$ rpki-client -vvf rpki.apnic.net/member_repository/A91E4845/400153B6D2EB11E5B4D15A4EC4F9AE02/EA7EF77860BB11EF98A27D59C4F9AE02.roa File: EA7EF77860BB11EF98A27D59C4F9AE02.roa (raw, json) Hash identifier: IbXlCyRGRqfkHxZ+zY5UHBQbh7Uez3K4rRQxc+WKNAc= Subject key identifier: 10:40:35:38:7B:B9:7A:17:74:97:54:7C:30:4C:BA:D3:76:4A:22:70 Certificate issuer: /CN=A91E4845/serialNumber=01A412EF416C884F6F637F1BDA800EB6EF67B6D6 Certificate serial: 217E Authority key identifier: 01:A4:12:EF:41:6C:88:4F:6F:63:7F:1B:DA:80:0E:B6:EF:67:B6:D6 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AaQS70FsiE9vY38b2oAOtu9nttY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E4845/400153B6D2EB11E5B4D15A4EC4F9AE02/EA7EF77860BB11EF98A27D59C4F9AE02.roa Signing time: Mon 14 Oct 2024 01:30:02 +0000 ROA not before: Mon 14 Oct 2024 01:30:02 +0000 ROA not after: Fri 31 Jan 2025 00:00:00 +0000 asID: 134712 IP address blocks: 220.158.204.0/22 maxlen: 22 220.158.204.0/24 maxlen: 24 220.158.205.0/24 maxlen: 24 220.158.206.0/24 maxlen: 24 220.158.207.0/24 maxlen: 24 2405:d340::/32 maxlen: 32 2405:d340::/48 maxlen: 48 2405:d340:1::/48 maxlen: 48 2405:d340:2::/48 maxlen: 48 2405:d340:3::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E4845/400153B6D2EB11E5B4D15A4EC4F9AE02/AaQS70FsiE9vY38b2oAOtu9nttY.crl rsync://rpki.apnic.net/member_repository/A91E4845/400153B6D2EB11E5B4D15A4EC4F9AE02/AaQS70FsiE9vY38b2oAOtu9nttY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AaQS70FsiE9vY38b2oAOtu9nttY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 01 Dec 2024 15:49:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8574 (0x217e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E4845/serialNumber=01A412EF416C884F6F637F1BDA800EB6EF67B6D6 Validity Not Before: Oct 14 01:30:02 2024 GMT Not After : Jan 31 00:00:00 2025 GMT Subject: CN=670c741a-6508 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:ea:99:d0:a5:a8:6c:fe:31:24:48:1f:9c:00: ca:7d:bb:96:b7:10:fa:39:cc:9f:69:66:7d:b2:00: 7b:83:b7:4b:28:60:29:8e:aa:48:5e:6f:64:1a:c7: c5:1e:d2:9f:d9:64:0a:5e:07:1e:74:2b:dc:13:c7: 5c:1c:c4:21:e2:34:87:fd:00:9a:88:41:c6:97:62: bc:eb:7d:8d:bb:52:66:ce:1c:7e:29:68:b8:da:7b: 7b:b2:92:77:54:f9:18:97:95:c9:6a:85:0f:0c:ac: 45:4a:c0:6b:aa:e5:03:ae:a6:59:9a:9d:66:75:7d: a9:fc:b9:48:09:07:25:77:b0:38:b8:cd:2e:3c:d7: 10:f3:a7:9e:04:c7:e0:01:a3:3d:7d:2f:c7:c0:32: 2c:2e:0c:34:bb:45:7e:f6:f8:9e:be:39:23:b2:e6: 30:75:77:9b:b5:4f:e8:e1:cc:d6:8e:22:5d:e1:c7: 20:d9:f4:b6:c6:75:67:ef:46:a4:70:33:7c:0c:50: 50:61:76:40:bb:54:65:f1:83:c2:66:a0:ca:1d:a7: 62:3c:75:1f:ba:47:5d:19:bb:2a:69:9f:64:63:93: c9:26:0a:7c:48:94:8f:53:a1:c9:66:b4:c6:ef:80: 0f:11:a4:de:c6:6c:4e:4c:6d:a9:f4:b1:26:59:5f: 01:4d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 10:40:35:38:7B:B9:7A:17:74:97:54:7C:30:4C:BA:D3:76:4A:22:70 X509v3 Authority Key Identifier: keyid:01:A4:12:EF:41:6C:88:4F:6F:63:7F:1B:DA:80:0E:B6:EF:67:B6:D6 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E4845/400153B6D2EB11E5B4D15A4EC4F9AE02/AaQS70FsiE9vY38b2oAOtu9nttY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AaQS70FsiE9vY38b2oAOtu9nttY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E4845/400153B6D2EB11E5B4D15A4EC4F9AE02/EA7EF77860BB11EF98A27D59C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 220.158.204.0/22 IPv6: 2405:d340::/32 Signature Algorithm: sha256WithRSAEncryption b7:d0:74:9f:0d:b3:d6:54:18:c9:e1:03:3b:cb:cf:57:0e:a7: f1:7c:e2:3b:68:4d:c4:c7:91:d7:73:57:cf:c6:9e:75:51:fe: 6a:c7:3d:34:18:57:10:3d:6a:7d:87:14:49:4b:c6:f8:28:e8: 44:c6:31:49:2f:1d:69:8a:e9:a2:dc:55:ff:b0:cb:e5:83:06: 7d:09:64:74:74:c9:11:48:6d:c2:47:81:f5:95:6d:94:ed:04: 1e:98:71:08:88:79:8b:59:6d:7e:45:dd:a8:01:ad:6a:85:59: 83:16:1f:fe:26:dd:41:ed:73:06:f4:27:52:d6:92:81:2a:ca: 71:dc:2e:f4:13:09:1e:93:ea:15:7b:ba:f1:7d:38:e2:c2:73: 9c:19:27:30:d7:60:b6:21:29:13:84:a9:93:e3:e2:45:b5:f3: c4:3c:c3:d7:7c:90:03:59:94:2c:25:7b:c1:bf:f6:6a:bd:7a: b1:5b:e5:cc:70:ac:48:5c:0a:68:43:60:ac:ef:44:73:bb:78: b4:a1:f8:8a:30:7d:df:b7:f3:aa:c1:20:00:bf:d3:1f:a6:44: 7d:f0:f6:31:91:25:ab:36:16:98:7c:d5:2b:7f:38:98:4f:dd: 3f:d7:da:29:12:8e:f4:c9:7c:52:91:17:d3:44:02:1c:ff:46: 4d:53:a2:38 -----BEGIN CERTIFICATE----- MIIFgDCCBGigAwIBAgICIX4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTQ4NDUxMTAvBgNVBAUTKDAxQTQxMkVGNDE2Qzg4NEY2RjYzN0YxQkRBODAwRUI2 RUY2N0I2RDYwHhcNMjQxMDE0MDEzMDAyWhcNMjUwMTMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NzBjNzQxYS02NTA4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAz+qZ0KWobP4xJEgfnADKfbuWtxD6OcyfaWZ9sgB7g7dLKGApjqpIXm9kGsfF HtKf2WQKXgcedCvcE8dcHMQh4jSH/QCaiEHGl2K8632Nu1Jmzhx+KWi42nt7spJ3 VPkYl5XJaoUPDKxFSsBrquUDrqZZmp1mdX2p/LlICQcld7A4uM0uPNcQ86eeBMfg AaM9fS/HwDIsLgw0u0V+9vievjkjsuYwdXebtU/o4czWjiJd4ccg2fS2xnVn70ak cDN8DFBQYXZAu1Rl8YPCZqDKHadiPHUfukddGbsqaZ9kY5PJJgp8SJSPU6HJZrTG 74APEaTexmxOTG2p9LEmWV8BTQIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFBBANTh7 uXoXdJdUfDBMutN2SiJwMB8GA1UdIwQYMBaAFAGkEu9BbIhPb2N/G9qADrbvZ7bW MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNDg0NS80MDAxNTNCNkQy RUIxMUU1QjREMTVBNEVDNEY5QUUwMi9BYVFTNzBGc2lFOXZZMzhiMm9BT3R1OW50 dFkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0FhUVM3MEZzaUU5dlkzOGIyb0FPdHU5bnR0WS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RTQ4NDUvNDAwMTUzQjZEMkVCMTFFNUI0RDE1QTRFQzRGOUFFMDIvRUE3RUY3Nzg2 MEJCMTFFRjk4QTI3RDU5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E HzAdMAwEAgABMAYDBALcnswwDQQCAAIwBwMFACQF00AwDQYJKoZIhvcNAQELBQAD ggEBALfQdJ8Ns9ZUGMnhAzvLz1cOp/F84jtoTcTHkddzV8/GnnVR/mrHPTQYVxA9 an2HFElLxvgo6ETGMUkvHWmK6aLcVf+wy+WDBn0JZHR0yRFIbcJHgfWVbZTtBB6Y cQiIeYtZbX5F3agBrWqFWYMWH/4m3UHtcwb0J1LWkoEqynHcLvQTCR6T6hV7uvF9 OOLCc5wZJzDXYLYhKROEqZPj4kW188Q8w9d8kANZlCwle8G/9mq9erFb5cxwrEhc CmhDYKzvRHO7eLSh+Iowfd+386rBIAC/0x+mRH3w9jGRJas2Fph81St/OJhP3T/X 2ikSjvTJfFKRF9NEAhz/Rk1Tojg= -----END CERTIFICATE-----Generated at Sun Nov 24 18:24:58 2024 by rpki-client on console-ams.rpki-client.org