$ rpki-client -vvf rpki.apnic.net/member_repository/A91EC225/C9447FF0BEF911EFBCF68944C4F9AE02/25D2B94CDECD11EFA79E4065C4F9AE02.roa File: 25D2B94CDECD11EFA79E4065C4F9AE02.roa (raw, json) Hash identifier: AoCtdlkJJmrM0z3AC3jCQKm47jbQAWLBDnBBfT5EtYM= Subject key identifier: BE:54:54:D7:5B:60:E7:97:21:AC:7D:C9:A2:ED:34:56:6F:F0:12:5C Certificate issuer: /CN=A91EC225/serialNumber=22C7EC3CD9ED4C50E894A11BCD70D0310CD5F859 Certificate serial: 17 Authority key identifier: 22:C7:EC:3C:D9:ED:4C:50:E8:94:A1:1B:CD:70:D0:31:0C:D5:F8:59 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IsfsPNntTFDolKEbzXDQMQzV-Fk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EC225/C9447FF0BEF911EFBCF68944C4F9AE02/25D2B94CDECD11EFA79E4065C4F9AE02.roa Signing time: Thu 30 Jan 2025 05:43:36 +0000 ROA not before: Thu 30 Jan 2025 05:43:36 +0000 ROA not after: Mon 02 Mar 2026 00:00:00 +0000 asID: 59339 IP address blocks: 160.250.244.0/23 maxlen: 23 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EC225/C9447FF0BEF911EFBCF68944C4F9AE02/IsfsPNntTFDolKEbzXDQMQzV-Fk.crl rsync://rpki.apnic.net/member_repository/A91EC225/C9447FF0BEF911EFBCF68944C4F9AE02/IsfsPNntTFDolKEbzXDQMQzV-Fk.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IsfsPNntTFDolKEbzXDQMQzV-Fk.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Feb 2025 17:34:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 23 (0x17) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EC225 Validity Not Before: Jan 30 05:43:36 2025 GMT Not After : Mar 2 00:00:00 2026 GMT Subject: CN=679b1187-4557 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:76:14:f9:10:8d:fb:49:d1:b7:20:2e:1a:f1: b9:c9:01:a0:1d:1d:dc:7a:d7:2a:00:f3:12:a6:96: 96:40:1a:84:84:32:df:14:67:73:20:8d:f7:b5:49: ab:8b:63:c0:70:37:2f:76:c2:99:b7:4a:1e:96:4c: cb:24:4d:c4:bc:5a:1f:bd:f3:16:e1:1a:9f:8d:a6: da:71:bd:36:16:fa:f6:fe:a8:fa:5d:ee:69:a0:21: d5:bc:06:a6:e6:a5:14:2b:f9:e6:b1:ba:a1:89:08: 3b:0c:5a:7e:09:5d:0d:97:e2:19:e9:28:94:25:3a: 46:8e:a8:86:42:d4:ce:1f:66:53:48:7d:b7:03:fc: 86:64:91:e2:2a:1d:a2:97:8f:fd:cb:2c:76:8e:9d: ce:bd:b1:6f:eb:bb:9b:fe:80:d4:cd:4d:33:23:66: cd:13:49:4b:6b:1f:60:aa:48:b7:fb:34:a0:82:ef: 35:cc:ac:61:c4:76:14:b2:df:56:23:68:4f:71:c1: 63:f5:05:44:c3:ba:74:ee:3e:de:de:aa:9f:34:e4: 06:cc:09:a9:21:16:a4:81:f5:4e:23:90:eb:62:65: 6f:06:b8:02:04:7b:5e:08:dd:ed:0c:9f:3f:fd:ba: 45:ce:96:71:3d:6f:51:8b:5b:f1:d5:51:8b:f9:2c: c5:e3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BE:54:54:D7:5B:60:E7:97:21:AC:7D:C9:A2:ED:34:56:6F:F0:12:5C X509v3 Authority Key Identifier: keyid:22:C7:EC:3C:D9:ED:4C:50:E8:94:A1:1B:CD:70:D0:31:0C:D5:F8:59 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EC225/C9447FF0BEF911EFBCF68944C4F9AE02/IsfsPNntTFDolKEbzXDQMQzV-Fk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IsfsPNntTFDolKEbzXDQMQzV-Fk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EC225/C9447FF0BEF911EFBCF68944C4F9AE02/25D2B94CDECD11EFA79E4065C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 160.250.244.0/23 Signature Algorithm: sha256WithRSAEncryption c5:41:42:99:b4:a6:9f:7e:7e:38:7b:f8:52:8e:49:64:e6:f6: 76:35:fe:4f:3b:f5:54:0e:44:5d:5a:24:72:60:51:21:a1:4e: 73:4d:0a:c4:ec:0a:95:bb:46:d5:bf:08:fd:a8:da:6a:0d:71: 21:c3:65:d5:5e:33:d3:cc:fb:9c:a8:1a:f8:5f:88:fc:1c:2e: b2:26:14:c7:50:4d:28:d4:38:2b:15:ae:4d:12:5f:06:48:74: f1:57:92:9f:00:96:54:ac:82:87:66:e8:42:96:e1:11:ea:16: 47:de:24:72:fe:c2:fa:7f:ca:93:12:ae:5f:43:7a:47:69:e6: a6:38:d7:c6:c8:9d:ad:59:43:19:1b:d8:bd:43:73:90:b8:ab: ec:c1:ab:f1:c5:6c:85:59:d4:44:51:f0:08:aa:93:f0:64:a8: 08:05:e3:03:8f:a4:f5:f4:d4:71:ba:17:84:92:59:26:81:08: b1:3c:e9:53:8e:b3:7d:3f:32:97:ff:f7:39:07:b7:9f:9c:54: 2d:d1:1e:51:92:32:fc:17:6f:2d:5d:c8:34:d8:a8:14:4f:70: 63:2d:93:c2:6c:05:87:e5:45:4c:62:74:c6:87:e2:55:03:19: fa:00:05:10:ef:43:6e:b8:1e:87:97:f1:40:06:77:c7:bc:92: 4d:73:1e:c9 -----BEGIN CERTIFICATE----- MIIFcDCCBFigAwIBAgIBFzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFF QzIyNTExMC8GA1UEBRMoMjJDN0VDM0NEOUVENEM1MEU4OTRBMTFCQ0Q3MEQwMzEw Q0Q1Rjg1OTAeFw0yNTAxMzAwNTQzMzZaFw0yNjAzMDIwMDAwMDBaMBgxFjAUBgNV BAMTDTY3OWIxMTg3LTQ1NTcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCudhT5EI37SdG3IC4a8bnJAaAdHdx61yoA8xKmlpZAGoSEMt8UZ3Mgjfe1SauL Y8BwNy92wpm3Sh6WTMskTcS8Wh+98xbhGp+NptpxvTYW+vb+qPpd7mmgIdW8Bqbm pRQr+eaxuqGJCDsMWn4JXQ2X4hnpKJQlOkaOqIZC1M4fZlNIfbcD/IZkkeIqHaKX j/3LLHaOnc69sW/ru5v+gNTNTTMjZs0TSUtrH2CqSLf7NKCC7zXMrGHEdhSy31Yj aE9xwWP1BUTDunTuPt7eqp805AbMCakhFqSB9U4jkOtiZW8GuAIEe14I3e0Mnz/9 ukXOlnE9b1GLW/HVUYv5LMXjAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUvlRU11tg 55chrH3Jou00Vm/wElwwHwYDVR0jBBgwFoAUIsfsPNntTFDolKEbzXDQMQzV+Fkw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUVDMjI1L0M5NDQ3RkYwQkVG OTExRUZCQ0Y2ODk0NEM0RjlBRTAyL0lzZnNQTm50VEZEb2xLRWJ6WERRTVF6Vi1G ay5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvSXNmc1BObnRURkRvbEtFYnpYRFFNUXpWLUZrLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF QzIyNS9DOTQ0N0ZGMEJFRjkxMUVGQkNGNjg5NDRDNEY5QUUwMi8yNUQyQjk0Q0RF Q0QxMUVGQTc5RTQwNjVDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ MA4wDAQCAAEwBgMEAaD69DANBgkqhkiG9w0BAQsFAAOCAQEAxUFCmbSmn35+OHv4 Uo5JZOb2djX+Tzv1VA5EXVokcmBRIaFOc00KxOwKlbtG1b8I/ajaag1xIcNl1V4z 08z7nKga+F+I/BwusiYUx1BNKNQ4KxWuTRJfBkh08VeSnwCWVKyCh2boQpbhEeoW R94kcv7C+n/KkxKuX0N6R2nmpjjXxsidrVlDGRvYvUNzkLir7MGr8cVshVnURFHw CKqT8GSoCAXjA4+k9fTUcboXhJJZJoEIsTzpU46zfT8yl//3OQe3n5xULdEeUZIy /BdvLV3INNioFE9wYy2TwmwFh+VFTGJ0xofiVQMZ+gAFEO9Dbrgeh5fxQAZ3x7yS TXMeyQ== -----END CERTIFICATE-----Generated at Wed Feb 5 23:03:41 2025 by rpki-client