$ rpki-client -vvf rpki.apnic.net/member_repository/A917E4BA/D06BF32852DC11EA82601B0FC4F9AE02/2512D04C22BE11EC9240097DC4F9AE02.roa File: 2512D04C22BE11EC9240097DC4F9AE02.roa (raw, json) Hash identifier: En9dIPtNAsqzocSYMmtm97H1ooZs8MGknLuErJdgZyg= Subject key identifier: D6:4A:76:45:CD:4D:FF:51:2F:F0:1A:04:A0:69:33:0C:DF:0B:68:1F Certificate issuer: /CN=A917E4BA/serialNumber=AA436AAFC688045BF5148861546FA3FDCA98408E Certificate serial: 0A7A Authority key identifier: AA:43:6A:AF:C6:88:04:5B:F5:14:88:61:54:6F:A3:FD:CA:98:40:8E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qkNqr8aIBFv1FIhhVG-j_cqYQI4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917E4BA/D06BF32852DC11EA82601B0FC4F9AE02/2512D04C22BE11EC9240097DC4F9AE02.roa Signing time: Fri 06 Dec 2024 19:38:41 +0000 ROA not before: Fri 06 Dec 2024 19:38:41 +0000 ROA not after: Sat 31 Jan 2026 00:00:00 +0000 asID: 9650 IP address blocks: 45.64.68.0/22 maxlen: 22 45.64.68.0/24 maxlen: 24 45.64.69.0/24 maxlen: 24 45.64.70.0/24 maxlen: 24 103.233.236.0/22 maxlen: 22 203.5.10.0/24 maxlen: 24 203.9.184.0/22 maxlen: 22 203.15.124.0/22 maxlen: 22 203.15.125.0/24 maxlen: 24 203.18.108.0/23 maxlen: 23 203.21.12.0/24 maxlen: 24 203.62.216.0/22 maxlen: 22 2406:3c00::/32 maxlen: 32 2406:3c00:6000::/43 maxlen: 43 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917E4BA/D06BF32852DC11EA82601B0FC4F9AE02/qkNqr8aIBFv1FIhhVG-j_cqYQI4.crl rsync://rpki.apnic.net/member_repository/A917E4BA/D06BF32852DC11EA82601B0FC4F9AE02/qkNqr8aIBFv1FIhhVG-j_cqYQI4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qkNqr8aIBFv1FIhhVG-j_cqYQI4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 11 Apr 2025 19:41:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2682 (0xa7a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917E4BA Validity Not Before: Dec 6 19:38:41 2024 GMT Not After : Jan 31 00:00:00 2026 GMT Subject: CN=675352c0-30d8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:20:af:eb:0f:18:9b:a4:48:ba:c8:ea:14:89: 47:63:8c:d8:58:6b:7c:dd:a9:11:ef:82:e5:f1:df: 6e:d1:d5:75:d1:77:96:a3:f0:86:f0:b4:75:a1:3c: 83:a3:c1:e0:96:f7:e7:8d:94:47:da:fa:49:f9:08: d2:89:6a:09:45:6f:be:d8:19:df:23:43:e6:5a:41: ae:62:56:53:3c:0f:dc:d5:23:f5:ae:7f:1d:d4:76: f8:01:84:4c:13:00:93:f4:b3:e4:4f:ff:73:03:d3: 0a:e3:7b:56:b8:b6:c0:8e:94:e0:69:f7:eb:fa:23: ea:38:7e:2b:8c:ca:bf:35:03:3c:5c:ea:0c:a5:81: a8:2f:88:18:b7:8c:75:b6:c3:cb:5c:5c:4a:c2:a0: 10:21:23:0c:1a:ae:8d:1c:43:fc:26:47:1e:e4:84: 89:1c:5d:3f:fd:d4:eb:79:68:5b:f6:c2:d9:b6:69: 10:dc:07:f8:d9:8f:aa:10:4e:05:29:e7:21:cd:d0: eb:80:37:76:ff:85:48:74:b3:79:41:f3:51:6c:29: 48:9c:0c:74:d7:28:7d:fb:49:7c:34:f6:0b:ea:c3: 9c:fb:d3:31:69:43:49:de:50:a2:b1:04:db:7e:db: 66:68:bf:f0:79:41:e7:02:2e:bb:33:7d:d4:15:ff: 5c:01 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D6:4A:76:45:CD:4D:FF:51:2F:F0:1A:04:A0:69:33:0C:DF:0B:68:1F X509v3 Authority Key Identifier: keyid:AA:43:6A:AF:C6:88:04:5B:F5:14:88:61:54:6F:A3:FD:CA:98:40:8E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917E4BA/D06BF32852DC11EA82601B0FC4F9AE02/qkNqr8aIBFv1FIhhVG-j_cqYQI4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qkNqr8aIBFv1FIhhVG-j_cqYQI4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917E4BA/D06BF32852DC11EA82601B0FC4F9AE02/2512D04C22BE11EC9240097DC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 45.64.68.0/22 103.233.236.0/22 203.5.10.0/24 203.9.184.0/22 203.15.124.0/22 203.18.108.0/23 203.21.12.0/24 203.62.216.0/22 IPv6: 2406:3c00::/32 Signature Algorithm: sha256WithRSAEncryption 80:63:a0:dc:e4:16:bd:23:cc:c5:b1:74:49:b0:19:67:f9:63: 4b:d3:2d:2a:c6:9e:a2:ec:45:4f:32:c8:dc:8a:87:31:27:e4: e5:24:52:ec:43:48:27:4b:79:64:d3:b4:fe:10:53:bc:f0:1f: f4:d4:c8:f8:58:d0:b5:10:6c:ce:f4:b9:b4:18:4a:df:b5:e0: 02:32:f5:94:70:3d:a9:57:2d:1c:16:bf:86:b2:19:96:de:4b: 98:a1:df:fc:f1:83:68:94:4f:75:7a:3c:ce:61:46:6d:8f:9f: b5:b4:ce:c1:0c:98:7d:7c:a1:32:2e:35:0d:b8:f5:57:92:7b: 3a:4e:0b:ff:06:57:60:cc:bc:c4:58:c4:a0:69:24:5d:f6:0b: 90:9d:19:3a:fc:b9:57:3f:f3:33:74:1e:46:71:d4:79:0a:61: ca:4b:e8:f0:0e:82:38:c4:63:d6:25:e9:16:5a:eb:3a:cf:f5: f5:d9:54:3e:38:04:ef:2a:6d:cc:e9:d9:9c:59:b3:b0:ec:99: cc:f0:89:13:3d:85:aa:77:c1:82:a5:98:dd:9a:bd:d3:a4:b5: 62:a8:70:e0:c8:31:fd:b0:fb:4b:a0:5b:c9:e8:0f:7c:73:76: 22:38:bd:72:34:66:2b:3e:47:82:74:13:ef:8d:3b:0c:b3:9e: 0f:ff:89:22 -----BEGIN CERTIFICATE----- MIIFqjCCBJKgAwIBAgICCnowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0U0QkExMTAvBgNVBAUTKEFBNDM2QUFGQzY4ODA0NUJGNTE0ODg2MTU0NkZBM0ZE Q0E5ODQwOEUwHhcNMjQxMjA2MTkzODQxWhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NzUzNTJjMC0zMGQ4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtCCv6w8Ym6RIusjqFIlHY4zYWGt83akR74Ll8d9u0dV10XeWo/CG8LR1oTyD o8HglvfnjZRH2vpJ+QjSiWoJRW++2BnfI0PmWkGuYlZTPA/c1SP1rn8d1Hb4AYRM EwCT9LPkT/9zA9MK43tWuLbAjpTgaffr+iPqOH4rjMq/NQM8XOoMpYGoL4gYt4x1 tsPLXFxKwqAQISMMGq6NHEP8Jkce5ISJHF0//dTreWhb9sLZtmkQ3Af42Y+qEE4F KechzdDrgDd2/4VIdLN5QfNRbClInAx01yh9+0l8NPYL6sOc+9MxaUNJ3lCisQTb fttmaL/weUHnAi67M33UFf9cAQIDAQABo4ICzjCCAsowHQYDVR0OBBYEFNZKdkXN Tf9RL/AaBKBpMwzfC2gfMB8GA1UdIwQYMBaAFKpDaq/GiARb9RSIYVRvo/3KmECO MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3RTRCQS9EMDZCRjMyODUy REMxMUVBODI2MDFCMEZDNEY5QUUwMi9xa05xcjhhSUJGdjFGSWhoVkctal9jcVlR STQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3FrTnFyOGFJQkZ2MUZJaGhWRy1qX2NxWVFJNC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx N0U0QkEvRDA2QkYzMjg1MkRDMTFFQTgyNjAxQjBGQzRGOUFFMDIvMjUxMkQwNEMy MkJFMTFFQzkyNDAwOTdEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwWAYIKwYBBQUHAQcBAf8E STBHMDYEAgABMDADBAItQEQDBAJn6ewDBADLBQoDBALLCbgDBALLD3wDBAHLEmwD BADLFQwDBALLPtgwDQQCAAIwBwMFACQGPAAwDQYJKoZIhvcNAQELBQADggEBAIBj oNzkFr0jzMWxdEmwGWf5Y0vTLSrGnqLsRU8yyNyKhzEn5OUkUuxDSCdLeWTTtP4Q U7zwH/TUyPhY0LUQbM70ubQYSt+14AIy9ZRwPalXLRwWv4ayGZbeS5ih3/zxg2iU T3V6PM5hRm2Pn7W0zsEMmH18oTIuNQ249VeSezpOC/8GV2DMvMRYxKBpJF32C5Cd GTr8uVc/8zN0HkZx1HkKYcpL6PAOgjjEY9Yl6RZa6zrP9fXZVD44BO8qbczp2ZxZ s7DsmczwiRM9hap3wYKlmN2avdOktWKocODIMf2w+0ugW8noD3xzdiI4vXI0Zis+ R4J0E++NOwyzng//iSI= -----END CERTIFICATE-----Generated at Sat Apr 5 07:12:41 2025 by rpki-client