$ rpki-client -vvf rpki.apnic.net/member_repository/A91709F5/3283E7D4DFDA11EF8B478624C4F9AE02/A42925E8DFDA11EFB5E94125C4F9AE02.roa File: A42925E8DFDA11EFB5E94125C4F9AE02.roa (raw, json) Hash identifier: mx4Ct5Tnd5YkFq5qkT60Yq1dgh6KZfYC5nrKRxnyy28= Subject key identifier: 61:B9:62:12:D3:DF:27:80:FA:31:8F:1B:62:68:8F:68:F3:3A:8D:A5 Certificate issuer: /CN=A91709F5/serialNumber=F12895792117E90703A0020F4F359831DB2F937A Certificate serial: 02 Authority key identifier: F1:28:95:79:21:17:E9:07:03:A0:02:0F:4F:35:98:31:DB:2F:93:7A Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/8SiVeSEX6QcDoAIPTzWYMdsvk3o.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91709F5/3283E7D4DFDA11EF8B478624C4F9AE02/A42925E8DFDA11EFB5E94125C4F9AE02.roa Signing time: Fri 31 Jan 2025 13:52:42 +0000 ROA not before: Fri 31 Jan 2025 13:52:42 +0000 ROA not after: Fri 01 May 2026 00:00:00 +0000 asID: 153527 IP address blocks: 161.248.202.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91709F5/3283E7D4DFDA11EF8B478624C4F9AE02/8SiVeSEX6QcDoAIPTzWYMdsvk3o.crl rsync://rpki.apnic.net/member_repository/A91709F5/3283E7D4DFDA11EF8B478624C4F9AE02/8SiVeSEX6QcDoAIPTzWYMdsvk3o.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/8SiVeSEX6QcDoAIPTzWYMdsvk3o.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 12 Apr 2025 02:50:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2 (0x2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91709F5 Validity Not Before: Jan 31 13:52:42 2025 GMT Not After : May 1 00:00:00 2026 GMT Subject: CN=679cd5aa-5ae4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:da:7e:99:2e:dd:3a:03:ba:5c:f8:1f:9c:37:8c: 82:e6:40:b5:25:45:71:1e:46:bf:f3:e8:03:ae:3d: 6e:82:bf:1b:52:cd:f0:df:dd:2b:8f:30:e0:cb:53: df:c2:d1:e0:2b:91:f1:11:04:55:5b:d0:f6:db:cf: 41:af:bb:9b:4d:c2:ee:15:1e:1d:fc:f9:1d:cd:cb: 7e:74:3b:d9:83:0c:8d:5e:6b:7f:94:25:cc:3b:d7: 71:f8:90:45:9c:ba:07:79:d4:53:cb:2f:e0:07:d4: bd:c4:15:8f:09:02:a5:ff:84:9f:7e:5a:8b:35:fb: 69:96:1b:a0:2c:b4:e2:e5:44:ab:78:ec:5d:e9:4e: c6:92:c7:dd:9d:ec:05:8a:27:54:9e:b0:19:a5:86: b8:1f:b4:54:96:0c:c1:80:2d:8c:88:f6:50:3b:ac: 05:36:b3:9a:e0:ff:c2:e0:3d:e3:7a:9b:79:0e:d4: 3a:f1:10:7f:12:96:cb:5a:e8:9f:f7:f0:8d:85:60: e4:78:1b:f5:f6:66:ef:29:9a:d3:29:37:1a:b1:2e: ba:90:c2:43:cc:cf:b8:08:b7:5d:cf:8c:d5:c0:ba: 6c:3d:76:f4:9e:aa:d6:44:9d:20:fa:ce:63:f0:b5: 94:65:a8:e7:a7:49:99:dd:0f:cf:a8:69:9d:20:50: a8:47 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 61:B9:62:12:D3:DF:27:80:FA:31:8F:1B:62:68:8F:68:F3:3A:8D:A5 X509v3 Authority Key Identifier: keyid:F1:28:95:79:21:17:E9:07:03:A0:02:0F:4F:35:98:31:DB:2F:93:7A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91709F5/3283E7D4DFDA11EF8B478624C4F9AE02/8SiVeSEX6QcDoAIPTzWYMdsvk3o.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/8SiVeSEX6QcDoAIPTzWYMdsvk3o.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91709F5/3283E7D4DFDA11EF8B478624C4F9AE02/A42925E8DFDA11EFB5E94125C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 161.248.202.0/24 Signature Algorithm: sha256WithRSAEncryption 1f:c6:e4:cf:78:0f:d8:83:0f:9c:0b:05:96:0e:c7:bf:46:52: c9:7e:57:52:81:8b:70:d6:1c:c9:d9:78:4f:ba:1d:54:c6:b3: ee:c4:83:71:4d:6c:58:49:66:97:ca:c6:d6:86:e4:c5:9b:c1: 96:fe:0d:d5:92:18:ec:0b:d2:e2:ef:e7:75:76:ff:08:0e:9c: c1:87:09:32:5c:f4:59:68:7e:25:02:32:61:0a:d4:21:65:23: 6d:cd:0f:f4:df:69:61:e4:76:dd:17:13:aa:42:83:22:76:5c: f6:85:bc:4c:b2:6f:0e:4d:2e:aa:29:80:23:22:ca:d3:10:76: 02:2d:fc:41:8f:9c:3f:46:b8:ff:20:cc:19:a7:8c:ee:40:7f: bb:bc:09:03:99:da:ed:41:d7:d4:1c:e5:69:25:1a:30:50:bf: a9:b6:b3:f6:0f:c0:c1:74:2d:8c:9f:b8:23:19:42:b0:45:28: a3:fe:42:6d:b2:20:c9:b0:88:e6:d5:ef:97:08:5b:12:02:1e: f4:2d:e3:c9:c9:5f:ff:bb:35:50:40:6d:7d:84:3a:60:6f:b0: ba:e9:fc:82:1f:f4:bb:cb:79:1c:9d:06:0d:b8:46:33:ea:cc: 3b:18:09:4d:45:42:09:6a:af:88:44:73:9e:48:c0:05:d5:1a: 37:a6:cc:e4 -----BEGIN CERTIFICATE----- MIIFcDCCBFigAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE3 MDlGNTExMC8GA1UEBRMoRjEyODk1NzkyMTE3RTkwNzAzQTAwMjBGNEYzNTk4MzFE QjJGOTM3QTAeFw0yNTAxMzExMzUyNDJaFw0yNjA1MDEwMDAwMDBaMBgxFjAUBgNV BAMTDTY3OWNkNWFhLTVhZTQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDafpku3ToDulz4H5w3jILmQLUlRXEeRr/z6AOuPW6CvxtSzfDf3SuPMODLU9/C 0eArkfERBFVb0Pbbz0Gvu5tNwu4VHh38+R3Ny350O9mDDI1ea3+UJcw713H4kEWc ugd51FPLL+AH1L3EFY8JAqX/hJ9+Wos1+2mWG6AstOLlRKt47F3pTsaSx92d7AWK J1SesBmlhrgftFSWDMGALYyI9lA7rAU2s5rg/8LgPeN6m3kO1DrxEH8Slsta6J/3 8I2FYOR4G/X2Zu8pmtMpNxqxLrqQwkPMz7gIt13PjNXAumw9dvSeqtZEnSD6zmPw tZRlqOenSZndD8+oaZ0gUKhHAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUYbliEtPf J4D6MY8bYmiPaPM6jaUwHwYDVR0jBBgwFoAU8SiVeSEX6QcDoAIPTzWYMdsvk3ow DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTcwOUY1LzMyODNFN0Q0REZE QTExRUY4QjQ3ODYyNEM0RjlBRTAyLzhTaVZlU0VYNlFjRG9BSVBUeldZTWRzdmsz by5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvOFNpVmVTRVg2UWNEb0FJUFR6V1lNZHN2azNvLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 MDlGNS8zMjgzRTdENERGREExMUVGOEI0Nzg2MjRDNEY5QUUwMi9BNDI5MjVFOERG REExMUVGQjVFOTQxMjVDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ MA4wDAQCAAEwBgMEAKH4yjANBgkqhkiG9w0BAQsFAAOCAQEAH8bkz3gP2IMPnAsF lg7Hv0ZSyX5XUoGLcNYcydl4T7odVMaz7sSDcU1sWElml8rG1obkxZvBlv4N1ZIY 7AvS4u/ndXb/CA6cwYcJMlz0WWh+JQIyYQrUIWUjbc0P9N9pYeR23RcTqkKDInZc 9oW8TLJvDk0uqimAIyLK0xB2Ai38QY+cP0a4/yDMGaeM7kB/u7wJA5na7UHX1Bzl aSUaMFC/qbaz9g/AwXQtjJ+4IxlCsEUoo/5CbbIgybCI5tXvlwhbEgIe9C3jyclf /7s1UEBtfYQ6YG+wuun8gh/0u8t5HJ0GDbhGM+rMOxgJTUVCCWqviERznkjABdUa N6bM5A== -----END CERTIFICATE-----Generated at Sat Apr 5 14:30:37 2025 by rpki-client