$ rpki-client -vvf rpki.apnic.net/member_repository/A91B5D7E/ECA682341D8711E298322DE008B02CD2/8FF00754732F11EE90078C13C4F9AE02.roa File: 8FF00754732F11EE90078C13C4F9AE02.roa (raw, json) Hash identifier: kvr5IK6CaNUKo5drZu35gpH8jaxL84ltu+eFuUUFqZs= Subject key identifier: 8F:71:95:E6:0A:4E:47:65:02:7B:EC:CB:65:D0:3A:8A:DE:52:14:2E Certificate issuer: /CN=A91B5D7E/serialNumber=4CAE3AEFB1AC8ABDDB99BCCEE4FA5A916D157B34 Certificate serial: 3470 Authority key identifier: 4C:AE:3A:EF:B1:AC:8A:BD:DB:99:BC:CE:E4:FA:5A:91:6D:15:7B:34 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TK4677Gsir3bmbzO5PpakW0VezQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B5D7E/ECA682341D8711E298322DE008B02CD2/8FF00754732F11EE90078C13C4F9AE02.roa Signing time: Thu 04 Jan 2024 14:50:34 +0000 ROA not before: Thu 04 Jan 2024 14:50:34 +0000 ROA not after: Sun 02 Mar 2025 00:00:00 +0000 asID: 141342 IP address blocks: 116.90.96.0/24 maxlen: 24 116.90.97.0/24 maxlen: 24 116.90.98.0/24 maxlen: 24 116.90.99.0/24 maxlen: 24 116.90.102.0/24 maxlen: 24 116.90.103.0/24 maxlen: 24 116.90.104.0/24 maxlen: 24 116.90.112.0/24 maxlen: 24 116.90.113.0/24 maxlen: 24 116.90.114.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B5D7E/ECA682341D8711E298322DE008B02CD2/TK4677Gsir3bmbzO5PpakW0VezQ.crl rsync://rpki.apnic.net/member_repository/A91B5D7E/ECA682341D8711E298322DE008B02CD2/TK4677Gsir3bmbzO5PpakW0VezQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TK4677Gsir3bmbzO5PpakW0VezQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 01 Dec 2024 14:28:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13424 (0x3470) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B5D7E/serialNumber=4CAE3AEFB1AC8ABDDB99BCCEE4FA5A916D157B34 Validity Not Before: Jan 4 14:50:34 2024 GMT Not After : Mar 2 00:00:00 2025 GMT Subject: CN=6596c5ba-a42f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:21:49:63:f1:b1:26:ad:bf:69:02:60:43:91: 0f:aa:2e:d7:a4:b2:e7:ba:57:93:26:dd:a1:d7:6f: 7f:e7:54:f2:46:3e:3c:fb:a0:74:ff:e9:2f:79:55: 07:81:2e:33:c4:8a:c9:80:1f:c3:b7:e4:01:49:f7: 68:d8:45:86:39:f3:7b:88:10:0b:df:c7:a6:25:de: a5:6f:a0:4d:2b:08:52:94:19:e7:41:c1:1d:7c:f9: 14:9c:b6:81:5f:4e:79:9a:83:79:58:a8:e8:80:05: 9b:12:8f:1b:a9:ca:db:cf:8c:a7:b3:69:d3:8b:a6: e0:7a:e3:4c:c9:a1:b0:d0:08:3b:5c:20:ea:77:3a: 50:55:43:5f:77:4e:f5:d5:45:fc:bc:63:0d:53:dd: ec:74:26:a7:f9:89:1d:1b:78:fd:d7:73:f4:96:9a: f7:e8:bc:be:a1:ed:48:10:42:f2:27:9a:47:61:b6: c1:d0:34:31:da:f1:56:3e:7d:44:dd:dd:9c:4f:e9: 10:57:08:24:ea:bd:78:8c:4b:39:83:5b:70:ee:15: a1:a1:43:97:3a:c7:74:bd:ed:cd:03:95:50:b2:2c: 18:d3:8a:ad:48:14:c8:f3:72:31:cb:ff:04:4b:b6: f2:06:f5:9e:7b:8b:6c:fa:0f:b9:92:c0:10:08:00: 8f:c9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8F:71:95:E6:0A:4E:47:65:02:7B:EC:CB:65:D0:3A:8A:DE:52:14:2E X509v3 Authority Key Identifier: keyid:4C:AE:3A:EF:B1:AC:8A:BD:DB:99:BC:CE:E4:FA:5A:91:6D:15:7B:34 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B5D7E/ECA682341D8711E298322DE008B02CD2/TK4677Gsir3bmbzO5PpakW0VezQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TK4677Gsir3bmbzO5PpakW0VezQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B5D7E/ECA682341D8711E298322DE008B02CD2/8FF00754732F11EE90078C13C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 116.90.96.0/22 116.90.102.0-116.90.104.255 116.90.112.0-116.90.114.255 Signature Algorithm: sha256WithRSAEncryption 16:bb:59:f1:c5:5c:c7:79:58:d6:e1:00:fa:1e:f6:bb:91:95: 95:be:ff:e5:3e:a9:79:47:7c:05:73:d0:b0:99:f3:6a:33:b0: 50:d1:19:27:d3:7a:ac:c1:94:35:b7:f5:ca:63:f8:ab:ac:37: 75:20:e1:a9:f0:d3:e6:cc:a0:fe:2b:df:68:25:78:c3:76:37: 67:72:fc:1a:f9:15:59:a4:ac:8e:bd:0a:40:51:f9:6e:08:84: 5c:b4:79:8c:ea:47:d2:7f:27:4d:35:e0:40:2b:aa:17:7b:b9: 68:1e:58:59:89:15:94:75:21:cc:3f:96:9c:86:69:0c:a7:97: c3:61:c7:8a:25:8e:d8:b0:5d:d3:4a:5c:47:72:c6:e3:71:54: 71:da:e7:6f:07:d7:ed:b2:9a:23:fb:ec:58:6b:03:b3:1d:f5: ba:d7:4c:1f:e0:35:f6:d8:3b:13:85:bf:e6:6f:74:2f:d9:51: 09:ff:0a:c0:fa:37:f4:fa:6a:e8:ea:b6:13:90:8b:0f:1a:0e: ff:bf:d7:fe:79:7f:3c:80:5f:32:19:34:4f:45:8d:5d:96:7e: 3c:fa:b1:82:e6:d6:32:83:ef:5b:13:ff:29:64:9c:e9:c1:82: ae:70:eb:50:09:ef:fe:14:62:93:17:2e:2f:14:0d:6a:b0:4e: ed:7f:75:c6 -----BEGIN CERTIFICATE----- MIIFjTCCBHWgAwIBAgICNHAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjVEN0UxMTAvBgNVBAUTKDRDQUUzQUVGQjFBQzhBQkREQjk5QkNDRUU0RkE1QTkx NkQxNTdCMzQwHhcNMjQwMTA0MTQ1MDM0WhcNMjUwMzAyMDAwMDAwWjAYMRYwFAYD VQQDEw02NTk2YzViYS1hNDJmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA0yFJY/GxJq2/aQJgQ5EPqi7XpLLnuleTJt2h129/51TyRj48+6B0/+kveVUH gS4zxIrJgB/Dt+QBSfdo2EWGOfN7iBAL38emJd6lb6BNKwhSlBnnQcEdfPkUnLaB X055moN5WKjogAWbEo8bqcrbz4yns2nTi6bgeuNMyaGw0Ag7XCDqdzpQVUNfd071 1UX8vGMNU93sdCan+YkdG3j913P0lpr36Ly+oe1IEELyJ5pHYbbB0DQx2vFWPn1E 3d2cT+kQVwgk6r14jEs5g1tw7hWhoUOXOsd0ve3NA5VQsiwY04qtSBTI83Ixy/8E S7byBvWee4ts+g+5ksAQCACPyQIDAQABo4ICsTCCAq0wHQYDVR0OBBYEFI9xleYK TkdlAnvsy2XQOoreUhQuMB8GA1UdIwQYMBaAFEyuOu+xrIq925m8zuT6WpFtFXs0 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNUQ3RS9FQ0E2ODIzNDFE ODcxMUUyOTgzMjJERTAwOEIwMkNEMi9USzQ2NzdHc2lyM2JtYnpPNVBwYWtXMFZl elEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1RLNDY3N0dzaXIzYm1iek81UHBha1cwVmV6US5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QjVEN0UvRUNBNjgyMzQxRDg3MTFFMjk4MzIyREUwMDhCMDJDRDIvOEZGMDA3NTQ3 MzJGMTFFRTkwMDc4QzEzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOwYIKwYBBQUHAQcBAf8E LDAqMCgEAgABMCIDBAJ0WmAwDAMEAXRaZgMEAHRaaDAMAwQEdFpwAwQAdFpyMA0G CSqGSIb3DQEBCwUAA4IBAQAWu1nxxVzHeVjW4QD6Hva7kZWVvv/lPql5R3wFc9Cw mfNqM7BQ0Rkn03qswZQ1t/XKY/irrDd1IOGp8NPmzKD+K99oJXjDdjdncvwa+RVZ pKyOvQpAUfluCIRctHmM6kfSfydNNeBAK6oXe7loHlhZiRWUdSHMP5achmkMp5fD YceKJY7YsF3TSlxHcsbjcVRx2udvB9ftspoj++xYawOzHfW610wf4DX22DsThb/m b3Qv2VEJ/wrA+jf0+mro6rYTkIsPGg7/v9f+eX88gF8yGTRPRY1dln48+rGC5tYy g+9bE/8pZJzpwYKucOtQCe/+FGKTFy4vFA1qsE7tf3XG -----END CERTIFICATE-----Generated at Sun Nov 24 17:20:50 2024 by rpki-client on console-fra.rpki-client.org