$ rpki-client -vvf rpki.apnic.net/member_repository/A9172FC5/E539CDA0AB3F11EFBE02CF14C4F9AE02/2CD73990AB4011EF849D9515C4F9AE02.roa File: 2CD73990AB4011EF849D9515C4F9AE02.roa (raw, json) Hash identifier: n7B/UUcmtXjVJkGeKo3kLxJl+ZkT5f7+LU0DhIJENOU= Subject key identifier: 2E:42:EC:4C:DE:E7:F5:B2:58:77:F2:A4:64:41:F3:C0:05:7C:EE:7A Certificate issuer: /CN=A9172FC5/serialNumber=AD545D2504FE1DE92AE1766DF4657637DB7A7E75 Certificate serial: 02 Authority key identifier: AD:54:5D:25:04:FE:1D:E9:2A:E1:76:6D:F4:65:76:37:DB:7A:7E:75 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/rVRdJQT-Hekq4XZt9GV2N9t6fnU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9172FC5/E539CDA0AB3F11EFBE02CF14C4F9AE02/2CD73990AB4011EF849D9515C4F9AE02.roa Signing time: Mon 25 Nov 2024 15:15:59 +0000 ROA not before: Mon 25 Nov 2024 15:15:59 +0000 ROA not after: Mon 02 Mar 2026 00:00:00 +0000 asID: 132233 IP address blocks: 160.250.20.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9172FC5/E539CDA0AB3F11EFBE02CF14C4F9AE02/rVRdJQT-Hekq4XZt9GV2N9t6fnU.crl rsync://rpki.apnic.net/member_repository/A9172FC5/E539CDA0AB3F11EFBE02CF14C4F9AE02/rVRdJQT-Hekq4XZt9GV2N9t6fnU.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/rVRdJQT-Hekq4XZt9GV2N9t6fnU.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 12 Feb 2025 06:12:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2 (0x2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9172FC5 Validity Not Before: Nov 25 15:15:59 2024 GMT Not After : Mar 2 00:00:00 2026 GMT Subject: CN=674494af-d615 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e8:19:2f:f5:f6:1e:e2:9c:61:37:5d:d5:2c:cc: 01:76:07:6f:27:51:87:91:d0:51:77:61:1e:1f:77: 7d:ad:68:cd:03:b1:39:10:e5:e2:ee:d8:1b:2f:9d: 50:92:8a:21:a3:90:dc:20:50:c0:57:1d:84:72:d1: f0:25:13:f9:87:36:b0:54:f4:3d:dc:bc:b6:af:de: 3a:11:1e:d6:85:dc:50:ef:34:5b:2f:7f:b1:9b:73: 6a:cb:5a:7f:1f:df:e3:a8:89:05:5b:33:0c:77:78: c2:09:e2:28:f9:e0:c9:96:b0:01:2d:d6:1a:9c:8b: 4d:71:ce:13:be:6b:1e:f0:41:90:25:d9:a8:e4:5e: d9:5e:49:aa:da:80:12:c3:bc:db:04:81:70:65:f0: 5a:19:d4:a6:82:06:b6:b7:f6:61:13:a6:4d:f0:33: f4:62:d5:fe:79:16:39:75:76:5c:49:5d:48:0c:e8: c3:40:a3:fb:a9:0a:73:3a:fc:92:90:b0:e9:82:3e: a8:05:dc:ca:d7:c2:c7:7e:60:95:18:dd:f3:ef:46: de:87:5b:22:a1:54:3c:fa:29:dc:4a:2f:18:60:06: c6:6a:51:61:98:db:52:b1:85:c2:40:c9:c5:13:fd: fa:de:f6:ff:1f:f5:35:ab:a1:25:89:bc:c2:9f:6d: 34:df Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2E:42:EC:4C:DE:E7:F5:B2:58:77:F2:A4:64:41:F3:C0:05:7C:EE:7A X509v3 Authority Key Identifier: keyid:AD:54:5D:25:04:FE:1D:E9:2A:E1:76:6D:F4:65:76:37:DB:7A:7E:75 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9172FC5/E539CDA0AB3F11EFBE02CF14C4F9AE02/rVRdJQT-Hekq4XZt9GV2N9t6fnU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/rVRdJQT-Hekq4XZt9GV2N9t6fnU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9172FC5/E539CDA0AB3F11EFBE02CF14C4F9AE02/2CD73990AB4011EF849D9515C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 160.250.20.0/23 Signature Algorithm: sha256WithRSAEncryption bd:1b:91:e3:7c:f2:34:de:e0:ff:8f:50:81:28:40:a2:c4:30: 82:38:e9:0e:01:df:23:17:0a:62:10:72:4f:15:64:67:01:ea: da:f3:1e:3c:1b:8d:fb:ae:84:47:21:e3:29:fd:b8:6c:4a:12: d7:50:f9:20:ee:30:c5:32:75:62:ac:2e:fe:c2:ef:6f:92:8f: b0:e8:cf:40:95:15:a5:7a:a4:69:8f:96:0e:e4:03:7a:28:30: da:87:cb:b3:46:54:30:8c:fe:4d:f7:44:ce:c8:86:69:52:fe: b9:0b:5a:7c:a0:79:36:3d:d4:dc:25:82:43:04:a6:6b:c7:99: 8e:f5:b8:4e:0a:4a:02:fe:7a:c0:d7:8f:30:b2:a2:9f:32:f4: bb:f7:76:14:af:b4:8e:ca:ec:0b:36:1b:ee:b5:06:3f:3d:1d: 01:95:26:21:67:c0:55:3b:21:aa:aa:0a:1d:35:64:7f:dc:78: 02:9d:b8:83:35:30:5c:d7:21:fb:1e:b8:57:53:64:07:41:4c: 58:f6:04:9b:82:9a:f6:7d:11:53:05:c6:33:eb:a0:7f:bb:8e: bc:45:0d:0d:33:0b:2a:21:ea:cc:9b:c0:97:2d:dc:a2:9f:d7: 76:e6:e0:c2:a5:f9:45:6c:9f:80:14:5c:a3:18:6d:0a:55:fb: f5:c3:86:e7 -----BEGIN CERTIFICATE----- MIIFcDCCBFigAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE3 MkZDNTExMC8GA1UEBRMoQUQ1NDVEMjUwNEZFMURFOTJBRTE3NjZERjQ2NTc2MzdE QjdBN0U3NTAeFw0yNDExMjUxNTE1NTlaFw0yNjAzMDIwMDAwMDBaMBgxFjAUBgNV BAMTDTY3NDQ5NGFmLWQ2MTUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDoGS/19h7inGE3XdUszAF2B28nUYeR0FF3YR4fd32taM0DsTkQ5eLu2BsvnVCS iiGjkNwgUMBXHYRy0fAlE/mHNrBU9D3cvLav3joRHtaF3FDvNFsvf7Gbc2rLWn8f 3+OoiQVbMwx3eMIJ4ij54MmWsAEt1hqci01xzhO+ax7wQZAl2ajkXtleSaragBLD vNsEgXBl8FoZ1KaCBra39mETpk3wM/Ri1f55Fjl1dlxJXUgM6MNAo/upCnM6/JKQ sOmCPqgF3MrXwsd+YJUY3fPvRt6HWyKhVDz6KdxKLxhgBsZqUWGY21KxhcJAycUT /fre9v8f9TWroSWJvMKfbTTfAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQULkLsTN7n 9bJYd/KkZEHzwAV87nowHwYDVR0jBBgwFoAUrVRdJQT+Hekq4XZt9GV2N9t6fnUw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTcyRkM1L0U1MzlDREEwQUIz RjExRUZCRTAyQ0YxNEM0RjlBRTAyL3JWUmRKUVQtSGVrcTRYWnQ5R1YyTjl0NmZu VS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvclZSZEpRVC1IZWtxNFhadDlHVjJOOXQ2Zm5VLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 MkZDNS9FNTM5Q0RBMEFCM0YxMUVGQkUwMkNGMTRDNEY5QUUwMi8yQ0Q3Mzk5MEFC NDAxMUVGODQ5RDk1MTVDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ MA4wDAQCAAEwBgMEAaD6FDANBgkqhkiG9w0BAQsFAAOCAQEAvRuR43zyNN7g/49Q gShAosQwgjjpDgHfIxcKYhByTxVkZwHq2vMePBuN+66ERyHjKf24bEoS11D5IO4w xTJ1Yqwu/sLvb5KPsOjPQJUVpXqkaY+WDuQDeigw2ofLs0ZUMIz+TfdEzsiGaVL+ uQtafKB5Nj3U3CWCQwSma8eZjvW4TgpKAv56wNePMLKinzL0u/d2FK+0jsrsCzYb 7rUGPz0dAZUmIWfAVTshqqoKHTVkf9x4Ap24gzUwXNch+x64V1NkB0FMWPYEm4Ka 9n0RUwXGM+ugf7uOvEUNDTMLKiHqzJvAly3cop/XdubgwqX5RWyfgBRcoxhtClX7 9cOG5w== -----END CERTIFICATE-----Generated at Wed Feb 5 22:59:46 2025 by rpki-client