$ rpki-client -vvf rpki.apnic.net/member_repository/A91E5832/1ED452ACD0BA11EF896CD026C4F9AE02/A947EC6ED0BA11EFB7A6B027C4F9AE02.roa File: A947EC6ED0BA11EFB7A6B027C4F9AE02.roa (raw, json) Hash identifier: RZ0QTKiTTNx8zLcCMyWL6kS10XE+JurXOmLszG1L2Po= Subject key identifier: 72:3A:F1:29:0B:38:37:ED:33:9D:C6:87:AB:00:45:FB:1D:5F:CE:67 Certificate issuer: /CN=A91E5832/serialNumber=6147A2A6F106DC56013DC3BCFBA0B4B753ECD1BC Certificate serial: 02 Authority key identifier: 61:47:A2:A6:F1:06:DC:56:01:3D:C3:BC:FB:A0:B4:B7:53:EC:D1:BC Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YUeipvEG3FYBPcO8-6C0t1Ps0bw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E5832/1ED452ACD0BA11EF896CD026C4F9AE02/A947EC6ED0BA11EFB7A6B027C4F9AE02.roa Signing time: Sun 12 Jan 2025 07:55:59 +0000 ROA not before: Sun 12 Jan 2025 07:55:59 +0000 ROA not after: Sat 31 Jan 2026 00:00:00 +0000 asID: 132714 IP address blocks: 160.191.38.0/24 maxlen: 24 160.191.39.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E5832/1ED452ACD0BA11EF896CD026C4F9AE02/YUeipvEG3FYBPcO8-6C0t1Ps0bw.crl rsync://rpki.apnic.net/member_repository/A91E5832/1ED452ACD0BA11EF896CD026C4F9AE02/YUeipvEG3FYBPcO8-6C0t1Ps0bw.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YUeipvEG3FYBPcO8-6C0t1Ps0bw.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 12 Feb 2025 06:29:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2 (0x2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5832 Validity Not Before: Jan 12 07:55:59 2025 GMT Not After : Jan 31 00:00:00 2026 GMT Subject: CN=6783758f-7684 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f4:7f:1a:83:26:99:e4:eb:f1:c6:26:d9:99:9c: 56:b5:9d:64:45:f0:36:6f:25:cb:db:38:c1:9a:4e: cf:0b:b6:0f:77:35:76:fa:63:0d:96:ff:cb:e8:01: 4e:4b:bb:eb:0a:89:19:24:8d:b9:60:5f:23:e6:a9: 8a:05:0b:ef:d9:c5:33:bd:56:d6:01:cb:5c:f9:ff: f5:88:c2:d4:18:ab:bd:01:bc:ce:00:a5:b7:86:aa: af:2f:a5:20:62:6a:08:a3:a8:05:82:2b:93:55:38: 10:e7:2c:f4:5e:e9:a7:13:5e:8a:2c:f2:c3:7c:90: c1:bc:55:23:44:34:06:93:7d:42:52:19:26:36:be: 9a:f3:06:ef:1a:cc:89:e2:82:12:94:d0:63:df:cf: 74:66:38:ec:2f:b8:5a:5d:8c:44:cd:4f:f8:33:ce: 69:87:e0:44:ef:b8:86:49:5d:59:c9:ac:61:8e:8c: c1:42:03:46:5a:2d:37:b7:17:7e:ec:2c:a2:aa:d7: 25:41:94:4c:a3:7f:1c:1c:30:52:31:b8:74:6b:1b: 4b:7c:92:59:64:9e:ca:f6:18:6f:ed:ae:b1:5d:51: 61:e4:6c:3f:83:af:9f:a4:54:1e:10:f1:94:fe:64: 75:71:07:27:21:55:be:7f:ed:5a:1b:35:47:64:48: 4e:39 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 72:3A:F1:29:0B:38:37:ED:33:9D:C6:87:AB:00:45:FB:1D:5F:CE:67 X509v3 Authority Key Identifier: keyid:61:47:A2:A6:F1:06:DC:56:01:3D:C3:BC:FB:A0:B4:B7:53:EC:D1:BC X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E5832/1ED452ACD0BA11EF896CD026C4F9AE02/YUeipvEG3FYBPcO8-6C0t1Ps0bw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YUeipvEG3FYBPcO8-6C0t1Ps0bw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E5832/1ED452ACD0BA11EF896CD026C4F9AE02/A947EC6ED0BA11EFB7A6B027C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 160.191.38.0/23 Signature Algorithm: sha256WithRSAEncryption 36:5f:86:06:ee:2a:16:8f:a6:53:33:bd:0f:80:dd:77:cf:8c: c3:87:2a:e2:3e:f3:69:70:d5:fb:b5:9a:da:03:06:b2:17:08: e1:0f:49:44:19:5a:df:08:d9:bd:2e:b7:da:64:10:25:ea:51: f0:69:28:88:c5:11:cc:4c:da:58:d7:82:c5:b3:3b:93:6e:a7: ab:d5:e2:b9:9f:2d:66:63:b9:f1:26:dc:82:cc:d3:16:f0:d4: ce:93:39:5a:27:57:e0:45:7b:c5:c7:22:02:d3:51:4f:47:2a: 0b:9e:7c:36:20:1b:00:12:ca:50:d4:bd:75:aa:1b:cc:bc:1d: 38:e4:da:90:1e:f1:ab:7b:f7:4f:dc:41:42:78:68:8d:5f:d2: f5:17:39:ea:30:06:aa:39:d4:4f:08:6f:18:ff:e3:39:ae:58: 33:e0:1a:b9:ea:ab:74:d0:6b:77:cf:6e:f1:b7:3a:37:51:f6: e0:e5:df:07:b8:b2:2c:ee:9f:43:0c:43:85:f1:08:a0:7f:68: d1:64:8e:41:40:f9:3e:80:72:ba:4d:48:09:ba:6c:1b:dd:4f: fa:56:87:73:1f:66:d6:40:ff:15:a4:0d:fd:db:6a:c8:ab:d9: 64:51:92:6f:1d:3e:33:50:37:47:f7:fc:2f:9d:66:52:07:c3: 6b:f3:b7:71 -----BEGIN CERTIFICATE----- MIIFcDCCBFigAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFF NTgzMjExMC8GA1UEBRMoNjE0N0EyQTZGMTA2REM1NjAxM0RDM0JDRkJBMEI0Qjc1 M0VDRDFCQzAeFw0yNTAxMTIwNzU1NTlaFw0yNjAxMzEwMDAwMDBaMBgxFjAUBgNV BAMTDTY3ODM3NThmLTc2ODQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQD0fxqDJpnk6/HGJtmZnFa1nWRF8DZvJcvbOMGaTs8Ltg93NXb6Yw2W/8voAU5L u+sKiRkkjblgXyPmqYoFC+/ZxTO9VtYBy1z5//WIwtQYq70BvM4ApbeGqq8vpSBi agijqAWCK5NVOBDnLPRe6acTXoos8sN8kMG8VSNENAaTfUJSGSY2vprzBu8azIni ghKU0GPfz3RmOOwvuFpdjETNT/gzzmmH4ETvuIZJXVnJrGGOjMFCA0ZaLTe3F37s LKKq1yVBlEyjfxwcMFIxuHRrG0t8kllknsr2GG/trrFdUWHkbD+Dr5+kVB4Q8ZT+ ZHVxBychVb5/7VobNUdkSE45AgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUcjrxKQs4 N+0zncaHqwBF+x1fzmcwHwYDVR0jBBgwFoAUYUeipvEG3FYBPcO8+6C0t1Ps0bww DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUU1ODMyLzFFRDQ1MkFDRDBC QTExRUY4OTZDRDAyNkM0RjlBRTAyL1lVZWlwdkVHM0ZZQlBjTzgtNkMwdDFQczBi dy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvWVVlaXB2RUczRllCUGNPOC02QzB0MVBzMGJ3LmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF NTgzMi8xRUQ0NTJBQ0QwQkExMUVGODk2Q0QwMjZDNEY5QUUwMi9BOTQ3RUM2RUQw QkExMUVGQjdBNkIwMjdDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ MA4wDAQCAAEwBgMEAaC/JjANBgkqhkiG9w0BAQsFAAOCAQEANl+GBu4qFo+mUzO9 D4Ddd8+Mw4cq4j7zaXDV+7Wa2gMGshcI4Q9JRBla3wjZvS632mQQJepR8GkoiMUR zEzaWNeCxbM7k26nq9XiuZ8tZmO58SbcgszTFvDUzpM5WidX4EV7xcciAtNRT0cq C558NiAbABLKUNS9daobzLwdOOTakB7xq3v3T9xBQnhojV/S9Rc56jAGqjnUTwhv GP/jOa5YM+AaueqrdNBrd89u8bc6N1H24OXfB7iyLO6fQwxDhfEIoH9o0WSOQUD5 PoByuk1ICbpsG91P+laHcx9m1kD/FaQN/dtqyKvZZFGSbx0+M1A3R/f8L51mUgfD a/O3cQ== -----END CERTIFICATE-----Generated at Wed Feb 5 23:10:29 2025 by rpki-client