$ rpki-client -vvf rpki.apnic.net/member_repository/A911E0B4/E96489AEAF3811EFA20DD013C4F9AE02/5AF3ECBEAFBA11EF91955453C4F9AE02.roa File: 5AF3ECBEAFBA11EF91955453C4F9AE02.roa (raw, json) Hash identifier: x22vmPwJWZ5KhIsY5PtxJtvF9T7oNt50WfxUCDRwJlo= Subject key identifier: 38:EC:F1:49:B3:D0:9C:77:14:56:E5:68:B3:A7:F2:4E:2C:58:F5:49 Certificate issuer: /CN=A911E0B4/serialNumber=0FD4437521DB5C0BC99E45B59754FF7B671F86F3 Certificate serial: 06 Authority key identifier: 0F:D4:43:75:21:DB:5C:0B:C9:9E:45:B5:97:54:FF:7B:67:1F:86:F3 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/D9RDdSHbXAvJnkW1l1T_e2cfhvM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A911E0B4/E96489AEAF3811EFA20DD013C4F9AE02/5AF3ECBEAFBA11EF91955453C4F9AE02.roa Signing time: Sun 01 Dec 2024 08:00:40 +0000 ROA not before: Sun 01 Dec 2024 08:00:40 +0000 ROA not after: Mon 02 Mar 2026 00:00:00 +0000 asID: 139043 IP address blocks: 160.250.50.0/24 maxlen: 24 160.250.51.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A911E0B4/E96489AEAF3811EFA20DD013C4F9AE02/D9RDdSHbXAvJnkW1l1T_e2cfhvM.crl rsync://rpki.apnic.net/member_repository/A911E0B4/E96489AEAF3811EFA20DD013C4F9AE02/D9RDdSHbXAvJnkW1l1T_e2cfhvM.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/D9RDdSHbXAvJnkW1l1T_e2cfhvM.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 12 Feb 2025 06:14:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6 (0x6) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A911E0B4 Validity Not Before: Dec 1 08:00:40 2024 GMT Not After : Mar 2 00:00:00 2026 GMT Subject: CN=674c17a7-9de3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:d9:7b:d9:bd:e8:cb:5b:9a:c1:54:2f:30:bc: fb:33:c3:31:fe:2a:75:c9:d2:b5:c1:c0:5c:37:48: b6:f5:c6:bd:a3:39:0f:2a:24:20:a2:31:39:93:97: 84:27:64:c1:84:06:08:de:34:5b:71:b3:46:04:55: b3:eb:3b:a6:c8:fc:f6:03:8c:ec:f4:6f:e6:e6:71: ea:2d:a9:b0:38:50:99:54:6a:82:bf:2d:9e:c6:85: 3c:25:c6:3a:ee:15:97:a1:d1:58:cf:e9:27:96:4c: 7b:ae:c3:f8:62:39:a7:68:67:8c:79:33:89:0d:7f: 1b:63:a0:bc:1b:d5:ad:0c:ad:f4:e4:0a:ce:34:72: 40:94:4f:6a:d8:a7:3c:04:76:04:d5:0b:13:9c:3c: 50:63:59:cc:9d:1e:22:22:95:bc:be:f5:91:65:7c: 54:45:2d:bd:d1:0a:b6:98:c9:58:12:d0:c2:37:0a: f3:59:d0:34:0e:50:15:8e:18:6b:89:01:24:76:8b: 0f:bf:88:33:85:c6:38:60:60:78:ad:9f:0a:be:55: fa:e4:a9:06:c3:52:45:da:22:3d:5a:94:17:f5:9d: 9c:4b:07:06:ce:5f:02:db:80:fd:39:29:97:1e:5c: 7a:a9:55:af:a6:7f:2a:f4:a7:c8:91:46:c9:1a:0c: a0:63 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 38:EC:F1:49:B3:D0:9C:77:14:56:E5:68:B3:A7:F2:4E:2C:58:F5:49 X509v3 Authority Key Identifier: keyid:0F:D4:43:75:21:DB:5C:0B:C9:9E:45:B5:97:54:FF:7B:67:1F:86:F3 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A911E0B4/E96489AEAF3811EFA20DD013C4F9AE02/D9RDdSHbXAvJnkW1l1T_e2cfhvM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/D9RDdSHbXAvJnkW1l1T_e2cfhvM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911E0B4/E96489AEAF3811EFA20DD013C4F9AE02/5AF3ECBEAFBA11EF91955453C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 160.250.50.0/23 Signature Algorithm: sha256WithRSAEncryption 6c:c7:40:86:d9:ad:35:40:a6:d9:24:8d:d2:c6:00:96:c7:a8: e6:65:cb:64:60:3f:3a:4e:a7:69:28:9d:71:ac:49:04:b1:3b: a9:48:f1:10:05:de:93:2a:22:71:cc:ea:27:a5:26:d0:67:9b: c2:69:fb:94:cd:a1:82:61:fa:d3:29:a9:9f:50:5a:fe:c1:f5: 53:b4:0e:3c:1e:bf:6a:16:6f:88:07:03:89:3d:03:9d:73:d6: a2:dc:75:9e:32:c5:98:d8:b8:8a:16:1d:9b:75:a8:bd:b8:72: 32:83:e4:9e:61:e5:16:78:83:59:bf:33:6f:f2:d7:44:d3:9b: 79:2e:1f:92:d5:ab:6b:a5:40:9d:85:86:1b:ec:3a:04:cb:a6: c8:17:1e:3c:89:da:94:e1:6f:ca:f4:71:da:22:9b:e3:f4:db: 67:fe:34:48:bc:46:e3:d7:d9:1e:1d:29:d6:2e:4d:8d:ab:19: fb:93:db:d3:5f:43:59:63:c8:57:6b:53:29:6e:58:47:56:b5: 09:63:13:b2:78:c1:cb:b5:f2:d3:a9:53:da:58:45:27:37:24: 50:b7:2c:aa:3f:40:71:20:3c:54:3a:90:ab:40:de:2b:78:20: f7:73:1e:fd:ea:05:10:ce:7a:12:b6:d2:eb:6e:89:ff:8a:52: d3:6a:6d:a8 -----BEGIN CERTIFICATE----- MIIFcDCCBFigAwIBAgIBBjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEx RTBCNDExMC8GA1UEBRMoMEZENDQzNzUyMURCNUMwQkM5OUU0NUI1OTc1NEZGN0I2 NzFGODZGMzAeFw0yNDEyMDEwODAwNDBaFw0yNjAzMDIwMDAwMDBaMBgxFjAUBgNV BAMTDTY3NGMxN2E3LTlkZTMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDP2XvZvejLW5rBVC8wvPszwzH+KnXJ0rXBwFw3SLb1xr2jOQ8qJCCiMTmTl4Qn ZMGEBgjeNFtxs0YEVbPrO6bI/PYDjOz0b+bmceotqbA4UJlUaoK/LZ7GhTwlxjru FZeh0VjP6SeWTHuuw/hiOadoZ4x5M4kNfxtjoLwb1a0MrfTkCs40ckCUT2rYpzwE dgTVCxOcPFBjWcydHiIilby+9ZFlfFRFLb3RCraYyVgS0MI3CvNZ0DQOUBWOGGuJ ASR2iw+/iDOFxjhgYHitnwq+VfrkqQbDUkXaIj1alBf1nZxLBwbOXwLbgP05KZce XHqpVa+mfyr0p8iRRskaDKBjAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUOOzxSbPQ nHcUVuVos6fyTixY9UkwHwYDVR0jBBgwFoAUD9RDdSHbXAvJnkW1l1T/e2cfhvMw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTFFMEI0L0U5NjQ4OUFFQUYz ODExRUZBMjBERDAxM0M0RjlBRTAyL0Q5UkRkU0hiWEF2Sm5rVzFsMVRfZTJjZmh2 TS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvRDlSRGRTSGJYQXZKbmtXMWwxVF9lMmNmaHZNLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx RTBCNC9FOTY0ODlBRUFGMzgxMUVGQTIwREQwMTNDNEY5QUUwMi81QUYzRUNCRUFG QkExMUVGOTE5NTU0NTNDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ MA4wDAQCAAEwBgMEAaD6MjANBgkqhkiG9w0BAQsFAAOCAQEAbMdAhtmtNUCm2SSN 0sYAlseo5mXLZGA/Ok6naSidcaxJBLE7qUjxEAXekyoicczqJ6Um0Gebwmn7lM2h gmH60ympn1Ba/sH1U7QOPB6/ahZviAcDiT0DnXPWotx1njLFmNi4ihYdm3Wovbhy MoPknmHlFniDWb8zb/LXRNObeS4fktWra6VAnYWGG+w6BMumyBcePInalOFvyvRx 2iKb4/TbZ/40SLxG49fZHh0p1i5NjasZ+5Pb019DWWPIV2tTKW5YR1a1CWMTsnjB y7Xy06lT2lhFJzckULcsqj9AcSA8VDqQq0DeK3gg93Me/eoFEM56ErbS626J/4pS 02ptqA== -----END CERTIFICATE-----Generated at Wed Feb 5 21:47:40 2025 by rpki-client