$ rpki-client -vvf rpki.apnic.net/member_repository/A91E5EEA/E3FCD144D4CF11EF98DF982BC4F9AE02/A8495504D4D011EFB6100F2DC4F9AE02.roa File: A8495504D4D011EFB6100F2DC4F9AE02.roa (raw, json) Hash identifier: Md7FVpdf2MqwxZW9/DFpDf2r/UivUhUhenoGocEe9lg= Subject key identifier: CE:34:FB:9E:D7:0E:A7:A4:A3:56:B2:4E:59:32:93:C9:90:B1:C9:14 Certificate issuer: /CN=A91E5EEA/serialNumber=D60C30B1A9F59C959AD4967F2F6D572ACB75299C Certificate serial: 02 Authority key identifier: D6:0C:30:B1:A9:F5:9C:95:9A:D4:96:7F:2F:6D:57:2A:CB:75:29:9C Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1gwwsan1nJWa1JZ_L21XKst1KZw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E5EEA/E3FCD144D4CF11EF98DF982BC4F9AE02/A8495504D4D011EFB6100F2DC4F9AE02.roa Signing time: Fri 17 Jan 2025 12:43:31 +0000 ROA not before: Fri 17 Jan 2025 12:43:31 +0000 ROA not after: Tue 30 Dec 2025 00:00:00 +0000 asID: 139820 IP address blocks: 160.187.126.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E5EEA/E3FCD144D4CF11EF98DF982BC4F9AE02/1gwwsan1nJWa1JZ_L21XKst1KZw.crl rsync://rpki.apnic.net/member_repository/A91E5EEA/E3FCD144D4CF11EF98DF982BC4F9AE02/1gwwsan1nJWa1JZ_L21XKst1KZw.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1gwwsan1nJWa1JZ_L21XKst1KZw.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 12 Feb 2025 06:32:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2 (0x2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5EEA Validity Not Before: Jan 17 12:43:31 2025 GMT Not After : Dec 30 00:00:00 2025 GMT Subject: CN=678a5073-9c49 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:49:8b:a7:40:5d:90:9c:14:fd:a1:d6:f4:1a: e4:d8:40:f8:34:a8:4b:b8:d1:73:1a:96:cb:4e:d0: 3a:8e:8e:e7:dc:2b:db:1a:bd:7d:a8:bb:d4:b2:44: 14:23:af:93:dc:cc:53:2c:76:41:44:df:8b:f6:e4: eb:e3:3c:65:db:42:18:42:df:5b:44:33:dc:4f:a8: 1e:9e:de:9d:88:45:59:a7:a9:dc:9a:8e:bd:6b:99: f3:a1:02:77:46:04:90:a4:28:5e:b9:6e:da:fa:f8: 79:bb:3d:0a:36:68:4f:7d:de:6a:6e:ea:c7:cb:b9: 3e:46:9b:54:3a:e8:b0:8a:64:55:c2:bf:d6:57:2e: f8:30:d2:df:23:37:c1:48:e3:b9:1b:ef:fd:53:5a: 50:fc:4a:64:5f:e4:f0:97:87:85:f3:11:24:e3:1e: 36:a6:58:cd:06:95:d5:1b:a1:db:d7:bf:7c:0a:67: 31:ef:2d:54:0a:5f:b8:6a:f0:19:17:34:d9:d2:9d: eb:51:74:e2:e1:5c:32:ba:1d:29:7d:c3:8d:4c:ee: 87:16:85:5b:5b:f6:b1:23:1d:3c:6e:0e:20:42:00: d2:26:2a:df:96:20:b0:4e:67:3b:36:f3:1a:2c:87: 54:c9:b0:05:74:68:de:6a:b7:9c:05:83:38:f4:5c: 90:51 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CE:34:FB:9E:D7:0E:A7:A4:A3:56:B2:4E:59:32:93:C9:90:B1:C9:14 X509v3 Authority Key Identifier: keyid:D6:0C:30:B1:A9:F5:9C:95:9A:D4:96:7F:2F:6D:57:2A:CB:75:29:9C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E5EEA/E3FCD144D4CF11EF98DF982BC4F9AE02/1gwwsan1nJWa1JZ_L21XKst1KZw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1gwwsan1nJWa1JZ_L21XKst1KZw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E5EEA/E3FCD144D4CF11EF98DF982BC4F9AE02/A8495504D4D011EFB6100F2DC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 160.187.126.0/24 Signature Algorithm: sha256WithRSAEncryption 6a:34:54:3d:b7:58:fa:6c:30:c8:c4:5e:3d:01:87:54:27:b9: 95:ce:c9:bd:28:73:f9:f1:30:08:62:e8:23:32:b2:af:64:e7: ed:02:0d:dd:6a:51:0e:1d:2a:11:9b:4e:00:f0:f0:db:4b:5d: 24:80:6a:a4:87:d0:d5:b4:04:d2:39:84:44:5c:24:e4:3d:78: 41:a9:92:1d:a1:a6:58:76:97:2e:84:07:4a:00:5b:1d:30:9c: 5b:79:cb:5f:3f:d5:fc:68:76:8b:bb:a7:e5:c7:e3:18:9d:9d: 37:ca:e1:cc:74:e9:a1:29:d9:6e:1a:cf:5c:90:74:6c:0f:46: ac:9e:a7:11:1f:23:37:3a:a0:15:22:ab:1e:68:e6:f0:47:e0: e7:ff:d8:cc:c3:c4:e1:ca:c5:c7:33:37:a2:c4:3e:41:93:39: 70:3f:19:ae:1a:63:dc:99:b5:f0:c7:f1:5c:3d:77:cb:55:06: 68:7d:ab:26:42:ca:11:2c:4a:93:04:0c:bf:82:5d:6d:a1:7e: 6b:dc:a5:6e:75:dc:94:ef:8c:71:bd:e6:5d:68:e4:b4:d6:83: d9:68:3f:73:c0:4d:cc:14:d1:d9:ec:a5:21:6c:40:f8:c1:a6: 39:f2:dc:d5:55:a0:ba:58:66:23:f1:ee:2d:70:42:02:d0:58: 95:23:0b:b5 -----BEGIN CERTIFICATE----- MIIFcDCCBFigAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFF NUVFQTExMC8GA1UEBRMoRDYwQzMwQjFBOUY1OUM5NTlBRDQ5NjdGMkY2RDU3MkFD Qjc1Mjk5QzAeFw0yNTAxMTcxMjQzMzFaFw0yNTEyMzAwMDAwMDBaMBgxFjAUBgNV BAMTDTY3OGE1MDczLTljNDkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQC1SYunQF2QnBT9odb0GuTYQPg0qEu40XMalstO0DqOjufcK9savX2ou9SyRBQj r5PczFMsdkFE34v25OvjPGXbQhhC31tEM9xPqB6e3p2IRVmnqdyajr1rmfOhAndG BJCkKF65btr6+Hm7PQo2aE993mpu6sfLuT5Gm1Q66LCKZFXCv9ZXLvgw0t8jN8FI 47kb7/1TWlD8SmRf5PCXh4XzESTjHjamWM0GldUbodvXv3wKZzHvLVQKX7hq8BkX NNnSnetRdOLhXDK6HSl9w41M7ocWhVtb9rEjHTxuDiBCANImKt+WILBOZzs28xos h1TJsAV0aN5qt5wFgzj0XJBRAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUzjT7ntcO p6SjVrJOWTKTyZCxyRQwHwYDVR0jBBgwFoAU1gwwsan1nJWa1JZ/L21XKst1KZww DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUU1RUVBL0UzRkNEMTQ0RDRD RjExRUY5OERGOTgyQkM0RjlBRTAyLzFnd3dzYW4xbkpXYTFKWl9MMjFYS3N0MUta dy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvMWd3d3NhbjFuSldhMUpaX0wyMVhLc3QxS1p3LmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF NUVFQS9FM0ZDRDE0NEQ0Q0YxMUVGOThERjk4MkJDNEY5QUUwMi9BODQ5NTUwNEQ0 RDAxMUVGQjYxMDBGMkRDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ MA4wDAQCAAEwBgMEAKC7fjANBgkqhkiG9w0BAQsFAAOCAQEAajRUPbdY+mwwyMRe PQGHVCe5lc7JvShz+fEwCGLoIzKyr2Tn7QIN3WpRDh0qEZtOAPDw20tdJIBqpIfQ 1bQE0jmERFwk5D14QamSHaGmWHaXLoQHSgBbHTCcW3nLXz/V/Gh2i7un5cfjGJ2d N8rhzHTpoSnZbhrPXJB0bA9GrJ6nER8jNzqgFSKrHmjm8Efg5//YzMPE4crFxzM3 osQ+QZM5cD8Zrhpj3Jm18MfxXD13y1UGaH2rJkLKESxKkwQMv4JdbaF+a9ylbnXc lO+Mcb3mXWjktNaD2Wg/c8BNzBTR2eylIWxA+MGmOfLc1VWgulhmI/HuLXBCAtBY lSMLtQ== -----END CERTIFICATE-----Generated at Wed Feb 5 22:49:34 2025 by rpki-client