$ rpki-client -vvf rpki.apnic.net/member_repository/A91AAC4B/DE3F889ACD7D11EFAA07230AC4F9AE02/B6A31094CD7E11EFBBAE2137C4F9AE02.roa File: B6A31094CD7E11EFBBAE2137C4F9AE02.roa (raw, json) Hash identifier: f1IFYkIgMkQ3+JyMSl70ACqIsH3T9EI7K8/rW2krDH4= Subject key identifier: 2D:17:F2:16:16:82:37:30:4A:43:82:77:F1:19:CF:E8:53:4A:F0:23 Certificate issuer: /CN=A91AAC4B/serialNumber=E38A5EDE1968C9375E51551FAE98888A0BB54490 Certificate serial: 02 Authority key identifier: E3:8A:5E:DE:19:68:C9:37:5E:51:55:1F:AE:98:88:8A:0B:B5:44:90 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/44pe3hloyTdeUVUfrpiIigu1RJA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91AAC4B/DE3F889ACD7D11EFAA07230AC4F9AE02/B6A31094CD7E11EFBBAE2137C4F9AE02.roa Signing time: Wed 08 Jan 2025 05:09:18 +0000 ROA not before: Wed 08 Jan 2025 05:09:18 +0000 ROA not after: Tue 31 Mar 2026 00:00:00 +0000 asID: 150339 IP address blocks: 161.248.53.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91AAC4B/DE3F889ACD7D11EFAA07230AC4F9AE02/44pe3hloyTdeUVUfrpiIigu1RJA.crl rsync://rpki.apnic.net/member_repository/A91AAC4B/DE3F889ACD7D11EFAA07230AC4F9AE02/44pe3hloyTdeUVUfrpiIigu1RJA.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/44pe3hloyTdeUVUfrpiIigu1RJA.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 12 Feb 2025 06:27:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2 (0x2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91AAC4B Validity Not Before: Jan 8 05:09:18 2025 GMT Not After : Mar 31 00:00:00 2026 GMT Subject: CN=677e087e-9085 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:59:bc:68:72:dc:48:3e:8d:18:23:94:07:9a: 48:89:8a:18:f7:a9:0c:72:1c:46:3d:43:46:04:61: 77:41:08:3a:55:fc:4c:ea:8b:32:92:92:99:d3:0c: 0b:4f:0a:7a:36:50:ef:77:45:26:19:71:9b:a9:37: db:03:43:1c:b1:a8:69:3f:7a:ff:d9:30:a4:ee:e6: e7:ff:34:86:78:ce:9f:38:36:10:64:34:98:c6:a1: 3e:0b:6f:52:67:4f:63:b0:a9:28:a1:41:32:03:4b: 74:30:67:b4:83:31:01:22:d7:f9:60:68:1b:43:da: 72:5f:c3:37:57:08:81:31:de:2b:3c:e3:48:46:63: 37:a5:6e:9e:89:07:33:2a:6c:ae:af:d7:90:3e:a6: 3e:71:9c:29:76:ff:34:e0:65:65:08:94:18:a6:4a: 68:ca:8b:0f:e3:6f:0c:e9:7b:a8:fa:21:f7:65:04: c1:dd:cc:67:26:f2:1f:a7:48:75:bc:ca:76:ab:32: 07:f1:97:f3:f9:78:25:2b:9d:c2:de:f6:b2:5e:dc: 3b:69:fd:d8:aa:e7:65:26:8f:5d:b3:4d:72:40:a0: 27:88:cf:de:87:b2:5c:d2:e6:33:f9:29:70:03:9e: 56:ed:04:3b:fc:67:90:17:f2:5b:d4:da:e8:c8:29: 27:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2D:17:F2:16:16:82:37:30:4A:43:82:77:F1:19:CF:E8:53:4A:F0:23 X509v3 Authority Key Identifier: keyid:E3:8A:5E:DE:19:68:C9:37:5E:51:55:1F:AE:98:88:8A:0B:B5:44:90 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91AAC4B/DE3F889ACD7D11EFAA07230AC4F9AE02/44pe3hloyTdeUVUfrpiIigu1RJA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/44pe3hloyTdeUVUfrpiIigu1RJA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AAC4B/DE3F889ACD7D11EFAA07230AC4F9AE02/B6A31094CD7E11EFBBAE2137C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 161.248.53.0/24 Signature Algorithm: sha256WithRSAEncryption 04:74:26:7c:9d:26:f4:d0:a9:c4:43:2c:cb:2f:dd:6b:9c:08: d2:57:cb:6b:c8:97:fa:72:bb:25:cd:63:de:8b:df:a6:ea:7e: 71:b3:92:ec:8f:e6:91:44:c2:b5:29:7f:67:9e:f5:a3:c3:a7: 74:09:36:54:1a:8c:75:37:d1:9e:a0:1c:e6:c8:29:38:4f:9b: 92:25:ff:d4:da:fe:47:21:58:dd:f7:a2:08:44:76:fb:ad:2d: 78:dd:98:3b:45:36:3e:8f:2e:5f:73:85:ac:59:f3:5e:3a:d2: 1f:37:5d:5f:68:f7:59:71:97:3b:9d:a7:e6:61:90:26:5c:84: fe:e5:c4:9e:1a:35:34:85:c9:76:8e:d1:b8:75:88:1d:48:61: 5e:c8:75:5f:01:fa:ef:aa:89:8f:a7:8f:6b:9c:f5:e8:5f:6c: 2c:b8:ce:33:f6:37:f3:ac:58:4b:32:7e:eb:72:dd:07:5b:a0: 03:80:41:05:65:eb:6d:92:6c:c6:6f:eb:75:80:ab:ba:6b:87: 84:86:e0:ba:bb:d6:c5:3f:90:1d:22:3e:86:b8:7c:a7:46:30: ed:8b:87:33:2b:fc:0b:69:87:7f:2d:8d:6d:38:a6:ed:35:84: da:a7:9b:9a:aa:0a:7b:37:73:0d:a7:e9:46:e2:d4:6a:c3:e5: 64:55:5f:f7 -----BEGIN CERTIFICATE----- MIIFcDCCBFigAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFB QUM0QjExMC8GA1UEBRMoRTM4QTVFREUxOTY4QzkzNzVFNTE1NTFGQUU5ODg4OEEw QkI1NDQ5MDAeFw0yNTAxMDgwNTA5MThaFw0yNjAzMzEwMDAwMDBaMBgxFjAUBgNV BAMTDTY3N2UwODdlLTkwODUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCmWbxoctxIPo0YI5QHmkiJihj3qQxyHEY9Q0YEYXdBCDpV/EzqizKSkpnTDAtP Cno2UO93RSYZcZupN9sDQxyxqGk/ev/ZMKTu5uf/NIZ4zp84NhBkNJjGoT4Lb1Jn T2OwqSihQTIDS3QwZ7SDMQEi1/lgaBtD2nJfwzdXCIEx3is840hGYzelbp6JBzMq bK6v15A+pj5xnCl2/zTgZWUIlBimSmjKiw/jbwzpe6j6IfdlBMHdzGcm8h+nSHW8 ynarMgfxl/P5eCUrncLe9rJe3Dtp/diq52Umj12zTXJAoCeIz96HslzS5jP5KXAD nlbtBDv8Z5AX8lvU2ujIKSdFAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQULRfyFhaC NzBKQ4J38RnP6FNK8CMwHwYDVR0jBBgwFoAU44pe3hloyTdeUVUfrpiIigu1RJAw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUFBQzRCL0RFM0Y4ODlBQ0Q3 RDExRUZBQTA3MjMwQUM0RjlBRTAyLzQ0cGUzaGxveVRkZVVWVWZycGlJaWd1MVJK QS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvNDRwZTNobG95VGRlVVZVZnJwaUlpZ3UxUkpBLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB QUM0Qi9ERTNGODg5QUNEN0QxMUVGQUEwNzIzMEFDNEY5QUUwMi9CNkEzMTA5NENE N0UxMUVGQkJBRTIxMzdDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ MA4wDAQCAAEwBgMEAKH4NTANBgkqhkiG9w0BAQsFAAOCAQEABHQmfJ0m9NCpxEMs yy/da5wI0lfLa8iX+nK7Jc1j3ovfpup+cbOS7I/mkUTCtSl/Z571o8OndAk2VBqM dTfRnqAc5sgpOE+bkiX/1Nr+RyFY3feiCER2+60teN2YO0U2Po8uX3OFrFnzXjrS HzddX2j3WXGXO52n5mGQJlyE/uXEnho1NIXJdo7RuHWIHUhhXsh1XwH676qJj6eP a5z16F9sLLjOM/Y386xYSzJ+63LdB1ugA4BBBWXrbZJsxm/rdYCrumuHhIbgurvW xT+QHSI+hrh8p0Yw7YuHMyv8C2mHfy2NbTim7TWE2qebmqoKezdzDafpRuLUasPl ZFVf9w== -----END CERTIFICATE-----Generated at Wed Feb 5 22:50:59 2025 by rpki-client