$ rpki-client -vvf rpki.apnic.net/member_repository/A9198553/A59BFFE4D2ED11EF8DEE5120C4F9AE02/5042D03ED2EF11EFBA610425C4F9AE02.roa File: 5042D03ED2EF11EFBA610425C4F9AE02.roa (raw, json) Hash identifier: Td45KF7s5KJjDmYTPbjMG6cwXZMtoTfhOtwsLcRRVB4= Subject key identifier: 9E:CE:40:91:19:14:D9:44:26:D3:C4:21:63:84:77:8D:03:15:8C:A2 Certificate issuer: /CN=A9198553/serialNumber=930DDF410106903BEB9919C99BDE0163870655AE Certificate serial: 04 Authority key identifier: 93:0D:DF:41:01:06:90:3B:EB:99:19:C9:9B:DE:01:63:87:06:55:AE Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/kw3fQQEGkDvrmRnJm94BY4cGVa4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9198553/A59BFFE4D2ED11EF8DEE5120C4F9AE02/5042D03ED2EF11EFBA610425C4F9AE02.roa Signing time: Wed 15 Jan 2025 03:19:23 +0000 ROA not before: Wed 15 Jan 2025 03:19:23 +0000 ROA not after: Fri 01 May 2026 00:00:00 +0000 asID: 153525 IP address blocks: 161.248.186.0/24 maxlen: 24 161.248.187.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9198553/A59BFFE4D2ED11EF8DEE5120C4F9AE02/kw3fQQEGkDvrmRnJm94BY4cGVa4.crl rsync://rpki.apnic.net/member_repository/A9198553/A59BFFE4D2ED11EF8DEE5120C4F9AE02/kw3fQQEGkDvrmRnJm94BY4cGVa4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/kw3fQQEGkDvrmRnJm94BY4cGVa4.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 12 Feb 2025 06:31:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4 (0x4) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9198553 Validity Not Before: Jan 15 03:19:23 2025 GMT Not After : May 1 00:00:00 2026 GMT Subject: CN=6787293a-6f48 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:c8:26:8e:29:07:30:b0:0a:38:00:d5:c5:a3: ce:ab:0a:1d:ab:a3:e1:e7:86:a0:65:6d:d2:2a:43: 4a:73:e3:03:21:45:5e:88:a7:9d:06:f0:3b:42:3f: f1:82:5e:c7:99:ee:24:fe:e5:d5:69:87:74:e3:03: 5c:df:d0:9d:3a:5f:15:13:b5:c9:5f:e6:2f:44:1a: 58:19:98:ed:7b:c0:d4:8a:d9:01:df:6d:fa:55:c0: 3c:66:e2:6e:37:93:1c:53:27:52:ed:7e:0f:60:8d: 72:45:81:63:e3:f6:29:ce:76:aa:29:24:f1:76:f2: 3a:0b:00:1e:5c:0b:23:5a:46:01:e1:c9:a4:42:f2: 2e:e0:df:a9:66:0f:a7:53:51:8e:4d:9b:5a:b1:5e: f3:b7:b5:27:a7:a9:bc:4d:08:5e:5b:64:41:ff:68: cd:de:b6:3c:c2:14:0c:1e:16:14:d9:0c:a9:7d:5f: 5c:f4:0a:40:8a:95:20:37:24:94:1e:0e:40:ad:77: fd:0a:99:a6:d5:1a:90:9f:69:1d:98:76:e2:ae:8d: 70:39:37:9e:ca:b3:cc:52:bf:5b:20:0f:98:a7:11: 83:a7:d2:6b:5f:2f:0f:0a:2e:83:42:9a:4f:bb:4b: b8:12:10:0b:fa:ee:e8:4c:7c:a2:67:5f:78:17:0e: 2f:eb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9E:CE:40:91:19:14:D9:44:26:D3:C4:21:63:84:77:8D:03:15:8C:A2 X509v3 Authority Key Identifier: keyid:93:0D:DF:41:01:06:90:3B:EB:99:19:C9:9B:DE:01:63:87:06:55:AE X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9198553/A59BFFE4D2ED11EF8DEE5120C4F9AE02/kw3fQQEGkDvrmRnJm94BY4cGVa4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/kw3fQQEGkDvrmRnJm94BY4cGVa4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9198553/A59BFFE4D2ED11EF8DEE5120C4F9AE02/5042D03ED2EF11EFBA610425C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 161.248.186.0/23 Signature Algorithm: sha256WithRSAEncryption 4a:44:24:70:e6:48:ea:ac:ca:ff:a4:32:b1:dd:a5:15:9a:b2: bd:02:72:67:73:37:28:f5:a6:03:83:97:ff:01:d9:9f:1f:20: ef:33:f0:ad:29:d6:5b:2c:63:ef:27:59:42:eb:f5:be:40:0b: 08:77:32:5e:7f:f4:8d:2d:da:c7:3e:30:fc:f4:b9:cc:fd:e5: 6f:a1:c6:b9:c1:bc:54:46:0d:80:c9:4d:9d:ca:47:df:66:a7: e3:73:f0:a3:97:45:45:cb:04:87:66:53:20:1e:97:55:67:7b: cd:84:70:e2:26:07:7b:d2:fb:c0:5a:32:45:be:35:cf:c1:ca: a7:86:f7:ea:45:fb:7e:c1:78:17:01:aa:25:6b:e9:8c:fd:69: 1f:d8:06:03:06:57:54:f9:ac:2b:c3:2f:01:7b:5f:52:d0:41: 25:18:69:46:fe:db:7c:e4:34:06:f2:b5:c3:a8:c4:1d:7e:2e: ae:94:49:41:9e:ce:41:6e:61:6c:9b:eb:d1:eb:65:e4:63:2f: 04:0b:51:fd:1f:7f:51:3e:28:02:1e:f6:9f:11:8c:ef:42:4f: b1:1d:25:ad:eb:1d:17:50:3e:39:5a:a1:4c:5d:23:61:aa:e0: 0b:74:d4:bf:c6:dc:44:0a:73:4e:d7:2a:de:1e:63:90:c5:5f: 03:68:d4:95 -----BEGIN CERTIFICATE----- MIIFcDCCBFigAwIBAgIBBDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE5 ODU1MzExMC8GA1UEBRMoOTMwRERGNDEwMTA2OTAzQkVCOTkxOUM5OUJERTAxNjM4 NzA2NTVBRTAeFw0yNTAxMTUwMzE5MjNaFw0yNjA1MDEwMDAwMDBaMBgxFjAUBgNV BAMTDTY3ODcyOTNhLTZmNDgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQC4yCaOKQcwsAo4ANXFo86rCh2ro+HnhqBlbdIqQ0pz4wMhRV6Ip50G8DtCP/GC XseZ7iT+5dVph3TjA1zf0J06XxUTtclf5i9EGlgZmO17wNSK2QHfbfpVwDxm4m43 kxxTJ1Ltfg9gjXJFgWPj9inOdqopJPF28joLAB5cCyNaRgHhyaRC8i7g36lmD6dT UY5Nm1qxXvO3tSenqbxNCF5bZEH/aM3etjzCFAweFhTZDKl9X1z0CkCKlSA3JJQe DkCtd/0KmabVGpCfaR2YduKujXA5N57Ks8xSv1sgD5inEYOn0mtfLw8KLoNCmk+7 S7gSEAv67uhMfKJnX3gXDi/rAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUns5AkRkU 2UQm08QhY4R3jQMVjKIwHwYDVR0jBBgwFoAUkw3fQQEGkDvrmRnJm94BY4cGVa4w DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTk4NTUzL0E1OUJGRkU0RDJF RDExRUY4REVFNTEyMEM0RjlBRTAyL2t3M2ZRUUVHa0R2cm1SbkptOTRCWTRjR1Zh NC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIva3czZlFRRUdrRHZybVJuSm05NEJZNGNHVmE0LmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5 ODU1My9BNTlCRkZFNEQyRUQxMUVGOERFRTUxMjBDNEY5QUUwMi81MDQyRDAzRUQy RUYxMUVGQkE2MTA0MjVDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ MA4wDAQCAAEwBgMEAaH4ujANBgkqhkiG9w0BAQsFAAOCAQEASkQkcOZI6qzK/6Qy sd2lFZqyvQJyZ3M3KPWmA4OX/wHZnx8g7zPwrSnWWyxj7ydZQuv1vkALCHcyXn/0 jS3axz4w/PS5zP3lb6HGucG8VEYNgMlNncpH32an43Pwo5dFRcsEh2ZTIB6XVWd7 zYRw4iYHe9L7wFoyRb41z8HKp4b36kX7fsF4FwGqJWvpjP1pH9gGAwZXVPmsK8Mv AXtfUtBBJRhpRv7bfOQ0BvK1w6jEHX4urpRJQZ7OQW5hbJvr0etl5GMvBAtR/R9/ UT4oAh72nxGM70JPsR0lresdF1A+OVqhTF0jYargC3TUv8bcRApzTtcq3h5jkMVf A2jUlQ== -----END CERTIFICATE-----Generated at Wed Feb 5 23:08:42 2025 by rpki-client