$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6D5D/9DCB68E01D8811E294B955E108B02CD2/5C818B14EEF911ED891BBB4EC4F9AE02.roa File: 5C818B14EEF911ED891BBB4EC4F9AE02.roa (raw, json) Hash identifier: RtjILykdmfM53u5ZbASxfFcpE8QIDbxdbIiaoySR2/M= Subject key identifier: AC:DF:F3:88:7D:B9:66:F4:93:C1:D5:58:8B:15:14:BA:0F:AA:5A:1E Certificate issuer: /CN=A91E6D5D/serialNumber=64A665816AEFED73B3075007DA5337AC7DEC4B81 Certificate serial: 1A2C Authority key identifier: 64:A6:65:81:6A:EF:ED:73:B3:07:50:07:DA:53:37:AC:7D:EC:4B:81 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZKZlgWrv7XOzB1AH2lM3rH3sS4E.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E6D5D/9DCB68E01D8811E294B955E108B02CD2/5C818B14EEF911ED891BBB4EC4F9AE02.roa Signing time: Mon 29 Jul 2024 23:23:10 +0000 ROA not before: Mon 29 Jul 2024 23:23:10 +0000 ROA not after: Wed 28 May 2025 00:00:00 +0000 asID: 3949 IP address blocks: 116.51.19.0/24 maxlen: 24 116.51.20.0/24 maxlen: 24 116.51.22.240/28 maxlen: 28 116.51.22.240/29 maxlen: 29 116.51.22.240/30 maxlen: 30 116.51.22.240/31 maxlen: 31 116.51.22.240/32 maxlen: 32 116.51.23.192/27 maxlen: 27 116.51.30.192/27 maxlen: 27 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E6D5D/9DCB68E01D8811E294B955E108B02CD2/ZKZlgWrv7XOzB1AH2lM3rH3sS4E.crl rsync://rpki.apnic.net/member_repository/A91E6D5D/9DCB68E01D8811E294B955E108B02CD2/ZKZlgWrv7XOzB1AH2lM3rH3sS4E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZKZlgWrv7XOzB1AH2lM3rH3sS4E.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 21 Feb 2025 05:15:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6700 (0x1a2c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E6D5D Validity Not Before: Jul 29 23:23:10 2024 GMT Not After : May 28 00:00:00 2025 GMT Subject: CN=66a8245d-dc5d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:08:60:90:e9:2e:b7:a1:9f:a5:2c:7a:57:cf: 54:fc:c7:51:50:e3:4c:20:58:6e:8d:ca:2e:ee:34: 5a:62:62:16:fe:5d:bf:42:31:f7:dd:c3:da:c8:01: 00:4a:97:7c:52:f3:9a:b7:38:49:63:05:41:f7:2d: 52:60:1a:09:7a:bb:3b:35:c6:76:23:f6:42:ed:89: cc:a3:24:6b:15:40:74:29:63:2c:89:de:0c:d8:f6: 0d:5f:37:a8:42:71:ad:08:9b:d0:7e:d3:8c:5e:95: 47:ce:54:8c:24:53:ec:3f:5a:ee:72:bd:e5:40:28: cf:eb:c5:8a:16:59:c6:11:b4:10:1b:64:a9:e6:94: f6:a8:aa:8b:2d:cf:15:1c:6c:71:a2:56:5b:ad:16: 69:51:61:9b:ba:bf:73:df:b8:31:b2:76:04:3c:e8: 53:aa:0e:de:38:ad:bc:70:fc:39:d1:d0:c4:c3:04: fc:27:3d:fd:b9:ec:29:6a:57:e6:65:28:d9:4c:92: 51:fb:84:84:6d:1b:ca:87:62:17:8f:00:be:6e:96: 2b:06:64:c6:8c:32:d9:0e:8e:4a:d2:70:1a:01:05: bb:e9:d5:bf:ce:f1:3f:ae:dd:0c:b5:12:4c:33:5d: c3:a9:60:d7:60:55:50:15:f0:4c:6e:55:21:ad:5f: 8f:51 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AC:DF:F3:88:7D:B9:66:F4:93:C1:D5:58:8B:15:14:BA:0F:AA:5A:1E X509v3 Authority Key Identifier: keyid:64:A6:65:81:6A:EF:ED:73:B3:07:50:07:DA:53:37:AC:7D:EC:4B:81 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E6D5D/9DCB68E01D8811E294B955E108B02CD2/ZKZlgWrv7XOzB1AH2lM3rH3sS4E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZKZlgWrv7XOzB1AH2lM3rH3sS4E.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6D5D/9DCB68E01D8811E294B955E108B02CD2/5C818B14EEF911ED891BBB4EC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 116.51.19.0-116.51.20.255 116.51.22.240/28 116.51.23.192/27 116.51.30.192/27 Signature Algorithm: sha256WithRSAEncryption 01:6e:87:5c:e4:04:88:4e:ac:e9:8e:7d:db:f5:6e:3d:1f:67: d8:57:8c:46:49:23:79:7e:53:6d:2a:db:52:99:fe:ce:6d:49: 98:22:d2:68:55:a0:47:45:f0:85:63:ed:7a:fd:72:ca:e2:cd: bb:9b:e7:be:c6:de:f9:ef:7e:d8:f4:fb:3b:96:f5:e3:4b:31: 0c:86:0b:ae:0c:d2:fb:a0:49:0a:80:08:6a:d6:69:a1:5b:d6: 0a:58:ae:2f:62:a1:fe:14:d6:66:a6:23:f0:10:f5:ac:04:9e: 92:4c:6d:f6:8b:db:91:d9:c0:53:ff:36:fe:cf:f1:6b:0d:ed: 4a:eb:dd:b8:25:f0:f3:2e:50:5f:be:15:32:b7:5f:ca:62:e8: 0d:b4:26:6a:25:18:76:31:2c:37:1d:7d:60:2b:b8:28:70:d5: bc:2e:7f:22:c8:cc:ba:0d:b7:dd:1d:c6:9e:e7:e2:c1:36:30: 55:a8:4a:ce:e6:49:21:00:3e:bd:29:88:ae:92:b7:34:5d:59: a3:26:60:cd:5a:31:84:f8:fe:b3:13:25:d1:4a:7a:4a:de:40: d6:11:5e:20:31:2f:37:52:6b:77:2a:61:ca:11:99:f2:ab:e6: af:4c:2b:6b:3f:fe:dc:6e:68:10:eb:a6:d1:51:22:2e:28:e8: b6:94:e6:5f -----BEGIN CERTIFICATE----- MIIFjjCCBHagAwIBAgICGiwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTZENUQxMTAvBgNVBAUTKDY0QTY2NTgxNkFFRkVENzNCMzA3NTAwN0RBNTMzN0FD N0RFQzRCODEwHhcNMjQwNzI5MjMyMzEwWhcNMjUwNTI4MDAwMDAwWjAYMRYwFAYD VQQDEw02NmE4MjQ1ZC1kYzVkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAuwhgkOkut6GfpSx6V89U/MdRUONMIFhujcou7jRaYmIW/l2/QjH33cPayAEA Spd8UvOatzhJYwVB9y1SYBoJers7NcZ2I/ZC7YnMoyRrFUB0KWMsid4M2PYNXzeo QnGtCJvQftOMXpVHzlSMJFPsP1rucr3lQCjP68WKFlnGEbQQG2Sp5pT2qKqLLc8V HGxxolZbrRZpUWGbur9z37gxsnYEPOhTqg7eOK28cPw50dDEwwT8Jz39uewpalfm ZSjZTJJR+4SEbRvKh2IXjwC+bpYrBmTGjDLZDo5K0nAaAQW76dW/zvE/rt0MtRJM M13DqWDXYFVQFfBMblUhrV+PUQIDAQABo4ICsjCCAq4wHQYDVR0OBBYEFKzf84h9 uWb0k8HVWIsVFLoPqloeMB8GA1UdIwQYMBaAFGSmZYFq7+1zswdQB9pTN6x97EuB MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNkQ1RC85RENCNjhFMDFE ODgxMUUyOTRCOTU1RTEwOEIwMkNEMi9aS1psZ1dydjdYT3pCMUFIMmxNM3JIM3NT NEUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1pLWmxnV3J2N1hPekIxQUgybE0zckgzc1M0RS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RTZENUQvOURDQjY4RTAxRDg4MTFFMjk0Qjk1NUUxMDhCMDJDRDIvNUM4MThCMTRF RUY5MTFFRDg5MUJCQjRFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwPAYIKwYBBQUHAQcBAf8E LTArMCkEAgABMCMwDAMEAHQzEwMEAHQzFAMFBHQzFvADBQV0MxfAAwUFdDMewDAN BgkqhkiG9w0BAQsFAAOCAQEAAW6HXOQEiE6s6Y592/VuPR9n2FeMRkkjeX5TbSrb Upn+zm1JmCLSaFWgR0XwhWPtev1yyuLNu5vnvsbe+e9+2PT7O5b140sxDIYLrgzS +6BJCoAIatZpoVvWCliuL2Kh/hTWZqYj8BD1rASekkxt9ovbkdnAU/82/s/xaw3t SuvduCXw8y5QX74VMrdfymLoDbQmaiUYdjEsNx19YCu4KHDVvC5/IsjMug233R3G nufiwTYwVahKzuZJIQA+vSmIrpK3NF1ZoyZgzVoxhPj+sxMl0Up6St5A1hFeIDEv N1JrdyphyhGZ8qvmr0wraz/+3G5oEOum0VEiLijotpTmXw== -----END CERTIFICATE-----Generated at Wed Feb 19 22:03:42 2025 by rpki-client