$ rpki-client -vvf rpki.apnic.net/member_repository/A911BD54/3E281C98004911E5B4B64F63C4F9AE02/BF80484C737D11E8950B2925C4F9AE02.roa File: BF80484C737D11E8950B2925C4F9AE02.roa (raw, json) Hash identifier: IS5nsy19FSf/iWuPB6/EGHd/q4SFiGlCxNxuumMn1Rg= Subject key identifier: 5C:B6:2A:B0:DE:AC:DF:92:EE:D2:67:02:58:A2:68:CD:E1:8E:57:41 Certificate issuer: /CN=A911BD54/serialNumber=BCFAF8D33F18A8D3602029EBCEDE1E36AF20715C Certificate serial: 2811 Authority key identifier: BC:FA:F8:D3:3F:18:A8:D3:60:20:29:EB:CE:DE:1E:36:AF:20:71:5C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vPr40z8YqNNgICnrzt4eNq8gcVw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A911BD54/3E281C98004911E5B4B64F63C4F9AE02/BF80484C737D11E8950B2925C4F9AE02.roa Signing time: Thu 28 Dec 2023 16:02:50 +0000 ROA not before: Thu 28 Dec 2023 16:02:50 +0000 ROA not after: Sun 02 Mar 2025 00:00:00 +0000 asID: 134240 IP address blocks: 49.229.88.0/23 maxlen: 23 49.229.90.0/23 maxlen: 23 58.64.24.0/24 maxlen: 24 58.64.27.0/24 maxlen: 24 103.20.204.0/22 maxlen: 24 110.49.141.0/24 maxlen: 24 110.49.142.0/23 maxlen: 24 2405:9800:d000::/36 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A911BD54/3E281C98004911E5B4B64F63C4F9AE02/vPr40z8YqNNgICnrzt4eNq8gcVw.crl rsync://rpki.apnic.net/member_repository/A911BD54/3E281C98004911E5B4B64F63C4F9AE02/vPr40z8YqNNgICnrzt4eNq8gcVw.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vPr40z8YqNNgICnrzt4eNq8gcVw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 21 Jun 2024 14:54:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 10257 (0x2811) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A911BD54/serialNumber=BCFAF8D33F18A8D3602029EBCEDE1E36AF20715C Validity Not Before: Dec 28 16:02:50 2023 GMT Not After : Mar 2 00:00:00 2025 GMT Subject: CN=658d9c2a-ae74 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:d5:63:d8:68:ef:47:9c:90:68:54:2c:3a:33: 87:fa:4d:13:74:31:55:ba:ac:7a:d3:fb:34:56:a8: 02:14:9c:fb:fb:b4:3b:21:fb:aa:eb:98:8a:93:ff: 79:22:29:f2:fd:0a:37:96:4b:9b:2f:32:36:38:12: 0a:48:7d:b8:9a:64:1c:07:fa:30:16:1c:84:61:85: a4:da:50:b8:ac:6a:b3:e8:1c:e3:7a:67:55:8f:c0: 87:d2:4b:1b:35:fe:8f:e7:83:42:15:47:42:22:20: 22:8e:06:57:31:a5:ba:7c:a4:de:c9:ee:7a:64:85: 23:6d:6e:9d:34:40:3d:3e:39:b9:25:b4:4b:54:8f: 01:15:c8:48:36:81:52:d0:58:ce:1a:88:f3:c2:65: 4e:01:35:6f:fd:5d:6c:80:95:b9:b9:51:ac:6d:ca: c5:af:d0:42:64:59:bf:aa:08:65:5a:cc:5c:25:3b: 96:4c:d2:74:1e:c6:59:b5:30:f2:e0:72:87:07:85: 86:4e:d4:94:67:59:d7:d0:b8:f6:70:ea:24:2f:8b: 52:ec:38:9f:33:64:cc:02:87:58:08:46:d9:16:61: 6e:89:47:a2:22:66:8c:4b:35:8d:dc:18:4c:68:cf: 4b:70:1d:05:3f:89:3f:e5:f9:3a:6e:ff:c0:37:fd: 68:8b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5C:B6:2A:B0:DE:AC:DF:92:EE:D2:67:02:58:A2:68:CD:E1:8E:57:41 X509v3 Authority Key Identifier: keyid:BC:FA:F8:D3:3F:18:A8:D3:60:20:29:EB:CE:DE:1E:36:AF:20:71:5C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A911BD54/3E281C98004911E5B4B64F63C4F9AE02/vPr40z8YqNNgICnrzt4eNq8gcVw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vPr40z8YqNNgICnrzt4eNq8gcVw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911BD54/3E281C98004911E5B4B64F63C4F9AE02/BF80484C737D11E8950B2925C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 49.229.88.0/22 58.64.24.0/24 58.64.27.0/24 103.20.204.0/22 110.49.141.0-110.49.143.255 IPv6: 2405:9800:d000::/36 Signature Algorithm: sha256WithRSAEncryption a1:ba:5f:4b:5d:f1:e9:25:69:b2:09:ed:ac:77:b0:54:25:e4: d8:66:65:c7:23:71:27:b2:46:9d:2f:7f:63:97:b5:c9:cf:7a: d7:b8:90:63:0a:c7:ca:51:26:9d:a8:d9:9c:b2:74:0c:8e:4b: e8:e8:b0:a3:11:7d:25:6b:92:c2:b4:04:a2:99:86:53:ef:60: dc:5b:54:7f:ba:e1:9f:c1:68:45:e4:8c:41:8b:b6:60:16:3b: f4:ea:cc:46:36:be:14:57:8c:73:83:77:d0:33:e4:29:86:81: e2:e6:bc:87:39:3a:9a:89:3b:63:54:91:53:fe:2e:f3:97:3c: c5:20:f8:f2:91:e7:b7:ac:7b:a9:40:b9:1d:56:66:2a:ff:69: 07:0b:5c:88:27:a0:42:9d:b8:ea:32:f1:d6:dc:f8:2b:9b:e4: ee:66:e5:4f:2d:38:97:6a:41:7d:ef:de:7d:d7:1f:59:0a:1e: 26:1a:0f:54:2e:16:17:84:29:e7:82:cc:29:56:3f:45:10:80: 6e:65:e9:86:32:89:be:46:38:93:7f:13:e7:31:55:98:18:e7: ce:8d:ad:27:28:45:eb:1a:b3:42:34:8c:14:2b:85:00:40:2b: 4c:eb:48:25:85:30:2b:13:47:bb:99:25:e6:37:94:27:95:56: be:61:4c:b9 -----BEGIN CERTIFICATE----- MIIFoTCCBImgAwIBAgICKBEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MUJENTQxMTAvBgNVBAUTKEJDRkFGOEQzM0YxOEE4RDM2MDIwMjlFQkNFREUxRTM2 QUYyMDcxNUMwHhcNMjMxMjI4MTYwMjUwWhcNMjUwMzAyMDAwMDAwWjAYMRYwFAYD VQQDEw02NThkOWMyYS1hZTc0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAp9Vj2GjvR5yQaFQsOjOH+k0TdDFVuqx60/s0VqgCFJz7+7Q7Ifuq65iKk/95 Iiny/Qo3lkubLzI2OBIKSH24mmQcB/owFhyEYYWk2lC4rGqz6BzjemdVj8CH0ksb Nf6P54NCFUdCIiAijgZXMaW6fKTeye56ZIUjbW6dNEA9Pjm5JbRLVI8BFchINoFS 0FjOGojzwmVOATVv/V1sgJW5uVGsbcrFr9BCZFm/qghlWsxcJTuWTNJ0HsZZtTDy 4HKHB4WGTtSUZ1nX0Lj2cOokL4tS7DifM2TMAodYCEbZFmFuiUeiImaMSzWN3BhM aM9LcB0FP4k/5fk6bv/AN/1oiwIDAQABo4ICxTCCAsEwHQYDVR0OBBYEFFy2KrDe rN+S7tJnAliiaM3hjldBMB8GA1UdIwQYMBaAFLz6+NM/GKjTYCAp687eHjavIHFc MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQkQ1NC8zRTI4MUM5ODAw NDkxMUU1QjRCNjRGNjNDNEY5QUUwMi92UHI0MHo4WXFOTmdJQ25yenQ0ZU5xOGdj VncuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3ZQcjQwejhZcU5OZ0lDbnJ6dDRlTnE4Z2NWdy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MUJENTQvM0UyODFDOTgwMDQ5MTFFNUI0QjY0RjYzQzRGOUFFMDIvQkY4MDQ4NEM3 MzdEMTFFODk1MEIyOTI1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwTwYIKwYBBQUHAQcBAf8E QDA+MCwEAgABMCYDBAIx5VgDBAA6QBgDBAA6QBsDBAJnFMwwDAMEAG4xjQMEBG4x gDAOBAIAAjAIAwYEJAWYANAwDQYJKoZIhvcNAQELBQADggEBAKG6X0td8eklabIJ 7ax3sFQl5NhmZccjcSeyRp0vf2OXtcnPete4kGMKx8pRJp2o2ZyydAyOS+josKMR fSVrksK0BKKZhlPvYNxbVH+64Z/BaEXkjEGLtmAWO/TqzEY2vhRXjHODd9Az5CmG geLmvIc5OpqJO2NUkVP+LvOXPMUg+PKR57ese6lAuR1WZir/aQcLXIgnoEKduOoy 8dbc+Cub5O5m5U8tOJdqQX3v3n3XH1kKHiYaD1QuFheEKeeCzClWP0UQgG5l6YYy ib5GOJN/E+cxVZgY586NrScoResas0I0jBQrhQBAK0zrSCWFMCsTR7uZJeY3lCeV Vr5hTLk= -----END CERTIFICATE-----Generated at Fri Jun 14 16:49:10 2024 by rpki-client on console-fra.rpki-client.org