$ rpki-client -vvf rpki.apnic.net/member_repository/A91E00FC/55F2C4C67F2F11EAADF4BF6AC4F9AE02/CD26CAC0431611EE80B53A75C4F9AE02.roa File: CD26CAC0431611EE80B53A75C4F9AE02.roa (raw, json) Hash identifier: r8n2MjMUHYmVdEJ+7Xp+vud9daXi0fU7s6dyyzC3DT4= Subject key identifier: 07:08:10:3B:76:E3:95:A8:4B:33:C0:C2:AB:66:CE:D8:21:BA:91:0A Certificate issuer: /CN=A91E00FC/serialNumber=4BD9994BC5CFF9ECB6683C94DC6EECD5EEEE0E78 Certificate serial: 09E8 Authority key identifier: 4B:D9:99:4B:C5:CF:F9:EC:B6:68:3C:94:DC:6E:EC:D5:EE:EE:0E:78 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/S9mZS8XP-ey2aDyU3G7s1e7uDng.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E00FC/55F2C4C67F2F11EAADF4BF6AC4F9AE02/CD26CAC0431611EE80B53A75C4F9AE02.roa Signing time: Wed 14 May 2025 20:06:14 +0000 ROA not before: Wed 14 May 2025 20:06:14 +0000 ROA not after: Thu 30 Jul 2026 00:00:00 +0000 asID: 139006 IP address blocks: 165.173.160.0/22 maxlen: 24 165.173.190.0/23 maxlen: 23 165.173.190.0/24 maxlen: 24 165.173.191.0/24 maxlen: 24 199.67.70.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E00FC/55F2C4C67F2F11EAADF4BF6AC4F9AE02/S9mZS8XP-ey2aDyU3G7s1e7uDng.crl rsync://rpki.apnic.net/member_repository/A91E00FC/55F2C4C67F2F11EAADF4BF6AC4F9AE02/S9mZS8XP-ey2aDyU3G7s1e7uDng.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/S9mZS8XP-ey2aDyU3G7s1e7uDng.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 21 May 2025 20:06:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2536 (0x9e8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E00FC, serialNumber=4BD9994BC5CFF9ECB6683C94DC6EECD5EEEE0E78 Validity Not Before: May 14 20:06:14 2025 GMT Not After : Jul 30 00:00:00 2026 GMT Subject: CN=6824f7b6-c57e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e2:ab:e3:f2:4e:5b:df:96:cc:cd:ad:c1:aa:81: 19:00:38:2f:03:ab:2b:67:44:82:4b:78:0e:46:0a: 75:53:b0:59:44:a1:f7:52:af:a9:aa:9b:7e:6b:d5: 35:62:b4:0b:ea:03:e4:f4:e1:87:0f:4f:5a:df:d9: 60:f6:3f:83:44:5d:40:64:e9:ca:5c:30:3d:3b:e4: 34:21:d9:0e:df:17:be:ae:a7:ae:c2:8f:24:e1:10: f3:cc:77:8c:a0:ae:6f:9c:cb:61:2e:0f:b8:79:b8: 09:9a:48:24:00:a2:72:6c:00:cf:6d:eb:8c:cf:94: e8:06:6c:6b:79:0a:ae:85:e6:58:2e:47:63:30:69: 89:78:76:f4:70:e6:12:fb:c3:30:35:0c:5f:c3:3f: 28:7a:64:de:b7:42:29:a0:19:13:d0:c4:f4:5b:08: 90:00:73:4a:e1:42:c2:39:7a:00:54:9f:17:71:54: 83:1f:a0:f3:6a:6f:c8:7f:d3:6c:e7:3e:2c:42:6b: f1:34:11:95:50:cb:54:aa:2e:b8:2e:34:ea:e1:b2: eb:2a:76:52:a8:71:cc:61:23:cb:6a:07:bc:0b:b4: 04:39:ef:03:6a:9c:29:76:16:56:dd:74:cd:a7:64: 6b:d0:e2:1a:c5:38:21:c3:9a:d9:4d:74:69:2b:38: a0:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 07:08:10:3B:76:E3:95:A8:4B:33:C0:C2:AB:66:CE:D8:21:BA:91:0A X509v3 Authority Key Identifier: keyid:4B:D9:99:4B:C5:CF:F9:EC:B6:68:3C:94:DC:6E:EC:D5:EE:EE:0E:78 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E00FC/55F2C4C67F2F11EAADF4BF6AC4F9AE02/S9mZS8XP-ey2aDyU3G7s1e7uDng.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/S9mZS8XP-ey2aDyU3G7s1e7uDng.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E00FC/55F2C4C67F2F11EAADF4BF6AC4F9AE02/CD26CAC0431611EE80B53A75C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 165.173.160.0/22 165.173.190.0/23 199.67.70.0/24 Signature Algorithm: sha256WithRSAEncryption 44:f0:5e:e8:4b:2d:f6:c0:5d:c2:36:e1:92:ff:a3:a3:8d:db: 20:23:14:02:93:e3:dc:1a:b0:65:51:bd:62:12:35:be:d3:f0: 21:6b:a8:ba:68:62:40:58:4e:e7:2c:f2:12:4c:81:83:a7:ba: 14:d4:12:d0:c8:e5:11:23:3d:a7:fd:34:00:7e:20:41:e1:c7: de:78:1b:90:bd:d9:4c:b6:06:3f:e0:6b:b6:73:78:70:cf:43: e7:e6:9a:0d:4b:c1:b7:de:1c:bd:48:ad:92:74:03:f6:da:69: 43:e2:0f:23:01:14:80:86:15:2d:4d:1f:7a:50:ce:b8:eb:e8: 9d:cb:50:e7:a1:06:89:3c:0a:be:84:c7:2f:47:7f:6d:a3:d2: 39:6c:d0:be:4b:00:97:47:c5:74:97:f0:b3:28:f8:53:5d:da: 32:36:cb:48:1e:d8:2a:cb:dd:ec:64:aa:4b:45:b8:85:21:19: 35:71:65:aa:b5:df:4a:3a:bc:da:53:50:ce:e3:1c:4a:5b:c6: 8e:26:cc:da:85:41:5e:2c:9c:bc:5f:b5:c9:a4:59:43:56:af: 7c:14:63:f4:56:d4:a1:f6:93:54:ab:3c:2a:ce:ad:7e:41:5e: 9d:29:f3:cb:85:b3:dd:2e:f5:dd:4d:c9:4c:dc:ff:73:78:5b: da:54:71:96 -----BEGIN CERTIFICATE----- MIIFfTCCBGWgAwIBAgICCegwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTAwRkMxMTAvBgNVBAUTKDRCRDk5OTRCQzVDRkY5RUNCNjY4M0M5NERDNkVFQ0Q1 RUVFRTBFNzgwHhcNMjUwNTE0MjAwNjE0WhcNMjYwNzMwMDAwMDAwWjAYMRYwFAYD VQQDEw02ODI0ZjdiNi1jNTdlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA4qvj8k5b35bMza3BqoEZADgvA6srZ0SCS3gORgp1U7BZRKH3Uq+pqpt+a9U1 YrQL6gPk9OGHD09a39lg9j+DRF1AZOnKXDA9O+Q0IdkO3xe+rqeuwo8k4RDzzHeM oK5vnMthLg+4ebgJmkgkAKJybADPbeuMz5ToBmxreQquheZYLkdjMGmJeHb0cOYS +8MwNQxfwz8oemTet0IpoBkT0MT0WwiQAHNK4ULCOXoAVJ8XcVSDH6Dzam/If9Ns 5z4sQmvxNBGVUMtUqi64LjTq4bLrKnZSqHHMYSPLage8C7QEOe8DapwpdhZW3XTN p2Rr0OIaxTghw5rZTXRpKzignwIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFAcIEDt2 45WoSzPAwqtmztghupEKMB8GA1UdIwQYMBaAFEvZmUvFz/nstmg8lNxu7NXu7g54 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFMDBGQy81NUYyQzRDNjdG MkYxMUVBQURGNEJGNkFDNEY5QUUwMi9TOW1aUzhYUC1leTJhRHlVM0c3czFlN3VE bmcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL1M5bVpTOFhQLWV5MmFEeVUzRzdzMWU3dURuZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RTAwRkMvNTVGMkM0QzY3RjJGMTFFQUFERjRCRjZBQzRGOUFFMDIvQ0QyNkNBQzA0 MzE2MTFFRTgwQjUzQTc1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E HDAaMBgEAgABMBIDBAKlraADBAGlrb4DBADHQ0YwDQYJKoZIhvcNAQELBQADggEB AETwXuhLLfbAXcI24ZL/o6ON2yAjFAKT49wasGVRvWISNb7T8CFrqLpoYkBYTucs 8hJMgYOnuhTUEtDI5REjPaf9NAB+IEHhx954G5C92Uy2Bj/ga7ZzeHDPQ+fmmg1L wbfeHL1IrZJ0A/baaUPiDyMBFICGFS1NH3pQzrjr6J3LUOehBok8Cr6Exy9Hf22j 0jls0L5LAJdHxXSX8LMo+FNd2jI2y0ge2CrL3exkqktFuIUhGTVxZaq130o6vNpT UM7jHEpbxo4mzNqFQV4snLxftcmkWUNWr3wUY/RW1KH2k1SrPCrOrX5BXp0p88uF s90u9d1NyUzc/3N4W9pUcZY= -----END CERTIFICATE-----Generated at Fri May 16 18:11:28 2025 by rpki-client