$ rpki-client -vvf rpki.apnic.net/member_repository/A91EAE3D/97B6E0CE75DE11E8B704A246C4F9AE02/97AAC8FE86A011EB8BEAC92BC4F9AE02.roa File: 97AAC8FE86A011EB8BEAC92BC4F9AE02.roa (raw, json) Hash identifier: 4X5x/3ec+V05enTyEyghP4l5VMbIiRW4BtGu3szunNA= Subject key identifier: 25:B2:89:9A:E1:AD:8F:AD:6F:A8:C3:9F:41:E3:47:A6:D5:4A:DB:1D Certificate issuer: /CN=A91EAE3D/serialNumber=C7269B124C420C55E29FB51D3C1B0D9D476CBD00 Certificate serial: 1791 Authority key identifier: C7:26:9B:12:4C:42:0C:55:E2:9F:B5:1D:3C:1B:0D:9D:47:6C:BD:00 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xyabEkxCDFXin7UdPBsNnUdsvQA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EAE3D/97B6E0CE75DE11E8B704A246C4F9AE02/97AAC8FE86A011EB8BEAC92BC4F9AE02.roa Signing time: Tue 20 Feb 2024 17:55:24 +0000 ROA not before: Tue 20 Feb 2024 17:55:24 +0000 ROA not after: Thu 01 May 2025 00:00:00 +0000 asID: 137199 IP address blocks: 49.255.8.0/24 maxlen: 24 203.13.35.0/24 maxlen: 24 203.13.174.0/24 maxlen: 24 203.18.106.0/24 maxlen: 24 203.20.104.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EAE3D/97B6E0CE75DE11E8B704A246C4F9AE02/xyabEkxCDFXin7UdPBsNnUdsvQA.crl rsync://rpki.apnic.net/member_repository/A91EAE3D/97B6E0CE75DE11E8B704A246C4F9AE02/xyabEkxCDFXin7UdPBsNnUdsvQA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xyabEkxCDFXin7UdPBsNnUdsvQA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 07 Jun 2024 17:47:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6033 (0x1791) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EAE3D/serialNumber=C7269B124C420C55E29FB51D3C1B0D9D476CBD00 Validity Not Before: Feb 20 17:55:24 2024 GMT Not After : May 1 00:00:00 2025 GMT Subject: CN=65d4e78c-9f45 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:0d:ed:b8:8a:0b:ca:80:93:7b:77:4f:3a:00: 5d:ca:2b:c1:89:64:ac:54:34:28:ea:64:91:26:53: ed:a2:c4:de:91:86:51:dd:37:72:78:75:34:0f:be: 71:c2:78:13:d7:8e:4a:48:26:aa:c5:7d:2b:79:a0: b2:72:1d:9d:0f:77:86:20:d6:91:e0:a8:74:e1:ef: f7:aa:3c:76:d2:ee:7e:d5:a1:71:a7:83:dc:0e:4e: 7a:c7:00:c8:de:b6:7a:a8:5d:d7:3c:96:e4:e9:1e: 5a:5c:3c:39:9a:53:71:6b:cb:b2:df:c4:c7:b4:59: 89:bf:59:58:3c:5c:9a:5d:db:f9:4b:32:87:d3:ab: 88:3d:df:19:ac:46:4d:31:83:68:99:11:c1:7c:b6: e9:6f:d2:53:53:f7:49:a9:50:b4:84:ec:0e:cd:ad: b3:a3:e9:58:a7:bd:48:e6:71:1b:8a:91:d5:b7:1e: 79:4f:fb:42:ba:e9:17:97:df:cf:95:7d:d0:2f:91: c8:a8:d9:d9:0e:f9:1a:5f:72:5e:60:d6:34:89:d8: f1:ac:26:4d:52:ff:d1:fc:46:62:75:8c:29:af:6e: bf:79:b1:b1:55:21:cf:51:78:19:9d:dd:d4:3c:f4: c5:67:45:c6:f0:2f:de:ec:64:0f:53:bf:e3:0f:da: 76:05 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 25:B2:89:9A:E1:AD:8F:AD:6F:A8:C3:9F:41:E3:47:A6:D5:4A:DB:1D X509v3 Authority Key Identifier: keyid:C7:26:9B:12:4C:42:0C:55:E2:9F:B5:1D:3C:1B:0D:9D:47:6C:BD:00 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EAE3D/97B6E0CE75DE11E8B704A246C4F9AE02/xyabEkxCDFXin7UdPBsNnUdsvQA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xyabEkxCDFXin7UdPBsNnUdsvQA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EAE3D/97B6E0CE75DE11E8B704A246C4F9AE02/97AAC8FE86A011EB8BEAC92BC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 49.255.8.0/24 203.13.35.0/24 203.13.174.0/24 203.18.106.0/24 203.20.104.0/24 Signature Algorithm: sha256WithRSAEncryption 24:42:9d:08:8f:f0:a1:80:58:90:b0:ce:ac:b4:b4:aa:85:9b: a5:6a:67:ec:89:1c:78:67:a6:31:8e:61:df:c6:42:8d:fa:a9: 8f:e5:9b:4e:e8:c0:57:0d:2d:73:5b:ef:1c:53:5b:95:cb:76: e7:d8:a7:02:39:da:ff:6b:a5:54:d1:de:93:e5:ba:c0:e4:a2: 7d:1a:ad:1c:5e:a5:f4:ca:00:e8:ca:98:2f:48:c8:dd:84:96: ed:07:3b:43:89:7d:6f:1f:41:ed:27:f8:5d:95:f6:4e:1a:a6: b7:14:9e:c0:7b:38:7f:cf:b2:b4:fe:8b:bf:4a:d1:5e:89:2b: 2c:82:75:6c:5d:7d:c2:14:b1:e6:10:13:69:7d:4c:6c:b8:a2: 9e:5f:ad:57:ab:3c:20:2b:dd:fb:bd:fa:da:c6:23:ad:ae:c5: a2:bb:88:c7:8b:3d:f0:32:3a:a2:65:a8:4e:d5:da:4e:2f:84: 3e:f0:6a:b4:5a:25:32:c1:15:cf:f8:23:86:21:a5:e1:71:7b: 84:8e:a9:9e:f9:e2:9b:33:58:73:72:fe:f0:48:ea:32:b0:0c: cf:b9:2e:17:f0:0f:36:0f:fc:fd:b2:e8:ab:ae:90:dc:47:c8: 61:6b:ef:37:8e:60:13:33:aa:bf:92:39:f1:c1:f2:0f:6b:ae: 3b:58:72:c7 -----BEGIN CERTIFICATE----- MIIFiTCCBHGgAwIBAgICF5EwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RUFFM0QxMTAvBgNVBAUTKEM3MjY5QjEyNEM0MjBDNTVFMjlGQjUxRDNDMUIwRDlE NDc2Q0JEMDAwHhcNMjQwMjIwMTc1NTI0WhcNMjUwNTAxMDAwMDAwWjAYMRYwFAYD VQQDEw02NWQ0ZTc4Yy05ZjQ1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEApQ3tuIoLyoCTe3dPOgBdyivBiWSsVDQo6mSRJlPtosTekYZR3TdyeHU0D75x wngT145KSCaqxX0reaCych2dD3eGINaR4Kh04e/3qjx20u5+1aFxp4PcDk56xwDI 3rZ6qF3XPJbk6R5aXDw5mlNxa8uy38THtFmJv1lYPFyaXdv5SzKH06uIPd8ZrEZN MYNomRHBfLbpb9JTU/dJqVC0hOwOza2zo+lYp71I5nEbipHVtx55T/tCuukXl9/P lX3QL5HIqNnZDvkaX3JeYNY0idjxrCZNUv/R/EZidYwpr26/ebGxVSHPUXgZnd3U PPTFZ0XG8C/e7GQPU7/jD9p2BQIDAQABo4ICrTCCAqkwHQYDVR0OBBYEFCWyiZrh rY+tb6jDn0HjR6bVStsdMB8GA1UdIwQYMBaAFMcmmxJMQgxV4p+1HTwbDZ1HbL0A MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQUUzRC85N0I2RTBDRTc1 REUxMUU4QjcwNEEyNDZDNEY5QUUwMi94eWFiRWt4Q0RGWGluN1VkUEJzTm5VZHN2 UUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3h5YWJFa3hDREZYaW43VWRQQnNOblVkc3ZRQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RUFFM0QvOTdCNkUwQ0U3NURFMTFFOEI3MDRBMjQ2QzRGOUFFMDIvOTdBQUM4RkU4 NkEwMTFFQjhCRUFDOTJCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNwYIKwYBBQUHAQcBAf8E KDAmMCQEAgABMB4DBAAx/wgDBADLDSMDBADLDa4DBADLEmoDBADLFGgwDQYJKoZI hvcNAQELBQADggEBACRCnQiP8KGAWJCwzqy0tKqFm6VqZ+yJHHhnpjGOYd/GQo36 qY/lm07owFcNLXNb7xxTW5XLdufYpwI52v9rpVTR3pPlusDkon0arRxepfTKAOjK mC9IyN2Elu0HO0OJfW8fQe0n+F2V9k4aprcUnsB7OH/PsrT+i79K0V6JKyyCdWxd fcIUseYQE2l9TGy4op5frVerPCAr3fu9+trGI62uxaK7iMeLPfAyOqJlqE7V2k4v hD7warRaJTLBFc/4I4YhpeFxe4SOqZ754pszWHNy/vBI6jKwDM+5LhfwDzYP/P2y 6KuukNxHyGFr7zeOYBMzqr+SOfHB8g9rrjtYcsc= -----END CERTIFICATE-----Generated at Fri May 31 20:34:19 2024 by rpki-client on console-ams.rpki-client.org