$ rpki-client -vvf rpki.apnic.net/member_repository/A91E689D/C7C63DA81D9E11E283CEFA8E08B02CD2/3773AC0C8B6111EFA3A49037C4F9AE02.roa File: 3773AC0C8B6111EFA3A49037C4F9AE02.roa (raw, json) Hash identifier: wrgTGY4Zg1HcHZCDO+hkBCrj/kSRgwBrHyd97B10p9I= Subject key identifier: 7B:07:16:25:F2:5A:59:CA:E8:CA:19:8F:61:63:D8:A5:19:EC:E4:1E Certificate issuer: /CN=A91E689D/serialNumber=40B8D22EF23B37B0B9E53F3C4E10D6AE3EB8A99F Certificate serial: 3415 Authority key identifier: 40:B8:D2:2E:F2:3B:37:B0:B9:E5:3F:3C:4E:10:D6:AE:3E:B8:A9:9F Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QLjSLvI7N7C55T88ThDWrj64qZ8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E689D/C7C63DA81D9E11E283CEFA8E08B02CD2/3773AC0C8B6111EFA3A49037C4F9AE02.roa Signing time: Wed 16 Oct 2024 02:22:31 +0000 ROA not before: Wed 16 Oct 2024 02:22:31 +0000 ROA not after: Tue 30 Sep 2025 00:00:00 +0000 asID: 45810 IP address blocks: 203.217.128.0/22 maxlen: 22 203.217.128.0/23 maxlen: 23 203.217.130.0/24 maxlen: 24 203.217.131.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E689D/C7C63DA81D9E11E283CEFA8E08B02CD2/QLjSLvI7N7C55T88ThDWrj64qZ8.crl rsync://rpki.apnic.net/member_repository/A91E689D/C7C63DA81D9E11E283CEFA8E08B02CD2/QLjSLvI7N7C55T88ThDWrj64qZ8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QLjSLvI7N7C55T88ThDWrj64qZ8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Nov 2024 15:02:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13333 (0x3415) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E689D/serialNumber=40B8D22EF23B37B0B9E53F3C4E10D6AE3EB8A99F Validity Not Before: Oct 16 02:22:31 2024 GMT Not After : Sep 30 00:00:00 2025 GMT Subject: CN=670f2366-1327 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:c5:d8:ea:ce:0e:5f:1d:2a:a1:75:b5:86:93: 44:04:91:a5:dc:90:ce:8d:59:96:02:b2:a9:1c:df: f4:57:f1:e1:38:5f:87:87:bc:17:3f:e6:9c:1d:19: e9:f6:e0:d4:ea:07:d6:b4:d8:b9:cb:fa:17:ad:27: 2a:25:a2:f4:37:95:40:76:65:ba:08:90:75:0a:6e: 2f:11:33:80:53:b9:9f:06:41:51:a3:c2:be:0d:ef: 14:17:0e:9e:fb:9a:10:11:bc:9d:17:3d:fd:da:6b: 2b:38:de:be:8f:6f:1e:ae:ac:9c:42:a8:5d:79:8a: 03:1b:a5:7f:6f:19:80:fe:a8:f0:6f:c1:f9:e3:97: 2b:ac:8e:0a:af:5a:18:ac:de:09:72:d5:ef:4a:c1: 96:d8:d1:0c:4c:81:5e:ee:3e:6d:51:0d:36:ce:af: c9:7b:36:c9:6c:b6:9f:35:ee:5c:56:5a:55:ee:cc: 10:cb:15:09:a5:62:0a:c3:51:b4:1b:6e:c7:5c:c2: 1a:91:5b:ac:28:dc:5a:11:c7:02:74:9e:38:b7:71: 1c:c1:d6:db:1f:70:ac:69:de:34:70:66:a5:17:2e: e8:40:9f:a5:63:66:b8:b9:09:3f:c3:4f:c8:49:c6: 81:55:f5:36:7f:af:2e:1f:a1:53:c8:8e:22:de:f7: 61:bd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7B:07:16:25:F2:5A:59:CA:E8:CA:19:8F:61:63:D8:A5:19:EC:E4:1E X509v3 Authority Key Identifier: keyid:40:B8:D2:2E:F2:3B:37:B0:B9:E5:3F:3C:4E:10:D6:AE:3E:B8:A9:9F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E689D/C7C63DA81D9E11E283CEFA8E08B02CD2/QLjSLvI7N7C55T88ThDWrj64qZ8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QLjSLvI7N7C55T88ThDWrj64qZ8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E689D/C7C63DA81D9E11E283CEFA8E08B02CD2/3773AC0C8B6111EFA3A49037C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 203.217.128.0/22 Signature Algorithm: sha256WithRSAEncryption 59:20:f8:16:2d:36:d9:df:74:a9:8f:9b:be:8a:1b:74:bc:3a: f7:68:5b:77:6c:36:09:9b:04:2c:d9:00:65:0a:84:9b:d3:e7: e2:fe:5c:0b:3a:f5:68:3d:19:e3:f2:91:96:d0:28:7c:24:39: 2a:14:bf:5e:d9:01:17:fd:ea:1f:34:77:23:12:59:78:b3:aa: f9:d2:d3:3f:60:58:51:a5:4e:62:5d:1d:da:1e:a6:45:e2:b6: f7:2d:0a:18:c3:e6:a1:a7:d5:e3:9c:5b:eb:f3:96:08:3b:41: 6f:15:47:1c:1c:37:de:96:b9:a1:f5:51:73:59:cf:fc:e8:2f: 7c:20:ef:ea:6d:51:5a:9b:30:0b:0e:ef:7d:7b:35:e8:e1:30: 07:42:4a:c8:0a:0c:35:41:d4:f8:2a:31:c4:23:ab:9e:41:89: ac:ef:4c:cc:fc:da:05:83:fc:29:da:54:da:54:7b:2c:0a:29: 29:75:96:f6:fc:94:aa:68:b9:6d:5a:c7:ab:db:13:c5:77:b4: 05:1f:ba:5b:fe:fb:20:59:8d:31:ba:34:14:36:67:df:ba:b7: 85:cb:19:b8:d3:e4:fd:59:b3:d7:ec:71:0c:52:5e:16:53:ec: f3:12:fc:93:0e:73:0d:fb:69:e8:86:98:78:56:ef:b4:cf:24: eb:70:45:12 -----BEGIN CERTIFICATE----- MIIFcTCCBFmgAwIBAgICNBUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTY4OUQxMTAvBgNVBAUTKDQwQjhEMjJFRjIzQjM3QjBCOUU1M0YzQzRFMTBENkFF M0VCOEE5OUYwHhcNMjQxMDE2MDIyMjMxWhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD VQQDEw02NzBmMjM2Ni0xMzI3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtsXY6s4OXx0qoXW1hpNEBJGl3JDOjVmWArKpHN/0V/HhOF+Hh7wXP+acHRnp 9uDU6gfWtNi5y/oXrScqJaL0N5VAdmW6CJB1Cm4vETOAU7mfBkFRo8K+De8UFw6e +5oQEbydFz392msrON6+j28erqycQqhdeYoDG6V/bxmA/qjwb8H545crrI4Kr1oY rN4JctXvSsGW2NEMTIFe7j5tUQ02zq/JezbJbLafNe5cVlpV7swQyxUJpWIKw1G0 G27HXMIakVusKNxaEccCdJ44t3EcwdbbH3Csad40cGalFy7oQJ+lY2a4uQk/w0/I ScaBVfU2f68uH6FTyI4i3vdhvQIDAQABo4IClTCCApEwHQYDVR0OBBYEFHsHFiXy WlnK6MoZj2Fj2KUZ7OQeMB8GA1UdIwQYMBaAFEC40i7yOzewueU/PE4Q1q4+uKmf MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNjg5RC9DN0M2M0RBODFE OUUxMUUyODNDRUZBOEUwOEIwMkNEMi9RTGpTTHZJN043QzU1VDg4VGhEV3JqNjRx WjguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1FMalNMdkk3TjdDNTVUODhUaERXcmo2NHFaOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RTY4OUQvQzdDNjNEQTgxRDlFMTFFMjgzQ0VGQThFMDhCMDJDRDIvMzc3M0FDMEM4 QjYxMTFFRkEzQTQ5MDM3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E EDAOMAwEAgABMAYDBALL2YAwDQYJKoZIhvcNAQELBQADggEBAFkg+BYtNtnfdKmP m76KG3S8OvdoW3dsNgmbBCzZAGUKhJvT5+L+XAs69Wg9GePykZbQKHwkOSoUv17Z ARf96h80dyMSWXizqvnS0z9gWFGlTmJdHdoepkXitvctChjD5qGn1eOcW+vzlgg7 QW8VRxwcN96WuaH1UXNZz/zoL3wg7+ptUVqbMAsO7317NejhMAdCSsgKDDVB1Pgq McQjq55BiazvTMz82gWD/CnaVNpUeywKKSl1lvb8lKpouW1ax6vbE8V3tAUfulv+ +yBZjTG6NBQ2Z9+6t4XLGbjT5P1Zs9fscQxSXhZT7PMS/JMOcw37aeiGmHhW77TP JOtwRRI= -----END CERTIFICATE-----Generated at Fri Nov 22 16:50:05 2024 by rpki-client on console-ams.rpki-client.org