$ rpki-client -vvf rpki.apnic.net/member_repository/A91C022C/B1C18230D4B911EF9FA8E24FC4F9AE02/372B21F6D4BA11EFA5BAA345C4F9AE02.roa File: 372B21F6D4BA11EFA5BAA345C4F9AE02.roa (raw, json) Hash identifier: 0VQHEL6AI7GrKoKG052X6QJW7qwnCtlNzYdHLuxNwGs= Subject key identifier: B5:B7:DD:75:16:A1:F7:61:DB:31:7D:DF:75:42:17:BA:98:99:4F:07 Certificate issuer: /CN=A91C022C/serialNumber=3BA2558CA5F1A037D9696F567AE81367C6EE35E6 Certificate serial: 02 Authority key identifier: 3B:A2:55:8C:A5:F1:A0:37:D9:69:6F:56:7A:E8:13:67:C6:EE:35:E6 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/O6JVjKXxoDfZaW9WeugTZ8buNeY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C022C/B1C18230D4B911EF9FA8E24FC4F9AE02/372B21F6D4BA11EFA5BAA345C4F9AE02.roa Signing time: Fri 17 Jan 2025 10:02:53 +0000 ROA not before: Fri 17 Jan 2025 10:02:53 +0000 ROA not after: Fri 01 May 2026 00:00:00 +0000 asID: 153528 IP address blocks: 161.248.200.0/23 maxlen: 23 161.248.200.0/24 maxlen: 24 161.248.201.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C022C/B1C18230D4B911EF9FA8E24FC4F9AE02/O6JVjKXxoDfZaW9WeugTZ8buNeY.crl rsync://rpki.apnic.net/member_repository/A91C022C/B1C18230D4B911EF9FA8E24FC4F9AE02/O6JVjKXxoDfZaW9WeugTZ8buNeY.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/O6JVjKXxoDfZaW9WeugTZ8buNeY.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 12 Feb 2025 06:32:01 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2 (0x2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C022C Validity Not Before: Jan 17 10:02:53 2025 GMT Not After : May 1 00:00:00 2026 GMT Subject: CN=678a2acc-7179 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e4:4f:c4:9f:1f:e4:41:71:87:53:03:dc:1c:b4: dc:7e:77:03:dd:17:f6:02:57:1a:f7:50:0a:bc:e6: cf:77:2d:db:46:12:8c:69:dc:f4:69:b9:d8:e5:71: 01:87:3a:0b:1a:a3:e3:68:35:0f:a9:fb:d9:32:f5: 96:0c:a1:2c:50:77:f1:73:5b:f3:cd:23:b9:30:72: 05:9a:bd:dd:5a:7f:b0:09:a3:b1:b2:19:2e:c5:3b: c4:7a:59:18:f4:84:c5:8b:23:27:2e:7d:df:b5:09: 7d:e2:62:4a:f3:47:47:33:ef:32:77:6f:db:3e:2b: bf:6c:c1:f3:66:bb:4b:85:db:e2:94:8c:34:a8:16: 08:46:c8:30:80:ea:5b:12:3d:30:b5:27:e3:ff:be: 72:b5:d1:20:56:a7:b8:fa:15:0c:15:89:58:e9:54: 47:be:73:d5:e1:c7:89:5a:04:79:3b:78:da:12:e0: 57:85:8e:72:ed:37:dc:48:ff:bd:cf:af:4d:50:83: ae:74:0d:b2:48:b2:75:6a:5a:ab:fb:f6:47:c4:8c: 99:fa:55:9d:8b:fc:dd:29:f4:c2:1e:dc:05:21:3f: 87:6e:df:e2:8b:68:95:be:95:33:70:64:22:39:5b: 2b:7f:9b:f1:48:a2:29:fb:35:93:8a:04:42:a7:26: 52:1d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B5:B7:DD:75:16:A1:F7:61:DB:31:7D:DF:75:42:17:BA:98:99:4F:07 X509v3 Authority Key Identifier: keyid:3B:A2:55:8C:A5:F1:A0:37:D9:69:6F:56:7A:E8:13:67:C6:EE:35:E6 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C022C/B1C18230D4B911EF9FA8E24FC4F9AE02/O6JVjKXxoDfZaW9WeugTZ8buNeY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/O6JVjKXxoDfZaW9WeugTZ8buNeY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C022C/B1C18230D4B911EF9FA8E24FC4F9AE02/372B21F6D4BA11EFA5BAA345C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 161.248.200.0/23 Signature Algorithm: sha256WithRSAEncryption 6a:21:f0:c9:7e:dd:29:1f:9b:cc:a5:ce:db:6b:dc:00:29:da: 0a:2d:88:29:db:db:a2:4a:9b:90:bb:21:b4:8e:2c:5a:5b:cc: 18:c1:27:ee:93:d0:7a:7c:f4:8a:7c:ea:dc:25:d3:a0:53:92: 1f:08:8e:c2:36:4b:a7:4a:bc:04:a2:cb:51:c5:e5:77:e9:e1: 94:0f:82:77:3b:68:b2:d5:2a:dc:1b:9e:16:dd:4c:c3:9b:cf: c0:fa:72:89:c4:d6:e5:3b:ed:b3:95:2c:72:2f:71:1a:85:e7: 6d:03:fb:02:6b:8b:a5:07:05:71:0e:cb:8c:63:f9:92:7b:63: b2:d7:8f:e9:1d:31:14:63:55:8c:2e:61:c4:72:1c:9d:4b:63: b9:19:ea:58:bb:9c:ec:2c:1a:3a:ec:0d:27:05:7d:fd:a4:4e: 18:32:8b:c3:d1:c6:47:3e:62:30:ae:f1:18:3b:b9:35:7e:be: f7:20:f2:55:9f:56:ad:bb:4a:f5:ca:90:a9:0f:e9:64:34:36: 3a:e9:54:2a:8f:75:b6:90:52:18:f1:c2:55:38:76:f6:dd:2b: 2b:bc:7c:c2:65:5a:b5:c5:9f:39:36:c6:ac:06:db:d6:7c:7d: e5:ed:25:77:d4:30:67:d2:8a:54:cf:df:74:0b:d7:a9:da:fb: 54:58:29:85 -----BEGIN CERTIFICATE----- MIIFcDCCBFigAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFD MDIyQzExMC8GA1UEBRMoM0JBMjU1OENBNUYxQTAzN0Q5Njk2RjU2N0FFODEzNjdD NkVFMzVFNjAeFw0yNTAxMTcxMDAyNTNaFw0yNjA1MDEwMDAwMDBaMBgxFjAUBgNV BAMTDTY3OGEyYWNjLTcxNzkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDkT8SfH+RBcYdTA9wctNx+dwPdF/YCVxr3UAq85s93LdtGEoxp3PRpudjlcQGH Ogsao+NoNQ+p+9ky9ZYMoSxQd/FzW/PNI7kwcgWavd1af7AJo7GyGS7FO8R6WRj0 hMWLIycufd+1CX3iYkrzR0cz7zJ3b9s+K79swfNmu0uF2+KUjDSoFghGyDCA6lsS PTC1J+P/vnK10SBWp7j6FQwViVjpVEe+c9Xhx4laBHk7eNoS4FeFjnLtN9xI/73P r01Qg650DbJIsnVqWqv79kfEjJn6VZ2L/N0p9MIe3AUhP4du3+KLaJW+lTNwZCI5 Wyt/m/FIoin7NZOKBEKnJlIdAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUtbfddRah 92HbMX3fdUIXupiZTwcwHwYDVR0jBBgwFoAUO6JVjKXxoDfZaW9WeugTZ8buNeYw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUMwMjJDL0IxQzE4MjMwRDRC OTExRUY5RkE4RTI0RkM0RjlBRTAyL082SlZqS1h4b0RmWmFXOVdldWdUWjhidU5l WS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvTzZKVmpLWHhvRGZaYVc5V2V1Z1RaOGJ1TmVZLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD MDIyQy9CMUMxODIzMEQ0QjkxMUVGOUZBOEUyNEZDNEY5QUUwMi8zNzJCMjFGNkQ0 QkExMUVGQTVCQUEzNDVDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ MA4wDAQCAAEwBgMEAaH4yDANBgkqhkiG9w0BAQsFAAOCAQEAaiHwyX7dKR+bzKXO 22vcACnaCi2IKdvbokqbkLshtI4sWlvMGMEn7pPQenz0inzq3CXToFOSHwiOwjZL p0q8BKLLUcXld+nhlA+CdztostUq3BueFt1Mw5vPwPpyicTW5Tvts5Usci9xGoXn bQP7AmuLpQcFcQ7LjGP5kntjsteP6R0xFGNVjC5hxHIcnUtjuRnqWLuc7CwaOuwN JwV9/aROGDKLw9HGRz5iMK7xGDu5NX6+9yDyVZ9WrbtK9cqQqQ/pZDQ2OulUKo91 tpBSGPHCVTh29t0rK7x8wmVatcWfOTbGrAbb1nx95e0ld9QwZ9KKVM/fdAvXqdr7 VFgphQ== -----END CERTIFICATE-----Generated at Wed Feb 5 22:51:12 2025 by rpki-client