$ rpki-client -vvf rpki.apnic.net/member_repository/A917C0F3/58FE74AED0B911EFA0848825C4F9AE02/028452F0D0BA11EFA8B5A526C4F9AE02.roa File: 028452F0D0BA11EFA8B5A526C4F9AE02.roa (raw, json) Hash identifier: IREGMcYzyBbo6wcvGexVHMAjLf7W6LD1j2SfUrLribg= Subject key identifier: 60:0E:6F:70:72:67:83:0E:8E:51:02:39:32:7C:A2:12:69:1F:66:92 Certificate issuer: /CN=A917C0F3/serialNumber=EB83F4880F23575E5751785C6E0AB2BE0B249BC3 Certificate serial: 02 Authority key identifier: EB:83:F4:88:0F:23:57:5E:57:51:78:5C:6E:0A:B2:BE:0B:24:9B:C3 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/64P0iA8jV15XUXhcbgqyvgskm8M.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917C0F3/58FE74AED0B911EFA0848825C4F9AE02/028452F0D0BA11EFA8B5A526C4F9AE02.roa Signing time: Sun 12 Jan 2025 07:51:20 +0000 ROA not before: Sun 12 Jan 2025 07:51:20 +0000 ROA not after: Mon 02 Mar 2026 00:00:00 +0000 asID: 140975 IP address blocks: 160.250.44.0/24 maxlen: 24 160.250.45.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917C0F3/58FE74AED0B911EFA0848825C4F9AE02/64P0iA8jV15XUXhcbgqyvgskm8M.crl rsync://rpki.apnic.net/member_repository/A917C0F3/58FE74AED0B911EFA0848825C4F9AE02/64P0iA8jV15XUXhcbgqyvgskm8M.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/64P0iA8jV15XUXhcbgqyvgskm8M.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 12 Feb 2025 06:29:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2 (0x2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917C0F3 Validity Not Before: Jan 12 07:51:20 2025 GMT Not After : Mar 2 00:00:00 2026 GMT Subject: CN=67837477-9bf2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e6:97:ef:28:f4:20:c5:53:ab:01:62:60:2b:36: 54:45:3b:80:f2:13:ee:41:c1:77:6d:19:c7:05:47: 53:ac:7f:0b:b1:89:02:f7:c3:e5:36:b8:f9:d0:f0: 90:3e:0d:61:a3:0e:da:ea:81:fa:7f:79:2d:35:c6: 18:5c:32:4d:e8:e3:bc:35:83:00:3f:45:28:2e:33: 5f:11:f3:5d:98:e1:48:8f:ea:9d:1c:84:a0:4c:ee: 07:14:c3:23:0b:ae:3a:09:16:de:72:60:85:5f:b4: 50:22:ba:78:65:d3:0c:44:84:5c:9c:73:ba:b9:ad: 31:72:69:2c:9a:a9:be:9a:cb:63:87:e2:c2:7e:3b: 9f:66:46:7e:b1:15:08:be:5e:fe:c5:a2:9d:d1:9d: 38:63:61:17:54:ee:50:a6:b0:b4:c3:af:3f:77:15: 8f:cc:93:bb:6c:6e:55:e9:c7:08:16:e5:18:b2:3f: 41:35:d3:db:30:9c:b9:8e:da:bf:c6:e6:b2:1f:17: 4b:3b:94:df:f4:53:d2:52:8a:32:62:fc:72:0e:cd: f7:cf:20:a6:5e:11:f4:dc:b9:5b:d5:cc:01:ec:da: 81:9c:79:54:9e:6e:e9:38:e5:c6:27:94:8d:f0:40: 19:b5:02:ee:bb:38:56:5f:8a:13:05:ce:00:6b:4c: ec:37 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 60:0E:6F:70:72:67:83:0E:8E:51:02:39:32:7C:A2:12:69:1F:66:92 X509v3 Authority Key Identifier: keyid:EB:83:F4:88:0F:23:57:5E:57:51:78:5C:6E:0A:B2:BE:0B:24:9B:C3 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917C0F3/58FE74AED0B911EFA0848825C4F9AE02/64P0iA8jV15XUXhcbgqyvgskm8M.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/64P0iA8jV15XUXhcbgqyvgskm8M.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917C0F3/58FE74AED0B911EFA0848825C4F9AE02/028452F0D0BA11EFA8B5A526C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 160.250.44.0/23 Signature Algorithm: sha256WithRSAEncryption 18:57:22:75:b3:b5:89:b1:e1:c8:47:c2:09:b1:6d:e9:16:d6: ae:25:4e:03:64:32:9e:26:88:16:9b:74:2e:b7:fd:c1:a3:c9: cd:7a:d0:05:ab:27:42:51:0f:22:c4:d3:df:d6:a7:3a:2e:a7: 1f:d4:df:2e:49:08:92:b8:73:d5:62:32:7b:f9:01:ba:96:48: bb:d2:91:1f:a6:e3:28:f5:2a:f9:5e:1e:d7:3a:78:3d:5b:5a: 84:da:a1:3a:38:d0:f6:54:59:d1:5a:fa:90:4c:3a:79:28:ba: d5:90:2b:2b:90:cd:7a:bf:d9:99:2e:4a:20:14:60:e9:e9:cd: 2f:29:82:e1:8f:59:34:7f:a7:67:21:d0:8f:36:6c:e0:1d:92: ef:32:9b:f4:34:e8:34:3a:dd:06:8e:82:53:6d:88:96:2e:3b: 77:82:d9:44:27:08:c1:e5:fb:31:ca:a7:f4:8c:61:40:42:ec: ee:e0:8b:4e:e9:1a:65:8e:24:88:76:a0:44:70:02:d7:21:7d: 8a:17:8c:13:db:bf:ab:f8:84:20:07:1a:20:5e:ac:b6:0d:29: af:77:ff:43:b2:b3:aa:74:f4:b2:72:1f:79:fd:93:85:87:d6: 4e:3b:d2:ec:9b:90:32:85:32:93:58:92:13:c9:b3:c7:31:1f: 17:ce:72:7a -----BEGIN CERTIFICATE----- MIIFcDCCBFigAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE3 QzBGMzExMC8GA1UEBRMoRUI4M0Y0ODgwRjIzNTc1RTU3NTE3ODVDNkUwQUIyQkUw QjI0OUJDMzAeFw0yNTAxMTIwNzUxMjBaFw0yNjAzMDIwMDAwMDBaMBgxFjAUBgNV BAMTDTY3ODM3NDc3LTliZjIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDml+8o9CDFU6sBYmArNlRFO4DyE+5BwXdtGccFR1OsfwuxiQL3w+U2uPnQ8JA+ DWGjDtrqgfp/eS01xhhcMk3o47w1gwA/RSguM18R812Y4UiP6p0chKBM7gcUwyML rjoJFt5yYIVftFAiunhl0wxEhFycc7q5rTFyaSyaqb6ay2OH4sJ+O59mRn6xFQi+ Xv7Fop3RnThjYRdU7lCmsLTDrz93FY/Mk7tsblXpxwgW5RiyP0E109swnLmO2r/G 5rIfF0s7lN/0U9JSijJi/HIOzffPIKZeEfTcuVvVzAHs2oGceVSebuk45cYnlI3w QBm1Au67OFZfihMFzgBrTOw3AgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUYA5vcHJn gw6OUQI5MnyiEmkfZpIwHwYDVR0jBBgwFoAU64P0iA8jV15XUXhcbgqyvgskm8Mw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTdDMEYzLzU4RkU3NEFFRDBC OTExRUZBMDg0ODgyNUM0RjlBRTAyLzY0UDBpQThqVjE1WFVYaGNiZ3F5dmdza204 TS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvNjRQMGlBOGpWMTVYVVhoY2JncXl2Z3NrbThNLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 QzBGMy81OEZFNzRBRUQwQjkxMUVGQTA4NDg4MjVDNEY5QUUwMi8wMjg0NTJGMEQw QkExMUVGQThCNUE1MjZDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ MA4wDAQCAAEwBgMEAaD6LDANBgkqhkiG9w0BAQsFAAOCAQEAGFcidbO1ibHhyEfC CbFt6RbWriVOA2QyniaIFpt0Lrf9waPJzXrQBasnQlEPIsTT39anOi6nH9TfLkkI krhz1WIye/kBupZIu9KRH6bjKPUq+V4e1zp4PVtahNqhOjjQ9lRZ0Vr6kEw6eSi6 1ZArK5DNer/ZmS5KIBRg6enNLymC4Y9ZNH+nZyHQjzZs4B2S7zKb9DToNDrdBo6C U22Ili47d4LZRCcIweX7Mcqn9IxhQELs7uCLTukaZY4kiHagRHAC1yF9iheME9u/ q/iEIAcaIF6stg0pr3f/Q7KzqnT0snIfef2ThYfWTjvS7JuQMoUyk1iSE8mzxzEf F85yeg== -----END CERTIFICATE-----Generated at Wed Feb 5 22:02:04 2025 by rpki-client