$ rpki-client -vvf rpki.apnic.net/member_repository/A919874A/ECE166D4EAD311EFB1C4CC55C4F9AE02/7223D638EAD411EFBA2AB40EC4F9AE02.roa File: 7223D638EAD411EFBA2AB40EC4F9AE02.roa (raw, json) Hash identifier: YkOEpYLdm6BW8Hk0zKrvSza04bgoNTs0voQjpsLjr2k= Subject key identifier: 61:56:18:C0:E3:2E:20:E4:E5:2D:43:E9:2A:D7:21:89:B0:7A:27:26 Certificate issuer: /CN=A919874A/serialNumber=D0480FF1075052FEFEE6C08E1DBF8E83E0012788 Certificate serial: 03 Authority key identifier: D0:48:0F:F1:07:50:52:FE:FE:E6:C0:8E:1D:BF:8E:83:E0:01:27:88 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/0EgP8QdQUv7-5sCOHb-Og-ABJ4g.cer Subject info access: rsync://rpki.apnic.net/member_repository/A919874A/ECE166D4EAD311EFB1C4CC55C4F9AE02/7223D638EAD411EFBA2AB40EC4F9AE02.roa Signing time: Fri 14 Feb 2025 13:06:04 +0000 ROA not before: Fri 14 Feb 2025 13:06:04 +0000 ROA not after: Fri 01 May 2026 00:00:00 +0000 asID: 153488 IP address blocks: 161.248.117.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A919874A/ECE166D4EAD311EFB1C4CC55C4F9AE02/0EgP8QdQUv7-5sCOHb-Og-ABJ4g.crl rsync://rpki.apnic.net/member_repository/A919874A/ECE166D4EAD311EFB1C4CC55C4F9AE02/0EgP8QdQUv7-5sCOHb-Og-ABJ4g.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/0EgP8QdQUv7-5sCOHb-Og-ABJ4g.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 12 Apr 2025 07:11:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3 (0x3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A919874A Validity Not Before: Feb 14 13:06:04 2025 GMT Not After : May 1 00:00:00 2026 GMT Subject: CN=67af3fbc-75ef Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:4a:b4:e4:3e:83:7e:f7:67:76:41:af:03:d2: 03:ef:84:74:43:af:8b:6f:be:fa:d2:52:e1:f5:7d: 1e:33:97:03:4a:3c:53:8c:6e:6e:87:64:24:b5:b5: bc:0c:ee:5a:b1:8f:75:45:02:11:e8:87:bb:e8:d7: 21:00:13:0f:46:e6:03:80:27:b7:a1:93:ad:42:8f: 42:1f:26:39:7a:c4:3b:0a:45:b4:7b:07:be:49:d6: d7:76:28:ad:b2:8e:a5:83:d5:6a:c4:27:0c:35:e3: 4c:6c:96:00:87:9d:2c:58:5a:c5:55:54:4a:71:90: 86:8d:3d:bb:80:37:18:42:00:16:82:b3:31:0d:ef: 5d:d0:53:70:32:9c:bc:2a:c6:04:9b:cd:06:fb:de: 27:9a:13:aa:c3:de:c6:3e:11:96:d3:ef:aa:a0:95: 88:a0:29:c9:47:5b:57:f1:1b:40:43:48:c9:cf:9e: a0:c0:6c:aa:00:d7:04:d0:ba:81:cd:7a:ca:1a:02: 6d:82:96:be:fb:c0:b1:93:5b:35:4c:18:4d:be:45: b7:d1:71:0f:8d:cf:10:37:39:d8:b6:6e:3a:ce:22: 9b:4c:87:a2:a4:b0:a0:51:84:2e:14:1f:18:5d:31: 94:70:f0:98:63:ed:55:a0:bb:7f:cc:fc:23:1a:41: ae:f5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 61:56:18:C0:E3:2E:20:E4:E5:2D:43:E9:2A:D7:21:89:B0:7A:27:26 X509v3 Authority Key Identifier: keyid:D0:48:0F:F1:07:50:52:FE:FE:E6:C0:8E:1D:BF:8E:83:E0:01:27:88 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A919874A/ECE166D4EAD311EFB1C4CC55C4F9AE02/0EgP8QdQUv7-5sCOHb-Og-ABJ4g.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/0EgP8QdQUv7-5sCOHb-Og-ABJ4g.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919874A/ECE166D4EAD311EFB1C4CC55C4F9AE02/7223D638EAD411EFBA2AB40EC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 161.248.117.0/24 Signature Algorithm: sha256WithRSAEncryption 50:d9:8c:c3:28:bb:7b:8f:6c:fb:3f:6c:6b:4e:82:bd:a0:19: 07:61:09:9c:e6:87:3a:78:ff:f9:0a:47:bc:61:1a:bd:12:80: 53:77:8e:cd:f1:23:da:41:df:c7:a1:41:2e:6c:21:c0:bc:45: 0c:de:81:42:05:04:5a:5f:2b:d8:08:aa:c4:89:2a:8f:5a:83: 75:b2:a8:8d:e3:18:eb:ca:11:61:d3:cc:d8:b0:db:70:70:af: 91:9f:d5:ac:35:3c:cc:e4:09:75:b5:52:c7:38:20:b5:b6:9f: 02:0c:ea:dc:a4:33:11:01:e8:f7:e1:72:c4:b6:cb:12:9f:40: 79:0b:dc:13:a4:09:cf:fc:49:c1:59:48:97:e0:92:a2:8a:68: ab:37:b6:03:00:ae:d5:f3:d2:79:3d:b4:52:33:b4:eb:3a:d2: fd:32:6a:41:5e:06:9f:1c:6d:17:cc:4c:c2:9b:8c:d5:19:80: b2:08:16:10:32:a7:5e:65:cb:33:d8:65:ae:db:fd:81:47:7d: fe:a9:70:bb:7d:2f:1d:68:21:b9:c2:99:ce:11:e5:c2:17:4f: 3d:5a:28:0e:63:8a:11:10:ba:f9:db:18:b2:f3:96:00:66:cc: a2:f2:14:49:86:eb:75:20:d9:d9:be:f0:95:6a:93:a0:07:47: 33:ca:58:85 -----BEGIN CERTIFICATE----- MIIFcDCCBFigAwIBAgIBAzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE5 ODc0QTExMC8GA1UEBRMoRDA0ODBGRjEwNzUwNTJGRUZFRTZDMDhFMURCRjhFODNF MDAxMjc4ODAeFw0yNTAyMTQxMzA2MDRaFw0yNjA1MDEwMDAwMDBaMBgxFjAUBgNV BAMTDTY3YWYzZmJjLTc1ZWYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCvSrTkPoN+92d2Qa8D0gPvhHRDr4tvvvrSUuH1fR4zlwNKPFOMbm6HZCS1tbwM 7lqxj3VFAhHoh7vo1yEAEw9G5gOAJ7ehk61Cj0IfJjl6xDsKRbR7B75J1td2KK2y jqWD1WrEJww140xslgCHnSxYWsVVVEpxkIaNPbuANxhCABaCszEN713QU3AynLwq xgSbzQb73ieaE6rD3sY+EZbT76qglYigKclHW1fxG0BDSMnPnqDAbKoA1wTQuoHN esoaAm2Clr77wLGTWzVMGE2+RbfRcQ+NzxA3Odi2bjrOIptMh6KksKBRhC4UHxhd MZRw8Jhj7VWgu3/M/CMaQa71AgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUYVYYwOMu IOTlLUPpKtchibB6JyYwHwYDVR0jBBgwFoAU0EgP8QdQUv7+5sCOHb+Og+ABJ4gw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTk4NzRBL0VDRTE2NkQ0RUFE MzExRUZCMUM0Q0M1NUM0RjlBRTAyLzBFZ1A4UWRRVXY3LTVzQ09IYi1PZy1BQko0 Zy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvMEVnUDhRZFFVdjctNXNDT0hiLU9nLUFCSjRnLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5 ODc0QS9FQ0UxNjZENEVBRDMxMUVGQjFDNENDNTVDNEY5QUUwMi83MjIzRDYzOEVB RDQxMUVGQkEyQUI0MEVDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ MA4wDAQCAAEwBgMEAKH4dTANBgkqhkiG9w0BAQsFAAOCAQEAUNmMwyi7e49s+z9s a06CvaAZB2EJnOaHOnj/+QpHvGEavRKAU3eOzfEj2kHfx6FBLmwhwLxFDN6BQgUE Wl8r2AiqxIkqj1qDdbKojeMY68oRYdPM2LDbcHCvkZ/VrDU8zOQJdbVSxzggtbaf Agzq3KQzEQHo9+FyxLbLEp9AeQvcE6QJz/xJwVlIl+CSoopoqze2AwCu1fPSeT20 UjO06zrS/TJqQV4GnxxtF8xMwpuM1RmAsggWEDKnXmXLM9hlrtv9gUd9/qlwu30v HWghucKZzhHlwhdPPVooDmOKERC6+dsYsvOWAGbMovIUSYbrdSDZ2b7wlWqToAdH M8pYhQ== -----END CERTIFICATE-----Generated at Sat Apr 5 18:51:35 2025 by rpki-client