$ rpki-client -vvf rpki.apnic.net/member_repository/A91964B3/E65851121D8411E2A1BA30DB08B02CD2/B0EB27B470B811E9B32F6726C4F9AE02.roa File: B0EB27B470B811E9B32F6726C4F9AE02.roa (raw, json) Hash identifier: 8zWKsKYuB2/eR/K5/iiHkZOCxM0bmwvPtpkDSNP+BIE= Subject key identifier: 0E:A8:FF:0C:A5:7C:9E:4E:88:7B:C5:82:0C:C9:01:91:2C:3A:2F:85 Certificate issuer: /CN=A91964B3/serialNumber=B39866A99D1CD9F4E7E8F53C88AD14DA89A18625 Certificate serial: 34CA Authority key identifier: B3:98:66:A9:9D:1C:D9:F4:E7:E8:F5:3C:88:AD:14:DA:89:A1:86:25 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/s5hmqZ0c2fTn6PU8iK0U2omhhiU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91964B3/E65851121D8411E2A1BA30DB08B02CD2/B0EB27B470B811E9B32F6726C4F9AE02.roa Signing time: Wed 28 Feb 2024 14:50:29 +0000 ROA not before: Wed 28 Feb 2024 14:50:29 +0000 ROA not after: Sun 02 Mar 2025 00:00:00 +0000 asID: 45609 IP address blocks: 59.144.111.0/24 maxlen: 24 125.17.2.0/24 maxlen: 24 125.18.116.0/24 maxlen: 24 125.18.246.0/24 maxlen: 24 125.18.254.0/24 maxlen: 24 125.22.79.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91964B3/E65851121D8411E2A1BA30DB08B02CD2/s5hmqZ0c2fTn6PU8iK0U2omhhiU.crl rsync://rpki.apnic.net/member_repository/A91964B3/E65851121D8411E2A1BA30DB08B02CD2/s5hmqZ0c2fTn6PU8iK0U2omhhiU.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/s5hmqZ0c2fTn6PU8iK0U2omhhiU.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 05 Jul 2024 14:26:02 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13514 (0x34ca) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91964B3/serialNumber=B39866A99D1CD9F4E7E8F53C88AD14DA89A18625 Validity Not Before: Feb 28 14:50:29 2024 GMT Not After : Mar 2 00:00:00 2025 GMT Subject: CN=65df4835-5ae5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:b0:02:22:fb:fa:a8:25:bc:4a:2e:a7:2d:a5: a6:0b:18:dc:db:93:ff:de:37:5c:c4:d7:9c:73:71: 2a:80:a1:e3:82:72:af:6a:f2:7e:e8:3a:0d:cf:08: f4:a6:83:14:87:7e:e9:d7:20:42:4b:fe:b1:a5:9f: 36:00:6a:90:63:18:35:56:65:2c:91:c5:d7:a9:34: ac:49:75:2a:2a:51:95:27:a3:c8:6e:7e:43:cb:ee: 7c:f9:1d:4c:78:37:c6:cb:16:75:41:2d:2a:88:e7: 66:68:5c:0f:8f:e2:06:61:21:07:af:88:8d:74:04: 4b:05:a5:4b:c2:46:07:e4:0c:e3:6b:2e:2d:55:47: f6:95:ea:9c:d3:e4:35:28:68:b8:51:21:6c:5f:64: e6:8c:b5:39:f1:34:2b:36:e2:95:1e:89:d3:3c:7e: 3e:d1:f8:f6:ac:23:9a:88:e7:e9:6d:c4:45:bb:f1: 81:89:89:19:b8:86:2b:d7:5d:a7:56:eb:52:8c:4c: e3:b1:84:64:b6:c9:f6:29:0b:95:d2:08:64:d9:2e: c7:db:dd:26:49:f3:9d:03:05:0b:76:50:39:ca:54: 66:77:7d:03:94:49:e7:df:9e:2d:f0:cc:de:e3:ef: b0:7c:b0:04:8e:9b:d6:0a:09:c6:90:04:80:c5:7d: 81:ad Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0E:A8:FF:0C:A5:7C:9E:4E:88:7B:C5:82:0C:C9:01:91:2C:3A:2F:85 X509v3 Authority Key Identifier: keyid:B3:98:66:A9:9D:1C:D9:F4:E7:E8:F5:3C:88:AD:14:DA:89:A1:86:25 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91964B3/E65851121D8411E2A1BA30DB08B02CD2/s5hmqZ0c2fTn6PU8iK0U2omhhiU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/s5hmqZ0c2fTn6PU8iK0U2omhhiU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91964B3/E65851121D8411E2A1BA30DB08B02CD2/B0EB27B470B811E9B32F6726C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 59.144.111.0/24 125.17.2.0/24 125.18.116.0/24 125.18.246.0/24 125.18.254.0/24 125.22.79.0/24 Signature Algorithm: sha256WithRSAEncryption cf:b1:f4:de:2e:96:06:48:18:02:5d:40:f3:95:ba:73:98:e8: 5c:3b:59:17:c9:15:0f:6a:d2:1c:22:67:65:21:6f:30:54:2f: 21:7b:35:02:cf:ff:a7:42:6d:26:2a:65:3a:16:9a:d0:f3:d2: 24:47:87:5c:b8:8c:d8:15:fb:44:d7:c6:e2:f6:9d:49:9e:fb: e5:75:61:c3:50:26:61:4b:01:d1:6d:28:e0:61:4f:04:31:11: 84:76:35:66:74:a5:0e:c2:ad:84:bf:c4:ab:1f:38:f7:4a:80: dd:b5:5b:3e:a2:91:f6:f0:b2:27:fe:ef:6f:1f:aa:85:f7:ed: c0:5c:cf:18:20:b6:5f:1f:f6:2e:e6:f1:22:e3:3f:61:7b:43: 3c:3e:7e:1b:a6:f8:b7:a0:fa:34:52:de:81:05:a7:59:ae:36: a9:bc:eb:04:f9:ac:4e:70:c3:d5:94:00:99:6b:b3:d8:07:23: 4e:d0:e0:f9:9a:ad:70:6e:c2:3c:c3:e2:42:47:0c:56:0b:a4: 56:e9:6d:ce:b9:60:ae:52:b7:69:78:85:e4:f9:b3:c7:91:1d: a6:f5:63:5f:78:a3:51:0f:c7:be:5e:a1:fb:51:c5:e4:cc:e2: d2:0f:a7:c6:7e:18:e2:d2:75:e9:4e:b7:11:37:7f:cf:df:b1: a4:85:22:f3 -----BEGIN CERTIFICATE----- MIIFjzCCBHegAwIBAgICNMowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OTY0QjMxMTAvBgNVBAUTKEIzOTg2NkE5OUQxQ0Q5RjRFN0U4RjUzQzg4QUQxNERB ODlBMTg2MjUwHhcNMjQwMjI4MTQ1MDI5WhcNMjUwMzAyMDAwMDAwWjAYMRYwFAYD VQQDEw02NWRmNDgzNS01YWU1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAubACIvv6qCW8Si6nLaWmCxjc25P/3jdcxNecc3EqgKHjgnKvavJ+6DoNzwj0 poMUh37p1yBCS/6xpZ82AGqQYxg1VmUskcXXqTSsSXUqKlGVJ6PIbn5Dy+58+R1M eDfGyxZ1QS0qiOdmaFwPj+IGYSEHr4iNdARLBaVLwkYH5Azjay4tVUf2leqc0+Q1 KGi4USFsX2TmjLU58TQrNuKVHonTPH4+0fj2rCOaiOfpbcRFu/GBiYkZuIYr112n VutSjEzjsYRktsn2KQuV0ghk2S7H290mSfOdAwULdlA5ylRmd30DlEnn354t8Mze 4++wfLAEjpvWCgnGkASAxX2BrQIDAQABo4ICszCCAq8wHQYDVR0OBBYEFA6o/wyl fJ5OiHvFggzJAZEsOi+FMB8GA1UdIwQYMBaAFLOYZqmdHNn05+j1PIitFNqJoYYl MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5NjRCMy9FNjU4NTExMjFE ODQxMUUyQTFCQTMwREIwOEIwMkNEMi9zNWhtcVowYzJmVG42UFU4aUswVTJvbWho aVUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3M1aG1xWjBjMmZUbjZQVThpSzBVMm9taGhpVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx OTY0QjMvRTY1ODUxMTIxRDg0MTFFMkExQkEzMERCMDhCMDJDRDIvQjBFQjI3QjQ3 MEI4MTFFOUIzMkY2NzI2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwPQYIKwYBBQUHAQcBAf8E LjAsMCoEAgABMCQDBAA7kG8DBAB9EQIDBAB9EnQDBAB9EvYDBAB9Ev4DBAB9Fk8w DQYJKoZIhvcNAQELBQADggEBAM+x9N4ulgZIGAJdQPOVunOY6Fw7WRfJFQ9q0hwi Z2UhbzBULyF7NQLP/6dCbSYqZToWmtDz0iRHh1y4jNgV+0TXxuL2nUme++V1YcNQ JmFLAdFtKOBhTwQxEYR2NWZ0pQ7CrYS/xKsfOPdKgN21Wz6ikfbwsif+728fqoX3 7cBczxggtl8f9i7m8SLjP2F7Qzw+fhum+Leg+jRS3oEFp1muNqm86wT5rE5ww9WU AJlrs9gHI07Q4PmarXBuwjzD4kJHDFYLpFbpbc65YK5St2l4heT5s8eRHab1Y194 o1EPx75eoftRxeTM4tIPp8Z+GOLSdelOtxE3f8/fsaSFIvM= -----END CERTIFICATE-----Generated at Fri Jun 28 15:45:07 2024 by rpki-client on console-fra.rpki-client.org