$ rpki-client -vvf rpki.apnic.net/member_repository/A911BD54/3E281C98004911E5B4B64F63C4F9AE02/1D1E9F72A05011ED8B25FE52C4F9AE02.roa File: 1D1E9F72A05011ED8B25FE52C4F9AE02.roa (raw, json) Hash identifier: k+uKGo/JVwbFVMTWWbkrRp8bQ+hO5QVG3ow1rXurfxc= Subject key identifier: 38:63:3C:A4:1D:07:56:17:FF:DA:BE:D7:94:62:6A:8C:1D:F5:AA:89 Certificate issuer: /CN=A911BD54/serialNumber=BCFAF8D33F18A8D3602029EBCEDE1E36AF20715C Certificate serial: 280F Authority key identifier: BC:FA:F8:D3:3F:18:A8:D3:60:20:29:EB:CE:DE:1E:36:AF:20:71:5C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vPr40z8YqNNgICnrzt4eNq8gcVw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A911BD54/3E281C98004911E5B4B64F63C4F9AE02/1D1E9F72A05011ED8B25FE52C4F9AE02.roa Signing time: Thu 28 Dec 2023 16:02:48 +0000 ROA not before: Thu 28 Dec 2023 16:02:48 +0000 ROA not after: Sun 02 Mar 2025 00:00:00 +0000 asID: 133848 IP address blocks: 49.0.124.0/24 maxlen: 24 49.231.72.0/21 maxlen: 23 49.231.73.0/24 maxlen: 24 49.231.75.0/24 maxlen: 24 49.231.76.0/22 maxlen: 24 49.231.128.0/22 maxlen: 24 49.231.132.0/22 maxlen: 24 110.49.2.0/24 maxlen: 24 110.49.99.0/24 maxlen: 24 110.49.112.0/23 maxlen: 24 2405:9800:d003::/48 maxlen: 48 2405:9800:d007::/48 maxlen: 48 2405:9800:d008::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A911BD54/3E281C98004911E5B4B64F63C4F9AE02/vPr40z8YqNNgICnrzt4eNq8gcVw.crl rsync://rpki.apnic.net/member_repository/A911BD54/3E281C98004911E5B4B64F63C4F9AE02/vPr40z8YqNNgICnrzt4eNq8gcVw.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vPr40z8YqNNgICnrzt4eNq8gcVw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 07 Jun 2024 16:10:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 10255 (0x280f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A911BD54/serialNumber=BCFAF8D33F18A8D3602029EBCEDE1E36AF20715C Validity Not Before: Dec 28 16:02:48 2023 GMT Not After : Mar 2 00:00:00 2025 GMT Subject: CN=658d9c28-a349 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f5:de:c8:eb:94:b5:bb:90:84:40:d7:d8:93:dc: 8c:a5:ec:57:6f:7c:7d:cb:9d:8c:c3:04:5b:46:e6: 48:4a:31:59:dd:95:40:bd:82:80:17:e0:31:9f:2d: cc:3b:bb:92:1f:e3:62:fa:7c:b3:6a:8b:73:f7:83: e3:89:41:40:3b:c3:aa:82:e2:d1:d6:2a:cc:4e:d2: ae:d0:a5:98:55:bc:cd:e1:02:36:a7:b5:e0:1c:d5: e5:83:15:c0:c1:6e:67:22:06:76:97:e8:7b:7b:9d: a0:be:31:04:99:cf:32:a4:41:a8:4f:56:cd:b6:a4: 90:44:33:3d:3e:e8:2f:0d:6a:3a:bd:da:69:c7:73: db:b2:9f:89:b9:07:d9:b8:8a:06:d4:34:b8:53:99: 33:6e:90:77:e7:50:66:37:cd:60:a6:fe:f3:2f:39: a5:0f:83:19:8a:c9:5b:e1:24:47:06:52:df:b4:08: 58:1a:26:4d:41:1b:32:57:e6:54:03:67:1b:d0:c0: 74:b6:d3:ef:4a:0d:80:d7:39:66:fd:18:b0:d7:5e: b8:d0:8e:e4:3c:73:c2:6f:e8:ad:66:06:40:2e:99: 9f:10:4c:9b:43:5d:47:59:9a:5e:ef:23:c1:a7:bd: 1d:be:f7:21:72:66:78:4d:b8:d7:93:06:f0:bb:42: 41:1b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 38:63:3C:A4:1D:07:56:17:FF:DA:BE:D7:94:62:6A:8C:1D:F5:AA:89 X509v3 Authority Key Identifier: keyid:BC:FA:F8:D3:3F:18:A8:D3:60:20:29:EB:CE:DE:1E:36:AF:20:71:5C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A911BD54/3E281C98004911E5B4B64F63C4F9AE02/vPr40z8YqNNgICnrzt4eNq8gcVw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vPr40z8YqNNgICnrzt4eNq8gcVw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911BD54/3E281C98004911E5B4B64F63C4F9AE02/1D1E9F72A05011ED8B25FE52C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 49.0.124.0/24 49.231.72.0/21 49.231.128.0/21 110.49.2.0/24 110.49.99.0/24 110.49.112.0/23 IPv6: 2405:9800:d003::/48 2405:9800:d007::-2405:9800:d008:ffff:ffff:ffff:ffff:ffff Signature Algorithm: sha256WithRSAEncryption 29:bc:69:49:86:cb:58:bc:f7:77:b3:88:38:6d:81:74:75:de: 8c:f7:af:79:b2:20:e3:5d:72:55:f8:72:08:16:ce:bf:c9:e4: 1d:af:82:74:20:bd:d3:cb:56:17:95:83:47:43:78:f2:cb:3c: ed:62:b6:64:dd:7f:13:0f:77:62:91:67:21:12:69:8c:e9:a2: 43:9c:16:14:52:42:86:bc:9c:f4:a9:c9:08:f2:3d:25:12:d0: c7:56:f5:c3:f1:6f:5a:2f:44:64:4d:57:ba:c7:21:0f:59:34: 60:9e:5a:44:72:38:ff:c9:34:c5:bc:d8:82:1f:6a:97:1a:b2: d6:90:9f:ac:74:ea:b9:10:22:7b:e9:2a:84:35:fc:e2:9a:a2: 92:4e:93:89:34:d6:bb:32:ea:9c:4a:f0:cb:e1:ae:dc:85:1c: 5a:16:5e:98:cd:96:03:10:c0:04:f2:d0:df:3a:a2:ce:f3:cd: c1:be:e9:f5:ad:02:a5:04:ba:bc:b0:e2:bd:f7:7e:9d:f4:8f: 5d:c5:ae:bf:e8:fc:ec:da:27:73:68:f2:83:8d:1a:e2:1f:69: b5:42:97:d7:19:2d:92:ab:1f:8d:62:86:35:02:f3:01:a5:09: 9a:0d:46:12:ea:3e:c3:12:09:2f:16:49:3b:19:91:bc:b6:bb: 45:ba:19:90 -----BEGIN CERTIFICATE----- MIIFtDCCBJygAwIBAgICKA8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MUJENTQxMTAvBgNVBAUTKEJDRkFGOEQzM0YxOEE4RDM2MDIwMjlFQkNFREUxRTM2 QUYyMDcxNUMwHhcNMjMxMjI4MTYwMjQ4WhcNMjUwMzAyMDAwMDAwWjAYMRYwFAYD VQQDEw02NThkOWMyOC1hMzQ5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA9d7I65S1u5CEQNfYk9yMpexXb3x9y52MwwRbRuZISjFZ3ZVAvYKAF+Axny3M O7uSH+Ni+nyzaotz94PjiUFAO8OqguLR1irMTtKu0KWYVbzN4QI2p7XgHNXlgxXA wW5nIgZ2l+h7e52gvjEEmc8ypEGoT1bNtqSQRDM9PugvDWo6vdppx3Pbsp+JuQfZ uIoG1DS4U5kzbpB351BmN81gpv7zLzmlD4MZislb4SRHBlLftAhYGiZNQRsyV+ZU A2cb0MB0ttPvSg2A1zlm/Riw11640I7kPHPCb+itZgZALpmfEEybQ11HWZpe7yPB p70dvvchcmZ4TbjXkwbwu0JBGwIDAQABo4IC2DCCAtQwHQYDVR0OBBYEFDhjPKQd B1YX/9q+15Riaowd9aqJMB8GA1UdIwQYMBaAFLz6+NM/GKjTYCAp687eHjavIHFc MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQkQ1NC8zRTI4MUM5ODAw NDkxMUU1QjRCNjRGNjNDNEY5QUUwMi92UHI0MHo4WXFOTmdJQ25yenQ0ZU5xOGdj VncuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3ZQcjQwejhZcU5OZ0lDbnJ6dDRlTnE4Z2NWdy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MUJENTQvM0UyODFDOTgwMDQ5MTFFNUI0QjY0RjYzQzRGOUFFMDIvMUQxRTlGNzJB MDUwMTFFRDhCMjVGRTUyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwYgYIKwYBBQUHAQcBAf8E UzBRMCoEAgABMCQDBAAxAHwDBAMx50gDBAMx54ADBABuMQIDBABuMWMDBAFuMXAw IwQCAAIwHQMHACQFmADQAzASAwcAJAWYANAHAwcAJAWYANAIMA0GCSqGSIb3DQEB CwUAA4IBAQApvGlJhstYvPd3s4g4bYF0dd6M9695siDjXXJV+HIIFs6/yeQdr4J0 IL3Ty1YXlYNHQ3jyyzztYrZk3X8TD3dikWchEmmM6aJDnBYUUkKGvJz0qckI8j0l EtDHVvXD8W9aL0RkTVe6xyEPWTRgnlpEcjj/yTTFvNiCH2qXGrLWkJ+sdOq5ECJ7 6SqENfzimqKSTpOJNNa7MuqcSvDL4a7chRxaFl6YzZYDEMAE8tDfOqLO883Bvun1 rQKlBLq8sOK9936d9I9dxa6/6Pzs2idzaPKDjRriH2m1QpfXGS2Sqx+NYoY1AvMB pQmaDUYS6j7DEgkvFkk7GZG8trtFuhmQ -----END CERTIFICATE-----Generated at Fri May 31 17:44:21 2024 by rpki-client on console-fra.rpki-client.org