$ rpki-client -vvf rpki.apnic.net/member_repository/A91AACB2/37D5A3DE1D9C11E2892E8B8A08B02CD2/76B5C744B45E11EAB71DF94AC4F9AE02.roa File: 76B5C744B45E11EAB71DF94AC4F9AE02.roa (raw, json) Hash identifier: QZJWJH8ffRS/84lld/jGevk5cgpEhPMCEoE6pSD5XIs= Subject key identifier: 4B:24:B4:E9:9A:8A:C6:61:02:1F:C0:65:01:F1:A7:AA:1B:B3:57:FF Certificate issuer: /CN=A91AACB2/serialNumber=D9E9F9F73EE4F5B1CDF1762C2DF3832950A36B7D Certificate serial: 3397 Authority key identifier: D9:E9:F9:F7:3E:E4:F5:B1:CD:F1:76:2C:2D:F3:83:29:50:A3:6B:7D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2en59z7k9bHN8XYsLfODKVCja30.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91AACB2/37D5A3DE1D9C11E2892E8B8A08B02CD2/76B5C744B45E11EAB71DF94AC4F9AE02.roa Signing time: Fri 02 Feb 2024 15:20:51 +0000 ROA not before: Fri 02 Feb 2024 15:20:51 +0000 ROA not after: Thu 01 May 2025 00:00:00 +0000 asID: 45634 IP address blocks: 45.64.128.0/22 maxlen: 22 45.64.128.0/24 maxlen: 24 45.64.129.0/24 maxlen: 24 45.64.130.0/24 maxlen: 24 45.64.131.0/24 maxlen: 24 112.140.184.0/22 maxlen: 22 112.140.184.0/24 maxlen: 24 112.140.185.0/24 maxlen: 24 112.140.186.0/24 maxlen: 24 112.140.187.0/24 maxlen: 24 180.210.200.0/21 maxlen: 21 180.210.200.0/24 maxlen: 24 180.210.201.0/24 maxlen: 24 180.210.202.0/24 maxlen: 24 180.210.203.0/24 maxlen: 24 180.210.204.0/24 maxlen: 24 180.210.205.0/24 maxlen: 24 180.210.206.0/24 maxlen: 24 180.210.207.0/24 maxlen: 24 2401:c100::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91AACB2/37D5A3DE1D9C11E2892E8B8A08B02CD2/2en59z7k9bHN8XYsLfODKVCja30.crl rsync://rpki.apnic.net/member_repository/A91AACB2/37D5A3DE1D9C11E2892E8B8A08B02CD2/2en59z7k9bHN8XYsLfODKVCja30.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2en59z7k9bHN8XYsLfODKVCja30.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Nov 2024 14:59:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13207 (0x3397) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91AACB2/serialNumber=D9E9F9F73EE4F5B1CDF1762C2DF3832950A36B7D Validity Not Before: Feb 2 15:20:51 2024 GMT Not After : May 1 00:00:00 2025 GMT Subject: CN=65bd0853-34fd Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:dc:79:8c:85:78:28:8c:b1:3b:eb:de:e3:16: 01:cf:cb:ce:32:27:3d:bf:dc:38:e3:35:44:28:96: 73:cb:91:53:d8:aa:3f:8f:85:26:29:3f:f0:b0:3f: 48:90:26:c1:b7:0d:62:a7:73:c3:ed:a3:2e:24:2f: 7c:e1:53:ae:d9:c8:bb:d8:d7:37:47:a5:d5:b2:00: 35:49:ba:b9:03:ce:35:40:46:46:4a:88:2a:16:5c: 55:08:06:db:d3:01:50:5d:95:3d:2b:83:44:2b:41: af:54:ca:cf:a5:14:8b:8a:a7:e2:5f:37:c8:d9:60: 53:2f:7b:c7:1b:00:f5:17:e2:99:39:ea:4f:37:81: c3:ab:a3:c7:f7:6b:31:5e:1b:66:24:ad:13:60:6f: 1c:32:e5:ed:0e:9f:20:ad:42:5d:29:b4:77:f9:4c: 0f:69:f5:eb:44:72:28:7a:7e:8f:c1:8a:24:f4:37: bb:5d:8a:e3:15:65:19:76:2b:ae:b5:f4:0d:73:84: 20:63:d5:4f:a1:93:3d:94:c9:c8:83:09:76:77:87: 61:86:a4:57:69:c2:1f:2b:f1:01:fd:08:b8:4d:fd: 17:a0:12:30:74:18:7f:1f:75:c5:6b:4f:5b:0b:9f: 2a:84:69:58:2b:ea:e0:95:ca:88:2c:42:cd:94:48: 31:3b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4B:24:B4:E9:9A:8A:C6:61:02:1F:C0:65:01:F1:A7:AA:1B:B3:57:FF X509v3 Authority Key Identifier: keyid:D9:E9:F9:F7:3E:E4:F5:B1:CD:F1:76:2C:2D:F3:83:29:50:A3:6B:7D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91AACB2/37D5A3DE1D9C11E2892E8B8A08B02CD2/2en59z7k9bHN8XYsLfODKVCja30.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2en59z7k9bHN8XYsLfODKVCja30.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AACB2/37D5A3DE1D9C11E2892E8B8A08B02CD2/76B5C744B45E11EAB71DF94AC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 45.64.128.0/22 112.140.184.0/22 180.210.200.0/21 IPv6: 2401:c100::/32 Signature Algorithm: sha256WithRSAEncryption 4c:cb:7a:9d:bd:92:5b:23:d0:83:ea:78:e7:74:e7:cc:45:d4: 0a:fc:c1:ff:01:f5:0f:dc:db:8d:f4:cb:88:c9:7b:b9:b0:d6: 4e:db:3d:1c:f9:f0:c4:0e:52:75:24:e7:36:30:2b:e4:09:f3: 7c:38:7f:67:29:b0:1e:bf:a8:a7:f2:4b:c6:36:0e:81:96:c4: 65:49:8c:ee:f2:2b:08:a5:0e:52:9e:73:c2:88:2c:33:4a:a2: 4d:8e:2d:61:18:89:5f:71:f3:dd:12:f8:65:67:ea:b5:5b:e6: 9b:bc:c8:6e:56:02:29:6d:66:2a:43:3e:9c:8c:b0:34:a5:31: c4:42:60:f6:08:26:9b:2c:d5:c8:09:86:9b:be:05:1d:04:75: 6c:19:84:da:ba:50:59:b6:91:4e:99:4a:c3:2c:2a:87:6d:e6: 66:aa:28:ad:86:96:d9:ad:f5:44:a4:c6:3f:b9:1b:12:95:2a: 8d:6e:06:1f:52:78:4f:38:fe:7a:c0:eb:2a:52:0a:72:81:2a: b6:26:1a:1d:ce:2a:2b:93:5f:89:99:46:17:a9:9f:38:b8:10: d1:2c:e0:e9:27:42:a7:e6:0d:4b:e1:ac:bf:29:3a:5b:4d:39: cf:7d:1c:ce:48:fa:f4:da:e5:95:5b:a2:38:e0:9d:d2:ee:3d: 0b:df:33:73 -----BEGIN CERTIFICATE----- MIIFjDCCBHSgAwIBAgICM5cwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QUFDQjIxMTAvBgNVBAUTKEQ5RTlGOUY3M0VFNEY1QjFDREYxNzYyQzJERjM4MzI5 NTBBMzZCN0QwHhcNMjQwMjAyMTUyMDUxWhcNMjUwNTAxMDAwMDAwWjAYMRYwFAYD VQQDEw02NWJkMDg1My0zNGZkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAodx5jIV4KIyxO+ve4xYBz8vOMic9v9w44zVEKJZzy5FT2Ko/j4UmKT/wsD9I kCbBtw1ip3PD7aMuJC984VOu2ci72Nc3R6XVsgA1Sbq5A841QEZGSogqFlxVCAbb 0wFQXZU9K4NEK0GvVMrPpRSLiqfiXzfI2WBTL3vHGwD1F+KZOepPN4HDq6PH92sx XhtmJK0TYG8cMuXtDp8grUJdKbR3+UwPafXrRHIoen6PwYok9De7XYrjFWUZdiuu tfQNc4QgY9VPoZM9lMnIgwl2d4dhhqRXacIfK/EB/Qi4Tf0XoBIwdBh/H3XFa09b C58qhGlYK+rglcqILELNlEgxOwIDAQABo4ICsDCCAqwwHQYDVR0OBBYEFEsktOma isZhAh/AZQHxp6obs1f/MB8GA1UdIwQYMBaAFNnp+fc+5PWxzfF2LC3zgylQo2t9 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBQUNCMi8zN0Q1QTNERTFE OUMxMUUyODkyRThCOEEwOEIwMkNEMi8yZW41OXo3azliSE44WFlzTGZPREtWQ2ph MzAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzJlbjU5ejdrOWJITjhYWXNMZk9ES1ZDamEzMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QUFDQjIvMzdENUEzREUxRDlDMTFFMjg5MkU4QjhBMDhCMDJDRDIvNzZCNUM3NDRC NDVFMTFFQUI3MURGOTRBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOgYIKwYBBQUHAQcBAf8E KzApMBgEAgABMBIDBAItQIADBAJwjLgDBAO00sgwDQQCAAIwBwMFACQBwQAwDQYJ KoZIhvcNAQELBQADggEBAEzLep29klsj0IPqeOd058xF1Ar8wf8B9Q/c2430y4jJ e7mw1k7bPRz58MQOUnUk5zYwK+QJ83w4f2cpsB6/qKfyS8Y2DoGWxGVJjO7yKwil DlKec8KILDNKok2OLWEYiV9x890S+GVn6rVb5pu8yG5WAiltZipDPpyMsDSlMcRC YPYIJpss1cgJhpu+BR0EdWwZhNq6UFm2kU6ZSsMsKodt5maqKK2Gltmt9USkxj+5 GxKVKo1uBh9SeE84/nrA6ypSCnKBKrYmGh3OKiuTX4mZRhepnzi4ENEs4OknQqfm DUvhrL8pOltNOc99HM5I+vTa5ZVbojjgndLuPQvfM3M= -----END CERTIFICATE-----Generated at Fri Nov 22 16:50:02 2024 by rpki-client on console-ams.rpki-client.org