$ rpki-client -vvf rpki.apnic.net/member_repository/A91771E3/9383E646AD6511E8ACBD0D6AC4F9AE02/4B18BBA8A9F811EEB85DBD24C4F9AE02.roa File: 4B18BBA8A9F811EEB85DBD24C4F9AE02.roa (raw, json) Hash identifier: 5dJn6hxxfPSiLw5GQ6SZkYPyS3vVBNlQ6n1n7xqGK10= Subject key identifier: F8:58:1A:D7:A5:E0:77:92:15:2D:2A:CE:1E:33:31:42:C9:71:BA:28 Certificate issuer: /CN=A91771E3/serialNumber=1596C4BBE732DA85CB83E8A770873EA3413701A5 Certificate serial: 124C Authority key identifier: 15:96:C4:BB:E7:32:DA:85:CB:83:E8:A7:70:87:3E:A3:41:37:01:A5 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FZbEu-cy2oXLg-incIc-o0E3AaU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91771E3/9383E646AD6511E8ACBD0D6AC4F9AE02/4B18BBA8A9F811EEB85DBD24C4F9AE02.roa Signing time: Wed 03 Jan 2024 05:25:21 +0000 ROA not before: Wed 03 Jan 2024 05:25:21 +0000 ROA not after: Sun 02 Mar 2025 00:00:00 +0000 asID: 132856 IP address blocks: 101.251.6.0/23 maxlen: 23 101.251.6.0/24 maxlen: 24 101.251.7.0/24 maxlen: 24 2404:2c00:600::/47 maxlen: 47 2404:2c00:600::/48 maxlen: 48 2404:2c00:601::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91771E3/9383E646AD6511E8ACBD0D6AC4F9AE02/FZbEu-cy2oXLg-incIc-o0E3AaU.crl rsync://rpki.apnic.net/member_repository/A91771E3/9383E646AD6511E8ACBD0D6AC4F9AE02/FZbEu-cy2oXLg-incIc-o0E3AaU.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FZbEu-cy2oXLg-incIc-o0E3AaU.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 07 Jun 2024 18:00:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4684 (0x124c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91771E3/serialNumber=1596C4BBE732DA85CB83E8A770873EA3413701A5 Validity Not Before: Jan 3 05:25:21 2024 GMT Not After : Mar 2 00:00:00 2025 GMT Subject: CN=6594efc1-4050 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:77:21:88:6e:34:0c:b1:a6:f4:51:86:33:94: 7a:27:83:5f:64:da:ce:72:81:9a:b7:75:c5:cb:e0: 7a:2d:fb:70:8d:b9:d9:a7:00:01:d9:3e:c1:0b:46: f6:af:9c:e3:e0:a6:38:a8:3e:a9:c8:2c:12:cd:09: fb:fe:f4:e4:33:a6:8b:b1:42:89:3f:d2:a0:37:e2: 02:eb:50:40:35:bc:b9:9c:6e:d1:c3:12:ff:ed:bc: 1f:76:09:c5:82:3f:95:e4:b0:bd:51:04:d7:d9:41: a9:75:42:ef:8c:11:75:4f:f9:6b:63:80:fe:24:26: 8f:90:78:63:c4:97:77:7a:8c:f6:07:e2:26:f2:c4: 86:cd:bc:9a:cb:2e:f9:2c:00:0a:d3:e6:33:40:7b: e6:a0:85:08:e4:ad:3b:c1:d0:55:5e:4c:f4:1b:14: ab:fa:7c:c6:5a:bf:c4:17:00:0d:2c:28:23:7c:94: f6:07:07:fc:9f:01:2d:68:37:d9:39:9a:c2:ab:63: be:ea:bf:ca:47:30:7d:07:6b:9f:74:30:34:c8:d1: 60:e0:1f:80:7c:20:e9:3f:d3:9b:0d:ec:c3:13:8a: 77:52:c1:a3:cb:c6:b1:2b:cc:f6:a5:a0:66:54:9d: 3a:85:1c:8c:6f:1c:53:8d:62:a1:aa:a3:e8:fb:c5: e7:17 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F8:58:1A:D7:A5:E0:77:92:15:2D:2A:CE:1E:33:31:42:C9:71:BA:28 X509v3 Authority Key Identifier: keyid:15:96:C4:BB:E7:32:DA:85:CB:83:E8:A7:70:87:3E:A3:41:37:01:A5 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91771E3/9383E646AD6511E8ACBD0D6AC4F9AE02/FZbEu-cy2oXLg-incIc-o0E3AaU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FZbEu-cy2oXLg-incIc-o0E3AaU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91771E3/9383E646AD6511E8ACBD0D6AC4F9AE02/4B18BBA8A9F811EEB85DBD24C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 101.251.6.0/23 IPv6: 2404:2c00:600::/47 Signature Algorithm: sha256WithRSAEncryption 16:0b:f4:c6:2e:f9:8b:60:a4:b3:f9:85:78:96:f0:29:ab:53: 9d:4d:bd:28:4f:1f:1d:91:07:ea:15:42:03:2c:92:7e:9e:9f: a4:9b:1f:25:db:85:4b:2a:a2:32:09:46:ac:93:3a:49:13:b3: 04:31:5a:e4:44:aa:ad:94:06:4d:b0:18:1c:9c:a7:bc:0d:9f: f0:dd:4c:ab:4e:cf:47:f7:0d:b6:3b:63:68:5b:3a:f9:73:b4: 26:af:ba:22:bb:a2:cb:f8:d1:2f:47:7e:18:47:43:72:5a:95: cf:dd:a9:19:11:d3:2a:a3:23:d3:32:e8:a2:9d:2a:df:3c:4d: e4:83:2f:20:e3:f2:2f:74:36:af:35:b5:d4:5a:6c:42:a9:86: 56:b1:29:29:bd:c6:6d:c6:13:45:3f:15:82:db:32:8f:4b:e6: 13:41:49:c4:95:09:73:69:7a:eb:95:f7:b4:66:e0:db:cb:39: ad:ed:67:82:63:fd:4f:8f:cc:66:28:09:91:31:bd:73:40:e4: 9d:85:db:04:68:b0:90:a6:0c:f1:b4:a7:05:ea:59:11:7c:c4: f6:98:87:a3:a0:cb:6c:4d:50:d5:af:a5:ba:f2:df:5c:7c:d8: 97:cf:15:48:7e:33:4b:19:2f:84:b6:1d:43:2b:11:5b:0a:d9: bb:8f:20:09 -----BEGIN CERTIFICATE----- MIIFgjCCBGqgAwIBAgICEkwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NzcxRTMxMTAvBgNVBAUTKDE1OTZDNEJCRTczMkRBODVDQjgzRThBNzcwODczRUEz NDEzNzAxQTUwHhcNMjQwMTAzMDUyNTIxWhcNMjUwMzAyMDAwMDAwWjAYMRYwFAYD VQQDEw02NTk0ZWZjMS00MDUwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAx3chiG40DLGm9FGGM5R6J4NfZNrOcoGat3XFy+B6LftwjbnZpwAB2T7BC0b2 r5zj4KY4qD6pyCwSzQn7/vTkM6aLsUKJP9KgN+IC61BANby5nG7RwxL/7bwfdgnF gj+V5LC9UQTX2UGpdULvjBF1T/lrY4D+JCaPkHhjxJd3eoz2B+Im8sSGzbyayy75 LAAK0+YzQHvmoIUI5K07wdBVXkz0GxSr+nzGWr/EFwANLCgjfJT2Bwf8nwEtaDfZ OZrCq2O+6r/KRzB9B2ufdDA0yNFg4B+AfCDpP9ObDezDE4p3UsGjy8axK8z2paBm VJ06hRyMbxxTjWKhqqPo+8XnFwIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFPhYGtel 4HeSFS0qzh4zMULJcbooMB8GA1UdIwQYMBaAFBWWxLvnMtqFy4Pop3CHPqNBNwGl MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3NzFFMy85MzgzRTY0NkFE NjUxMUU4QUNCRDBENkFDNEY5QUUwMi9GWmJFdS1jeTJvWExnLWluY0ljLW8wRTNB YVUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0ZaYkV1LWN5Mm9YTGctaW5jSWMtbzBFM0FhVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NzcxRTMvOTM4M0U2NDZBRDY1MTFFOEFDQkQwRDZBQzRGOUFFMDIvNEIxOEJCQThB OUY4MTFFRUI4NURCRDI0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E ITAfMAwEAgABMAYDBAFl+wYwDwQCAAIwCQMHASQELAAGADANBgkqhkiG9w0BAQsF AAOCAQEAFgv0xi75i2Cks/mFeJbwKatTnU29KE8fHZEH6hVCAyySfp6fpJsfJduF SyqiMglGrJM6SROzBDFa5ESqrZQGTbAYHJynvA2f8N1Mq07PR/cNtjtjaFs6+XO0 Jq+6Iruiy/jRL0d+GEdDclqVz92pGRHTKqMj0zLoop0q3zxN5IMvIOPyL3Q2rzW1 1FpsQqmGVrEpKb3GbcYTRT8Vgtsyj0vmE0FJxJUJc2l665X3tGbg28s5re1ngmP9 T4/MZigJkTG9c0DknYXbBGiwkKYM8bSnBepZEXzE9piHo6DLbE1Q1a+luvLfXHzY l88VSH4zSxkvhLYdQysRWwrZu48gCQ== -----END CERTIFICATE-----Generated at Fri May 31 19:47:50 2024 by rpki-client on console-fra.rpki-client.org