$ rpki-client -vvf rpki.apnic.net/member_repository/A917C909/FF7C5FDCC0DB11EF9E871844C4F9AE02/853312D2C0DD11EFB5F0D24AC4F9AE02.roa File: 853312D2C0DD11EFB5F0D24AC4F9AE02.roa (raw, json) Hash identifier: FGrsxVel52tLC2c3tTf2jw58e+atsnyXCQDnNztZqg4= Subject key identifier: 9C:45:35:C0:F5:9F:E7:BE:10:7E:EC:B7:57:56:17:8D:1C:86:29:32 Certificate issuer: /CN=A917C909/serialNumber=59F9D48DD916909783E31771D8AD7ECB30DC3BA2 Certificate serial: 02 Authority key identifier: 59:F9:D4:8D:D9:16:90:97:83:E3:17:71:D8:AD:7E:CB:30:DC:3B:A2 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/WfnUjdkWkJeD4xdx2K1-yzDcO6I.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917C909/FF7C5FDCC0DB11EF9E871844C4F9AE02/853312D2C0DD11EFB5F0D24AC4F9AE02.roa Signing time: Mon 23 Dec 2024 03:25:13 +0000 ROA not before: Mon 23 Dec 2024 03:25:13 +0000 ROA not after: Tue 31 Mar 2026 00:00:00 +0000 asID: 133458 IP address blocks: 161.248.2.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917C909/FF7C5FDCC0DB11EF9E871844C4F9AE02/WfnUjdkWkJeD4xdx2K1-yzDcO6I.crl rsync://rpki.apnic.net/member_repository/A917C909/FF7C5FDCC0DB11EF9E871844C4F9AE02/WfnUjdkWkJeD4xdx2K1-yzDcO6I.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/WfnUjdkWkJeD4xdx2K1-yzDcO6I.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 12 Feb 2025 06:21:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2 (0x2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917C909 Validity Not Before: Dec 23 03:25:13 2024 GMT Not After : Mar 31 00:00:00 2026 GMT Subject: CN=6768d818-c757 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:bb:57:a1:1e:bf:98:08:0a:89:55:28:07:2c: 02:ee:e4:af:c8:1d:ee:90:f7:90:00:1a:f5:e9:83: bc:cf:62:c7:88:6c:26:dd:d1:b7:29:d7:f6:2a:bc: 1f:83:6f:29:e4:95:e3:b8:47:f7:54:97:14:24:c1: 74:3f:d9:3d:ce:93:17:83:be:b6:bd:14:56:0c:46: 1d:04:53:ac:e7:50:8c:6b:84:63:cd:5d:5c:6c:e7: 22:75:80:ee:79:08:1e:aa:cf:2a:f5:eb:b3:5d:f5: bd:75:94:1a:a6:09:65:33:c2:4d:4e:31:54:3d:2e: c7:d7:4a:83:24:60:ec:32:06:2f:88:c4:b2:6e:d6: 6b:4c:f7:aa:c6:47:8d:b5:df:c9:f5:cb:3e:96:74: 8f:5e:72:f2:d7:7b:8a:16:3d:32:cd:71:5f:9b:d3: 99:32:48:b7:fa:b0:97:70:4b:69:e8:15:0e:61:fd: 4c:dc:ac:16:8a:45:df:0d:74:f1:56:90:bf:0c:e1: 26:21:d8:29:e1:98:c6:5b:f0:ee:a3:15:79:33:76: 1b:58:a8:b6:54:72:8b:6a:d2:e7:a7:8d:6e:99:66: 4e:d0:7e:0d:14:e0:d9:bc:34:93:04:f4:f1:27:92: f7:0e:aa:1d:49:00:ea:72:11:75:90:5f:12:ce:f2: c2:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9C:45:35:C0:F5:9F:E7:BE:10:7E:EC:B7:57:56:17:8D:1C:86:29:32 X509v3 Authority Key Identifier: keyid:59:F9:D4:8D:D9:16:90:97:83:E3:17:71:D8:AD:7E:CB:30:DC:3B:A2 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917C909/FF7C5FDCC0DB11EF9E871844C4F9AE02/WfnUjdkWkJeD4xdx2K1-yzDcO6I.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/WfnUjdkWkJeD4xdx2K1-yzDcO6I.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917C909/FF7C5FDCC0DB11EF9E871844C4F9AE02/853312D2C0DD11EFB5F0D24AC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 161.248.2.0/23 Signature Algorithm: sha256WithRSAEncryption 07:69:6f:fc:1f:b2:15:af:ac:7b:49:ac:2c:0d:4f:86:ab:97: fe:ec:b4:67:46:bd:c2:51:75:b2:32:46:b7:c5:78:ff:c1:6a: 1a:5c:26:f3:54:77:22:97:57:d3:6e:b8:b6:12:2d:41:5a:53: 3b:dd:fd:cf:85:c0:a4:68:3d:35:df:8c:50:5f:22:9c:b4:cb: 1f:a7:b2:cd:20:bb:63:7d:48:d3:fe:e8:bb:c7:0d:e6:29:97: 1d:73:15:62:aa:75:c9:59:df:3f:03:b5:31:83:f0:d4:7b:60: 8e:41:10:e4:ef:66:55:19:74:2e:ac:32:da:9e:3d:f4:1b:51: 12:0f:7a:61:ea:12:63:49:a3:b0:51:e8:f0:3c:f1:d0:ee:96: 02:5e:6c:0b:9b:3d:89:a8:e2:b6:47:32:b0:a0:65:e2:11:e4: a1:9a:43:2c:3b:f6:fd:d0:36:eb:e7:b6:ef:8e:6d:f0:ed:84: fb:15:60:ee:b4:6f:6b:7a:0d:63:d1:ee:eb:e8:07:38:ee:b4: a1:f1:39:99:3d:fa:2c:7e:04:04:80:7a:a0:3a:72:4b:07:e5: a7:ad:2d:23:5f:27:8a:d5:b6:2f:65:dc:67:5d:94:13:b2:94: bc:07:fc:fd:c9:bc:89:88:c4:0d:0f:9c:36:d0:19:a9:1d:ab: 63:5c:55:cf -----BEGIN CERTIFICATE----- MIIFcDCCBFigAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE3 QzkwOTExMC8GA1UEBRMoNTlGOUQ0OEREOTE2OTA5NzgzRTMxNzcxRDhBRDdFQ0Iz MERDM0JBMjAeFw0yNDEyMjMwMzI1MTNaFw0yNjAzMzEwMDAwMDBaMBgxFjAUBgNV BAMTDTY3NjhkODE4LWM3NTcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQC4u1ehHr+YCAqJVSgHLALu5K/IHe6Q95AAGvXpg7zPYseIbCbd0bcp1/YqvB+D bynkleO4R/dUlxQkwXQ/2T3OkxeDvra9FFYMRh0EU6znUIxrhGPNXVxs5yJ1gO55 CB6qzyr167Nd9b11lBqmCWUzwk1OMVQ9LsfXSoMkYOwyBi+IxLJu1mtM96rGR421 38n1yz6WdI9ecvLXe4oWPTLNcV+b05kySLf6sJdwS2noFQ5h/UzcrBaKRd8NdPFW kL8M4SYh2CnhmMZb8O6jFXkzdhtYqLZUcotq0uenjW6ZZk7Qfg0U4Nm8NJME9PEn kvcOqh1JAOpyEXWQXxLO8sK7AgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUnEU1wPWf 574Qfuy3V1YXjRyGKTIwHwYDVR0jBBgwFoAUWfnUjdkWkJeD4xdx2K1+yzDcO6Iw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTdDOTA5L0ZGN0M1RkRDQzBE QjExRUY5RTg3MTg0NEM0RjlBRTAyL1dmblVqZGtXa0plRDR4ZHgySzEteXpEY082 SS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvV2ZuVWpka1drSmVENHhkeDJLMS15ekRjTzZJLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 QzkwOS9GRjdDNUZEQ0MwREIxMUVGOUU4NzE4NDRDNEY5QUUwMi84NTMzMTJEMkMw REQxMUVGQjVGMEQyNEFDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ MA4wDAQCAAEwBgMEAaH4AjANBgkqhkiG9w0BAQsFAAOCAQEAB2lv/B+yFa+se0ms LA1PhquX/uy0Z0a9wlF1sjJGt8V4/8FqGlwm81R3IpdX0264thItQVpTO939z4XA pGg9Nd+MUF8inLTLH6eyzSC7Y31I0/7ou8cN5imXHXMVYqp1yVnfPwO1MYPw1Htg jkEQ5O9mVRl0Lqwy2p499BtREg96YeoSY0mjsFHo8Dzx0O6WAl5sC5s9iajitkcy sKBl4hHkoZpDLDv2/dA26+e2745t8O2E+xVg7rRva3oNY9Hu6+gHOO60ofE5mT36 LH4EBIB6oDpySwflp60tI18nitW2L2XcZ12UE7KUvAf8/cm8iYjEDQ+cNtAZqR2r Y1xVzw== -----END CERTIFICATE-----Generated at Wed Feb 5 22:57:31 2025 by rpki-client