$ rpki-client -vvf rpki.apnic.net/member_repository/A91EA198/AD629222B52511E6AF6C895EC4F9AE02/DF730482A32311EFBE77BA2EC4F9AE02.roa File: DF730482A32311EFBE77BA2EC4F9AE02.roa (raw, json) Hash identifier: FW9NYXvHGiXVfFykPHyKhdOjK9fS+NAvHhqmtmC3mxY= Subject key identifier: 19:00:BD:89:62:74:C1:59:19:F7:45:CB:7C:B4:6A:56:10:F7:E0:01 Certificate issuer: /CN=A91EA198/serialNumber=5FEEDE9D382543F051527FA533D47A917077E632 Certificate serial: 1E34 Authority key identifier: 5F:EE:DE:9D:38:25:43:F0:51:52:7F:A5:33:D4:7A:91:70:77:E6:32 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/X-7enTglQ_BRUn-lM9R6kXB35jI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EA198/AD629222B52511E6AF6C895EC4F9AE02/DF730482A32311EFBE77BA2EC4F9AE02.roa Signing time: Wed 25 Jun 2025 11:05:07 +0000 ROA not before: Wed 25 Jun 2025 11:05:07 +0000 ROA not after: Mon 02 Mar 2026 00:00:00 +0000 asID: 24429 IP address blocks: 8.148.32.0/24 maxlen: 24 8.148.33.0/24 maxlen: 24 8.148.34.0/24 maxlen: 24 8.148.35.0/24 maxlen: 24 8.148.36.0/24 maxlen: 24 8.148.37.0/24 maxlen: 24 8.148.38.0/24 maxlen: 24 8.148.39.0/24 maxlen: 24 8.148.40.0/24 maxlen: 24 8.148.41.0/24 maxlen: 24 8.148.42.0/24 maxlen: 24 8.148.43.0/24 maxlen: 24 170.33.98.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EA198/AD629222B52511E6AF6C895EC4F9AE02/X-7enTglQ_BRUn-lM9R6kXB35jI.crl rsync://rpki.apnic.net/member_repository/A91EA198/AD629222B52511E6AF6C895EC4F9AE02/X-7enTglQ_BRUn-lM9R6kXB35jI.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/X-7enTglQ_BRUn-lM9R6kXB35jI.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 07 Jul 2025 16:17:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7732 (0x1e34) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EA198, serialNumber=5FEEDE9D382543F051527FA533D47A917077E632 Validity Not Before: Jun 25 11:05:07 2025 GMT Not After : Mar 2 00:00:00 2026 GMT Subject: CN=685bd7e2-f2ff Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:fe:de:89:fd:dd:62:c2:b9:3a:6e:c0:32:3b: 10:46:e3:e3:1c:8f:6e:25:fa:81:92:c7:d3:60:9b: 0e:46:5b:65:e9:1f:d7:0c:a9:79:b2:47:3d:84:91: 62:ca:fd:87:5c:8a:3a:c2:a8:6b:d2:51:8c:c9:a0: ee:98:99:be:a4:c6:df:07:d3:ce:2e:c1:c1:18:4f: 39:20:05:0c:c2:74:e1:5b:7a:b9:12:89:a5:f7:5e: eb:c8:c6:70:11:eb:12:45:2e:a1:0f:2c:25:0c:52: 63:6e:7f:d9:3f:6a:3b:8a:fd:39:51:ac:13:91:2f: 4b:ef:05:55:26:82:2a:87:ee:fe:44:ae:53:9b:6c: ed:c5:c5:c0:01:a6:7c:1e:55:6c:3e:f3:d6:04:2c: 9c:6f:df:72:68:4d:4f:07:76:06:4d:66:a7:01:a5: 1d:19:06:cc:90:63:0a:6c:9b:92:3d:19:25:fe:20: 77:e4:37:38:71:92:4b:7e:72:0d:4c:24:67:ec:99: 83:b0:7f:74:89:0d:31:a3:3b:f4:bf:ea:10:de:84: b7:96:30:93:a9:d5:65:40:ee:81:60:b7:c1:10:be: a1:f6:e9:e1:0c:02:e5:a2:01:af:89:4a:50:0f:2d: 19:50:b2:c1:13:23:77:9f:84:61:a7:dc:f4:0c:16: 5b:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 19:00:BD:89:62:74:C1:59:19:F7:45:CB:7C:B4:6A:56:10:F7:E0:01 X509v3 Authority Key Identifier: keyid:5F:EE:DE:9D:38:25:43:F0:51:52:7F:A5:33:D4:7A:91:70:77:E6:32 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EA198/AD629222B52511E6AF6C895EC4F9AE02/X-7enTglQ_BRUn-lM9R6kXB35jI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/X-7enTglQ_BRUn-lM9R6kXB35jI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EA198/AD629222B52511E6AF6C895EC4F9AE02/DF730482A32311EFBE77BA2EC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 8.148.32.0-8.148.43.255 170.33.98.0/24 Signature Algorithm: sha256WithRSAEncryption 67:fa:01:e8:1b:0d:16:c3:76:84:27:16:29:9e:26:a1:d0:11: 74:d4:f7:43:7f:9f:d2:d7:1f:7f:ba:ff:ca:80:ce:11:03:af: d8:1b:d4:6c:e1:a1:b2:14:a4:a7:7d:fd:dd:04:22:9c:13:f7: e8:2e:b4:1a:3d:1c:c0:df:a2:5e:91:68:65:eb:cf:47:74:cb: a6:c5:17:fd:48:0d:0d:c4:9c:00:9e:17:74:a4:09:a8:31:a1: d6:4f:54:d5:da:7f:21:58:18:18:ea:d1:b4:7e:11:2c:70:0e: 8a:d9:74:fb:ba:e3:05:a4:7f:bd:a6:65:a2:24:45:03:0b:b5: 80:19:28:f1:41:ec:fe:81:b3:3a:21:b5:b5:b2:72:96:8c:66: a0:b7:8a:ba:ec:4b:29:bb:ad:8b:dc:71:2d:fd:a5:66:b7:1a: 5d:68:8d:dc:8a:ab:ae:90:b7:59:23:58:40:70:03:96:c2:d0: ca:83:7f:56:4d:2e:fa:3d:bd:74:73:12:72:66:53:eb:60:31: be:27:a0:da:fc:ea:7d:c1:9e:6e:b3:cc:d1:6e:dd:52:99:0e: 71:09:f8:89:4f:ba:a5:3b:c0:b4:00:92:39:03:c9:e3:ae:50: ae:02:df:8b:60:c4:23:8d:70:d6:12:36:a0:8f:85:73:88:d6: 49:a3:9e:c5 -----BEGIN CERTIFICATE----- MIIFfzCCBGegAwIBAgICHjQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RUExOTgxMTAvBgNVBAUTKDVGRUVERTlEMzgyNTQzRjA1MTUyN0ZBNTMzRDQ3QTkx NzA3N0U2MzIwHhcNMjUwNjI1MTEwNTA3WhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD VQQDEw02ODViZDdlMi1mMmZmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtv7eif3dYsK5Om7AMjsQRuPjHI9uJfqBksfTYJsORltl6R/XDKl5skc9hJFi yv2HXIo6wqhr0lGMyaDumJm+pMbfB9POLsHBGE85IAUMwnThW3q5Eoml917ryMZw EesSRS6hDywlDFJjbn/ZP2o7iv05UawTkS9L7wVVJoIqh+7+RK5Tm2ztxcXAAaZ8 HlVsPvPWBCycb99yaE1PB3YGTWanAaUdGQbMkGMKbJuSPRkl/iB35Dc4cZJLfnIN TCRn7JmDsH90iQ0xozv0v+oQ3oS3ljCTqdVlQO6BYLfBEL6h9unhDALlogGviUpQ Dy0ZULLBEyN3n4Rhp9z0DBZbZQIDAQABo4ICozCCAp8wHQYDVR0OBBYEFBkAvYli dMFZGfdFy3y0alYQ9+ABMB8GA1UdIwQYMBaAFF/u3p04JUPwUVJ/pTPUepFwd+Yy MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQTE5OC9BRDYyOTIyMkI1 MjUxMUU2QUY2Qzg5NUVDNEY5QUUwMi9YLTdlblRnbFFfQlJVbi1sTTlSNmtYQjM1 akkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL1gtN2VuVGdsUV9CUlVuLWxNOVI2a1hCMzVqSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RUExOTgvQUQ2MjkyMjJCNTI1MTFFNkFGNkM4OTVFQzRGOUFFMDIvREY3MzA0ODJB MzIzMTFFRkJFNzdCQTJFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLQYIKwYBBQUHAQcBAf8E HjAcMBoEAgABMBQwDAMEBQiUIAMEAgiUKAMEAKohYjANBgkqhkiG9w0BAQsFAAOC AQEAZ/oB6BsNFsN2hCcWKZ4modARdNT3Q3+f0tcff7r/yoDOEQOv2BvUbOGhshSk p3393QQinBP36C60Gj0cwN+iXpFoZevPR3TLpsUX/UgNDcScAJ4XdKQJqDGh1k9U 1dp/IVgYGOrRtH4RLHAOitl0+7rjBaR/vaZloiRFAwu1gBko8UHs/oGzOiG1tbJy loxmoLeKuuxLKbuti9xxLf2lZrcaXWiN3IqrrpC3WSNYQHADlsLQyoN/Vk0u+j29 dHMScmZT62Axvieg2vzqfcGebrPM0W7dUpkOcQn4iU+6pTvAtACSOQPJ465QrgLf i2DEI41w1hI2oI+Fc4jWSaOexQ== -----END CERTIFICATE-----Generated at Wed Jul 2 06:31:31 2025 by rpki-client