$ rpki-client -vvf rpki.apnic.net/member_repository/A91FF1CC/3AFC33E2EF6311EFBF64AB6AC4F9AE02/CC37DC24024311F0B8CC3D64C4F9AE02.roa File: CC37DC24024311F0B8CC3D64C4F9AE02.roa (raw, json) Hash identifier: p8FHrwqthntaiCGXD1qfLj6KRbEBkZSs0aBfuIq0c5c= Subject key identifier: 04:06:D9:4B:86:2D:35:76:AC:67:72:2E:AC:54:82:F2:17:B3:FA:E2 Certificate issuer: /CN=A91FF1CC/serialNumber=446FAF923BEBAF96357287FE250991C75491454D Certificate serial: 14 Authority key identifier: 44:6F:AF:92:3B:EB:AF:96:35:72:87:FE:25:09:91:C7:54:91:45:4D Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/RG-vkjvrr5Y1cof-JQmRx1SRRU0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91FF1CC/3AFC33E2EF6311EFBF64AB6AC4F9AE02/CC37DC24024311F0B8CC3D64C4F9AE02.roa Signing time: Sun 16 Mar 2025 08:51:06 +0000 ROA not before: Sun 16 Mar 2025 08:51:06 +0000 ROA not after: Sat 31 Jan 2026 00:00:00 +0000 asID: 152639 IP address blocks: 161.248.57.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91FF1CC/3AFC33E2EF6311EFBF64AB6AC4F9AE02/RG-vkjvrr5Y1cof-JQmRx1SRRU0.crl rsync://rpki.apnic.net/member_repository/A91FF1CC/3AFC33E2EF6311EFBF64AB6AC4F9AE02/RG-vkjvrr5Y1cof-JQmRx1SRRU0.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/RG-vkjvrr5Y1cof-JQmRx1SRRU0.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 12 Apr 2025 07:13:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 20 (0x14) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FF1CC Validity Not Before: Mar 16 08:51:06 2025 GMT Not After : Jan 31 00:00:00 2026 GMT Subject: CN=67d690fa-0187 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:a9:a2:67:6f:a8:66:16:00:14:16:0c:58:42: 5b:72:31:9e:e5:c0:60:ed:9e:51:84:03:b3:3c:9a: e6:3e:d8:70:22:f8:53:6e:e7:c5:a6:b7:a7:85:bf: 82:bf:09:e2:ce:93:f9:8e:6b:be:53:c2:d9:7b:de: a4:f9:67:6d:cf:5d:bd:a4:46:b2:de:57:31:a7:a3: ce:43:0d:fb:cc:30:02:61:e1:a1:92:1e:b9:d0:b7: 68:06:13:7f:eb:7d:0e:a8:bd:fa:11:da:8b:b7:19: fc:42:60:1e:5e:db:95:83:37:6e:1e:95:ba:a9:a5: 81:c1:57:52:93:71:e8:88:3b:14:1a:9f:7b:58:19: 78:87:8a:33:d7:a2:2d:2a:5b:29:bb:f6:6f:46:43: 4e:10:6e:24:2d:6e:52:3a:9c:c0:63:10:66:b9:ed: cd:f4:2a:76:21:00:88:f6:35:fc:b2:24:0d:fa:64: e5:a9:74:d7:d4:a8:52:a9:bc:4e:f5:6b:8e:07:79: d6:0e:c2:ff:93:40:11:ce:6f:2f:ea:10:58:bf:54: e4:5f:90:76:66:16:d4:2e:e6:22:86:85:d0:b5:37: 72:cb:80:6a:1b:85:50:e3:a3:22:77:95:b5:10:b1: 4b:82:48:fc:3a:2d:89:cf:bd:6a:77:27:77:56:e5: 76:43 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 04:06:D9:4B:86:2D:35:76:AC:67:72:2E:AC:54:82:F2:17:B3:FA:E2 X509v3 Authority Key Identifier: keyid:44:6F:AF:92:3B:EB:AF:96:35:72:87:FE:25:09:91:C7:54:91:45:4D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91FF1CC/3AFC33E2EF6311EFBF64AB6AC4F9AE02/RG-vkjvrr5Y1cof-JQmRx1SRRU0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/RG-vkjvrr5Y1cof-JQmRx1SRRU0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FF1CC/3AFC33E2EF6311EFBF64AB6AC4F9AE02/CC37DC24024311F0B8CC3D64C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 161.248.57.0/24 Signature Algorithm: sha256WithRSAEncryption 77:27:59:47:4b:ab:e6:82:8b:40:e5:2a:8f:41:ff:4b:72:c5: 79:d9:64:fd:23:07:98:b5:90:b9:bb:01:9f:f2:38:01:64:6b: 3d:c5:af:57:59:41:f3:75:1e:6b:d6:89:f8:0c:c2:b3:38:91: 16:ed:52:8e:91:2b:c2:d9:14:f2:f1:74:05:09:1e:3d:e5:e5: 32:d1:6b:50:67:fe:dd:ac:9a:84:b0:3a:8c:3f:fe:c1:55:22: 52:a1:9a:a1:0e:4c:18:98:46:f3:70:a3:e1:19:1d:ae:17:33: e0:7f:9b:03:b9:c4:b5:31:8c:08:c3:af:f7:1c:22:21:03:4e: 50:ef:cf:b9:86:50:ca:3e:42:d7:2e:7d:3c:15:02:ca:c4:44: 70:e0:e2:04:c5:90:66:4e:9d:b1:8c:a0:fb:35:87:b4:2d:9c: 4a:12:7b:24:05:79:1d:a8:8a:65:cc:c0:09:8e:7a:1d:a5:2b: fa:01:c0:0f:51:d1:d7:6d:4b:9d:c7:2f:00:79:95:00:c0:a2: 56:02:d5:c8:53:e6:78:96:bd:28:c8:65:21:fa:f7:cb:1b:6a: 56:c8:95:da:9b:b6:62:05:09:e4:af:88:22:31:48:4e:1b:38: 24:f0:dd:e4:9c:d6:bf:8e:20:a6:a2:bd:4f:a5:1e:fb:47:f2: 06:0d:19:8a -----BEGIN CERTIFICATE----- MIIFcDCCBFigAwIBAgIBFDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFG RjFDQzExMC8GA1UEBRMoNDQ2RkFGOTIzQkVCQUY5NjM1NzI4N0ZFMjUwOTkxQzc1 NDkxNDU0RDAeFw0yNTAzMTYwODUxMDZaFw0yNjAxMzEwMDAwMDBaMBgxFjAUBgNV BAMTDTY3ZDY5MGZhLTAxODcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCxqaJnb6hmFgAUFgxYQltyMZ7lwGDtnlGEA7M8muY+2HAi+FNu58Wmt6eFv4K/ CeLOk/mOa75Twtl73qT5Z23PXb2kRrLeVzGno85DDfvMMAJh4aGSHrnQt2gGE3/r fQ6ovfoR2ou3GfxCYB5e25WDN24elbqppYHBV1KTceiIOxQan3tYGXiHijPXoi0q Wym79m9GQ04QbiQtblI6nMBjEGa57c30KnYhAIj2NfyyJA36ZOWpdNfUqFKpvE71 a44HedYOwv+TQBHOby/qEFi/VORfkHZmFtQu5iKGhdC1N3LLgGobhVDjoyJ3lbUQ sUuCSPw6LYnPvWp3J3dW5XZDAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUBAbZS4Yt NXasZ3IurFSC8hez+uIwHwYDVR0jBBgwFoAURG+vkjvrr5Y1cof+JQmRx1SRRU0w DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUZGMUNDLzNBRkMzM0UyRUY2 MzExRUZCRjY0QUI2QUM0RjlBRTAyL1JHLXZranZycjVZMWNvZi1KUW1SeDFTUlJV MC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvUkctdmtqdnJyNVkxY29mLUpRbVJ4MVNSUlUwLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG RjFDQy8zQUZDMzNFMkVGNjMxMUVGQkY2NEFCNkFDNEY5QUUwMi9DQzM3REMyNDAy NDMxMUYwQjhDQzNENjRDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ MA4wDAQCAAEwBgMEAKH4OTANBgkqhkiG9w0BAQsFAAOCAQEAdydZR0ur5oKLQOUq j0H/S3LFedlk/SMHmLWQubsBn/I4AWRrPcWvV1lB83Uea9aJ+AzCsziRFu1SjpEr wtkU8vF0BQkePeXlMtFrUGf+3ayahLA6jD/+wVUiUqGaoQ5MGJhG83Cj4Rkdrhcz 4H+bA7nEtTGMCMOv9xwiIQNOUO/PuYZQyj5C1y59PBUCysREcODiBMWQZk6dsYyg +zWHtC2cShJ7JAV5HaiKZczACY56HaUr+gHAD1HR121LnccvAHmVAMCiVgLVyFPm eJa9KMhlIfr3yxtqVsiV2pu2YgUJ5K+IIjFIThs4JPDd5JzWv44gpqK9T6Ue+0fy Bg0Zig== -----END CERTIFICATE-----Generated at Sun Apr 6 10:11:00 2025 by rpki-client