$ rpki-client -vvf rpki.apnic.net/member_repository/A91D9CA8/20DA2746E4FD11EFAC1CE67FC4F9AE02/EF512526E6D711EF8D300475C4F9AE02.roa File: EF512526E6D711EF8D300475C4F9AE02.roa (raw, json) Hash identifier: G+h7ToXq8XsAorxWYN7LBRMYmAjacElCFrNbKrsrwaE= Subject key identifier: 68:DB:53:20:23:F0:8F:83:8C:B6:1F:3B:6F:C8:41:84:66:B4:A3:5A Certificate issuer: /CN=A91D9CA8/serialNumber=CBC6603370FBE84CCCE064E84F4F26EDBEC267B1 Certificate serial: 05 Authority key identifier: CB:C6:60:33:70:FB:E8:4C:CC:E0:64:E8:4F:4F:26:ED:BE:C2:67:B1 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/y8ZgM3D76EzM4GToT08m7b7CZ7E.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D9CA8/20DA2746E4FD11EFAC1CE67FC4F9AE02/EF512526E6D711EF8D300475C4F9AE02.roa Signing time: Sun 09 Feb 2025 11:20:58 +0000 ROA not before: Sun 09 Feb 2025 11:20:58 +0000 ROA not after: Tue 31 Mar 2026 00:00:00 +0000 asID: 9832 IP address blocks: 161.248.118.0/24 maxlen: 24 161.248.119.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D9CA8/20DA2746E4FD11EFAC1CE67FC4F9AE02/y8ZgM3D76EzM4GToT08m7b7CZ7E.crl rsync://rpki.apnic.net/member_repository/A91D9CA8/20DA2746E4FD11EFAC1CE67FC4F9AE02/y8ZgM3D76EzM4GToT08m7b7CZ7E.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/y8ZgM3D76EzM4GToT08m7b7CZ7E.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 12 Apr 2025 02:50:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5 (0x5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D9CA8 Validity Not Before: Feb 9 11:20:58 2025 GMT Not After : Mar 31 00:00:00 2026 GMT Subject: CN=67a88f9a-c08b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:c2:d1:80:97:c9:3e:ec:bc:85:c9:8b:6c:d2: cf:c4:b9:e1:dc:ba:e7:91:57:21:cc:f1:3a:01:5c: 20:c8:e8:68:69:9b:91:e7:69:32:75:7e:68:3e:16: 91:1c:57:95:fe:a3:77:cf:0b:4f:da:01:b0:88:f6: 1f:03:ae:30:29:c1:64:12:f0:56:e5:f8:b0:72:eb: 3c:05:12:8e:2d:74:d1:de:0f:24:ec:6a:37:de:13: 73:37:25:a8:49:83:a8:e8:88:f5:a4:a2:a1:e7:7e: 80:f0:4d:ef:75:ef:50:8e:2f:4c:d5:8d:e9:6a:47: 02:9c:8b:e7:ad:b1:a4:ad:c8:9f:55:9a:50:3e:ed: d1:ba:05:2d:43:f0:7d:4d:3d:04:9a:78:3b:33:2d: 05:47:f7:69:6f:39:fb:a8:ec:83:1c:f1:54:20:cd: 0f:c4:40:be:36:25:79:19:93:a8:46:aa:05:d2:38: cf:14:92:75:a2:5d:0f:af:11:d6:5e:57:2b:8b:83: e5:2d:4e:46:8f:8e:29:f2:db:da:54:bd:21:b8:c3: 51:1e:31:a2:b0:21:43:00:d1:7d:7c:51:5c:89:2f: 96:44:62:43:e0:6e:00:37:8d:a8:a4:ab:84:10:f9: 44:1e:2c:73:ac:5f:b2:02:6f:85:a2:d7:e6:c2:b1: 64:1b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 68:DB:53:20:23:F0:8F:83:8C:B6:1F:3B:6F:C8:41:84:66:B4:A3:5A X509v3 Authority Key Identifier: keyid:CB:C6:60:33:70:FB:E8:4C:CC:E0:64:E8:4F:4F:26:ED:BE:C2:67:B1 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D9CA8/20DA2746E4FD11EFAC1CE67FC4F9AE02/y8ZgM3D76EzM4GToT08m7b7CZ7E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/y8ZgM3D76EzM4GToT08m7b7CZ7E.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D9CA8/20DA2746E4FD11EFAC1CE67FC4F9AE02/EF512526E6D711EF8D300475C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 161.248.118.0/23 Signature Algorithm: sha256WithRSAEncryption 6b:1a:ad:33:f0:f9:58:62:ff:90:c0:e2:4b:e2:83:42:5a:2e: 59:18:e6:e6:3b:21:68:42:db:48:6c:83:25:b1:d9:09:53:ad: c0:d3:a3:fd:c1:14:15:4a:ad:32:78:51:7c:7c:27:88:ef:f5: 5f:8a:cf:5c:93:0c:89:de:0e:cf:f7:6c:e1:66:86:15:81:01: 10:4c:59:f7:e4:d8:0c:b0:f5:db:df:21:26:65:14:5c:ec:f2: b4:1d:d9:1e:d5:c4:02:76:8c:74:a6:f5:65:68:26:b5:19:cb: 39:33:0d:6c:2f:e3:10:de:25:11:de:79:a3:c9:32:09:c7:f3: 2b:51:91:b9:47:99:17:32:fa:23:15:23:89:62:51:f4:7c:89: ab:f7:2a:11:38:cc:2b:c8:6d:7e:c5:37:b8:d7:35:0e:b6:dd: 54:d3:f1:42:ea:25:e8:0c:d7:79:78:30:fe:b6:3c:b2:a1:f8: 72:aa:7b:46:79:53:53:68:40:e3:a1:5f:d6:6c:6a:a3:68:6f: 0e:c3:7e:2f:4c:79:1b:6a:72:4b:77:c6:cd:81:11:57:55:3d: 9f:12:db:c5:ce:e5:d0:5f:a6:18:82:81:47:fc:1a:a3:bb:ec: db:9d:1d:95:5f:30:3c:4b:56:15:ed:2d:11:02:f9:f4:59:ca: d8:27:a5:91 -----BEGIN CERTIFICATE----- MIIFcDCCBFigAwIBAgIBBTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFE OUNBODExMC8GA1UEBRMoQ0JDNjYwMzM3MEZCRTg0Q0NDRTA2NEU4NEY0RjI2RURC RUMyNjdCMTAeFw0yNTAyMDkxMTIwNThaFw0yNjAzMzEwMDAwMDBaMBgxFjAUBgNV BAMTDTY3YTg4ZjlhLWMwOGIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDDwtGAl8k+7LyFyYts0s/EueHcuueRVyHM8ToBXCDI6Ghpm5HnaTJ1fmg+FpEc V5X+o3fPC0/aAbCI9h8DrjApwWQS8Fbl+LBy6zwFEo4tdNHeDyTsajfeE3M3JahJ g6joiPWkoqHnfoDwTe9171COL0zVjelqRwKci+etsaStyJ9VmlA+7dG6BS1D8H1N PQSaeDszLQVH92lvOfuo7IMc8VQgzQ/EQL42JXkZk6hGqgXSOM8UknWiXQ+vEdZe VyuLg+UtTkaPjiny29pUvSG4w1EeMaKwIUMA0X18UVyJL5ZEYkPgbgA3jaikq4QQ +UQeLHOsX7ICb4Wi1+bCsWQbAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUaNtTICPw j4OMth87b8hBhGa0o1owHwYDVR0jBBgwFoAUy8ZgM3D76EzM4GToT08m7b7CZ7Ew DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUQ5Q0E4LzIwREEyNzQ2RTRG RDExRUZBQzFDRTY3RkM0RjlBRTAyL3k4WmdNM0Q3NkV6TTRHVG9UMDhtN2I3Q1o3 RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIveThaZ00zRDc2RXpNNEdUb1QwOG03YjdDWjdFLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE OUNBOC8yMERBMjc0NkU0RkQxMUVGQUMxQ0U2N0ZDNEY5QUUwMi9FRjUxMjUyNkU2 RDcxMUVGOEQzMDA0NzVDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ MA4wDAQCAAEwBgMEAaH4djANBgkqhkiG9w0BAQsFAAOCAQEAaxqtM/D5WGL/kMDi S+KDQlouWRjm5jshaELbSGyDJbHZCVOtwNOj/cEUFUqtMnhRfHwniO/1X4rPXJMM id4Oz/ds4WaGFYEBEExZ9+TYDLD1298hJmUUXOzytB3ZHtXEAnaMdKb1ZWgmtRnL OTMNbC/jEN4lEd55o8kyCcfzK1GRuUeZFzL6IxUjiWJR9HyJq/cqETjMK8htfsU3 uNc1DrbdVNPxQuol6AzXeXgw/rY8sqH4cqp7RnlTU2hA46Ff1mxqo2hvDsN+L0x5 G2pyS3fGzYERV1U9nxLbxc7l0F+mGIKBR/wao7vs250dlV8wPEtWFe0tEQL59FnK 2CelkQ== -----END CERTIFICATE-----Generated at Sat Apr 5 11:39:53 2025 by rpki-client