$ rpki-client -vvf rpki.apnic.net/member_repository/A91417B0/E1AC8210D88311EF954A3D70C4F9AE02/5909D86203DB11F0B7D5DD29C4F9AE02.roa File: 5909D86203DB11F0B7D5DD29C4F9AE02.roa (raw, json) Hash identifier: vXg2V9oSq+UecV6UR/hi4Z0CckYReJT3wpjl4H/MqsM= Subject key identifier: 25:5C:57:9F:99:95:F8:B1:5B:E3:69:9D:8F:2E:83:3D:C9:F7:08:1D Certificate issuer: /CN=A91417B0/serialNumber=CA297747430A1BEB340BCA39D6222FD26419B7DB Certificate serial: 21 Authority key identifier: CA:29:77:47:43:0A:1B:EB:34:0B:CA:39:D6:22:2F:D2:64:19:B7:DB Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/yil3R0MKG-s0C8o51iIv0mQZt9s.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91417B0/E1AC8210D88311EF954A3D70C4F9AE02/5909D86203DB11F0B7D5DD29C4F9AE02.roa Signing time: Tue 18 Mar 2025 09:31:15 +0000 ROA not before: Tue 18 Mar 2025 09:31:15 +0000 ROA not after: Fri 01 May 2026 00:00:00 +0000 asID: 153550 IP address blocks: 161.248.244.0/23 maxlen: 23 161.248.244.0/24 maxlen: 24 161.248.245.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91417B0/E1AC8210D88311EF954A3D70C4F9AE02/yil3R0MKG-s0C8o51iIv0mQZt9s.crl rsync://rpki.apnic.net/member_repository/A91417B0/E1AC8210D88311EF954A3D70C4F9AE02/yil3R0MKG-s0C8o51iIv0mQZt9s.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/yil3R0MKG-s0C8o51iIv0mQZt9s.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 28 Apr 2025 06:30:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 33 (0x21) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91417B0, serialNumber=CA297747430A1BEB340BCA39D6222FD26419B7DB Validity Not Before: Mar 18 09:31:15 2025 GMT Not After : May 1 00:00:00 2026 GMT Subject: CN=67d93d62-e396 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:eb:a2:9f:63:2d:8e:82:55:2c:9a:56:b2:8d:eb: 08:94:72:f5:5b:68:17:ff:3c:cc:da:dd:17:b5:fa: 00:55:2e:50:29:72:fc:8e:eb:20:5c:de:2d:20:b5: fa:41:5e:c3:8b:c2:6a:18:fd:f8:68:1a:7b:09:29: 77:ef:f8:a2:fa:8b:64:2d:b4:6a:07:5b:e2:92:4f: 3f:27:8e:31:64:44:ee:6f:13:5c:6d:ce:f8:ab:1d: f0:c8:e6:e6:d8:b0:3e:87:e3:57:d9:cf:ce:63:92: 9c:e2:fa:11:b5:49:87:6c:e9:6d:9c:1a:b2:70:9d: 7f:85:99:67:70:aa:7d:b1:cc:5e:e1:72:b8:b3:dc: 68:8c:a0:fa:ff:a1:c7:46:94:84:b0:a9:49:56:5c: 7b:42:fc:0e:6b:8b:f6:33:3b:b9:96:9b:6d:79:a3: 46:d5:d8:19:52:f9:03:d1:58:21:a1:fb:d1:b3:90: 19:d9:b5:0d:2e:9d:a0:0d:9f:94:10:11:86:3a:fc: dd:35:76:78:02:4a:ac:cb:a0:eb:c0:ea:a5:40:67: a0:03:02:fb:d2:f9:b7:69:d4:7c:ee:a2:58:47:b8: 9f:93:a0:1e:2c:4b:3e:1f:42:31:32:f4:19:6a:32: fc:e1:12:27:7e:64:eb:9c:29:fb:13:ca:28:ba:5b: b1:6d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 25:5C:57:9F:99:95:F8:B1:5B:E3:69:9D:8F:2E:83:3D:C9:F7:08:1D X509v3 Authority Key Identifier: keyid:CA:29:77:47:43:0A:1B:EB:34:0B:CA:39:D6:22:2F:D2:64:19:B7:DB X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91417B0/E1AC8210D88311EF954A3D70C4F9AE02/yil3R0MKG-s0C8o51iIv0mQZt9s.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/yil3R0MKG-s0C8o51iIv0mQZt9s.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91417B0/E1AC8210D88311EF954A3D70C4F9AE02/5909D86203DB11F0B7D5DD29C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 161.248.244.0/23 Signature Algorithm: sha256WithRSAEncryption b5:4e:d8:02:bb:f5:f5:41:86:f4:dd:71:8e:66:e1:b1:9d:bf: eb:00:c9:05:c0:29:c7:12:a8:b3:f7:26:0d:74:70:e3:dd:bc: e0:57:c2:ff:ce:94:19:7f:f1:96:6e:97:e1:71:88:d9:96:de: aa:50:c5:d7:d6:90:5f:4e:ed:d7:13:0e:55:51:15:ce:04:6f: f1:c9:64:4d:a5:b2:b5:0d:b4:0e:da:88:86:85:03:1a:1c:f7: fc:7c:1e:9e:d5:d8:19:c8:f2:95:78:21:71:b7:aa:d6:81:b2: 4e:9a:c9:2c:b3:1c:53:fe:74:b9:83:4a:28:2f:ca:b1:41:4b: 08:c4:ee:38:21:8e:1f:39:92:ab:36:cf:cb:59:00:76:7b:f3: d5:9d:ea:69:64:c6:07:ba:98:63:a5:27:1e:6b:61:96:69:c5: 38:98:cb:de:f6:64:2b:a6:1a:f2:cb:88:ac:90:dd:c4:bc:a6: 0a:8f:6a:66:de:5a:f5:96:3e:f5:08:05:bd:dd:30:ee:71:e6: ea:b6:b9:0a:24:db:5a:a7:05:98:f2:db:2b:26:11:25:cc:de: cb:5f:f2:cf:a3:ac:35:93:2c:1f:c8:f3:fc:92:e8:69:f7:e7: fb:ce:bc:f1:99:ae:60:80:05:8d:06:3d:14:1e:3b:b3:4c:53: ef:2e:11:63 -----BEGIN CERTIFICATE----- MIIFcDCCBFigAwIBAgIBITANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE0 MTdCMDExMC8GA1UEBRMoQ0EyOTc3NDc0MzBBMUJFQjM0MEJDQTM5RDYyMjJGRDI2 NDE5QjdEQjAeFw0yNTAzMTgwOTMxMTVaFw0yNjA1MDEwMDAwMDBaMBgxFjAUBgNV BAMTDTY3ZDkzZDYyLWUzOTYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDrop9jLY6CVSyaVrKN6wiUcvVbaBf/PMza3Re1+gBVLlApcvyO6yBc3i0gtfpB XsOLwmoY/fhoGnsJKXfv+KL6i2QttGoHW+KSTz8njjFkRO5vE1xtzvirHfDI5ubY sD6H41fZz85jkpzi+hG1SYds6W2cGrJwnX+FmWdwqn2xzF7hcriz3GiMoPr/ocdG lISwqUlWXHtC/A5ri/YzO7mWm215o0bV2BlS+QPRWCGh+9GzkBnZtQ0unaANn5QQ EYY6/N01dngCSqzLoOvA6qVAZ6ADAvvS+bdp1HzuolhHuJ+ToB4sSz4fQjEy9Blq MvzhEid+ZOucKfsTyii6W7FtAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUJVxXn5mV +LFb42mdjy6DPcn3CB0wHwYDVR0jBBgwFoAUyil3R0MKG+s0C8o51iIv0mQZt9sw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTQxN0IwL0UxQUM4MjEwRDg4 MzExRUY5NTRBM0Q3MEM0RjlBRTAyL3lpbDNSME1LRy1zMEM4bzUxaUl2MG1RWnQ5 cy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIveWlsM1IwTUtHLXMwQzhvNTFpSXYwbVFadDlzLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 MTdCMC9FMUFDODIxMEQ4ODMxMUVGOTU0QTNENzBDNEY5QUUwMi81OTA5RDg2MjAz REIxMUYwQjdENUREMjlDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ MA4wDAQCAAEwBgMEAaH49DANBgkqhkiG9w0BAQsFAAOCAQEAtU7YArv19UGG9N1x jmbhsZ2/6wDJBcApxxKos/cmDXRw49284FfC/86UGX/xlm6X4XGI2ZbeqlDF19aQ X07t1xMOVVEVzgRv8clkTaWytQ20DtqIhoUDGhz3/HwentXYGcjylXghcbeq1oGy TprJLLMcU/50uYNKKC/KsUFLCMTuOCGOHzmSqzbPy1kAdnvz1Z3qaWTGB7qYY6Un HmthlmnFOJjL3vZkK6Ya8suIrJDdxLymCo9qZt5a9ZY+9QgFvd0w7nHm6ra5CiTb WqcFmPLbKyYRJczey1/yz6OsNZMsH8jz/JLoaffn+8688ZmuYIAFjQY9FB47s0xT 7y4RYw== -----END CERTIFICATE-----Generated at Tue Apr 22 12:23:02 2025 by rpki-client