$ rpki-client -vvf rpki.apnic.net/member_repository/A917138D/4F6E9318F3ED11EAA4A1D64DC4F9AE02/7D0F62FAF3EF11EA82F3C251C4F9AE02.roa File: 7D0F62FAF3EF11EA82F3C251C4F9AE02.roa (raw, json) Hash identifier: qjMMlEqEvaBO7XAFYzvleISXKC2IIZdSXJalJOe7pw0= Subject key identifier: 65:81:5E:14:2C:FF:AA:C7:FC:A0:A5:FF:E5:46:E6:9C:D7:A8:56:8C Certificate issuer: /CN=A917138D/serialNumber=AE0F0E9ED4A6706E92E10B789BAC2C625A565156 Certificate serial: 077F Authority key identifier: AE:0F:0E:9E:D4:A6:70:6E:92:E1:0B:78:9B:AC:2C:62:5A:56:51:56 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rg8OntSmcG6S4Qt4m6wsYlpWUVY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917138D/4F6E9318F3ED11EAA4A1D64DC4F9AE02/7D0F62FAF3EF11EA82F3C251C4F9AE02.roa Signing time: Sat 02 Nov 2024 21:10:39 +0000 ROA not before: Sat 02 Nov 2024 21:10:39 +0000 ROA not after: Tue 30 Dec 2025 00:00:00 +0000 asID: 17458 IP address blocks: 202.44.112.0/22 maxlen: 22 202.44.113.0/24 maxlen: 24 202.44.115.0/24 maxlen: 24 203.83.48.0/21 maxlen: 21 203.83.48.0/24 maxlen: 24 203.83.49.0/24 maxlen: 24 203.83.50.0/24 maxlen: 24 203.83.51.0/24 maxlen: 24 203.83.52.0/24 maxlen: 24 203.83.53.0/24 maxlen: 24 203.83.54.0/24 maxlen: 24 203.83.55.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917138D/4F6E9318F3ED11EAA4A1D64DC4F9AE02/rg8OntSmcG6S4Qt4m6wsYlpWUVY.crl rsync://rpki.apnic.net/member_repository/A917138D/4F6E9318F3ED11EAA4A1D64DC4F9AE02/rg8OntSmcG6S4Qt4m6wsYlpWUVY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rg8OntSmcG6S4Qt4m6wsYlpWUVY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Nov 2024 20:43:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1919 (0x77f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917138D/serialNumber=AE0F0E9ED4A6706E92E10B789BAC2C625A565156 Validity Not Before: Nov 2 21:10:39 2024 GMT Not After : Dec 30 00:00:00 2025 GMT Subject: CN=6726954f-2a94 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:8f:b9:53:82:0e:e8:40:98:57:bd:e5:b6:84: f0:5f:48:a9:a5:2d:c8:c5:c5:3d:90:3d:c3:3b:bd: e1:33:ba:0a:b9:bf:e7:76:51:27:8b:d9:15:40:34: f2:64:79:41:0f:cd:49:b6:7e:0e:93:6b:09:18:69: d6:10:64:30:06:f1:7a:7c:2a:0d:ef:65:8e:f8:93: 4e:46:3d:8f:cf:d8:f9:f0:77:0f:8f:c0:57:2c:41: c7:6a:ba:08:ab:e1:68:4b:f0:35:b9:65:35:ba:e4: 8d:50:7b:ba:1c:bd:1b:ac:16:4f:48:8d:f1:0a:0e: 35:1c:3b:07:04:80:60:60:e5:c8:15:12:39:89:57: d0:ae:00:0a:b6:d1:dd:96:48:e0:4f:17:88:f0:c1: ac:b1:47:a9:c3:27:f9:87:33:cf:e1:ab:a1:5b:7f: 93:94:c6:10:30:01:a5:ea:e4:7f:44:84:5b:a9:02: ee:18:9f:12:c4:ba:d3:3e:2c:90:74:83:43:d1:bf: 30:e7:76:23:f7:5d:60:54:02:3f:74:a4:7d:05:1d: 3f:d7:9b:ca:13:51:34:cc:f2:89:64:fd:56:41:85: 39:68:2d:b3:83:c7:62:75:d5:f6:93:89:53:2f:fc: fd:9f:b1:bf:17:86:a6:bb:33:94:27:fa:3d:f5:26: a5:09 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 65:81:5E:14:2C:FF:AA:C7:FC:A0:A5:FF:E5:46:E6:9C:D7:A8:56:8C X509v3 Authority Key Identifier: keyid:AE:0F:0E:9E:D4:A6:70:6E:92:E1:0B:78:9B:AC:2C:62:5A:56:51:56 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917138D/4F6E9318F3ED11EAA4A1D64DC4F9AE02/rg8OntSmcG6S4Qt4m6wsYlpWUVY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rg8OntSmcG6S4Qt4m6wsYlpWUVY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917138D/4F6E9318F3ED11EAA4A1D64DC4F9AE02/7D0F62FAF3EF11EA82F3C251C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 202.44.112.0/22 203.83.48.0/21 Signature Algorithm: sha256WithRSAEncryption 43:e8:3c:4b:be:d5:e2:4d:7f:a6:45:4c:ba:6e:c3:3d:47:20: d3:6a:e6:75:e3:f6:b5:83:6d:2d:81:b8:78:38:a1:20:9f:51: 1c:98:ae:f0:16:0b:e7:4f:e1:ed:52:fe:a5:f9:1e:74:61:e7: ad:55:45:36:36:1b:4b:5e:84:d1:d0:25:ff:63:be:bf:f7:9d: f5:b9:47:e9:80:9f:87:67:8d:8f:3b:d9:c2:bf:35:ab:78:6d: d2:88:7f:bb:5f:7e:e2:db:2f:7e:7b:15:90:ec:6e:98:56:b9: d0:a2:11:81:63:25:6e:5d:52:0f:39:65:9e:82:8b:7f:42:ac: 2a:eb:5f:cc:84:c5:dd:47:47:c4:45:d1:14:77:8c:82:d8:04: 49:6b:52:62:6f:84:54:5b:db:fd:f0:73:31:96:1b:f3:b4:4d: 96:77:d4:76:dd:31:1a:d9:ec:b9:60:14:4e:32:1d:20:f8:97: 70:f6:25:9f:36:2d:2b:77:ba:8d:d3:8a:36:97:c8:b7:e8:d0: 36:2d:86:70:4e:86:f9:42:91:6f:4f:2e:37:4b:76:d3:80:b3: 9a:15:d8:31:95:eb:b7:b3:20:4e:70:7a:84:59:27:b1:2e:cd: 8e:64:40:a6:3e:b0:da:34:25:fa:b4:63:e0:f2:39:99:43:56: c8:51:a5:ff -----BEGIN CERTIFICATE----- MIIFdzCCBF+gAwIBAgICB38wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NzEzOEQxMTAvBgNVBAUTKEFFMEYwRTlFRDRBNjcwNkU5MkUxMEI3ODlCQUMyQzYy NUE1NjUxNTYwHhcNMjQxMTAyMjExMDM5WhcNMjUxMjMwMDAwMDAwWjAYMRYwFAYD VQQDEw02NzI2OTU0Zi0yYTk0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAw4+5U4IO6ECYV73ltoTwX0ippS3IxcU9kD3DO73hM7oKub/ndlEni9kVQDTy ZHlBD81Jtn4Ok2sJGGnWEGQwBvF6fCoN72WO+JNORj2Pz9j58HcPj8BXLEHHaroI q+FoS/A1uWU1uuSNUHu6HL0brBZPSI3xCg41HDsHBIBgYOXIFRI5iVfQrgAKttHd lkjgTxeI8MGssUepwyf5hzPP4auhW3+TlMYQMAGl6uR/RIRbqQLuGJ8SxLrTPiyQ dIND0b8w53Yj911gVAI/dKR9BR0/15vKE1E0zPKJZP1WQYU5aC2zg8diddX2k4lT L/z9n7G/F4amuzOUJ/o99SalCQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFGWBXhQs /6rH/KCl/+VG5pzXqFaMMB8GA1UdIwQYMBaAFK4PDp7UpnBukuELeJusLGJaVlFW MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3MTM4RC80RjZFOTMxOEYz RUQxMUVBQTRBMUQ2NERDNEY5QUUwMi9yZzhPbnRTbWNHNlM0UXQ0bTZ3c1lscFdV VlkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3JnOE9udFNtY0c2UzRRdDRtNndzWWxwV1VWWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NzEzOEQvNEY2RTkzMThGM0VEMTFFQUE0QTFENjREQzRGOUFFMDIvN0QwRjYyRkFG M0VGMTFFQTgyRjNDMjUxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E FjAUMBIEAgABMAwDBALKLHADBAPLUzAwDQYJKoZIhvcNAQELBQADggEBAEPoPEu+ 1eJNf6ZFTLpuwz1HINNq5nXj9rWDbS2BuHg4oSCfURyYrvAWC+dP4e1S/qX5HnRh 561VRTY2G0tehNHQJf9jvr/3nfW5R+mAn4dnjY872cK/Nat4bdKIf7tffuLbL357 FZDsbphWudCiEYFjJW5dUg85ZZ6Ci39CrCrrX8yExd1HR8RF0RR3jILYBElrUmJv hFRb2/3wczGWG/O0TZZ31HbdMRrZ7LlgFE4yHSD4l3D2JZ82LSt3uo3TijaXyLfo 0DYthnBOhvlCkW9PLjdLdtOAs5oV2DGV67ezIE5weoRZJ7EuzY5kQKY+sNo0Jfq0 Y+DyOZlDVshRpf8= -----END CERTIFICATE-----Generated at Fri Nov 22 22:14:30 2024 by rpki-client on console-ams.rpki-client.org