$ rpki-client -vvf rpki.apnic.net/member_repository/A91AEA8C/F27B9CDEBB8611E68FF50C57C4F9AE02/F959A9A0F11011EB8E63FC73C4F9AE02.roa File: F959A9A0F11011EB8E63FC73C4F9AE02.roa (raw, json) Hash identifier: hUo9fC/hzy17W76vlbeXm/dftwyddFbiGAwqbp53ZVY= Subject key identifier: 00:F0:FE:87:12:A2:8D:73:7E:14:5C:73:6D:61:2C:38:F4:D7:B3:B0 Certificate issuer: /CN=A91AEA8C/serialNumber=870B9CD2E41DAB05BD5527C9150E948959716696 Certificate serial: 1C94 Authority key identifier: 87:0B:9C:D2:E4:1D:AB:05:BD:55:27:C9:15:0E:94:89:59:71:66:96 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hwuc0uQdqwW9VSfJFQ6UiVlxZpY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91AEA8C/F27B9CDEBB8611E68FF50C57C4F9AE02/F959A9A0F11011EB8E63FC73C4F9AE02.roa Signing time: Fri 02 Aug 2024 16:34:10 +0000 ROA not before: Fri 02 Aug 2024 16:34:10 +0000 ROA not after: Tue 30 Sep 2025 00:00:00 +0000 asID: 133384 IP address blocks: 45.125.4.0/22 maxlen: 22 45.125.4.0/24 maxlen: 24 45.125.5.0/24 maxlen: 24 45.125.6.0/24 maxlen: 24 45.125.7.0/24 maxlen: 24 103.25.240.0/22 maxlen: 22 103.25.240.0/24 maxlen: 24 103.25.241.0/24 maxlen: 24 103.25.242.0/24 maxlen: 24 103.25.243.0/24 maxlen: 24 103.231.92.0/22 maxlen: 22 103.231.92.0/24 maxlen: 24 103.231.93.0/24 maxlen: 24 103.231.94.0/24 maxlen: 24 103.231.95.0/24 maxlen: 24 2001:df0:9200::/48 maxlen: 48 2407:6ec0::/32 maxlen: 32 2407:6ec0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91AEA8C/F27B9CDEBB8611E68FF50C57C4F9AE02/hwuc0uQdqwW9VSfJFQ6UiVlxZpY.crl rsync://rpki.apnic.net/member_repository/A91AEA8C/F27B9CDEBB8611E68FF50C57C4F9AE02/hwuc0uQdqwW9VSfJFQ6UiVlxZpY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hwuc0uQdqwW9VSfJFQ6UiVlxZpY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Nov 2024 16:10:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7316 (0x1c94) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91AEA8C/serialNumber=870B9CD2E41DAB05BD5527C9150E948959716696 Validity Not Before: Aug 2 16:34:10 2024 GMT Not After : Sep 30 00:00:00 2025 GMT Subject: CN=66ad0a82-c220 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:5f:55:d1:a1:14:c4:74:67:b2:1a:8b:80:b1: 38:54:92:e2:b0:d8:23:c1:d6:9a:2e:7b:45:f0:57: df:ac:a8:b8:c0:d0:ee:92:c1:10:2f:0b:1a:e9:89: 17:7f:87:97:1a:56:53:d5:50:f4:ad:c6:cb:80:ff: 74:3c:ab:0d:ab:3c:eb:16:c3:92:10:5f:20:01:97: a2:a4:5f:93:9d:ed:b4:0f:9e:40:7c:6c:b0:b6:49: 4f:bc:75:4c:f9:5f:98:e1:dc:d2:e3:68:71:ac:d5: d9:f7:a6:cd:84:b8:bb:ee:2a:b3:eb:23:05:11:ff: fb:62:e0:68:cc:9b:95:1f:0d:ed:c6:8d:33:a2:6d: 91:82:74:8b:eb:5c:87:6f:74:28:ab:ea:f5:74:dd: 58:ce:34:d0:2a:a4:20:a8:ea:f8:f9:92:ad:1e:6e: 28:e2:a5:cb:9a:97:f8:a2:b1:81:35:03:53:16:45: 4e:aa:a9:4e:95:64:96:cc:3f:cf:ad:bd:19:3c:7b: 65:27:f8:20:02:fe:fc:d6:a1:65:02:11:45:6f:e6: 44:fb:6d:dd:0b:f1:dc:6e:5b:48:70:a4:2b:f7:b1: 1a:2a:ea:b5:a9:a9:c4:a6:1c:4a:93:b4:67:9b:ed: 6d:0d:19:b4:e4:0d:a5:bb:82:7d:d8:cd:59:d2:51: 59:7d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 00:F0:FE:87:12:A2:8D:73:7E:14:5C:73:6D:61:2C:38:F4:D7:B3:B0 X509v3 Authority Key Identifier: keyid:87:0B:9C:D2:E4:1D:AB:05:BD:55:27:C9:15:0E:94:89:59:71:66:96 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91AEA8C/F27B9CDEBB8611E68FF50C57C4F9AE02/hwuc0uQdqwW9VSfJFQ6UiVlxZpY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hwuc0uQdqwW9VSfJFQ6UiVlxZpY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AEA8C/F27B9CDEBB8611E68FF50C57C4F9AE02/F959A9A0F11011EB8E63FC73C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 45.125.4.0/22 103.25.240.0/22 103.231.92.0/22 IPv6: 2001:df0:9200::/48 2407:6ec0::/32 Signature Algorithm: sha256WithRSAEncryption a4:2d:f1:a9:30:0f:0b:13:81:96:18:7d:9f:6a:5e:51:1f:7e: 42:4e:bf:58:8e:a6:23:e2:83:71:54:7c:c2:cb:55:22:dc:b5: 4c:e7:a2:4d:df:0f:17:73:a6:34:db:8a:95:b3:8c:ad:9b:17: ec:16:8f:3e:50:62:4b:87:09:f2:2b:14:89:d9:f5:b5:98:96: 33:e4:85:8e:8d:fb:cc:4b:c3:20:b6:92:51:eb:0c:1b:7a:67: 88:ba:3a:d4:0f:ef:d1:5f:70:0f:3a:b5:a9:d6:96:bd:79:d3: bc:d7:b6:32:54:5a:be:df:dd:78:da:c3:c9:fa:08:01:b8:d2: 72:8a:96:a5:f4:d8:ca:5b:62:ab:31:68:8d:1f:12:04:6e:e1: 7a:23:18:0c:21:9f:61:13:38:17:cf:7c:77:42:12:a3:a1:56: bf:7d:56:85:12:a8:7f:27:9f:5d:ae:01:d1:40:be:3a:0f:01: d7:86:62:3f:d7:38:5c:09:64:d7:9d:bb:13:5f:39:84:28:80: 10:7f:08:59:f8:01:46:89:90:41:f7:e0:14:dc:7f:ab:ac:a9: 16:1d:ae:bb:17:b3:c9:a4:00:9a:15:f9:80:fc:d1:9e:b6:88: 53:90:6c:bf:af:ad:ef:e8:05:17:48:37:0d:fd:f3:ea:e8:d9: 1c:9f:28:10 -----BEGIN CERTIFICATE----- MIIFlTCCBH2gAwIBAgICHJQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QUVBOEMxMTAvBgNVBAUTKDg3MEI5Q0QyRTQxREFCMDVCRDU1MjdDOTE1MEU5NDg5 NTk3MTY2OTYwHhcNMjQwODAyMTYzNDEwWhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD VQQDEw02NmFkMGE4Mi1jMjIwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEArV9V0aEUxHRnshqLgLE4VJLisNgjwdaaLntF8FffrKi4wNDuksEQLwsa6YkX f4eXGlZT1VD0rcbLgP90PKsNqzzrFsOSEF8gAZeipF+Tne20D55AfGywtklPvHVM +V+Y4dzS42hxrNXZ96bNhLi77iqz6yMFEf/7YuBozJuVHw3txo0zom2RgnSL61yH b3Qoq+r1dN1YzjTQKqQgqOr4+ZKtHm4o4qXLmpf4orGBNQNTFkVOqqlOlWSWzD/P rb0ZPHtlJ/ggAv781qFlAhFFb+ZE+23dC/HcbltIcKQr97EaKuq1qanEphxKk7Rn m+1tDRm05A2lu4J92M1Z0lFZfQIDAQABo4ICuTCCArUwHQYDVR0OBBYEFADw/ocS oo1zfhRcc21hLDj017OwMB8GA1UdIwQYMBaAFIcLnNLkHasFvVUnyRUOlIlZcWaW MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBRUE4Qy9GMjdCOUNERUJC ODYxMUU2OEZGNTBDNTdDNEY5QUUwMi9od3VjMHVRZHF3VzlWU2ZKRlE2VWlWbHha cFkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2h3dWMwdVFkcXdXOVZTZkpGUTZVaVZseFpwWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QUVBOEMvRjI3QjlDREVCQjg2MTFFNjhGRjUwQzU3QzRGOUFFMDIvRjk1OUE5QTBG MTEwMTFFQjhFNjNGQzczQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQwYIKwYBBQUHAQcBAf8E NDAyMBgEAgABMBIDBAItfQQDBAJnGfADBAJn51wwFgQCAAIwEAMHACABDfCSAAMF ACQHbsAwDQYJKoZIhvcNAQELBQADggEBAKQt8akwDwsTgZYYfZ9qXlEffkJOv1iO piPig3FUfMLLVSLctUznok3fDxdzpjTbipWzjK2bF+wWjz5QYkuHCfIrFInZ9bWY ljPkhY6N+8xLwyC2klHrDBt6Z4i6OtQP79FfcA86tanWlr1507zXtjJUWr7f3Xja w8n6CAG40nKKlqX02MpbYqsxaI0fEgRu4XojGAwhn2ETOBfPfHdCEqOhVr99VoUS qH8nn12uAdFAvjoPAdeGYj/XOFwJZNeduxNfOYQogBB/CFn4AUaJkEH34BTcf6us qRYdrrsXs8mkAJoV+YD80Z62iFOQbL+vre/oBRdINw398+ro2RyfKBA= -----END CERTIFICATE-----Generated at Fri Nov 22 19:50:15 2024 by rpki-client on console-ams.rpki-client.org