$ rpki-client -vvf rpki.apnic.net/member_repository/A9149F3E/AC52B7481D8211E2BC6417D708B02CD2/0BD5724C3A3211EDA1B7D863C4F9AE02.roa File: 0BD5724C3A3211EDA1B7D863C4F9AE02.roa (raw, json) Hash identifier: UguBw1sfiBAtlSn78NzpSBwxKrJvm/pM/IYVtzEhGVk= Subject key identifier: 2D:95:FA:61:3D:62:33:5F:EF:5B:0A:16:A0:BC:29:67:2D:7F:1A:5A Certificate issuer: /CN=A9149F3E/serialNumber=EB389FB339B3908D549A65390C92E15F9DF7C54B Certificate serial: 35EE Authority key identifier: EB:38:9F:B3:39:B3:90:8D:54:9A:65:39:0C:92:E1:5F:9D:F7:C5:4B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6zifszmzkI1UmmU5DJLhX533xUs.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9149F3E/AC52B7481D8211E2BC6417D708B02CD2/0BD5724C3A3211EDA1B7D863C4F9AE02.roa Signing time: Fri 16 Aug 2024 14:40:22 +0000 ROA not before: Fri 16 Aug 2024 14:40:22 +0000 ROA not after: Sun 31 Aug 2025 00:00:00 +0000 asID: 139648 IP address blocks: 119.59.0.0/20 maxlen: 20 119.59.0.0/24 maxlen: 24 119.59.1.0/24 maxlen: 24 119.59.2.0/24 maxlen: 24 119.59.3.0/24 maxlen: 24 119.59.4.0/24 maxlen: 24 119.59.5.0/24 maxlen: 24 119.59.6.0/24 maxlen: 24 119.59.7.0/24 maxlen: 24 119.59.8.0/24 maxlen: 24 119.59.9.0/24 maxlen: 24 119.59.10.0/24 maxlen: 24 119.59.11.0/24 maxlen: 24 119.59.12.0/24 maxlen: 24 119.59.13.0/24 maxlen: 24 119.59.14.0/24 maxlen: 24 119.59.15.0/24 maxlen: 24 119.59.16.0/24 maxlen: 24 119.59.17.0/24 maxlen: 24 119.59.18.0/24 maxlen: 24 119.59.19.0/24 maxlen: 24 119.59.20.0/24 maxlen: 24 119.59.21.0/24 maxlen: 24 119.59.22.0/24 maxlen: 24 119.59.23.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9149F3E/AC52B7481D8211E2BC6417D708B02CD2/6zifszmzkI1UmmU5DJLhX533xUs.crl rsync://rpki.apnic.net/member_repository/A9149F3E/AC52B7481D8211E2BC6417D708B02CD2/6zifszmzkI1UmmU5DJLhX533xUs.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6zifszmzkI1UmmU5DJLhX533xUs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 21 Feb 2025 05:15:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13806 (0x35ee) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9149F3E Validity Not Before: Aug 16 14:40:22 2024 GMT Not After : Aug 31 00:00:00 2025 GMT Subject: CN=66bf64d5-3bc6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:fb:60:12:96:0a:98:c1:42:2d:82:5f:47:2f: 94:b6:20:d5:ba:73:55:72:f0:7b:0e:82:43:6c:22: 52:39:7f:a6:b1:21:75:63:a4:4b:93:cc:9e:71:a9: a0:1d:d2:14:ab:ea:52:be:54:2c:59:e8:95:0c:7f: bd:50:cc:81:f5:97:a1:38:1a:cd:ba:94:19:98:f3: 2b:c7:ad:85:fc:f4:de:4f:57:80:73:f2:5a:24:87: b9:b3:bb:06:91:e2:16:42:f6:87:d8:1b:d5:70:4b: fd:1e:d9:a0:79:2a:f5:66:fa:0a:2e:b9:4a:f2:ba: 90:f5:67:91:9d:f7:c7:4d:f1:1b:72:46:d1:23:8b: 93:63:b1:8e:43:f0:ac:e6:bb:49:75:c6:84:c1:8a: d1:56:1b:f9:68:f3:82:68:46:08:e5:07:93:2b:bf: 00:33:aa:82:df:7b:f4:c3:82:d3:2b:a6:9f:f9:75: 1b:0a:16:36:74:ef:9d:f4:a8:bb:24:5e:0e:d7:18: 48:65:99:c6:72:af:76:33:17:47:e1:be:04:08:ff: e3:5a:bb:f0:3d:16:3a:2b:36:86:db:f3:22:6f:d1: b7:f6:46:ee:16:27:88:ee:f9:dc:43:85:d2:b2:6b: 97:f4:f7:b3:58:e9:72:b7:6e:22:9b:a0:f1:94:ab: 79:7d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2D:95:FA:61:3D:62:33:5F:EF:5B:0A:16:A0:BC:29:67:2D:7F:1A:5A X509v3 Authority Key Identifier: keyid:EB:38:9F:B3:39:B3:90:8D:54:9A:65:39:0C:92:E1:5F:9D:F7:C5:4B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9149F3E/AC52B7481D8211E2BC6417D708B02CD2/6zifszmzkI1UmmU5DJLhX533xUs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6zifszmzkI1UmmU5DJLhX533xUs.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9149F3E/AC52B7481D8211E2BC6417D708B02CD2/0BD5724C3A3211EDA1B7D863C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 119.59.0.0-119.59.23.255 Signature Algorithm: sha256WithRSAEncryption 20:23:54:a6:fd:7f:f9:dc:32:05:30:f3:b6:1b:a3:d1:fc:4f: e9:51:f6:6c:7d:4e:28:e9:0a:33:58:3f:2f:ce:5b:f0:f5:b6: a8:fa:d7:31:86:6c:d5:98:f7:56:3f:d3:1f:b7:0d:79:0c:5f: 7e:49:f4:fb:7e:5f:c5:df:f3:be:3c:69:38:04:45:fa:20:ef: 32:f8:b8:8a:45:a0:fb:79:f2:ea:c0:a9:75:66:8f:ea:45:d4: 0a:f8:23:a0:e6:5c:07:0e:0c:60:25:9f:ee:d3:bb:f8:0d:b6: 86:5f:f6:27:33:7e:9d:5a:0c:eb:b5:48:b6:e9:0c:3e:75:d7: ee:82:fe:85:90:a8:4c:ee:c3:03:d7:02:cf:7b:ab:e8:ad:09: 21:d3:97:c5:18:0d:43:10:66:f4:58:b1:e5:fb:fc:d6:2d:5f: 00:1f:0f:d6:b4:97:33:8a:1c:36:41:8c:0b:af:d4:fa:e8:3c: b4:f6:13:79:36:8f:8d:6d:a2:fc:70:8b:43:f9:17:ca:7d:80: 19:03:13:73:55:ab:4f:2d:30:a7:42:3d:ef:f4:01:7d:6c:d2: 75:7c:2e:55:43:d7:92:ac:52:aa:22:75:df:62:ab:ca:b1:80: 26:66:00:cc:56:2d:30:b8:3b:d0:7b:81:23:26:b0:dd:a3:70: d8:bc:d2:9b -----BEGIN CERTIFICATE----- MIIFeDCCBGCgAwIBAgICNe4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDlGM0UxMTAvBgNVBAUTKEVCMzg5RkIzMzlCMzkwOEQ1NDlBNjUzOTBDOTJFMTVG OURGN0M1NEIwHhcNMjQwODE2MTQ0MDIyWhcNMjUwODMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NmJmNjRkNS0zYmM2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAyftgEpYKmMFCLYJfRy+UtiDVunNVcvB7DoJDbCJSOX+msSF1Y6RLk8yecamg HdIUq+pSvlQsWeiVDH+9UMyB9ZehOBrNupQZmPMrx62F/PTeT1eAc/JaJIe5s7sG keIWQvaH2BvVcEv9HtmgeSr1ZvoKLrlK8rqQ9WeRnffHTfEbckbRI4uTY7GOQ/Cs 5rtJdcaEwYrRVhv5aPOCaEYI5QeTK78AM6qC33v0w4LTK6af+XUbChY2dO+d9Ki7 JF4O1xhIZZnGcq92MxdH4b4ECP/jWrvwPRY6KzaG2/Mib9G39kbuFieI7vncQ4XS smuX9PezWOlyt24im6DxlKt5fQIDAQABo4ICnDCCApgwHQYDVR0OBBYEFC2V+mE9 YjNf71sKFqC8KWctfxpaMB8GA1UdIwQYMBaAFOs4n7M5s5CNVJplOQyS4V+d98VL MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0OUYzRS9BQzUyQjc0ODFE ODIxMUUyQkM2NDE3RDcwOEIwMkNEMi82emlmc3ptemtJMVVtbVU1REpMaFg1MzN4 VXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzZ6aWZzem16a0kxVW1tVTVESkxoWDUzM3hVcy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NDlGM0UvQUM1MkI3NDgxRDgyMTFFMkJDNjQxN0Q3MDhCMDJDRDIvMEJENTcyNEMz QTMyMTFFREExQjdEODYzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJgYIKwYBBQUHAQcBAf8E FzAVMBMEAgABMA0wCwMDAHc7AwQDdzsQMA0GCSqGSIb3DQEBCwUAA4IBAQAgI1Sm /X/53DIFMPO2G6PR/E/pUfZsfU4o6QozWD8vzlvw9bao+tcxhmzVmPdWP9Mftw15 DF9+SfT7fl/F3/O+PGk4BEX6IO8y+LiKRaD7efLqwKl1Zo/qRdQK+COg5lwHDgxg JZ/u07v4DbaGX/YnM36dWgzrtUi26Qw+ddfugv6FkKhM7sMD1wLPe6vorQkh05fF GA1DEGb0WLHl+/zWLV8AHw/WtJczihw2QYwLr9T66Dy09hN5No+NbaL8cItD+RfK fYAZAxNzVatPLTCnQj3v9AF9bNJ1fC5VQ9eSrFKqInXfYqvKsYAmZgDMVi0wuDvQ e4EjJrDdo3DYvNKb -----END CERTIFICATE-----Generated at Sun Feb 16 20:28:02 2025 by rpki-client