$ rpki-client -vvf rpki.apnic.net/member_repository/A91EA198/AD629222B52511E6AF6C895EC4F9AE02/4EA15AE44FD811ED8AEB0282C4F9AE02.roa File: 4EA15AE44FD811ED8AEB0282C4F9AE02.roa (raw, json) Hash identifier: KptRM9OhZOY+IAnuIj6dKpgRtL+UG95HSLHK6SbwluY= Subject key identifier: E5:BA:F5:B3:15:BF:EC:0B:3E:36:E2:30:E8:DC:50:5D:D2:25:72:6B Certificate issuer: /CN=A91EA198/serialNumber=5FEEDE9D382543F051527FA533D47A917077E632 Certificate serial: 1DC6 Authority key identifier: 5F:EE:DE:9D:38:25:43:F0:51:52:7F:A5:33:D4:7A:91:70:77:E6:32 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/X-7enTglQ_BRUn-lM9R6kXB35jI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EA198/AD629222B52511E6AF6C895EC4F9AE02/4EA15AE44FD811ED8AEB0282C4F9AE02.roa Signing time: Wed 18 Dec 2024 16:13:53 +0000 ROA not before: Wed 18 Dec 2024 16:13:53 +0000 ROA not after: Mon 02 Mar 2026 00:00:00 +0000 asID: 134963 IP address blocks: 8.208.0.0/12 maxlen: 15 8.208.0.0/16 maxlen: 24 8.209.0.0/16 maxlen: 24 8.210.0.0/16 maxlen: 24 8.211.0.0/16 maxlen: 24 8.212.0.0/16 maxlen: 24 8.213.0.0/16 maxlen: 24 8.214.0.0/16 maxlen: 24 8.215.0.0/16 maxlen: 24 8.216.0.0/16 maxlen: 24 8.217.0.0/16 maxlen: 24 8.218.0.0/16 maxlen: 24 8.219.0.0/16 maxlen: 24 8.220.0.0/16 maxlen: 24 8.221.0.0/16 maxlen: 24 8.222.0.0/16 maxlen: 24 8.223.0.0/16 maxlen: 24 149.129.0.0/16 maxlen: 16 161.117.0.0/16 maxlen: 24 170.33.0.0/16 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EA198/AD629222B52511E6AF6C895EC4F9AE02/X-7enTglQ_BRUn-lM9R6kXB35jI.crl rsync://rpki.apnic.net/member_repository/A91EA198/AD629222B52511E6AF6C895EC4F9AE02/X-7enTglQ_BRUn-lM9R6kXB35jI.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/X-7enTglQ_BRUn-lM9R6kXB35jI.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 11 Apr 2025 16:11:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7622 (0x1dc6) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EA198 Validity Not Before: Dec 18 16:13:53 2024 GMT Not After : Mar 2 00:00:00 2026 GMT Subject: CN=6762f4c1-ed56 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:33:58:97:9e:04:9e:6a:a4:8b:cf:38:0a:8e: 0c:7b:74:ba:eb:43:9d:a8:8f:76:da:f3:72:23:8b: 3d:41:ff:23:32:8a:c5:c8:92:ac:78:1a:61:e0:20: 8e:3c:45:f6:70:14:0e:b4:39:cb:73:19:f1:7d:bb: 19:e1:41:f3:a9:bd:bf:2a:60:33:2e:6b:6e:fc:69: 43:a1:39:2f:52:bc:a2:55:85:da:bd:d5:67:3e:13: b4:9e:49:11:85:1e:5d:9a:3e:98:4d:24:c0:41:9d: 3d:16:b7:13:95:ca:1d:66:eb:00:ba:8c:b5:9b:a5: 3b:37:aa:17:ca:63:3d:32:9e:c5:7b:ad:e2:c0:e0: b1:11:ce:24:76:d6:6c:f8:d6:29:1e:ad:3b:3c:a3: 32:a4:f7:33:b4:62:82:d2:99:16:08:a6:56:f3:c7: 74:9f:9d:33:b5:8c:f6:b3:b2:11:27:46:f8:6d:10: 79:82:67:c0:a5:f2:17:45:d3:9b:1f:0d:58:64:31: 9b:60:b9:92:8f:ff:5f:fc:d6:42:55:ae:38:9d:50: c9:d9:da:60:78:16:7e:7e:b4:7d:08:35:63:fe:5d: 55:9d:00:30:ef:22:fd:16:3b:ba:c6:6a:f8:91:59: 11:27:06:fd:0a:ac:22:fe:ee:8c:cf:ad:0b:53:2b: a2:87 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E5:BA:F5:B3:15:BF:EC:0B:3E:36:E2:30:E8:DC:50:5D:D2:25:72:6B X509v3 Authority Key Identifier: keyid:5F:EE:DE:9D:38:25:43:F0:51:52:7F:A5:33:D4:7A:91:70:77:E6:32 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EA198/AD629222B52511E6AF6C895EC4F9AE02/X-7enTglQ_BRUn-lM9R6kXB35jI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/X-7enTglQ_BRUn-lM9R6kXB35jI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EA198/AD629222B52511E6AF6C895EC4F9AE02/4EA15AE44FD811ED8AEB0282C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 8.208.0.0/12 149.129.0.0/16 161.117.0.0/16 170.33.0.0/16 Signature Algorithm: sha256WithRSAEncryption 8c:d5:d5:f0:e3:01:55:89:3a:65:47:67:89:8b:52:6d:f8:e6: a1:5a:de:d2:35:70:9b:5e:6f:ff:b7:ae:e5:40:79:4d:59:b6: e2:b6:53:39:dc:3c:90:e1:fc:37:c2:c9:cc:6e:58:08:f9:11: f9:fa:78:d1:d7:3b:7e:19:57:db:34:f7:34:a0:36:95:fc:36: 4c:08:2c:e9:28:65:bc:2f:b7:04:fa:2a:ce:d0:63:4b:90:67: 5b:20:fd:67:9d:b4:43:a8:df:02:66:24:c9:91:c6:79:75:5a: 87:56:f3:88:d5:02:93:fa:26:2a:5d:ab:17:b9:ad:ad:86:32: f0:0b:e1:60:0c:07:12:2c:b8:4b:b2:f7:da:9a:83:f2:1b:32: b5:a0:dd:9e:5b:4c:c8:ea:58:bb:f1:0c:20:02:3e:99:78:5f: 02:76:7c:3b:4d:bb:2d:57:3b:aa:6d:fb:4e:27:24:f7:c3:9a: 7a:8e:00:38:76:49:30:d9:db:c8:43:2f:51:97:72:ab:ed:c2: 62:a9:6f:0b:e6:2f:77:30:b4:6b:23:af:d7:b9:dc:62:bb:e6: ce:d2:3f:e5:06:8d:4c:2d:e1:9f:a9:a4:ff:9f:13:ea:ad:7e: 40:c2:63:60:5d:a9:a4:7f:27:d9:0e:fe:22:ab:2f:82:ae:36: 09:6a:94:ff -----BEGIN CERTIFICATE----- MIIFfzCCBGegAwIBAgICHcYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RUExOTgxMTAvBgNVBAUTKDVGRUVERTlEMzgyNTQzRjA1MTUyN0ZBNTMzRDQ3QTkx NzA3N0U2MzIwHhcNMjQxMjE4MTYxMzUzWhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD VQQDEw02NzYyZjRjMS1lZDU2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAozNYl54Enmqki884Co4Me3S660OdqI922vNyI4s9Qf8jMorFyJKseBph4CCO PEX2cBQOtDnLcxnxfbsZ4UHzqb2/KmAzLmtu/GlDoTkvUryiVYXavdVnPhO0nkkR hR5dmj6YTSTAQZ09FrcTlcodZusAuoy1m6U7N6oXymM9Mp7Fe63iwOCxEc4kdtZs +NYpHq07PKMypPcztGKC0pkWCKZW88d0n50ztYz2s7IRJ0b4bRB5gmfApfIXRdOb Hw1YZDGbYLmSj/9f/NZCVa44nVDJ2dpgeBZ+frR9CDVj/l1VnQAw7yL9Fju6xmr4 kVkRJwb9Cqwi/u6Mz60LUyuihwIDAQABo4ICozCCAp8wHQYDVR0OBBYEFOW69bMV v+wLPjbiMOjcUF3SJXJrMB8GA1UdIwQYMBaAFF/u3p04JUPwUVJ/pTPUepFwd+Yy MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQTE5OC9BRDYyOTIyMkI1 MjUxMUU2QUY2Qzg5NUVDNEY5QUUwMi9YLTdlblRnbFFfQlJVbi1sTTlSNmtYQjM1 akkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL1gtN2VuVGdsUV9CUlVuLWxNOVI2a1hCMzVqSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RUExOTgvQUQ2MjkyMjJCNTI1MTFFNkFGNkM4OTVFQzRGOUFFMDIvNEVBMTVBRTQ0 RkQ4MTFFRDhBRUIwMjgyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLQYIKwYBBQUHAQcBAf8E HjAcMBoEAgABMBQDAwQI0AMDAJWBAwMAoXUDAwCqITANBgkqhkiG9w0BAQsFAAOC AQEAjNXV8OMBVYk6ZUdniYtSbfjmoVre0jVwm15v/7eu5UB5TVm24rZTOdw8kOH8 N8LJzG5YCPkR+fp40dc7fhlX2zT3NKA2lfw2TAgs6ShlvC+3BPoqztBjS5BnWyD9 Z520Q6jfAmYkyZHGeXVah1bziNUCk/omKl2rF7mtrYYy8AvhYAwHEiy4S7L32pqD 8hsytaDdnltMyOpYu/EMIAI+mXhfAnZ8O027LVc7qm37Tick98Oaeo4AOHZJMNnb yEMvUZdyq+3CYqlvC+YvdzC0ayOv17ncYrvmztI/5QaNTC3hn6mk/58T6q1+QMJj YF2ppH8n2Q7+Iqsvgq42CWqU/w== -----END CERTIFICATE-----Generated at Sat Apr 5 19:33:27 2025 by rpki-client