$ rpki-client -vvf rpki.apnic.net/member_repository/A911C53D/84B58F668CFB11EB9DC62C3BC4F9AE02/708330B8A5F511EFADEAEA2CC4F9AE02.roa File: 708330B8A5F511EFADEAEA2CC4F9AE02.roa (raw, json) Hash identifier: 4HuFRaASe2fHZDBlp92fQ2GHlyRLOe8+N8yVzB5GzN8= Subject key identifier: F5:1A:63:F1:46:E1:C0:AA:FD:84:9A:A7:36:9B:20:79:63:AB:4F:CA Certificate issuer: /CN=A911C53D/serialNumber=A5C763E8A95F6B9AB24113601DA8153A159126EE Certificate serial: 05FD Authority key identifier: A5:C7:63:E8:A9:5F:6B:9A:B2:41:13:60:1D:A8:15:3A:15:91:26:EE Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pcdj6Klfa5qyQRNgHagVOhWRJu4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A911C53D/84B58F668CFB11EB9DC62C3BC4F9AE02/708330B8A5F511EFADEAEA2CC4F9AE02.roa Signing time: Mon 18 Nov 2024 21:38:25 +0000 ROA not before: Mon 18 Nov 2024 21:38:25 +0000 ROA not after: Tue 30 Sep 2025 00:00:00 +0000 asID: 135880 IP address blocks: 202.14.152.0/24 maxlen: 24 203.20.94.0/24 maxlen: 24 203.30.135.0/24 maxlen: 24 203.30.231.0/24 maxlen: 24 203.30.234.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A911C53D/84B58F668CFB11EB9DC62C3BC4F9AE02/pcdj6Klfa5qyQRNgHagVOhWRJu4.crl rsync://rpki.apnic.net/member_repository/A911C53D/84B58F668CFB11EB9DC62C3BC4F9AE02/pcdj6Klfa5qyQRNgHagVOhWRJu4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pcdj6Klfa5qyQRNgHagVOhWRJu4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Nov 2024 20:43:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1533 (0x5fd) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A911C53D/serialNumber=A5C763E8A95F6B9AB24113601DA8153A159126EE Validity Not Before: Nov 18 21:38:25 2024 GMT Not After : Sep 30 00:00:00 2025 GMT Subject: CN=673bb3d0-b2ca Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:43:bd:01:e0:f3:ad:8f:7f:d1:34:8c:b4:09: 36:43:33:c4:89:7a:06:c3:10:e2:1a:18:c4:ef:32: 1f:0f:04:01:40:2e:ca:a3:4c:42:09:d8:d2:a6:2f: 9d:9d:0c:b4:65:7e:aa:10:88:ca:66:77:b2:1f:82: 8e:05:e0:69:1a:fd:f4:6a:ce:f1:6e:ab:13:54:93: 4c:9c:6e:95:c8:de:40:7d:42:96:5a:b2:74:d6:62: bf:e9:a0:e8:69:4c:b6:9f:dd:56:9d:a7:06:67:9d: 00:bd:aa:ee:1d:a4:43:6c:8b:a7:e5:cd:07:e4:01: 28:6e:3e:94:01:14:68:03:e4:58:20:09:df:6e:84: 3b:94:e9:69:a2:22:b6:0f:15:2c:11:a7:90:f9:80: 93:00:60:7d:27:01:eb:de:31:bc:3e:ce:c6:a1:18: 29:ab:cb:e9:ce:88:fa:76:c3:d9:ab:b8:4d:43:50: 03:03:bd:92:90:1f:8d:b7:fd:cf:9f:e9:cc:4b:f7: cc:27:f1:21:ba:8c:cd:e1:05:36:8d:f1:c1:87:df: ff:e1:42:e2:b9:64:62:b6:dd:74:e2:1e:96:63:9c: 06:88:b1:56:07:51:1a:f1:6f:56:68:9c:39:9d:89: d4:bf:80:7b:28:c9:7e:f9:14:8a:3e:20:fd:f8:d0: c0:3f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F5:1A:63:F1:46:E1:C0:AA:FD:84:9A:A7:36:9B:20:79:63:AB:4F:CA X509v3 Authority Key Identifier: keyid:A5:C7:63:E8:A9:5F:6B:9A:B2:41:13:60:1D:A8:15:3A:15:91:26:EE X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A911C53D/84B58F668CFB11EB9DC62C3BC4F9AE02/pcdj6Klfa5qyQRNgHagVOhWRJu4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pcdj6Klfa5qyQRNgHagVOhWRJu4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911C53D/84B58F668CFB11EB9DC62C3BC4F9AE02/708330B8A5F511EFADEAEA2CC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 202.14.152.0/24 203.20.94.0/24 203.30.135.0/24 203.30.231.0/24 203.30.234.0/24 Signature Algorithm: sha256WithRSAEncryption 86:d4:9a:48:c6:02:3a:07:88:11:9b:06:54:07:ad:94:9f:53: fa:f8:0b:5c:56:ec:86:47:a2:a9:a1:60:8e:61:53:c9:09:24: ae:b6:b1:a8:f5:c6:b0:93:49:ea:b7:bc:25:11:07:7a:b9:87: 94:86:f2:d3:39:68:ad:1c:9b:5c:b5:c8:d1:e7:8a:95:69:60: 6b:8d:ca:f3:bc:d3:c2:ac:d2:aa:44:a4:1e:62:64:02:76:73: 37:7d:0b:81:f4:f5:ed:45:28:ce:c2:d7:db:90:26:b9:0d:9f: b2:b2:13:1c:c7:f8:80:59:50:e2:f0:87:4f:65:d4:36:8a:37: 57:cc:4a:02:85:a6:3a:44:b3:1b:a2:b1:f1:31:8c:dd:c0:12: 9e:ba:95:e0:80:6f:98:f1:81:b9:46:5e:a4:bd:d8:e0:d0:6f: 70:88:5c:6d:0e:40:92:b0:02:32:0a:2d:d9:c0:1e:8f:29:88: c0:89:67:b7:9f:c7:ec:25:cc:57:51:ec:25:b0:74:2b:1a:1d: e9:25:e8:76:85:41:f3:32:67:2d:8a:60:c2:ae:2c:11:2e:a6: 0f:44:ee:13:48:1d:26:ff:55:7e:9f:4e:4f:36:74:46:5c:e0: 3f:5e:1b:51:e1:59:a4:c0:78:a5:86:bd:9d:27:d1:f3:56:ed: cb:9b:36:70 -----BEGIN CERTIFICATE----- MIIFiTCCBHGgAwIBAgICBf0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MUM1M0QxMTAvBgNVBAUTKEE1Qzc2M0U4QTk1RjZCOUFCMjQxMTM2MDFEQTgxNTNB MTU5MTI2RUUwHhcNMjQxMTE4MjEzODI1WhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD VQQDEw02NzNiYjNkMC1iMmNhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA1kO9AeDzrY9/0TSMtAk2QzPEiXoGwxDiGhjE7zIfDwQBQC7Ko0xCCdjSpi+d nQy0ZX6qEIjKZneyH4KOBeBpGv30as7xbqsTVJNMnG6VyN5AfUKWWrJ01mK/6aDo aUy2n91WnacGZ50AvaruHaRDbIun5c0H5AEobj6UARRoA+RYIAnfboQ7lOlpoiK2 DxUsEaeQ+YCTAGB9JwHr3jG8Ps7GoRgpq8vpzoj6dsPZq7hNQ1ADA72SkB+Nt/3P n+nMS/fMJ/EhuozN4QU2jfHBh9//4ULiuWRitt104h6WY5wGiLFWB1Ea8W9WaJw5 nYnUv4B7KMl++RSKPiD9+NDAPwIDAQABo4ICrTCCAqkwHQYDVR0OBBYEFPUaY/FG 4cCq/YSapzabIHljq0/KMB8GA1UdIwQYMBaAFKXHY+ipX2uaskETYB2oFToVkSbu MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQzUzRC84NEI1OEY2NjhD RkIxMUVCOURDNjJDM0JDNEY5QUUwMi9wY2RqNktsZmE1cXlRUk5nSGFnVk9oV1JK dTQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3BjZGo2S2xmYTVxeVFSTmdIYWdWT2hXUkp1NC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MUM1M0QvODRCNThGNjY4Q0ZCMTFFQjlEQzYyQzNCQzRGOUFFMDIvNzA4MzMwQjhB NUY1MTFFRkFERUFFQTJDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNwYIKwYBBQUHAQcBAf8E KDAmMCQEAgABMB4DBADKDpgDBADLFF4DBADLHocDBADLHucDBADLHuowDQYJKoZI hvcNAQELBQADggEBAIbUmkjGAjoHiBGbBlQHrZSfU/r4C1xW7IZHoqmhYI5hU8kJ JK62saj1xrCTSeq3vCURB3q5h5SG8tM5aK0cm1y1yNHnipVpYGuNyvO808Ks0qpE pB5iZAJ2czd9C4H09e1FKM7C19uQJrkNn7KyExzH+IBZUOLwh09l1DaKN1fMSgKF pjpEsxuisfExjN3AEp66leCAb5jxgblGXqS92ODQb3CIXG0OQJKwAjIKLdnAHo8p iMCJZ7efx+wlzFdR7CWwdCsaHekl6HaFQfMyZy2KYMKuLBEupg9E7hNIHSb/VX6f Tk82dEZc4D9eG1HhWaTAeKWGvZ0n0fNW7cubNnA= -----END CERTIFICATE-----Generated at Sat Nov 23 00:08:35 2024 by rpki-client on console-ams.rpki-client.org