B:7B:DB:5D:43:16:40:55:C9:6C:32:E2:55:3B Certificate issuer: /CN=A91A560A/serialNumber=8AC721298F92E10A2EE3051AFBC9114284F80E12 Certificate serial: 05B9 Authority key identifier: 8A:C7:21:29:8F:92:E1:0A:2E:E3:05:1A:FB:C9:11:42:84:F8:0E:12 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ischKY-S4Qou4wUa-8kRQoT4DhI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/742C40C0AE0A11EF9B1A9B3FC4F9AE02.roa Signing time: Wed 07 May 2025 08:46:48 +0000 ROA not before: Wed 07 May 2025 08:46:48 +0000 ROA not after: Fri 31 Oct 2025 00:00:00 +0000 asID: 150895 IP address blocks: 157.66.48.0/23 maxlen: 23 157.66.222.0/23 maxlen: 23 157.66.224.0/23 maxlen: 23 160.22.120.0/23 maxlen: 23 160.25.72.0/23 maxlen: 23 160.30.50.0/23 maxlen: 23 160.30.136.0/23 maxlen: 23 160.191.214.0/23 maxlen: 23 160.250.4.0/23 maxlen: 23 160.250.128.0/23 maxlen: 23 160.250.132.0/23 maxlen: 23 160.250.186.0/23 maxlen: 24 161.248.4.0/23 maxlen: 23 161.248.178.0/23 maxlen: 23 161.248.238.0/23 maxlen: 23 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/ischKY-S4Qou4wUa-8kRQoT4DhI.crl rsync://rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/ischKY-S4Qou4wUa-8kRQoT4DhI.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ischKY-S4Qou4wUa-8kRQoT4DhI.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 23 May 2025 14:34:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1465 (0x5b9) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A560A, serialNumber=8AC721298F92E10A2EE3051AFBC9114284F80E12 Validity Not Before: May 7 08:46:48 2025 GMT Not After : Oct 31 00:00:00 2025 GMT Subject: CN=681b1df8-c9ff Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:6a:4c:b8:0c:57:6e:e5:4f:6e:15:ab:95:b6: b8:af:34:35:77:dc:dd:c8:1f:57:b4:f9:f8:0c:36: dc:ca:6b:4d:e5:5a:43:8c:21:89:56:da:b2:8f:ab: c9:ba:3d:5f:21:9b:24:14:b4:11:b0:20:4b:b2:24: d6:64:92:80:09:89:a1:db:20:a2:1b:58:cb:67:35: 90:a7:fd:1b:70:8c:86:4f:f8:9a:85:a1:d5:51:7f: 2d:48:a0:7e:6c:aa:3b:c4:ad:00:e9:b6:cf:f5:0a: 2e:69:ca:9a:3c:89:1f:70:b1:21:d3:a1:8a:ad:3b: 55:c0:0e:4c:dc:e9:a5:06:17:20:db:bf:8d:aa:6f: 38:4b:fb:8f:f6:7d:5f:90:b4:42:13:85:ae:0e:2a: 1e:c5:3f:bf:4b:4a:2e:d5:e4:79:0b:f7:5c:60:27: 29:2c:94:89:8f:d7:ab:58:db:c8:67:9c:f2:36:d7: 55:93:18:e0:42:53:67:fd:4b:25:66:73:b6:01:3e: 61:dd:b1:1b:bb:7b:0d:bc:ee:79:75:99:78:0b:de: f4:6d:bf:14:f5:58:89:5f:af:7e:f2:d8:82:78:8b: dd:77:e0:63:27:d1:ec:73:97:e1:14:1d:ff:5b:cf: f3:8f:81:9f:00:9b:aa:60:00:5d:23:c8:22:63:e7: 73:2f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A2:CA:DA:7D:8F:46:6B:7B:DB:5D:43:16:40:55:C9:6C:32:E2:55:3B X509v3 Authority Key Identifier: keyid:8A:C7:21:29:8F:92:E1:0A:2E:E3:05:1A:FB:C9:11:42:84:F8:0E:12 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/ischKY-S4Qou4wUa-8kRQoT4DhI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ischKY-S4Qou4wUa-8kRQoT4DhI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/742C40C0AE0A11EF9B1A9B3FC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 157.66.48.0/23 157.66.222.0-157.66.225.255 160.22.120.0/23 160.25.72.0/23 160.30.50.0/23 160.30.136.0/23 160.191.214.0/23 160.250.4.0/23 160.250.128.0/23 160.250.132.0/23 160.250.186.0/23 161.248.4.0/23 161.248.178.0/23 161.248.238.0/23 Signature Algorithm: sha256WithRSAEncryption 48:f8:0c:7d:da:0f:e8:18:60:b8:64:e0:9d:8e:01:2e:91:b5: 18:6b:5f:e6:09:aa:53:1d:fe:a3:cc:cf:6f:7a:2d:de:25:45: 93:b1:80:a5:de:d3:07:c2:c5:5f:b2:ed:61:04:01:7c:d0:d9: a4:8f:df:e8:a9:6d:f8:98:f5:c7:d1:b4:6e:b9:ab:b6:41:8b: dd:0e:a4:fd:c2:a7:ac:99:2b:d6:90:a4:af:d1:01:8c:1c:51: 2e:18:75:e7:16:33:90:94:44:41:b1:69:76:35:3c:e0:ee:86: e7:8e:9a:14:9a:38:8f:f9:a7:62:eb:ec:c7:ce:d8:b1:c6:56: 41:9b:84:68:c2:24:52:19:25:d1:6c:71:2f:4f:39:80:72:aa: 49:fe:f8:c3:b7:0d:d9:12:82:5d:14:ee:2a:71:b9:1d:2d:49: 43:7d:88:61:0b:86:67:74:a4:e3:10:7d:76:db:54:ec:c1:03: 9d:73:13:8c:e3:11:6f:53:ae:6b:24:d3:71:75:72:db:8f:1d: bc:57:fb:89:d6:70:c0:25:1f:3c:75:16:16:4b:6c:72:d9:9d: ec:dd:e4:81:40:31:b8:89:fd:65:97:8b:2f:59:5f:7b:8e:81: 51:55:cf:40:d3:84:55:40:0c:93:c1:0e:7a:27:3d:c2:f3:1d: 00:2a:e2:d4 -----BEGIN CERTIFICATE----- MIIFxzCCBK+gAwIBAgICBbkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTU2MEExMTAvBgNVBAUTKDhBQzcyMTI5OEY5MkUxMEEyRUUzMDUxQUZCQzkxMTQy ODRGODBFMTIwHhcNMjUwNTA3MDg0NjQ4WhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD VQQDEw02ODFiMWRmOC1jOWZmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAqGpMuAxXbuVPbhWrlba4rzQ1d9zdyB9XtPn4DDbcymtN5VpDjCGJVtqyj6vJ uj1fIZskFLQRsCBLsiTWZJKACYmh2yCiG1jLZzWQp/0bcIyGT/iahaHVUX8tSKB+ bKo7xK0A6bbP9QouacqaPIkfcLEh06GKrTtVwA5M3OmlBhcg27+Nqm84S/uP9n1f kLRCE4WuDioexT+/S0ou1eR5C/dcYCcpLJSJj9erWNvIZ5zyNtdVkxjgQlNn/Usl ZnO2AT5h3bEbu3sNvO55dZl4C970bb8U9ViJX69+8tiCeIvdd+BjJ9Hsc5fhFB3/ W8/zj4GfAJuqYABdI8giY+dzLwIDAQABo4IC6zCCAucwHQYDVR0OBBYEFKLK2n2P Rmt7211DFkBVyWwy4lU7MB8GA1UdIwQYMBaAFIrHISmPkuEKLuMFGvvJEUKE+A4S MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTYwQS8yMDk1ODYxOEE5 REYxMUVFQTM1NkE0M0VDNEY5QUUwMi9pc2NoS1ktUzRRb3U0d1VhLThrUlFvVDRE aEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL2lzY2hLWS1TNFFvdTR3VWEtOGtSUW9UNERoSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QTU2MEEvMjA5NTg2MThBOURGMTFFRUEzNTZBNDNFQzRGOUFFMDIvNzQyQzQwQzBB RTBBMTFFRjlCMUE5QjNGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwdQYIKwYBBQUHAQcBAf8E ZjBkMGIEAgABMFwDBAGdQjAwDAMEAZ1C3gMEAZ1C4AMEAaAWeAMEAaAZSAMEAaAe MgMEAaAeiAMEAaC/1gMEAaD6BAMEAaD6gAMEAaD6hAMEAaD6ugMEAaH4BAMEAaH4 sgMEAaH47jANBgkqhkiG9w0BAQsFAAOCAQEASPgMfdoP6BhguGTgnY4BLpG1GGtf 5gmqUx3+o8zPb3ot3iVFk7GApd7TB8LFX7LtYQQBfNDZpI/f6Klt+Jj1x9G0brmr tkGL3Q6k/cKnrJkr1pCkr9EBjBxRLhh15xYzkJREQbFpdjU84O6G546aFJo4j/mn Yuvsx87YscZWQZuEaMIkUhkl0WxxL085gHKqSf74w7cN2RKCXRTuKnG5HS1JQ32I YQuGZ3Sk4xB9dttU7MEDnXMTjOMRb1OuayTTcXVy248dvFf7idZwwCUfPHUWFkts ctmd7N3kgUAxuIn9ZZeLL1lfe46BUVXPQNOEVUAMk8EOeic9wvMdACri1A== -----END CERTIFICATE-----Generated at Sat May 17 18:06:56 2025 by rpki-client