$ rpki-client -vvf rpki.apnic.net/member_repository/A9118D0F/7D2273B4A64611EAAF9E9162C4F9AE02/0D491000A64811EA939A7F67C4F9AE02.roa File: 0D491000A64811EA939A7F67C4F9AE02.roa (raw, json) Hash identifier: OA6Ay1bXyUAJq+KfCYl3CuSq1KvT2rPbVpCqhvkc99A= Subject key identifier: 64:B7:12:3A:FF:5A:7B:21:E4:BB:AB:42:A3:1A:CF:E5:5E:20:25:08 Certificate issuer: /CN=A9118D0F/serialNumber=43E1E8C4261CE07D4F8E4CFB7A3F833FBB46B88C Certificate serial: 08D7 Authority key identifier: 43:E1:E8:C4:26:1C:E0:7D:4F:8E:4C:FB:7A:3F:83:3F:BB:46:B8:8C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Q-HoxCYc4H1Pjkz7ej-DP7tGuIw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9118D0F/7D2273B4A64611EAAF9E9162C4F9AE02/0D491000A64811EA939A7F67C4F9AE02.roa Signing time: Fri 08 Nov 2024 20:28:46 +0000 ROA not before: Fri 08 Nov 2024 20:28:46 +0000 ROA not after: Sat 31 Jan 2026 00:00:00 +0000 asID: 59268 IP address blocks: 49.128.64.0/24 maxlen: 24 49.128.65.0/24 maxlen: 24 49.128.66.0/24 maxlen: 24 49.128.67.0/24 maxlen: 24 49.128.68.0/24 maxlen: 24 49.128.69.0/24 maxlen: 24 49.128.70.0/24 maxlen: 24 49.128.71.0/24 maxlen: 24 49.128.72.0/24 maxlen: 24 49.128.73.0/24 maxlen: 24 49.128.75.0/24 maxlen: 24 49.128.76.0/24 maxlen: 24 49.128.77.0/24 maxlen: 24 49.128.78.0/24 maxlen: 24 49.128.79.0/24 maxlen: 24 49.128.80.0/24 maxlen: 24 49.128.81.0/24 maxlen: 24 49.128.82.0/24 maxlen: 24 49.128.83.0/24 maxlen: 24 49.128.84.0/24 maxlen: 24 49.128.85.0/24 maxlen: 24 49.128.86.0/24 maxlen: 24 49.128.87.0/24 maxlen: 24 49.128.88.0/24 maxlen: 24 49.128.89.0/24 maxlen: 24 49.128.90.0/24 maxlen: 24 49.128.91.0/24 maxlen: 24 49.128.92.0/24 maxlen: 24 49.128.93.0/24 maxlen: 24 49.128.94.0/24 maxlen: 24 49.128.95.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9118D0F/7D2273B4A64611EAAF9E9162C4F9AE02/Q-HoxCYc4H1Pjkz7ej-DP7tGuIw.crl rsync://rpki.apnic.net/member_repository/A9118D0F/7D2273B4A64611EAAF9E9162C4F9AE02/Q-HoxCYc4H1Pjkz7ej-DP7tGuIw.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Q-HoxCYc4H1Pjkz7ej-DP7tGuIw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 11 Apr 2025 20:33:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2263 (0x8d7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9118D0F Validity Not Before: Nov 8 20:28:46 2024 GMT Not After : Jan 31 00:00:00 2026 GMT Subject: CN=672e747d-3a05 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9a:78:21:63:d9:58:b6:d2:41:69:e4:62:2d:ff: 5e:e8:f2:98:d4:a0:6b:2d:03:66:56:04:28:f2:1b: 73:1b:4b:fa:40:d7:76:5b:98:0f:55:7a:8e:0b:74: 87:7f:ca:21:c0:b9:48:f2:ba:bc:7e:60:16:db:99: ca:61:1c:18:b1:f4:b0:bc:12:1c:cd:b9:2b:ce:7f: 2f:7f:e9:ea:9a:75:b9:3f:d6:e7:23:56:10:07:ba: 31:9b:49:73:44:a7:31:29:18:6d:b3:7c:81:f2:09: 59:d1:9b:13:cd:af:c1:55:e1:cf:07:4b:18:15:13: 1e:66:fe:5d:fd:0c:f9:89:05:9b:a1:12:5d:63:14: bf:72:ea:92:32:d9:45:6e:f8:29:ac:b2:da:62:16: 95:92:b7:f4:5f:64:14:de:50:32:3f:c2:cd:34:60: 46:7b:2f:11:51:ac:24:d6:71:22:58:1f:fc:73:4e: be:e0:2c:89:aa:13:1c:70:1b:e4:8d:37:5f:7d:c3: 0a:48:aa:28:9b:7d:bf:38:e4:e9:c3:db:69:30:e5: 6f:ae:4f:a4:0b:6e:c3:d5:eb:b6:b1:9d:67:74:1b: de:04:eb:44:15:49:fe:29:fb:19:34:bc:d3:60:87: 4e:67:2f:8d:da:1e:14:73:1c:c3:ac:c5:bd:de:3f: 8e:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 64:B7:12:3A:FF:5A:7B:21:E4:BB:AB:42:A3:1A:CF:E5:5E:20:25:08 X509v3 Authority Key Identifier: keyid:43:E1:E8:C4:26:1C:E0:7D:4F:8E:4C:FB:7A:3F:83:3F:BB:46:B8:8C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9118D0F/7D2273B4A64611EAAF9E9162C4F9AE02/Q-HoxCYc4H1Pjkz7ej-DP7tGuIw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Q-HoxCYc4H1Pjkz7ej-DP7tGuIw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9118D0F/7D2273B4A64611EAAF9E9162C4F9AE02/0D491000A64811EA939A7F67C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 49.128.64.0-49.128.73.255 49.128.75.0-49.128.95.255 Signature Algorithm: sha256WithRSAEncryption 51:45:41:d6:3d:21:99:5b:c6:32:17:1f:65:eb:d9:9d:7e:68: a8:3a:fa:be:d9:a7:f4:46:fe:37:33:c0:43:ae:d3:b0:66:7a: e1:dc:7e:77:40:67:d0:64:6a:8d:e7:6f:c4:4f:a2:f4:7c:4c: 3f:cb:bf:6d:f9:5e:d0:90:d7:6e:bf:58:7c:6c:8d:1b:8d:b6: 4c:28:37:e1:66:08:0a:f5:16:1d:6a:8f:c1:7b:3f:94:a4:07: 51:70:73:0a:9e:b4:52:b0:db:43:af:a8:a3:05:76:88:40:28: cb:2b:dc:75:45:a4:d6:a0:e6:0e:03:fc:35:5c:cb:30:98:ec: 5e:9e:2d:76:1b:df:99:e8:2a:0f:47:16:0d:a5:06:eb:02:6c: 25:3e:a4:6a:24:55:c7:db:73:a4:af:bb:8c:7a:5e:4a:b5:df: 35:9b:cb:1a:a9:2c:da:8e:1d:48:08:78:bf:01:3a:18:62:1d: 45:66:69:de:30:6e:11:cc:38:97:2d:e8:cd:a4:f6:21:43:2f: a3:24:cb:8b:13:cb:ee:8f:6c:a9:b2:4e:bb:d8:7c:27:c9:2a: e0:c6:3a:b1:18:6d:15:d3:95:dc:8e:54:f6:0d:92:96:0d:06: fc:93:18:70:82:20:6b:15:7d:ed:3a:5e:2e:cd:50:5e:04:7c: c2:91:85:3d -----BEGIN CERTIFICATE----- MIIFhzCCBG+gAwIBAgICCNcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MThEMEYxMTAvBgNVBAUTKDQzRTFFOEM0MjYxQ0UwN0Q0RjhFNENGQjdBM0Y4MzNG QkI0NkI4OEMwHhcNMjQxMTA4MjAyODQ2WhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NzJlNzQ3ZC0zYTA1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAmnghY9lYttJBaeRiLf9e6PKY1KBrLQNmVgQo8htzG0v6QNd2W5gPVXqOC3SH f8ohwLlI8rq8fmAW25nKYRwYsfSwvBIczbkrzn8vf+nqmnW5P9bnI1YQB7oxm0lz RKcxKRhts3yB8glZ0ZsTza/BVeHPB0sYFRMeZv5d/Qz5iQWboRJdYxS/cuqSMtlF bvgprLLaYhaVkrf0X2QU3lAyP8LNNGBGey8RUawk1nEiWB/8c06+4CyJqhMccBvk jTdffcMKSKoom32/OOTpw9tpMOVvrk+kC27D1eu2sZ1ndBveBOtEFUn+KfsZNLzT YIdOZy+N2h4UcxzDrMW93j+OnwIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFGS3Ejr/ Wnsh5LurQqMaz+VeICUIMB8GA1UdIwQYMBaAFEPh6MQmHOB9T45M+3o/gz+7RriM MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExOEQwRi83RDIyNzNCNEE2 NDYxMUVBQUY5RTkxNjJDNEY5QUUwMi9RLUhveENZYzRIMVBqa3o3ZWotRFA3dEd1 SXcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1EtSG94Q1ljNEgxUGprejdlai1EUDd0R3VJdy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MThEMEYvN0QyMjczQjRBNjQ2MTFFQUFGOUU5MTYyQzRGOUFFMDIvMEQ0OTEwMDBB NjQ4MTFFQTkzOUE3RjY3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNQYIKwYBBQUHAQcBAf8E JjAkMCIEAgABMBwwDAMEBjGAQAMEATGASDAMAwQAMYBLAwQFMYBAMA0GCSqGSIb3 DQEBCwUAA4IBAQBRRUHWPSGZW8YyFx9l69mdfmioOvq+2af0Rv43M8BDrtOwZnrh 3H53QGfQZGqN52/ET6L0fEw/y79t+V7QkNduv1h8bI0bjbZMKDfhZggK9RYdao/B ez+UpAdRcHMKnrRSsNtDr6ijBXaIQCjLK9x1RaTWoOYOA/w1XMswmOxeni12G9+Z 6CoPRxYNpQbrAmwlPqRqJFXH23Okr7uMel5Ktd81m8saqSzajh1ICHi/AToYYh1F ZmneMG4RzDiXLejNpPYhQy+jJMuLE8vuj2ypsk672HwnySrgxjqxGG0V05XcjlT2 DZKWDQb8kxhwgiBrFX3tOl4uzVBeBHzCkYU9 -----END CERTIFICATE-----Generated at Sat Apr 5 03:36:44 2025 by rpki-client