$ rpki-client -vvf rpki.apnic.net/member_repository/A91ADB98/D93E93DC492111EDABD59C53C4F9AE02/2E926DC45B7C11EDAAFAB831C4F9AE02.roa File: 2E926DC45B7C11EDAAFAB831C4F9AE02.roa (raw, json) Hash identifier: js4G1Lshm4EffUa3iY1Q71q0rcXw9+IUkbR6FWJH4+U= Subject key identifier: 40:4A:62:BA:F4:E1:91:77:4C:6A:8F:6B:A6:B1:0B:3E:04:D7:66:2D Certificate issuer: /CN=A91ADB98/serialNumber=661C64E293B87F473AF61D89DE48FC4538570157 Certificate serial: 0249 Authority key identifier: 66:1C:64:E2:93:B8:7F:47:3A:F6:1D:89:DE:48:FC:45:38:57:01:57 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/Zhxk4pO4f0c69h2J3kj8RThXAVc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91ADB98/D93E93DC492111EDABD59C53C4F9AE02/2E926DC45B7C11EDAAFAB831C4F9AE02.roa Signing time: Fri 09 May 2025 05:22:39 +0000 ROA not before: Fri 09 May 2025 05:22:39 +0000 ROA not after: Wed 30 Jul 2025 00:00:00 +0000 asID: 45867 IP address blocks: 140.168.64.0/18 maxlen: 19 140.168.66.0/24 maxlen: 24 140.168.67.0/24 maxlen: 24 140.168.78.0/24 maxlen: 24 140.168.79.0/24 maxlen: 24 140.168.80.0/24 maxlen: 24 140.168.81.0/24 maxlen: 24 140.168.87.0/24 maxlen: 24 140.168.128.0/18 maxlen: 19 140.168.135.0/24 maxlen: 24 140.168.138.0/24 maxlen: 24 140.168.139.0/24 maxlen: 24 140.168.166.0/24 maxlen: 24 140.168.236.0/22 maxlen: 24 140.168.250.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91ADB98/D93E93DC492111EDABD59C53C4F9AE02/Zhxk4pO4f0c69h2J3kj8RThXAVc.crl rsync://rpki.apnic.net/member_repository/A91ADB98/D93E93DC492111EDABD59C53C4F9AE02/Zhxk4pO4f0c69h2J3kj8RThXAVc.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/Zhxk4pO4f0c69h2J3kj8RThXAVc.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 18 May 2025 01:38:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 585 (0x249) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91ADB98, serialNumber=661C64E293B87F473AF61D89DE48FC4538570157 Validity Not Before: May 9 05:22:39 2025 GMT Not After : Jul 30 00:00:00 2025 GMT Subject: CN=681d911f-c91e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:91:94:be:fb:e7:d0:5b:d0:7b:20:a5:bf:4a: 8f:89:83:76:bd:59:a7:15:17:a2:38:b1:a5:ee:a5: 69:8d:ac:49:f2:79:29:82:94:76:f7:c9:fb:ff:5c: 69:28:7a:e5:23:5c:b4:96:fc:9f:34:2f:23:cc:70: 09:20:07:da:00:03:bf:5e:cc:a1:ac:83:73:57:13: 1e:c8:9d:a5:27:87:05:cb:21:bc:53:20:cf:9c:d4: c8:ee:ba:11:53:b0:6a:05:ff:85:e5:13:37:4c:a5: 62:a6:a5:a0:e9:11:ca:8b:00:02:ed:bd:43:da:5e: da:75:c5:bd:31:4a:45:4a:13:44:b7:7c:3c:bb:5c: 53:e3:b1:81:5f:41:ec:48:20:fe:44:f9:17:af:29: bd:fe:27:f2:78:76:4f:48:85:e7:2b:57:a1:80:cb: 72:f6:f7:cc:fe:d2:59:96:42:f1:37:cb:6c:28:4a: 2c:85:8a:98:95:81:f8:99:b1:23:89:e9:9f:bb:fd: b6:4f:c8:d1:fd:4c:d5:19:3f:9a:83:01:25:3e:ce: cd:3d:de:ba:e4:f3:56:b5:f9:a2:6f:ef:ef:c4:2c: 4c:39:86:e8:64:38:32:eb:8b:8c:d5:09:c7:90:e2: 5e:36:cc:b9:53:25:8a:98:d8:9e:67:60:99:3e:94: 63:d3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 40:4A:62:BA:F4:E1:91:77:4C:6A:8F:6B:A6:B1:0B:3E:04:D7:66:2D X509v3 Authority Key Identifier: keyid:66:1C:64:E2:93:B8:7F:47:3A:F6:1D:89:DE:48:FC:45:38:57:01:57 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91ADB98/D93E93DC492111EDABD59C53C4F9AE02/Zhxk4pO4f0c69h2J3kj8RThXAVc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/Zhxk4pO4f0c69h2J3kj8RThXAVc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91ADB98/D93E93DC492111EDABD59C53C4F9AE02/2E926DC45B7C11EDAAFAB831C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 140.168.64.0-140.168.191.255 140.168.236.0/22 140.168.250.0/24 Signature Algorithm: sha256WithRSAEncryption 32:b8:71:0c:c6:8f:9c:25:b6:44:e1:fd:4d:50:44:e1:d3:1c: ed:d6:2f:7c:86:02:28:29:99:11:b7:7b:e2:ef:4e:3d:9e:d1: fd:c5:f7:67:c8:eb:e8:7c:08:2b:d0:db:1b:22:11:2d:39:1a: 38:78:76:84:fb:5e:0f:9b:32:fa:92:93:ac:f8:a6:c1:8d:39: a2:df:a9:49:2b:25:40:f6:39:df:e6:26:6c:c2:20:e6:f6:9b: 19:00:f7:77:29:71:76:3c:e7:95:f4:f5:4d:b0:7d:7f:5f:dc: f5:4b:40:fb:b6:f9:b3:63:5a:6d:74:1e:68:cd:56:52:7a:82: f1:5e:6f:fb:d6:05:f9:b5:f9:cf:df:07:04:3f:0c:03:41:fd: 6b:bc:08:b4:e4:9d:2e:ef:06:be:2a:25:ca:1e:4e:d5:e1:8f: 37:61:78:e3:9b:2e:c9:ce:92:46:f4:0b:db:78:ff:4e:9f:a4: 3a:68:c0:78:78:87:6b:31:5b:ce:83:1e:0b:6f:54:70:ef:c4: de:db:e8:7e:37:7f:44:b8:0c:73:00:2c:41:c3:a1:f0:11:87: 3d:ef:d2:b1:53:75:b1:ca:fd:af:cd:78:47:0f:7c:8d:57:76: 9e:61:5b:c1:58:fe:fb:b4:39:ba:31:93:df:2c:51:33:8e:bb: 1d:96:1a:ed -----BEGIN CERTIFICATE----- MIIFhTCCBG2gAwIBAgICAkkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QURCOTgxMTAvBgNVBAUTKDY2MUM2NEUyOTNCODdGNDczQUY2MUQ4OURFNDhGQzQ1 Mzg1NzAxNTcwHhcNMjUwNTA5MDUyMjM5WhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD VQQDEw02ODFkOTExZi1jOTFlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAp5GUvvvn0FvQeyClv0qPiYN2vVmnFReiOLGl7qVpjaxJ8nkpgpR298n7/1xp KHrlI1y0lvyfNC8jzHAJIAfaAAO/XsyhrINzVxMeyJ2lJ4cFyyG8UyDPnNTI7roR U7BqBf+F5RM3TKVipqWg6RHKiwAC7b1D2l7adcW9MUpFShNEt3w8u1xT47GBX0Hs SCD+RPkXrym9/ifyeHZPSIXnK1ehgMty9vfM/tJZlkLxN8tsKEoshYqYlYH4mbEj iemfu/22T8jR/UzVGT+agwElPs7NPd665PNWtfmib+/vxCxMOYboZDgy64uM1QnH kOJeNsy5UyWKmNieZ2CZPpRj0wIDAQABo4ICqTCCAqUwHQYDVR0OBBYEFEBKYrr0 4ZF3TGqPa6axCz4E12YtMB8GA1UdIwQYMBaAFGYcZOKTuH9HOvYdid5I/EU4VwFX MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBREI5OC9EOTNFOTNEQzQ5 MjExMUVEQUJENTlDNTNDNEY5QUUwMi9aaHhrNHBPNGYwYzY5aDJKM2tqOFJUaFhB VmMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL1poeGs0cE80ZjBjNjloMkoza2o4UlRoWEFWYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QURCOTgvRDkzRTkzREM0OTIxMTFFREFCRDU5QzUzQzRGOUFFMDIvMkU5MjZEQzQ1 QjdDMTFFREFBRkFCODMxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMwYIKwYBBQUHAQcBAf8E JDAiMCAEAgABMBowDAMEBoyoQAMEBoyogAMEAoyo7AMEAIyo+jANBgkqhkiG9w0B AQsFAAOCAQEAMrhxDMaPnCW2ROH9TVBE4dMc7dYvfIYCKCmZEbd74u9OPZ7R/cX3 Z8jr6HwIK9DbGyIRLTkaOHh2hPteD5sy+pKTrPimwY05ot+pSSslQPY53+YmbMIg 5vabGQD3dylxdjznlfT1TbB9f1/c9UtA+7b5s2NabXQeaM1WUnqC8V5v+9YF+bX5 z98HBD8MA0H9a7wItOSdLu8Gviolyh5O1eGPN2F445suyc6SRvQL23j/Tp+kOmjA eHiHazFbzoMeC29UcO/E3tvofjd/RLgMcwAsQcOh8BGHPe/SsVN1scr9r814Rw98 jVd2nmFbwVj++7Q5ujGT3yxRM467HZYa7Q== -----END CERTIFICATE-----Generated at Mon May 12 04:17:34 2025 by rpki-client