$ rpki-client -vvf rpki.apnic.net/member_repository/A913631F/7B3F0B1CCF1C11EF81947F85C4F9AE02/CA9B891ACF1C11EF981F2F86C4F9AE02.roa File: CA9B891ACF1C11EF981F2F86C4F9AE02.roa (raw, json) Hash identifier: DSiGqsj/wHYJqRQngYpUalsfP9r6Z3qaSue0LX+uo6I= Subject key identifier: 2B:FA:E7:FA:9F:0B:A7:2C:E9:74:1B:59:DF:3E:15:5D:3D:D0:AA:6F Certificate issuer: /CN=A913631F/serialNumber=403BB7B918F9154AD82C2AD35AEFC0ABE8D06ADE Certificate serial: 02 Authority key identifier: 40:3B:B7:B9:18:F9:15:4A:D8:2C:2A:D3:5A:EF:C0:AB:E8:D0:6A:DE Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/QDu3uRj5FUrYLCrTWu_Aq-jQat4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A913631F/7B3F0B1CCF1C11EF81947F85C4F9AE02/CA9B891ACF1C11EF981F2F86C4F9AE02.roa Signing time: Fri 10 Jan 2025 06:33:24 +0000 ROA not before: Fri 10 Jan 2025 06:33:24 +0000 ROA not after: Tue 31 Mar 2026 00:00:00 +0000 asID: 45650 IP address blocks: 161.248.156.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A913631F/7B3F0B1CCF1C11EF81947F85C4F9AE02/QDu3uRj5FUrYLCrTWu_Aq-jQat4.crl rsync://rpki.apnic.net/member_repository/A913631F/7B3F0B1CCF1C11EF81947F85C4F9AE02/QDu3uRj5FUrYLCrTWu_Aq-jQat4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/QDu3uRj5FUrYLCrTWu_Aq-jQat4.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 12 Feb 2025 06:28:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2 (0x2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A913631F Validity Not Before: Jan 10 06:33:24 2025 GMT Not After : Mar 31 00:00:00 2026 GMT Subject: CN=6780bf33-6746 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d1:a0:6d:ec:4a:9e:f2:24:c8:88:2a:65:92:66: 71:bb:7b:21:34:99:9a:01:e0:59:c4:e5:98:8b:3b: 70:14:33:fc:61:48:ad:5a:46:01:11:27:dd:23:de: 67:a2:12:9e:57:91:8a:83:c6:fc:0e:66:35:ca:bf: 58:3e:cc:6c:87:89:3e:bc:62:4b:fb:bf:ed:4f:9a: d0:49:e6:c4:6b:af:67:05:6a:c4:5f:9a:71:dd:40: 34:a6:21:52:b3:ee:11:3c:9c:7b:5c:58:05:e1:c5: 24:ae:b8:1b:49:ea:42:77:09:bf:f4:c4:66:d9:56: 2f:84:e9:17:2e:04:54:22:77:4a:64:b9:55:2a:fa: 25:f5:b1:fc:b2:fd:a0:e6:83:37:c4:fa:1e:2a:18: fa:98:55:b8:41:1e:6c:db:32:bb:68:0a:9d:e1:e3: 5f:5d:aa:fd:7c:61:3b:65:a0:ae:8f:a4:2e:de:30: 3f:82:2e:fe:34:b1:31:da:15:81:96:c5:f1:91:a0: fb:f5:18:6f:13:3b:4c:36:5d:79:51:e7:f1:94:b4: ba:d8:11:cd:ec:81:35:3f:89:c7:40:76:c3:e2:6c: b8:86:a8:29:5c:b5:0b:9e:a5:b3:4a:66:ac:92:47: 4a:88:69:99:07:9f:0a:81:f7:7b:30:c9:f8:3d:ce: 27:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2B:FA:E7:FA:9F:0B:A7:2C:E9:74:1B:59:DF:3E:15:5D:3D:D0:AA:6F X509v3 Authority Key Identifier: keyid:40:3B:B7:B9:18:F9:15:4A:D8:2C:2A:D3:5A:EF:C0:AB:E8:D0:6A:DE X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A913631F/7B3F0B1CCF1C11EF81947F85C4F9AE02/QDu3uRj5FUrYLCrTWu_Aq-jQat4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/QDu3uRj5FUrYLCrTWu_Aq-jQat4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913631F/7B3F0B1CCF1C11EF81947F85C4F9AE02/CA9B891ACF1C11EF981F2F86C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 161.248.156.0/23 Signature Algorithm: sha256WithRSAEncryption 88:ad:1a:49:88:69:52:3f:e0:cf:58:6a:69:73:9d:31:01:04: fe:c2:74:2c:a8:d8:d3:d7:f0:46:44:21:14:32:88:01:69:56: 3a:95:11:9b:d9:ce:24:a8:64:49:6d:44:66:78:34:66:54:74: 91:d1:a1:12:3d:83:7d:82:3e:2f:ec:76:ba:32:7f:dd:e0:b1: fa:b6:72:e4:02:3b:32:ce:66:13:32:a9:12:4f:f6:a4:53:2a: c9:4c:25:8c:4a:19:ac:ba:9a:09:6a:b7:03:ec:3e:c4:fb:f0: 02:4a:df:23:6c:ce:7a:00:32:40:41:29:94:e2:c6:d1:a6:9f: af:44:27:66:17:a1:ce:a8:0c:f5:36:19:65:12:00:1c:5f:d0: 64:fd:a5:9f:5f:d7:68:c5:94:12:03:89:7c:f7:f8:41:69:ac: b2:6f:ba:dd:2c:29:94:a9:8a:cc:63:7b:53:5d:e1:5c:e6:ed: bc:3f:5f:a4:96:b1:23:1d:59:dd:66:5e:36:d6:81:5c:17:ed: dd:60:c3:ab:67:58:87:c8:97:0f:2e:de:52:71:bc:69:0a:97: 63:a0:24:e5:2b:ed:81:78:33:ed:7b:c6:2b:24:e4:d7:67:5b: 0e:e4:6d:3a:49:d1:b2:1a:71:0e:8e:73:35:ad:57:f6:6c:49: cf:d2:43:fc -----BEGIN CERTIFICATE----- MIIFcDCCBFigAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEz NjMxRjExMC8GA1UEBRMoNDAzQkI3QjkxOEY5MTU0QUQ4MkMyQUQzNUFFRkMwQUJF OEQwNkFERTAeFw0yNTAxMTAwNjMzMjRaFw0yNjAzMzEwMDAwMDBaMBgxFjAUBgNV BAMTDTY3ODBiZjMzLTY3NDYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDRoG3sSp7yJMiIKmWSZnG7eyE0mZoB4FnE5ZiLO3AUM/xhSK1aRgERJ90j3mei Ep5XkYqDxvwOZjXKv1g+zGyHiT68Ykv7v+1PmtBJ5sRrr2cFasRfmnHdQDSmIVKz 7hE8nHtcWAXhxSSuuBtJ6kJ3Cb/0xGbZVi+E6RcuBFQid0pkuVUq+iX1sfyy/aDm gzfE+h4qGPqYVbhBHmzbMrtoCp3h419dqv18YTtloK6PpC7eMD+CLv40sTHaFYGW xfGRoPv1GG8TO0w2XXlR5/GUtLrYEc3sgTU/icdAdsPibLiGqClctQuepbNKZqyS R0qIaZkHnwqB93swyfg9zidrAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUK/rn+p8L pyzpdBtZ3z4VXT3Qqm8wHwYDVR0jBBgwFoAUQDu3uRj5FUrYLCrTWu/Aq+jQat4w DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTM2MzFGLzdCM0YwQjFDQ0Yx QzExRUY4MTk0N0Y4NUM0RjlBRTAyL1FEdTN1Umo1RlVyWUxDclRXdV9BcS1qUWF0 NC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvUUR1M3VSajVGVXJZTENyVFd1X0FxLWpRYXQ0LmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz NjMxRi83QjNGMEIxQ0NGMUMxMUVGODE5NDdGODVDNEY5QUUwMi9DQTlCODkxQUNG MUMxMUVGOTgxRjJGODZDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ MA4wDAQCAAEwBgMEAaH4nDANBgkqhkiG9w0BAQsFAAOCAQEAiK0aSYhpUj/gz1hq aXOdMQEE/sJ0LKjY09fwRkQhFDKIAWlWOpURm9nOJKhkSW1EZng0ZlR0kdGhEj2D fYI+L+x2ujJ/3eCx+rZy5AI7Ms5mEzKpEk/2pFMqyUwljEoZrLqaCWq3A+w+xPvw AkrfI2zOegAyQEEplOLG0aafr0QnZhehzqgM9TYZZRIAHF/QZP2ln1/XaMWUEgOJ fPf4QWmssm+63SwplKmKzGN7U13hXObtvD9fpJaxIx1Z3WZeNtaBXBft3WDDq2dY h8iXDy7eUnG8aQqXY6Ak5SvtgXgz7XvGKyTk12dbDuRtOknRshpxDo5zNa1X9mxJ z9JD/A== -----END CERTIFICATE-----Generated at Wed Feb 5 23:00:19 2025 by rpki-client