$ rpki-client -vvf rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/D88830EA03DE11F099DD3450C4F9AE02.roa File: D88830EA03DE11F099DD3450C4F9AE02.roa (raw, json) Hash identifier: 0eU7bsEeCIc4aTYFc4cQunwDge64RstqgzVMxTzWZio= Subject key identifier: A9:90:0E:A0:10:F2:50:E8:A9:BC:0B:53:6F:BC:EE:46:EE:F3:A2:31 Certificate issuer: /CN=A91A560A/serialNumber=8AC721298F92E10A2EE3051AFBC9114284F80E12 Certificate serial: 057A Authority key identifier: 8A:C7:21:29:8F:92:E1:0A:2E:E3:05:1A:FB:C9:11:42:84:F8:0E:12 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ischKY-S4Qou4wUa-8kRQoT4DhI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/D88830EA03DE11F099DD3450C4F9AE02.roa Signing time: Tue 18 Mar 2025 09:53:30 +0000 ROA not before: Tue 18 Mar 2025 09:53:30 +0000 ROA not after: Fri 31 Oct 2025 00:00:00 +0000 asID: 153499 IP address blocks: 161.248.60.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/ischKY-S4Qou4wUa-8kRQoT4DhI.crl rsync://rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/ischKY-S4Qou4wUa-8kRQoT4DhI.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ischKY-S4Qou4wUa-8kRQoT4DhI.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 13 Apr 2025 14:32:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1402 (0x57a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A560A Validity Not Before: Mar 18 09:53:30 2025 GMT Not After : Oct 31 00:00:00 2025 GMT Subject: CN=67d9429a-7c3e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:5b:4f:99:87:45:49:a5:2b:30:00:4a:ba:fa: eb:1e:4d:87:a8:8f:91:11:9f:3e:23:ef:29:ab:da: 04:5d:2c:26:8b:69:8e:74:d0:b0:32:c6:b2:e8:df: 72:5d:4d:b0:14:4a:7d:eb:14:64:28:85:d6:29:5b: 8c:6f:52:67:b3:17:69:4a:ca:39:11:da:7e:eb:d8: b7:e6:ad:d0:20:24:8d:91:6a:47:5a:31:c9:db:00: 70:e0:ad:1a:10:e7:8b:51:2b:ec:c6:ab:af:e5:bb: 3f:ba:f2:83:f6:87:9d:81:9d:60:aa:5d:5e:64:5f: 8b:f4:6d:ce:d0:69:18:cb:6d:61:cf:d8:19:58:02: b9:34:94:df:e6:e1:a3:45:7c:09:f5:ab:ca:55:1f: 31:a2:40:c2:55:8c:32:16:3a:71:ec:b8:91:8e:e6: 8f:cc:23:9c:b5:d0:ca:e6:e5:92:ed:4d:5a:21:ec: 4a:4c:ee:74:85:03:1c:c6:81:d6:3e:e8:fb:cc:47: 89:eb:5c:34:4c:18:1c:b7:10:d2:fe:50:3c:ea:a5: 96:51:57:5a:49:10:4e:ee:31:07:89:99:eb:d0:63: 0d:4e:cd:87:67:cf:86:7d:3d:51:50:a2:6e:67:80: cc:b6:2b:9a:78:76:78:80:49:7e:b4:3b:f1:3c:08: 3b:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A9:90:0E:A0:10:F2:50:E8:A9:BC:0B:53:6F:BC:EE:46:EE:F3:A2:31 X509v3 Authority Key Identifier: keyid:8A:C7:21:29:8F:92:E1:0A:2E:E3:05:1A:FB:C9:11:42:84:F8:0E:12 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/ischKY-S4Qou4wUa-8kRQoT4DhI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ischKY-S4Qou4wUa-8kRQoT4DhI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/D88830EA03DE11F099DD3450C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 161.248.60.0/23 Signature Algorithm: sha256WithRSAEncryption 9a:3d:15:9a:5c:03:02:75:10:2a:1a:74:9f:e8:2b:2d:dc:95: b8:33:f5:b6:3f:c1:6e:e9:70:69:34:45:a5:6b:d9:81:c9:e3: 44:73:2d:83:8b:91:89:73:67:40:cb:1a:54:f0:ff:d3:32:6d: 0e:ee:c8:1b:ea:a4:14:b1:a8:c3:7d:ea:6c:61:05:44:f6:e1: cf:a0:62:46:2b:73:da:f9:34:6d:88:b5:0c:43:94:c4:e7:3f: 72:ab:dc:6f:4d:64:be:39:e1:e4:63:01:e9:04:1a:10:6c:00: 1a:4c:d1:e5:e9:38:04:f0:75:3f:47:cd:da:10:58:31:c5:e7: 8d:db:de:d7:74:24:c7:75:10:fe:39:74:16:28:c0:33:b0:4f: 00:a6:bc:47:39:ca:bb:27:82:43:0f:9f:21:51:76:ff:8c:f6: df:a2:b1:04:a4:6e:1b:38:ca:1a:84:6d:ff:b0:be:33:cc:a4: 09:6d:86:bc:0f:0c:b8:92:c4:b3:bc:88:2a:78:10:c5:d8:78: c7:61:6d:b8:eb:7f:ea:a6:98:62:de:45:90:37:d1:29:31:b1: 77:10:6f:62:62:7d:86:3f:87:07:f3:4a:b2:28:bc:68:15:42: f8:02:bc:ae:bd:d4:44:9c:0b:c5:96:7b:d5:d7:c8:e1:ea:e4: a7:a2:ab:41 -----BEGIN CERTIFICATE----- MIIFcTCCBFmgAwIBAgICBXowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTU2MEExMTAvBgNVBAUTKDhBQzcyMTI5OEY5MkUxMEEyRUUzMDUxQUZCQzkxMTQy ODRGODBFMTIwHhcNMjUwMzE4MDk1MzMwWhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD VQQDEw02N2Q5NDI5YS03YzNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA1ltPmYdFSaUrMABKuvrrHk2HqI+REZ8+I+8pq9oEXSwmi2mOdNCwMsay6N9y XU2wFEp96xRkKIXWKVuMb1JnsxdpSso5Edp+69i35q3QICSNkWpHWjHJ2wBw4K0a EOeLUSvsxquv5bs/uvKD9oedgZ1gql1eZF+L9G3O0GkYy21hz9gZWAK5NJTf5uGj RXwJ9avKVR8xokDCVYwyFjpx7LiRjuaPzCOctdDK5uWS7U1aIexKTO50hQMcxoHW Puj7zEeJ61w0TBgctxDS/lA86qWWUVdaSRBO7jEHiZnr0GMNTs2HZ8+GfT1RUKJu Z4DMtiuaeHZ4gEl+tDvxPAg7dQIDAQABo4IClTCCApEwHQYDVR0OBBYEFKmQDqAQ 8lDoqbwLU2+87kbu86IxMB8GA1UdIwQYMBaAFIrHISmPkuEKLuMFGvvJEUKE+A4S MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTYwQS8yMDk1ODYxOEE5 REYxMUVFQTM1NkE0M0VDNEY5QUUwMi9pc2NoS1ktUzRRb3U0d1VhLThrUlFvVDRE aEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL2lzY2hLWS1TNFFvdTR3VWEtOGtSUW9UNERoSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QTU2MEEvMjA5NTg2MThBOURGMTFFRUEzNTZBNDNFQzRGOUFFMDIvRDg4ODMwRUEw M0RFMTFGMDk5REQzNDUwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E EDAOMAwEAgABMAYDBAGh+DwwDQYJKoZIhvcNAQELBQADggEBAJo9FZpcAwJ1ECoa dJ/oKy3clbgz9bY/wW7pcGk0RaVr2YHJ40RzLYOLkYlzZ0DLGlTw/9MybQ7uyBvq pBSxqMN96mxhBUT24c+gYkYrc9r5NG2ItQxDlMTnP3Kr3G9NZL454eRjAekEGhBs ABpM0eXpOATwdT9HzdoQWDHF543b3td0JMd1EP45dBYowDOwTwCmvEc5yrsngkMP nyFRdv+M9t+isQSkbhs4yhqEbf+wvjPMpAlthrwPDLiSxLO8iCp4EMXYeMdhbbjr f+qmmGLeRZA30SkxsXcQb2JifYY/hwfzSrIovGgVQvgCvK691EScC8WWe9XXyOHq 5Keiq0E= -----END CERTIFICATE-----Generated at Mon Apr 7 09:01:41 2025 by rpki-client