$ rpki-client -vvf rpki.apnic.net/member_repository/A91B6F87/A7EA755C268811EBBE7C682BC4F9AE02/69BA51482C9C11EBB49A3A32C4F9AE02.roa File: 69BA51482C9C11EBB49A3A32C4F9AE02.roa (raw, json) Hash identifier: ST/Rl9xKmY8tlX8GinkPsHXgmmClbDe8hWqTijwIMqQ= Subject key identifier: DB:FD:60:13:95:F5:9A:19:E1:A4:30:93:83:0A:66:37:1D:D0:49:F7 Certificate issuer: /CN=A91B6F87/serialNumber=7ED17AFD7370A6A908D8262B86DABC7EED3D6140 Certificate serial: 0767 Authority key identifier: 7E:D1:7A:FD:73:70:A6:A9:08:D8:26:2B:86:DA:BC:7E:ED:3D:61:40 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ftF6_XNwpqkI2CYrhtq8fu09YUA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B6F87/A7EA755C268811EBBE7C682BC4F9AE02/69BA51482C9C11EBB49A3A32C4F9AE02.roa Signing time: Fri 20 Jun 2025 22:09:49 +0000 ROA not before: Fri 20 Jun 2025 22:09:49 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 45178 IP address blocks: 64.207.208.0/21 maxlen: 21 64.207.208.0/22 maxlen: 22 64.207.208.0/23 maxlen: 23 64.207.208.0/24 maxlen: 24 64.207.209.0/24 maxlen: 24 64.207.210.0/23 maxlen: 23 64.207.210.0/24 maxlen: 24 64.207.211.0/24 maxlen: 24 64.207.212.0/23 maxlen: 23 64.207.212.0/24 maxlen: 24 64.207.213.0/24 maxlen: 24 64.207.214.0/23 maxlen: 23 64.207.214.0/24 maxlen: 24 64.207.215.0/24 maxlen: 24 74.118.80.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B6F87/A7EA755C268811EBBE7C682BC4F9AE02/ftF6_XNwpqkI2CYrhtq8fu09YUA.crl rsync://rpki.apnic.net/member_repository/A91B6F87/A7EA755C268811EBBE7C682BC4F9AE02/ftF6_XNwpqkI2CYrhtq8fu09YUA.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ftF6_XNwpqkI2CYrhtq8fu09YUA.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 09 Jul 2025 21:52:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1895 (0x767) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B6F87, serialNumber=7ED17AFD7370A6A908D8262B86DABC7EED3D6140 Validity Not Before: Jun 20 22:09:49 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=6855dc2d-0a58 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:aa:13:3d:a6:55:6d:4d:9d:19:1a:e5:aa:eb: 1e:44:b3:65:00:7b:f6:a2:6b:8c:da:da:c4:63:15: 07:84:fe:d5:76:cf:d4:66:55:b6:0c:43:ec:19:52: 8e:e9:0b:42:35:6c:df:4f:8b:82:e8:1d:2d:64:67: a9:3a:3a:c5:fb:f6:52:ba:f9:ba:3c:55:ec:e1:b0: 76:7e:41:3f:36:a5:9d:28:e8:bf:0f:89:20:76:ff: 19:c4:33:3e:de:29:ce:58:63:21:3b:8e:91:3a:15: 37:6a:23:c1:9a:75:b0:66:f7:39:dc:f7:e9:24:04: a1:32:76:d5:91:48:d3:0c:e8:7b:18:86:d0:c4:96: b0:23:5a:26:20:e7:00:dd:dc:dd:1e:71:e8:c5:c3: 7b:5c:bb:8a:ad:a5:63:a9:8d:c7:47:00:8a:f9:39: 97:e5:7f:3b:94:a9:1c:04:32:ba:52:60:c9:50:95: ff:bf:c5:f5:bc:27:35:8e:be:bb:50:cf:98:58:e4: b9:1a:51:6f:e9:92:f6:4c:d9:70:1a:09:03:02:d0: 01:93:74:ee:84:f9:ce:0f:a6:6b:12:ff:b7:bb:7b: 55:de:5f:d4:b5:65:42:85:dd:fc:b7:e8:4b:ea:a4: 09:c1:cc:04:ec:eb:c1:2d:93:7a:85:05:4e:55:e7: dd:21 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DB:FD:60:13:95:F5:9A:19:E1:A4:30:93:83:0A:66:37:1D:D0:49:F7 X509v3 Authority Key Identifier: keyid:7E:D1:7A:FD:73:70:A6:A9:08:D8:26:2B:86:DA:BC:7E:ED:3D:61:40 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B6F87/A7EA755C268811EBBE7C682BC4F9AE02/ftF6_XNwpqkI2CYrhtq8fu09YUA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ftF6_XNwpqkI2CYrhtq8fu09YUA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B6F87/A7EA755C268811EBBE7C682BC4F9AE02/69BA51482C9C11EBB49A3A32C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 64.207.208.0/21 74.118.80.0/22 Signature Algorithm: sha256WithRSAEncryption dc:82:4e:7b:19:b0:95:ed:2d:e8:91:1c:1f:79:75:e4:ba:e9: d4:f9:27:36:de:27:44:f2:25:cc:3f:42:d1:64:e9:af:55:8e: 14:ca:fb:a6:9c:17:96:2d:eb:f5:2f:a9:46:1f:00:79:9e:48: bd:88:70:a2:27:7e:e0:96:27:9e:78:4f:88:cd:cd:c9:62:c0: 5f:4b:08:d3:2c:ee:1b:04:4d:6f:4a:83:a4:48:e2:fc:3e:29: 52:b2:39:fe:95:65:64:5f:98:f4:ce:fe:09:94:9c:bf:59:27: d6:ac:12:60:cf:d6:56:e5:e7:95:88:9a:ec:c1:a1:0a:84:55: b4:ba:dd:7c:a4:b2:73:93:c0:a3:f8:a2:07:0a:75:67:91:f3: 36:9b:8b:00:52:ba:d0:3e:e0:96:19:2a:a8:bd:aa:e7:ef:f2: 1e:06:70:3e:16:fa:f6:93:5d:76:bd:9d:76:bd:6c:85:42:e9: 6b:79:7f:b3:82:c1:02:18:63:be:33:bf:94:05:b8:cf:ef:41: 71:65:3f:48:46:bd:7d:f9:ef:d5:5c:64:90:1c:38:92:7f:6d: 63:2b:c2:85:c9:ad:b7:f9:c4:dc:7e:0b:97:99:66:b8:21:6d: 0a:0b:93:54:a8:84:2e:76:a1:3b:8c:30:00:7b:5a:d7:37:8d: 6e:1d:0a:58 -----BEGIN CERTIFICATE----- MIIFdzCCBF+gAwIBAgICB2cwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjZGODcxMTAvBgNVBAUTKDdFRDE3QUZENzM3MEE2QTkwOEQ4MjYyQjg2REFCQzdF RUQzRDYxNDAwHhcNMjUwNjIwMjIwOTQ5WhcNMjYwNzAxMDAwMDAwWjAYMRYwFAYD VQQDEw02ODU1ZGMyZC0wYTU4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEArKoTPaZVbU2dGRrlquseRLNlAHv2omuM2trEYxUHhP7Vds/UZlW2DEPsGVKO 6QtCNWzfT4uC6B0tZGepOjrF+/ZSuvm6PFXs4bB2fkE/NqWdKOi/D4kgdv8ZxDM+ 3inOWGMhO46ROhU3aiPBmnWwZvc53PfpJAShMnbVkUjTDOh7GIbQxJawI1omIOcA 3dzdHnHoxcN7XLuKraVjqY3HRwCK+TmX5X87lKkcBDK6UmDJUJX/v8X1vCc1jr67 UM+YWOS5GlFv6ZL2TNlwGgkDAtABk3TuhPnOD6ZrEv+3u3tV3l/UtWVChd38t+hL 6qQJwcwE7OvBLZN6hQVOVefdIQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFNv9YBOV 9ZoZ4aQwk4MKZjcd0En3MB8GA1UdIwQYMBaAFH7Rev1zcKapCNgmK4bavH7tPWFA MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNkY4Ny9BN0VBNzU1QzI2 ODgxMUVCQkU3QzY4MkJDNEY5QUUwMi9mdEY2X1hOd3Bxa0kyQ1lyaHRxOGZ1MDlZ VUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL2Z0RjZfWE53cHFrSTJDWXJodHE4ZnUwOVlVQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QjZGODcvQTdFQTc1NUMyNjg4MTFFQkJFN0M2ODJCQzRGOUFFMDIvNjlCQTUxNDgy QzlDMTFFQkI0OUEzQTMyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E FjAUMBIEAgABMAwDBANAz9ADBAJKdlAwDQYJKoZIhvcNAQELBQADggEBANyCTnsZ sJXtLeiRHB95deS66dT5JzbeJ0TyJcw/QtFk6a9VjhTK+6acF5Yt6/UvqUYfAHme SL2IcKInfuCWJ554T4jNzcliwF9LCNMs7hsETW9Kg6RI4vw+KVKyOf6VZWRfmPTO /gmUnL9ZJ9asEmDP1lbl55WImuzBoQqEVbS63XyksnOTwKP4ogcKdWeR8zabiwBS utA+4JYZKqi9qufv8h4GcD4W+vaTXXa9nXa9bIVC6Wt5f7OCwQIYY74zv5QFuM/v QXFlP0hGvX3579VcZJAcOJJ/bWMrwoXJrbf5xNx+C5eZZrghbQoLk1SohC52oTuM MAB7Wtc3jW4dClg= -----END CERTIFICATE-----Generated at Fri Jul 4 18:43:53 2025 by rpki-client