$ rpki-client -vvf rpki.apnic.net/member_repository/A91406AA/8658E46686C111EBBAB3184BC4F9AE02/EC545C28A72B11EDAC3DA56CC4F9AE02.roa File: EC545C28A72B11EDAC3DA56CC4F9AE02.roa (raw, json) Hash identifier: MudkEdFQa6C+ndTjapkqJTQJnMUjbCojJJWyr2cOnbw= Subject key identifier: 88:F2:F3:83:0D:08:C8:F9:A1:FD:52:22:ED:25:55:0A:F5:29:CD:E1 Certificate issuer: /CN=A91406AA/serialNumber=218A8AA050267B0805E3FDC8A939BF8FBCB00101 Certificate serial: 061D Authority key identifier: 21:8A:8A:A0:50:26:7B:08:05:E3:FD:C8:A9:39:BF:8F:BC:B0:01:01 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IYqKoFAmewgF4_3IqTm_j7ywAQE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91406AA/8658E46686C111EBBAB3184BC4F9AE02/EC545C28A72B11EDAC3DA56CC4F9AE02.roa Signing time: Mon 14 Oct 2024 22:52:26 +0000 ROA not before: Mon 14 Oct 2024 22:52:26 +0000 ROA not after: Mon 01 Dec 2025 00:00:00 +0000 asID: 140220 IP address blocks: 161.29.208.0/20 maxlen: 24 161.65.208.0/20 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91406AA/8658E46686C111EBBAB3184BC4F9AE02/IYqKoFAmewgF4_3IqTm_j7ywAQE.crl rsync://rpki.apnic.net/member_repository/A91406AA/8658E46686C111EBBAB3184BC4F9AE02/IYqKoFAmewgF4_3IqTm_j7ywAQE.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IYqKoFAmewgF4_3IqTm_j7ywAQE.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 17 Mar 2025 22:34:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1565 (0x61d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91406AA Validity Not Before: Oct 14 22:52:26 2024 GMT Not After : Dec 1 00:00:00 2025 GMT Subject: CN=670da0aa-2613 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:7c:e4:09:6c:b3:d2:c4:c9:a9:d1:f4:26:6b: 87:03:cd:6a:cb:22:38:bb:ff:4e:a0:5b:57:3e:0a: 42:d7:29:14:bf:cd:aa:db:29:eb:ec:ed:26:cb:f7: fb:a1:fe:71:bf:cc:74:6f:05:e8:bc:e2:04:c6:bb: 35:73:84:f0:12:b6:57:fa:20:7b:8a:06:20:7b:39: 90:6b:af:04:aa:31:81:ea:d0:78:52:8b:d1:b3:6a: 12:78:b1:48:74:c3:41:d0:42:28:9c:a6:e9:b8:86: 32:1e:23:20:83:a7:bf:a6:47:33:4a:eb:58:a7:cd: 0b:3a:fe:81:ce:ad:5a:4f:0b:d9:5d:bd:12:04:79: ed:cc:76:d5:e2:c7:04:f6:66:8f:ff:f3:88:d9:b9: 74:47:f9:e5:e4:14:d7:22:e5:4d:8d:be:ce:b7:66: db:63:39:42:64:3c:e3:60:80:12:d8:07:0d:f7:59: a7:4a:6b:f5:33:08:62:21:b2:30:38:4a:65:56:7c: 8c:c9:11:a9:a1:bc:72:d3:14:db:81:bb:e8:ff:64: 0c:b7:3d:0d:17:fc:4a:34:2b:52:6e:c4:5d:80:be: 77:61:39:f5:2a:20:f7:e1:0e:80:44:29:c1:6d:86: a9:fa:fb:aa:c3:7e:0a:e6:18:d9:93:00:b5:8d:27: c7:e7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 88:F2:F3:83:0D:08:C8:F9:A1:FD:52:22:ED:25:55:0A:F5:29:CD:E1 X509v3 Authority Key Identifier: keyid:21:8A:8A:A0:50:26:7B:08:05:E3:FD:C8:A9:39:BF:8F:BC:B0:01:01 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91406AA/8658E46686C111EBBAB3184BC4F9AE02/IYqKoFAmewgF4_3IqTm_j7ywAQE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IYqKoFAmewgF4_3IqTm_j7ywAQE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91406AA/8658E46686C111EBBAB3184BC4F9AE02/EC545C28A72B11EDAC3DA56CC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 161.29.208.0/20 161.65.208.0/20 Signature Algorithm: sha256WithRSAEncryption a9:64:2c:2f:51:76:14:fd:0a:2a:01:1f:cf:56:02:a4:99:95: 47:2d:ad:6e:a0:92:7d:03:fc:25:9e:37:13:6a:61:23:bc:04: a3:71:55:ec:b3:32:ce:1e:53:28:15:f5:6a:95:74:31:8d:9b: 00:71:9a:d1:7e:e4:e3:85:ef:d0:5d:72:69:ab:a6:e5:99:68: f4:2b:70:01:9e:b6:ea:f9:10:e5:7f:18:2c:08:bb:c2:14:28: 4b:de:de:3d:68:09:02:1b:26:e7:df:98:cb:99:7c:70:27:3e: 92:d1:e7:8d:d8:66:58:2b:f8:a4:a1:f8:6a:9b:d2:34:60:ac: cf:f4:54:49:0c:bb:96:38:1d:8c:06:49:74:94:cc:4b:b7:ab: bb:01:eb:c0:7e:7f:ee:bf:98:58:73:9a:59:44:f3:3f:2a:cc: 6d:85:01:af:0c:d7:a9:3c:d6:29:83:73:0a:42:6a:1f:fc:ef: 2d:69:01:bf:50:51:2e:45:c2:b3:c8:c0:f3:5e:1d:13:1c:b0: 34:d9:b0:dd:8b:22:ca:71:cf:5f:33:8b:36:e9:e4:19:af:19: 2e:40:71:bf:8b:99:9a:e9:2b:f5:f4:ff:fa:50:87:a6:33:d0: d3:41:0a:6a:ef:80:6a:f5:ac:9e:4d:6b:32:20:5e:83:57:dc: 9d:23:0c:b3 -----BEGIN CERTIFICATE----- MIIFdzCCBF+gAwIBAgICBh0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDA2QUExMTAvBgNVBAUTKDIxOEE4QUEwNTAyNjdCMDgwNUUzRkRDOEE5MzlCRjhG QkNCMDAxMDEwHhcNMjQxMDE0MjI1MjI2WhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD VQQDEw02NzBkYTBhYS0yNjEzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtnzkCWyz0sTJqdH0JmuHA81qyyI4u/9OoFtXPgpC1ykUv82q2ynr7O0my/f7 of5xv8x0bwXovOIExrs1c4TwErZX+iB7igYgezmQa68EqjGB6tB4UovRs2oSeLFI dMNB0EIonKbpuIYyHiMgg6e/pkczSutYp80LOv6Bzq1aTwvZXb0SBHntzHbV4scE 9maP//OI2bl0R/nl5BTXIuVNjb7Ot2bbYzlCZDzjYIAS2AcN91mnSmv1MwhiIbIw OEplVnyMyRGpobxy0xTbgbvo/2QMtz0NF/xKNCtSbsRdgL53YTn1KiD34Q6ARCnB bYap+vuqw34K5hjZkwC1jSfH5wIDAQABo4ICmzCCApcwHQYDVR0OBBYEFIjy84MN CMj5of1SIu0lVQr1Kc3hMB8GA1UdIwQYMBaAFCGKiqBQJnsIBeP9yKk5v4+8sAEB MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0MDZBQS84NjU4RTQ2Njg2 QzExMUVCQkFCMzE4NEJDNEY5QUUwMi9JWXFLb0ZBbWV3Z0Y0XzNJcVRtX2o3eXdB UUUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL0lZcUtvRkFtZXdnRjRfM0lxVG1fajd5d0FRRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NDA2QUEvODY1OEU0NjY4NkMxMTFFQkJBQjMxODRCQzRGOUFFMDIvRUM1NDVDMjhB NzJCMTFFREFDM0RBNTZDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E FjAUMBIEAgABMAwDBAShHdADBAShQdAwDQYJKoZIhvcNAQELBQADggEBAKlkLC9R dhT9CioBH89WAqSZlUctrW6gkn0D/CWeNxNqYSO8BKNxVeyzMs4eUygV9WqVdDGN mwBxmtF+5OOF79BdcmmrpuWZaPQrcAGetur5EOV/GCwIu8IUKEve3j1oCQIbJuff mMuZfHAnPpLR543YZlgr+KSh+Gqb0jRgrM/0VEkMu5Y4HYwGSXSUzEu3q7sB68B+ f+6/mFhzmllE8z8qzG2FAa8M16k81imDcwpCah/87y1pAb9QUS5FwrPIwPNeHRMc sDTZsN2LIspxz18zizbp5BmvGS5Acb+LmZrpK/X0//pQh6Yz0NNBCmrvgGr1rJ5N azIgXoNX3J0jDLM= -----END CERTIFICATE-----Generated at Tue Mar 11 05:01:04 2025 by rpki-client