$ rpki-client -vvf rpki.apnic.net/member_repository/A91E96D9/80DFDEC0E5DD11EAB2468D65C4F9AE02/4A06FF10FF2711EAB7D5F235C4F9AE02.roa File: 4A06FF10FF2711EAB7D5F235C4F9AE02.roa (raw, json) Hash identifier: Gqxdee19gYRpq/7iwpjpXekbiJ6Xa1Y+QdRU7kjs52c= Subject key identifier: B7:8C:DA:46:EB:C8:4A:EA:B7:ED:19:25:6F:3B:7A:F4:2F:BE:B2:EB Certificate issuer: /CN=A91E96D9/serialNumber=219EA63C6AC966DDB285886BD711C78A14DF512B Certificate serial: 0755 Authority key identifier: 21:9E:A6:3C:6A:C9:66:DD:B2:85:88:6B:D7:11:C7:8A:14:DF:51:2B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IZ6mPGrJZt2yhYhr1xHHihTfUSs.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E96D9/80DFDEC0E5DD11EAB2468D65C4F9AE02/4A06FF10FF2711EAB7D5F235C4F9AE02.roa Signing time: Tue 06 Feb 2024 07:17:04 +0000 ROA not before: Tue 06 Feb 2024 07:17:03 +0000 ROA not after: Mon 30 Dec 2024 00:00:00 +0000 asID: 55340 IP address blocks: 116.0.33.0/24 maxlen: 24 116.0.34.0/24 maxlen: 24 116.0.40.0/24 maxlen: 24 116.0.41.0/24 maxlen: 24 116.0.43.0/24 maxlen: 24 116.0.44.0/24 maxlen: 24 116.0.46.0/24 maxlen: 24 116.0.55.0/24 maxlen: 24 116.0.56.0/24 maxlen: 24 116.0.57.0/24 maxlen: 24 116.0.58.0/24 maxlen: 24 116.0.59.0/24 maxlen: 24 116.0.61.0/24 maxlen: 24 116.0.62.0/24 maxlen: 24 116.0.63.0/24 maxlen: 24 2400:a960:6::/48 maxlen: 48 2400:a960:8::/48 maxlen: 48 2400:a960:9::/48 maxlen: 48 2400:a960:a::/48 maxlen: 48 2400:a960:b::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E96D9/80DFDEC0E5DD11EAB2468D65C4F9AE02/IZ6mPGrJZt2yhYhr1xHHihTfUSs.crl rsync://rpki.apnic.net/member_repository/A91E96D9/80DFDEC0E5DD11EAB2468D65C4F9AE02/IZ6mPGrJZt2yhYhr1xHHihTfUSs.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IZ6mPGrJZt2yhYhr1xHHihTfUSs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 07 Jun 2024 22:47:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1877 (0x755) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E96D9/serialNumber=219EA63C6AC966DDB285886BD711C78A14DF512B Validity Not Before: Feb 6 07:17:03 2024 GMT Not After : Dec 30 00:00:00 2024 GMT Subject: CN=65c1dcef-3249 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:5a:d7:31:05:a5:92:8b:c3:38:18:a5:81:69: ea:a5:00:30:cd:d3:b2:54:d7:39:0a:50:82:52:ae: b7:ca:c5:b6:cc:33:ba:9c:53:96:37:2d:23:14:de: 94:95:83:e1:8b:1c:28:07:3f:53:c0:8b:a8:db:70: 02:98:7f:87:d5:b8:c3:72:11:4c:e4:82:47:6d:7e: 26:43:17:10:a0:ec:57:ec:a8:ec:a6:a9:06:46:0f: e1:67:08:06:78:48:bf:1f:2e:22:dd:3b:28:98:0f: 6e:a9:2a:bb:96:1a:00:d6:53:41:3f:97:9d:09:3a: b3:66:56:6f:15:b4:90:94:e1:4e:92:e7:e6:14:bf: f9:c9:06:36:30:6d:40:ea:fc:69:b4:32:c8:50:02: 5d:fd:ed:77:55:f6:1e:a8:48:57:71:76:ee:37:11: dc:b9:e1:b4:f4:7f:68:f0:93:5f:e9:1c:bd:a8:55: 91:55:d2:9d:2d:1b:3e:2f:69:43:86:e9:45:2a:63: 75:3b:b2:e5:96:48:ef:43:3d:5c:f7:2a:7d:09:5a: 0f:e0:44:8a:ad:86:fa:d0:be:8a:7a:b8:c2:9d:50: 26:61:a6:d2:69:7a:49:61:95:4b:f8:cf:ae:6d:3c: cc:71:e4:a9:e0:53:5b:a8:6b:32:5f:8c:af:96:70: 91:07 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B7:8C:DA:46:EB:C8:4A:EA:B7:ED:19:25:6F:3B:7A:F4:2F:BE:B2:EB X509v3 Authority Key Identifier: keyid:21:9E:A6:3C:6A:C9:66:DD:B2:85:88:6B:D7:11:C7:8A:14:DF:51:2B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E96D9/80DFDEC0E5DD11EAB2468D65C4F9AE02/IZ6mPGrJZt2yhYhr1xHHihTfUSs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IZ6mPGrJZt2yhYhr1xHHihTfUSs.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E96D9/80DFDEC0E5DD11EAB2468D65C4F9AE02/4A06FF10FF2711EAB7D5F235C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 116.0.33.0-116.0.34.255 116.0.40.0/23 116.0.43.0-116.0.44.255 116.0.46.0/24 116.0.55.0-116.0.59.255 116.0.61.0-116.0.63.255 IPv6: 2400:a960:6::/48 2400:a960:8::/46 Signature Algorithm: sha256WithRSAEncryption a0:71:2b:98:ac:fb:a7:00:97:81:45:70:7b:46:60:3f:9b:9b: b0:89:10:61:bd:c2:a6:41:67:e7:31:b2:d9:dd:fb:cb:bb:ef: 08:9b:64:a6:28:4a:c8:86:ce:c3:12:3a:8f:9f:64:83:76:09: 38:dc:9a:7b:d5:35:e9:c0:d5:74:4e:c5:9a:6b:af:3e:57:7f: b7:66:85:ad:41:47:a0:99:94:fc:69:c6:c2:04:ab:2e:44:04: c9:99:79:74:c4:1b:66:99:fb:24:4d:25:60:e7:36:59:dc:cb: be:b8:81:9c:13:1d:df:b3:b7:02:32:02:71:b5:99:ad:22:0b: 61:fa:66:29:ac:a9:7e:38:5f:c8:66:a0:7f:ae:e8:54:4e:e9: cd:04:c4:91:09:14:3e:33:9b:fa:25:17:f8:c4:d9:65:03:31: 62:44:12:85:05:3a:fc:b3:7d:fe:c4:fb:8c:d0:23:d2:5e:81: 75:3e:8a:65:31:fc:42:d5:eb:57:1b:c2:03:01:ee:35:ce:83: 8d:94:3b:f9:6c:fb:de:88:51:c1:9f:e4:d9:70:bd:c2:af:77: 94:95:f3:e7:08:0e:58:c8:b2:c6:66:e1:a7:ee:d7:34:75:05: d7:24:b6:d7:60:2b:94:12:23:a5:1f:1d:9b:a2:7c:60:b2:0c: 82:e3:33:d8 -----BEGIN CERTIFICATE----- MIIFyTCCBLGgAwIBAgICB1UwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTk2RDkxMTAvBgNVBAUTKDIxOUVBNjNDNkFDOTY2RERCMjg1ODg2QkQ3MTFDNzhB MTRERjUxMkIwHhcNMjQwMjA2MDcxNzAzWhcNMjQxMjMwMDAwMDAwWjAYMRYwFAYD VQQDEw02NWMxZGNlZi0zMjQ5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtlrXMQWlkovDOBilgWnqpQAwzdOyVNc5ClCCUq63ysW2zDO6nFOWNy0jFN6U lYPhixwoBz9TwIuo23ACmH+H1bjDchFM5IJHbX4mQxcQoOxX7KjspqkGRg/hZwgG eEi/Hy4i3TsomA9uqSq7lhoA1lNBP5edCTqzZlZvFbSQlOFOkufmFL/5yQY2MG1A 6vxptDLIUAJd/e13VfYeqEhXcXbuNxHcueG09H9o8JNf6Ry9qFWRVdKdLRs+L2lD hulFKmN1O7LllkjvQz1c9yp9CVoP4ESKrYb60L6KerjCnVAmYabSaXpJYZVL+M+u bTzMceSp4FNbqGsyX4yvlnCRBwIDAQABo4IC7TCCAukwHQYDVR0OBBYEFLeM2kbr yErqt+0ZJW87evQvvrLrMB8GA1UdIwQYMBaAFCGepjxqyWbdsoWIa9cRx4oU31Er MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFOTZEOS84MERGREVDMEU1 REQxMUVBQjI0NjhENjVDNEY5QUUwMi9JWjZtUEdySlp0MnloWWhyMXhISGloVGZV U3MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0laNm1QR3JKWnQyeWhZaHIxeEhIaWhUZlVTcy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RTk2RDkvODBERkRFQzBFNUREMTFFQUIyNDY4RDY1QzRGOUFFMDIvNEEwNkZGMTBG RjI3MTFFQUI3RDVGMjM1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwdwYIKwYBBQUHAQcBAf8E aDBmMEoEAgABMEQwDAMEAHQAIQMEAHQAIgMEAXQAKDAMAwQAdAArAwQAdAAsAwQA dAAuMAwDBAB0ADcDBAJ0ADgwDAMEAHQAPQMEBnQAADAYBAIAAjASAwcAJACpYAAG AwcCJACpYAAIMA0GCSqGSIb3DQEBCwUAA4IBAQCgcSuYrPunAJeBRXB7RmA/m5uw iRBhvcKmQWfnMbLZ3fvLu+8Im2SmKErIhs7DEjqPn2SDdgk43Jp71TXpwNV0TsWa a68+V3+3ZoWtQUegmZT8acbCBKsuRATJmXl0xBtmmfskTSVg5zZZ3Mu+uIGcEx3f s7cCMgJxtZmtIgth+mYprKl+OF/IZqB/ruhUTunNBMSRCRQ+M5v6JRf4xNllAzFi RBKFBTr8s33+xPuM0CPSXoF1PoplMfxC1etXG8IDAe41zoONlDv5bPveiFHBn+TZ cL3Cr3eUlfPnCA5YyLLGZuGn7tc0dQXXJLbXYCuUEiOlHx2bonxgsgyC4zPY -----END CERTIFICATE-----Generated at Fri May 31 23:53:09 2024 by rpki-client on console-fra.rpki-client.org