$ rpki-client -vvf rpki.apnic.net/member_repository/A91AF207/ACB0685EC22811EF86E3484FC4F9AE02/DFAC15B0C22C11EFB3AEE476C4F9AE02.roa File: DFAC15B0C22C11EFB3AEE476C4F9AE02.roa (raw, json) Hash identifier: kwAnzY8sy28GuHuTAHp4dfauwLru447J5nFlWPhA168= Subject key identifier: 7D:57:D6:8B:E2:AB:F8:D0:94:F4:99:0E:37:E1:E1:4F:7C:7F:B5:4A Certificate issuer: /CN=A91AF207/serialNumber=2D223B56ED4D17A8178FE9FC63E3801A93B5A1D3 Certificate serial: 02 Authority key identifier: 2D:22:3B:56:ED:4D:17:A8:17:8F:E9:FC:63:E3:80:1A:93:B5:A1:D3 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/LSI7Vu1NF6gXj-n8Y-OAGpO1odM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91AF207/ACB0685EC22811EF86E3484FC4F9AE02/DFAC15B0C22C11EFB3AEE476C4F9AE02.roa Signing time: Tue 24 Dec 2024 19:25:46 +0000 ROA not before: Tue 24 Dec 2024 19:25:46 +0000 ROA not after: Tue 31 Mar 2026 00:00:00 +0000 asID: 135613 IP address blocks: 161.248.16.0/23 maxlen: 23 161.248.16.0/24 maxlen: 24 161.248.17.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91AF207/ACB0685EC22811EF86E3484FC4F9AE02/LSI7Vu1NF6gXj-n8Y-OAGpO1odM.crl rsync://rpki.apnic.net/member_repository/A91AF207/ACB0685EC22811EF86E3484FC4F9AE02/LSI7Vu1NF6gXj-n8Y-OAGpO1odM.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/LSI7Vu1NF6gXj-n8Y-OAGpO1odM.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 12 Feb 2025 06:22:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2 (0x2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91AF207 Validity Not Before: Dec 24 19:25:46 2024 GMT Not After : Mar 31 00:00:00 2026 GMT Subject: CN=676b0aba-c088 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:cf:6b:a2:60:26:05:93:b2:6d:f6:17:6e:77: ae:ab:2a:db:46:c6:36:c7:9a:b0:89:c6:8a:3f:4a: bf:97:76:e2:b7:f0:c4:26:41:c7:17:0e:aa:cf:c1: 9d:3c:b6:a0:81:a6:2a:b2:de:df:44:d5:37:34:b7: 46:46:f8:23:a7:a4:a4:47:8a:64:8b:bf:1a:75:24: df:88:b3:20:ba:c1:28:ab:7b:d6:12:59:4b:27:f0: d7:80:65:cb:96:97:e6:f5:9a:37:ca:5d:37:a5:78: 4c:8c:51:8d:cb:c5:91:6d:3a:0b:a5:1b:71:03:3f: 1c:02:d8:eb:34:ab:1a:36:2a:f4:52:37:96:ff:86: 1a:db:65:a4:54:de:95:a7:87:45:0d:3e:aa:c2:34: 61:ab:70:05:75:5a:09:46:b4:f6:c5:98:e6:5c:99: 36:c2:73:ab:61:a7:56:24:b4:d2:7e:98:d0:b4:23: 63:87:80:5f:fd:41:1a:14:f6:a7:38:9f:48:04:44: 0b:c8:e5:71:44:35:cb:d3:67:60:d5:13:bd:bc:f0: 79:82:ef:a5:93:50:47:ae:7a:86:1f:71:9b:b1:83: e4:2c:91:c8:79:93:4c:4f:5d:01:64:04:41:d9:36: f9:87:5c:c1:2d:da:81:36:f3:91:b1:fc:1b:b1:f6: 7c:41 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7D:57:D6:8B:E2:AB:F8:D0:94:F4:99:0E:37:E1:E1:4F:7C:7F:B5:4A X509v3 Authority Key Identifier: keyid:2D:22:3B:56:ED:4D:17:A8:17:8F:E9:FC:63:E3:80:1A:93:B5:A1:D3 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91AF207/ACB0685EC22811EF86E3484FC4F9AE02/LSI7Vu1NF6gXj-n8Y-OAGpO1odM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/LSI7Vu1NF6gXj-n8Y-OAGpO1odM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AF207/ACB0685EC22811EF86E3484FC4F9AE02/DFAC15B0C22C11EFB3AEE476C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 161.248.16.0/23 Signature Algorithm: sha256WithRSAEncryption 43:d5:f3:aa:b1:c2:45:0f:8c:64:e7:52:5a:9e:2c:66:7f:72: f5:e4:2a:e4:16:38:9a:a7:b9:98:61:fc:dc:59:ed:46:36:2a: b7:6b:00:eb:ee:29:a3:b2:63:4b:c7:fc:79:0b:da:4c:73:99: 32:8f:0d:79:b6:49:e3:95:ad:56:4e:c8:81:67:30:70:aa:cb: 4d:dd:98:dd:51:8e:6d:e8:ab:87:26:20:eb:f5:c2:8c:5d:3e: 27:ac:cf:06:be:81:b9:7e:b0:ca:8c:ac:0c:f1:b2:f6:03:9d: 54:49:97:25:09:1c:cb:e9:61:73:21:fe:56:c5:9a:90:4a:76: 41:db:f0:c4:87:ab:32:47:f4:b6:1d:e0:62:b9:2d:d1:53:0c: 4e:f7:b4:34:fd:d9:ca:4a:89:1a:81:60:a1:c4:b0:6f:67:af: 56:b7:ff:6c:1b:a0:32:2a:03:50:b9:ff:cf:fd:bb:b4:e6:e4: 5a:10:ac:64:f7:22:e1:c2:35:7a:f2:50:77:d8:b1:26:70:b8: 4f:f4:1b:b4:b4:82:54:cd:39:c2:92:83:3f:54:5a:42:0f:53: 7e:34:6f:0b:7e:2c:78:c5:0a:0b:ce:91:ec:81:10:f1:cc:e5: c4:72:59:d3:80:fb:92:4d:ec:02:63:5b:2e:b7:4a:d0:79:7e: 26:d5:84:fc -----BEGIN CERTIFICATE----- MIIFcDCCBFigAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFB RjIwNzExMC8GA1UEBRMoMkQyMjNCNTZFRDREMTdBODE3OEZFOUZDNjNFMzgwMUE5 M0I1QTFEMzAeFw0yNDEyMjQxOTI1NDZaFw0yNjAzMzEwMDAwMDBaMBgxFjAUBgNV BAMTDTY3NmIwYWJhLWMwODgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDOz2uiYCYFk7Jt9hdud66rKttGxjbHmrCJxoo/Sr+XduK38MQmQccXDqrPwZ08 tqCBpiqy3t9E1Tc0t0ZG+COnpKRHimSLvxp1JN+IsyC6wSire9YSWUsn8NeAZcuW l+b1mjfKXTeleEyMUY3LxZFtOgulG3EDPxwC2Os0qxo2KvRSN5b/hhrbZaRU3pWn h0UNPqrCNGGrcAV1WglGtPbFmOZcmTbCc6thp1YktNJ+mNC0I2OHgF/9QRoU9qc4 n0gERAvI5XFENcvTZ2DVE7288HmC76WTUEeueoYfcZuxg+Qskch5k0xPXQFkBEHZ NvmHXMEt2oE285Gx/Bux9nxBAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUfVfWi+Kr +NCU9JkON+HhT3x/tUowHwYDVR0jBBgwFoAULSI7Vu1NF6gXj+n8Y+OAGpO1odMw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUFGMjA3L0FDQjA2ODVFQzIy ODExRUY4NkUzNDg0RkM0RjlBRTAyL0xTSTdWdTFORjZnWGotbjhZLU9BR3BPMW9k TS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvTFNJN1Z1MU5GNmdYai1uOFktT0FHcE8xb2RNLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB RjIwNy9BQ0IwNjg1RUMyMjgxMUVGODZFMzQ4NEZDNEY5QUUwMi9ERkFDMTVCMEMy MkMxMUVGQjNBRUU0NzZDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ MA4wDAQCAAEwBgMEAaH4EDANBgkqhkiG9w0BAQsFAAOCAQEAQ9XzqrHCRQ+MZOdS Wp4sZn9y9eQq5BY4mqe5mGH83FntRjYqt2sA6+4po7JjS8f8eQvaTHOZMo8NebZJ 45WtVk7IgWcwcKrLTd2Y3VGObeirhyYg6/XCjF0+J6zPBr6BuX6wyoysDPGy9gOd VEmXJQkcy+lhcyH+VsWakEp2QdvwxIerMkf0th3gYrkt0VMMTve0NP3ZykqJGoFg ocSwb2evVrf/bBugMioDULn/z/27tObkWhCsZPci4cI1evJQd9ixJnC4T/QbtLSC VM05wpKDP1RaQg9TfjRvC34seMUKC86R7IEQ8czlxHJZ04D7kk3sAmNbLrdK0Hl+ JtWE/A== -----END CERTIFICATE-----Generated at Wed Feb 5 23:06:23 2025 by rpki-client