$ rpki-client -vvf rpki.apnic.net/member_repository/A9122219/82FE89CC3C3711EA873E1460C4F9AE02/CD145D246E4E11EDBE02B065C4F9AE02.roa File: CD145D246E4E11EDBE02B065C4F9AE02.roa (raw, json) Hash identifier: zSM1B8wSUB+mHKY/5kPPrFTVt9OokOjyYR65igDrdV4= Subject key identifier: BF:B9:F8:DA:71:05:A0:97:8D:3C:C3:58:3D:DA:29:0F:7A:64:8A:97 Certificate issuer: /CN=A9122219/serialNumber=D0D2F45A46D26766014B786019A09A8334873DAD Certificate serial: 0A91 Authority key identifier: D0:D2:F4:5A:46:D2:67:66:01:4B:78:60:19:A0:9A:83:34:87:3D:AD Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0NL0WkbSZ2YBS3hgGaCagzSHPa0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9122219/82FE89CC3C3711EA873E1460C4F9AE02/CD145D246E4E11EDBE02B065C4F9AE02.roa Signing time: Thu 18 Jul 2024 19:57:42 +0000 ROA not before: Thu 18 Jul 2024 19:57:42 +0000 ROA not after: Tue 30 Sep 2025 00:00:00 +0000 asID: 38744 IP address blocks: 49.0.32.0/20 maxlen: 24 49.0.48.0/21 maxlen: 24 117.58.240.0/21 maxlen: 24 2404:b580::/32 maxlen: 36 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9122219/82FE89CC3C3711EA873E1460C4F9AE02/0NL0WkbSZ2YBS3hgGaCagzSHPa0.crl rsync://rpki.apnic.net/member_repository/A9122219/82FE89CC3C3711EA873E1460C4F9AE02/0NL0WkbSZ2YBS3hgGaCagzSHPa0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0NL0WkbSZ2YBS3hgGaCagzSHPa0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Nov 2024 19:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2705 (0xa91) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9122219/serialNumber=D0D2F45A46D26766014B786019A09A8334873DAD Validity Not Before: Jul 18 19:57:42 2024 GMT Not After : Sep 30 00:00:00 2025 GMT Subject: CN=669973b6-71e7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:d3:f6:a9:e5:71:00:e4:26:70:1f:0a:d5:3a: b5:af:d4:1b:09:fd:68:db:22:f6:58:43:c6:89:4a: 0d:65:8f:ab:18:0d:f8:03:d2:ef:a4:4c:fe:b6:29: 32:3a:36:26:e3:07:00:a7:c5:4d:fd:6c:de:e6:a7: 7b:1f:41:d8:d6:40:40:59:35:e7:01:4e:17:ae:ae: e8:38:a1:33:be:6c:c7:8e:c0:61:23:78:09:6b:ca: d8:d7:90:66:62:7b:b8:12:f9:fb:79:0f:8e:3c:af: ff:9c:2a:26:49:de:e1:df:9e:dc:98:5b:0d:1a:41: 8f:be:fb:7f:31:75:b0:43:ee:56:fc:32:b4:ee:85: 63:a0:8b:f0:fc:bd:d8:14:61:60:bf:62:dd:8a:ed: a8:db:a1:52:76:47:8d:4b:71:81:40:81:99:71:34: 70:d0:f9:db:c8:ca:c1:1c:5e:e6:68:2a:82:e1:24: 0d:9e:98:d4:9f:fa:39:9d:6a:46:fc:c2:42:01:21: a5:ac:1c:04:ca:55:38:c8:c7:fb:19:3b:11:bc:d7: f3:4b:c1:9a:bf:49:6b:47:f1:53:37:30:74:0f:50: 2f:f3:15:00:57:86:e0:24:27:aa:5d:ab:31:97:b5: a0:58:91:f6:35:a8:8e:8e:d9:9f:b2:3e:bd:70:8a: 9e:fd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BF:B9:F8:DA:71:05:A0:97:8D:3C:C3:58:3D:DA:29:0F:7A:64:8A:97 X509v3 Authority Key Identifier: keyid:D0:D2:F4:5A:46:D2:67:66:01:4B:78:60:19:A0:9A:83:34:87:3D:AD X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9122219/82FE89CC3C3711EA873E1460C4F9AE02/0NL0WkbSZ2YBS3hgGaCagzSHPa0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0NL0WkbSZ2YBS3hgGaCagzSHPa0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9122219/82FE89CC3C3711EA873E1460C4F9AE02/CD145D246E4E11EDBE02B065C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 49.0.32.0-49.0.55.255 117.58.240.0/21 IPv6: 2404:b580::/32 Signature Algorithm: sha256WithRSAEncryption a2:98:61:5d:ce:d5:c6:2b:22:1f:ef:66:08:55:a6:fa:1d:3e: 51:3b:93:49:57:79:13:63:4d:55:3e:10:d6:64:cc:e2:04:20: 6f:14:4f:4e:0b:9a:d2:f0:fa:eb:f1:35:2f:44:b2:3f:42:f1: 43:84:e1:88:86:ad:06:6c:80:f3:81:ba:91:47:6e:e3:3e:bc: 0a:76:91:e8:de:1a:7b:9b:05:bb:62:c5:74:4d:2c:18:71:f6: e7:48:6a:c9:ce:2b:a7:36:d6:4b:9a:1d:82:2d:18:3c:ad:6e: 27:27:de:dd:c8:e4:bd:8c:62:49:25:a6:6d:2c:b0:5d:a8:7f: 79:cb:5f:98:c5:89:49:4f:70:b4:7e:f1:21:3c:01:e6:e1:d7: 80:d0:f4:48:af:26:70:7a:36:19:80:1e:35:04:05:fa:e1:7d: 9c:b3:c2:82:e5:de:3c:81:6c:99:aa:67:b7:bb:0c:d7:5d:f6: 65:f3:67:9f:71:fa:72:8b:14:a6:b0:fd:4d:7a:e4:ca:28:5e: 9f:8d:75:fa:4e:cf:a1:69:fd:61:e8:5e:9b:f4:27:2f:ca:f8: 6a:df:c5:f8:db:6b:be:a0:b4:35:17:1d:09:57:51:f2:7e:7b: 40:51:49:cf:d9:d8:eb:2b:ee:06:e1:de:a2:f5:10:86:4b:82: 85:36:1d:24 -----BEGIN CERTIFICATE----- MIIFjjCCBHagAwIBAgICCpEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MjIyMTkxMTAvBgNVBAUTKEQwRDJGNDVBNDZEMjY3NjYwMTRCNzg2MDE5QTA5QTgz MzQ4NzNEQUQwHhcNMjQwNzE4MTk1NzQyWhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD VQQDEw02Njk5NzNiNi03MWU3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvtP2qeVxAOQmcB8K1Tq1r9QbCf1o2yL2WEPGiUoNZY+rGA34A9LvpEz+tiky OjYm4wcAp8VN/Wze5qd7H0HY1kBAWTXnAU4Xrq7oOKEzvmzHjsBhI3gJa8rY15Bm Ynu4Evn7eQ+OPK//nComSd7h357cmFsNGkGPvvt/MXWwQ+5W/DK07oVjoIvw/L3Y FGFgv2Ldiu2o26FSdkeNS3GBQIGZcTRw0PnbyMrBHF7maCqC4SQNnpjUn/o5nWpG /MJCASGlrBwEylU4yMf7GTsRvNfzS8Gav0lrR/FTNzB0D1Av8xUAV4bgJCeqXasx l7WgWJH2NaiOjtmfsj69cIqe/QIDAQABo4ICsjCCAq4wHQYDVR0OBBYEFL+5+Npx BaCXjTzDWD3aKQ96ZIqXMB8GA1UdIwQYMBaAFNDS9FpG0mdmAUt4YBmgmoM0hz2t MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyMjIxOS84MkZFODlDQzND MzcxMUVBODczRTE0NjBDNEY5QUUwMi8wTkwwV2tiU1oyWUJTM2hnR2FDYWd6U0hQ YTAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzBOTDBXa2JTWjJZQlMzaGdHYUNhZ3pTSFBhMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MjIyMTkvODJGRTg5Q0MzQzM3MTFFQTg3M0UxNDYwQzRGOUFFMDIvQ0QxNDVEMjQ2 RTRFMTFFREJFMDJCMDY1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwPAYIKwYBBQUHAQcBAf8E LTArMBoEAgABMBQwDAMEBTEAIAMEAzEAMAMEA3U68DANBAIAAjAHAwUAJAS1gDAN BgkqhkiG9w0BAQsFAAOCAQEAophhXc7VxisiH+9mCFWm+h0+UTuTSVd5E2NNVT4Q 1mTM4gQgbxRPTgua0vD66/E1L0SyP0LxQ4ThiIatBmyA84G6kUdu4z68CnaR6N4a e5sFu2LFdE0sGHH250hqyc4rpzbWS5odgi0YPK1uJyfe3cjkvYxiSSWmbSywXah/ ectfmMWJSU9wtH7xITwB5uHXgND0SK8mcHo2GYAeNQQF+uF9nLPCguXePIFsmapn t7sM1132ZfNnn3H6cosUprD9TXrkyihen411+k7PoWn9Yehem/QnL8r4at/F+Ntr vqC0NRcdCVdR8n57QFFJz9nY6yvuBuHeovUQhkuChTYdJA== -----END CERTIFICATE-----Generated at Fri Nov 22 22:14:22 2024 by rpki-client on console-ams.rpki-client.org