$ rpki-client -vvf rpki.apnic.net/member_repository/A91EDB37/4DE635E078A011EB950D3175C4F9AE02/FD6881C4438111ECBC63AC7BC4F9AE02.roa File: FD6881C4438111ECBC63AC7BC4F9AE02.roa (raw, json) Hash identifier: GXDo06eWf1CS5linsgTrOBOv6JOIeKZL5s3MMM7BEU8= Subject key identifier: B4:D2:87:DB:2A:69:B7:24:17:CA:C8:68:46:38:DB:96:95:7B:FC:F8 Certificate issuer: /CN=A91EDB37/serialNumber=95FEBE93A33A3394BD1F60DCBBDDB9FDE072B7F3 Certificate serial: 070E Authority key identifier: 95:FE:BE:93:A3:3A:33:94:BD:1F:60:DC:BB:DD:B9:FD:E0:72:B7:F3 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/lf6-k6M6M5S9H2Dcu925_eByt_M.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EDB37/4DE635E078A011EB950D3175C4F9AE02/FD6881C4438111ECBC63AC7BC4F9AE02.roa Signing time: Wed 18 Jun 2025 02:52:47 +0000 ROA not before: Wed 18 Jun 2025 02:52:47 +0000 ROA not after: Tue 30 Sep 2025 00:00:00 +0000 asID: 62610 IP address blocks: 156.59.73.0/24 maxlen: 24 156.59.123.0/24 maxlen: 24 156.59.146.0/24 maxlen: 24 156.59.184.0/24 maxlen: 24 162.128.82.0/24 maxlen: 24 162.128.83.0/24 maxlen: 24 162.128.90.0/24 maxlen: 24 162.128.91.0/24 maxlen: 24 162.128.92.0/24 maxlen: 24 162.128.93.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EDB37/4DE635E078A011EB950D3175C4F9AE02/lf6-k6M6M5S9H2Dcu925_eByt_M.crl rsync://rpki.apnic.net/member_repository/A91EDB37/4DE635E078A011EB950D3175C4F9AE02/lf6-k6M6M5S9H2Dcu925_eByt_M.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/lf6-k6M6M5S9H2Dcu925_eByt_M.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 09 Jul 2025 19:40:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1806 (0x70e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EDB37, serialNumber=95FEBE93A33A3394BD1F60DCBBDDB9FDE072B7F3 Validity Not Before: Jun 18 02:52:47 2025 GMT Not After : Sep 30 00:00:00 2025 GMT Subject: CN=685229ff-7ddc Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:db:b4:a3:ff:e0:21:39:4e:d1:30:22:fd:26: e6:92:47:8f:97:c2:ee:45:57:53:90:c2:df:30:31: df:dd:57:28:ae:70:b4:bc:36:a3:ae:e4:79:b9:14: 47:7b:7c:fd:2b:98:09:ec:00:c2:03:02:f0:2e:59: 9e:ea:f1:d6:ab:d5:06:39:36:63:4a:71:f9:d9:a5: 1a:05:6b:68:4c:02:8a:c8:a0:78:e5:a5:56:0f:b9: 74:a9:68:ee:7a:17:54:8f:85:d4:28:f0:f8:cb:07: 17:7a:92:31:10:f8:ed:3a:8c:54:61:dd:f6:6a:30: 5c:8d:d1:74:53:32:d7:5f:9d:67:62:9e:6f:96:ef: 74:4b:8f:58:5f:f4:00:95:72:02:ae:4d:9e:06:6b: 27:f3:79:47:54:d5:cf:f8:0f:9d:7b:d2:7f:96:8b: ab:0f:3c:4c:c8:91:42:4f:e0:4f:ab:3f:e4:1a:98: a5:3d:50:7f:b0:6f:a6:ac:63:46:f2:cc:34:be:3e: 87:da:98:d9:fe:7b:31:19:6a:46:43:a9:45:b6:b9: 7d:5a:45:d2:3f:6d:8a:67:8f:5f:f1:29:82:83:cf: 42:72:10:75:56:78:4f:62:8d:1b:e0:3e:19:2b:80: f6:36:2a:ec:ff:f3:59:17:c5:08:49:66:55:18:3d: a5:4b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B4:D2:87:DB:2A:69:B7:24:17:CA:C8:68:46:38:DB:96:95:7B:FC:F8 X509v3 Authority Key Identifier: keyid:95:FE:BE:93:A3:3A:33:94:BD:1F:60:DC:BB:DD:B9:FD:E0:72:B7:F3 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EDB37/4DE635E078A011EB950D3175C4F9AE02/lf6-k6M6M5S9H2Dcu925_eByt_M.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/lf6-k6M6M5S9H2Dcu925_eByt_M.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EDB37/4DE635E078A011EB950D3175C4F9AE02/FD6881C4438111ECBC63AC7BC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 156.59.73.0/24 156.59.123.0/24 156.59.146.0/24 156.59.184.0/24 162.128.82.0/23 162.128.90.0-162.128.93.255 Signature Algorithm: sha256WithRSAEncryption 4a:20:0f:45:ae:91:d1:ee:83:62:7f:7e:7c:42:20:ad:aa:26: 76:e5:e5:06:ed:d7:4e:bb:30:92:b4:c4:0c:8a:57:ee:03:af: d0:c6:2c:f6:81:50:4c:02:74:e3:39:36:a7:9a:94:f1:5c:d9: f7:7c:f0:f6:25:42:78:e6:52:19:ea:fe:a1:c5:eb:73:0a:11: ff:9e:3a:35:76:1e:47:15:33:27:39:fc:8f:41:71:27:88:bf: 61:38:f3:fa:4a:b7:79:c1:05:7b:8c:ce:bc:64:67:00:66:aa: be:c2:3c:87:5f:ff:2e:8d:1e:66:0e:05:8b:44:2b:1a:a5:ab: fa:ff:e4:ba:eb:29:bc:aa:9f:6c:27:ef:b9:ea:65:37:cd:52: e5:7c:83:c0:ac:e6:a1:cd:e2:f8:11:e6:30:d3:82:9c:60:db: 24:4e:02:e0:00:11:07:2c:42:e1:ae:99:55:a6:7c:a0:d9:2a: 76:bf:47:87:d7:82:40:54:8f:88:78:b2:50:f9:79:ca:5b:3f: 14:75:39:db:46:ff:db:d7:e6:64:82:3a:33:d6:19:29:10:e2: 07:e0:fb:21:85:51:cd:32:54:42:d5:5c:74:fe:8f:0d:7d:07: 66:96:b4:a9:91:99:74:5c:9c:6f:66:a7:40:88:a4:eb:10:e1: 1f:56:f4:e3 -----BEGIN CERTIFICATE----- MIIFlzCCBH+gAwIBAgICBw4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RURCMzcxMTAvBgNVBAUTKDk1RkVCRTkzQTMzQTMzOTRCRDFGNjBEQ0JCRERCOUZE RTA3MkI3RjMwHhcNMjUwNjE4MDI1MjQ3WhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD VQQDEw02ODUyMjlmZi03ZGRjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvtu0o//gITlO0TAi/SbmkkePl8LuRVdTkMLfMDHf3VcornC0vDajruR5uRRH e3z9K5gJ7ADCAwLwLlme6vHWq9UGOTZjSnH52aUaBWtoTAKKyKB45aVWD7l0qWju ehdUj4XUKPD4ywcXepIxEPjtOoxUYd32ajBcjdF0UzLXX51nYp5vlu90S49YX/QA lXICrk2eBmsn83lHVNXP+A+de9J/lourDzxMyJFCT+BPqz/kGpilPVB/sG+mrGNG 8sw0vj6H2pjZ/nsxGWpGQ6lFtrl9WkXSP22KZ49f8SmCg89CchB1VnhPYo0b4D4Z K4D2Nirs//NZF8UISWZVGD2lSwIDAQABo4ICuzCCArcwHQYDVR0OBBYEFLTSh9sq abckF8rIaEY425aVe/z4MB8GA1UdIwQYMBaAFJX+vpOjOjOUvR9g3Lvduf3gcrfz MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFREIzNy80REU2MzVFMDc4 QTAxMUVCOTUwRDMxNzVDNEY5QUUwMi9sZjYtazZNNk01UzlIMkRjdTkyNV9lQnl0 X00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL2xmNi1rNk02TTVTOUgyRGN1OTI1X2VCeXRfTS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RURCMzcvNERFNjM1RTA3OEEwMTFFQjk1MEQzMTc1QzRGOUFFMDIvRkQ2ODgxQzQ0 MzgxMTFFQ0JDNjNBQzdCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwRQYIKwYBBQUHAQcBAf8E NjA0MDIEAgABMCwDBACcO0kDBACcO3sDBACcO5IDBACcO7gDBAGigFIwDAMEAaKA WgMEAaKAXDANBgkqhkiG9w0BAQsFAAOCAQEASiAPRa6R0e6DYn9+fEIgraomduXl Bu3XTrswkrTEDIpX7gOv0MYs9oFQTAJ04zk2p5qU8VzZ93zw9iVCeOZSGer+ocXr cwoR/546NXYeRxUzJzn8j0FxJ4i/YTjz+kq3ecEFe4zOvGRnAGaqvsI8h1//Lo0e Zg4Fi0QrGqWr+v/kuuspvKqfbCfvueplN81S5XyDwKzmoc3i+BHmMNOCnGDbJE4C 4AARByxC4a6ZVaZ8oNkqdr9Hh9eCQFSPiHiyUPl5yls/FHU520b/29fmZII6M9YZ KRDiB+D7IYVRzTJUQtVcdP6PDX0HZpa0qZGZdFycb2anQIik6xDhH1b04w== -----END CERTIFICATE-----Generated at Thu Jul 3 02:02:25 2025 by rpki-client