$ rpki-client -vvf rpki.apnic.net/member_repository/A9114EF6/8DAE05A0D0D411EFBCD5123EC4F9AE02/7EF2846AD16911EF9ECCE01FC4F9AE02.roa File: 7EF2846AD16911EF9ECCE01FC4F9AE02.roa (raw, json) Hash identifier: rKGqZf7K9QKHRBXlpgZth78K2mjkrDt+mwCvAfFIYLc= Subject key identifier: 69:4A:AB:08:E2:65:9F:9A:67:59:BB:A4:39:66:53:B6:2E:CE:F3:A4 Certificate issuer: /CN=A9114EF6/serialNumber=AF461D57A90A335B2FA77A7AAEC16734954923B1 Certificate serial: 16 Authority key identifier: AF:46:1D:57:A9:0A:33:5B:2F:A7:7A:7A:AE:C1:67:34:95:49:23:B1 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/r0YdV6kKM1svp3p6rsFnNJVJI7E.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9114EF6/8DAE05A0D0D411EFBCD5123EC4F9AE02/7EF2846AD16911EF9ECCE01FC4F9AE02.roa Signing time: Thu 16 Jan 2025 06:02:23 +0000 ROA not before: Thu 16 Jan 2025 06:02:23 +0000 ROA not after: Tue 31 Mar 2026 00:00:00 +0000 asID: 153491 IP address blocks: 161.248.120.0/23 maxlen: 23 161.248.120.0/24 maxlen: 24 161.248.121.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9114EF6/8DAE05A0D0D411EFBCD5123EC4F9AE02/r0YdV6kKM1svp3p6rsFnNJVJI7E.crl rsync://rpki.apnic.net/member_repository/A9114EF6/8DAE05A0D0D411EFBCD5123EC4F9AE02/r0YdV6kKM1svp3p6rsFnNJVJI7E.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/r0YdV6kKM1svp3p6rsFnNJVJI7E.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 06:34:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 22 (0x16) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9114EF6, serialNumber=AF461D57A90A335B2FA77A7AAEC16734954923B1 Validity Not Before: Jan 16 06:02:23 2025 GMT Not After : Mar 31 00:00:00 2026 GMT Subject: CN=6788a0ef-ad0c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:10:35:08:67:40:fa:b4:76:ea:15:d9:11:45: cc:ea:ea:50:d1:6e:11:b6:a8:d9:77:ce:c7:e9:03: 9c:78:df:dc:47:aa:c8:dc:bf:2a:53:65:71:26:38: 8b:34:96:c9:40:4c:d5:04:43:a6:5b:d8:4b:8d:8c: 62:48:e8:2f:f0:5d:3b:27:80:bb:b0:54:20:95:7f: 52:c1:87:9d:75:b1:17:9b:44:c5:f6:83:39:22:fe: e1:23:9a:d7:f9:92:17:f8:58:6f:09:3a:42:a0:63: 71:9a:6c:f2:ae:2b:0a:54:3b:0b:d4:3c:9a:d9:da: cc:fc:23:51:c0:e1:0a:0b:98:af:28:dd:9b:cf:77: 68:48:65:6b:c1:ce:0f:b4:4d:5a:02:1e:42:5e:03: a4:e7:8e:23:d9:30:db:33:5c:4f:0e:21:e4:27:1c: ac:24:d9:b9:24:6e:17:9e:dc:c7:9c:08:10:c5:dc: af:3c:bc:f2:93:e9:dc:c9:26:ee:53:dd:7e:90:19: e4:95:ac:08:33:2a:cf:7a:ca:ef:ce:95:06:d4:95: 04:45:6a:5c:98:73:9a:8f:89:62:d5:99:ca:78:90: 40:f2:84:de:53:41:83:bf:95:35:1b:03:76:cc:5e: 43:b6:3b:37:78:4d:6c:bd:39:86:fc:1e:a4:3b:c9: 1c:ab Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 69:4A:AB:08:E2:65:9F:9A:67:59:BB:A4:39:66:53:B6:2E:CE:F3:A4 X509v3 Authority Key Identifier: keyid:AF:46:1D:57:A9:0A:33:5B:2F:A7:7A:7A:AE:C1:67:34:95:49:23:B1 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9114EF6/8DAE05A0D0D411EFBCD5123EC4F9AE02/r0YdV6kKM1svp3p6rsFnNJVJI7E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/r0YdV6kKM1svp3p6rsFnNJVJI7E.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9114EF6/8DAE05A0D0D411EFBCD5123EC4F9AE02/7EF2846AD16911EF9ECCE01FC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 161.248.120.0/23 Signature Algorithm: sha256WithRSAEncryption 24:23:7c:24:26:05:a5:3f:45:6b:2d:22:e9:ab:93:01:68:40: ee:26:bf:fc:c3:ac:a3:e4:01:96:20:44:11:7f:df:76:46:6e: c9:b6:10:87:c0:09:42:76:2e:e0:cc:ee:fd:d4:a7:a7:13:32: 4c:77:50:ad:12:93:12:66:4c:8f:36:69:ce:ec:c8:17:fd:51: 46:a5:13:46:ed:27:43:b4:be:f0:92:13:cd:46:dc:38:38:cf: 53:27:8c:d5:36:62:72:38:13:1f:f1:13:06:51:46:98:c4:bf: 4d:59:80:95:8f:b5:5d:a8:f3:21:81:39:cd:4a:2e:2f:35:82: b2:a2:7f:c6:00:d8:a6:17:ce:31:43:f4:62:e3:08:76:d9:58: 0f:92:2b:e4:d2:7b:22:05:fd:0b:32:7a:59:cd:2b:db:82:e4: cf:a1:91:73:84:38:ba:67:77:7d:89:0a:80:8d:00:64:7d:7d: 46:c0:b2:92:bb:2d:c5:dc:02:02:ce:fe:e5:52:30:a3:6b:87: 52:6c:9d:10:35:e4:1d:d4:6a:f4:8c:b1:d5:50:07:0e:45:d9: 2b:9c:2e:41:ab:be:f9:3e:ef:ff:79:c6:3f:89:53:2e:84:4a: 6a:c7:00:73:a6:16:e9:39:58:10:f3:d1:22:91:4e:71:b1:37: d1:63:b3:8c -----BEGIN CERTIFICATE----- MIIFcDCCBFigAwIBAgIBFjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEx NEVGNjExMC8GA1UEBRMoQUY0NjFENTdBOTBBMzM1QjJGQTc3QTdBQUVDMTY3MzQ5 NTQ5MjNCMTAeFw0yNTAxMTYwNjAyMjNaFw0yNjAzMzEwMDAwMDBaMBgxFjAUBgNV BAMTDTY3ODhhMGVmLWFkMGMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCrEDUIZ0D6tHbqFdkRRczq6lDRbhG2qNl3zsfpA5x439xHqsjcvypTZXEmOIs0 lslATNUEQ6Zb2EuNjGJI6C/wXTsngLuwVCCVf1LBh511sRebRMX2gzki/uEjmtf5 khf4WG8JOkKgY3GabPKuKwpUOwvUPJrZ2sz8I1HA4QoLmK8o3ZvPd2hIZWvBzg+0 TVoCHkJeA6TnjiPZMNszXE8OIeQnHKwk2bkkbhee3MecCBDF3K88vPKT6dzJJu5T 3X6QGeSVrAgzKs96yu/OlQbUlQRFalyYc5qPiWLVmcp4kEDyhN5TQYO/lTUbA3bM XkO2Ozd4TWy9OYb8HqQ7yRyrAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUaUqrCOJl n5pnWbukOWZTti7O86QwHwYDVR0jBBgwFoAUr0YdV6kKM1svp3p6rsFnNJVJI7Ew DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTE0RUY2LzhEQUUwNUEwRDBE NDExRUZCQ0Q1MTIzRUM0RjlBRTAyL3IwWWRWNmtLTTFzdnAzcDZyc0ZuTkpWSkk3 RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvcjBZZFY2a0tNMXN2cDNwNnJzRm5OSlZKSTdFLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx NEVGNi84REFFMDVBMEQwRDQxMUVGQkNENTEyM0VDNEY5QUUwMi83RUYyODQ2QUQx NjkxMUVGOUVDQ0UwMUZDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ MA4wDAQCAAEwBgMEAaH4eDANBgkqhkiG9w0BAQsFAAOCAQEAJCN8JCYFpT9Fay0i 6auTAWhA7ia//MOso+QBliBEEX/fdkZuybYQh8AJQnYu4Mzu/dSnpxMyTHdQrRKT EmZMjzZpzuzIF/1RRqUTRu0nQ7S+8JITzUbcODjPUyeM1TZicjgTH/ETBlFGmMS/ TVmAlY+1XajzIYE5zUouLzWCsqJ/xgDYphfOMUP0YuMIdtlYD5Ir5NJ7IgX9CzJ6 Wc0r24Lkz6GRc4Q4umd3fYkKgI0AZH19RsCykrstxdwCAs7+5VIwo2uHUmydEDXk HdRq9Iyx1VAHDkXZK5wuQau++T7v/3nGP4lTLoRKascAc6YW6TlYEPPRIpFOcbE3 0WOzjA== -----END CERTIFICATE-----Generated at Sat Apr 26 14:05:24 2025 by rpki-client