$ rpki-client -vvf rpki.apnic.net/member_repository/A9116BB8/39DCF75442F011EB8A09C75AC4F9AE02/490CDADA42F211EBB34A1A60C4F9AE02.roa File: 490CDADA42F211EBB34A1A60C4F9AE02.roa (raw, json) Hash identifier: zr8QzJC3K7MFATLgDbAlZEpwPfYL60QEXaDSHESgJzs= Subject key identifier: AA:42:F7:DF:74:D9:98:1D:CD:5C:18:E3:AA:4E:7B:85:16:6D:ED:B0 Certificate issuer: /CN=A9116BB8/serialNumber=8AE9CDE10BE0B77F091B0D38EBC1967C8BC0919E Certificate serial: 06A5 Authority key identifier: 8A:E9:CD:E1:0B:E0:B7:7F:09:1B:0D:38:EB:C1:96:7C:8B:C0:91:9E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iunN4Qvgt38JGw0468GWfIvAkZ4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9116BB8/39DCF75442F011EB8A09C75AC4F9AE02/490CDADA42F211EBB34A1A60C4F9AE02.roa Signing time: Wed 02 Oct 2024 22:32:07 +0000 ROA not before: Wed 02 Oct 2024 22:32:07 +0000 ROA not after: Tue 30 Dec 2025 00:00:00 +0000 asID: 138995 IP address blocks: 45.125.216.0/24 maxlen: 24 45.125.217.0/24 maxlen: 24 45.125.218.0/24 maxlen: 24 45.125.219.0/24 maxlen: 24 103.86.64.0/24 maxlen: 24 103.86.65.0/24 maxlen: 24 103.86.66.0/24 maxlen: 24 103.86.67.0/24 maxlen: 24 103.108.185.0/24 maxlen: 24 103.142.244.0/24 maxlen: 24 103.142.245.0/24 maxlen: 24 103.194.104.0/24 maxlen: 24 103.194.105.0/24 maxlen: 24 103.194.106.0/24 maxlen: 24 103.194.107.0/24 maxlen: 24 116.204.176.0/24 maxlen: 24 116.204.177.0/24 maxlen: 24 116.204.178.0/24 maxlen: 24 116.204.179.0/24 maxlen: 24 2001:df1:5f80::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9116BB8/39DCF75442F011EB8A09C75AC4F9AE02/iunN4Qvgt38JGw0468GWfIvAkZ4.crl rsync://rpki.apnic.net/member_repository/A9116BB8/39DCF75442F011EB8A09C75AC4F9AE02/iunN4Qvgt38JGw0468GWfIvAkZ4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iunN4Qvgt38JGw0468GWfIvAkZ4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 Nov 2024 20:33:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1701 (0x6a5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9116BB8/serialNumber=8AE9CDE10BE0B77F091B0D38EBC1967C8BC0919E Validity Not Before: Oct 2 22:32:07 2024 GMT Not After : Dec 30 00:00:00 2025 GMT Subject: CN=66fdc9e7-ccc5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:7e:50:8c:a6:f3:aa:8f:77:eb:a8:ad:af:de: ee:54:2d:bc:7f:d1:d4:3d:ff:d1:44:db:37:b5:c9: ac:4b:3e:91:ee:bd:51:1c:35:2b:2b:32:56:d1:5b: 12:fb:08:c5:cb:06:c6:3e:60:0b:b8:29:ce:f4:2f: d6:20:c6:3f:0d:d4:2b:64:63:f2:c9:80:a2:b7:c3: e2:52:b2:69:19:0d:75:ea:74:93:84:23:61:64:e7: 32:94:fb:cd:2b:cd:80:e1:b3:37:6b:ce:20:af:ea: fb:3c:97:fb:56:d9:9c:b2:56:a4:c4:cc:a0:75:a3: c7:f0:27:0d:85:38:2f:93:d3:46:32:02:c7:c7:a4: c2:8a:6d:b7:9f:10:a7:a3:54:12:00:0c:43:47:33: e5:b6:53:c3:34:58:5c:4f:87:02:1b:0c:10:e9:7b: 1a:10:17:9a:d4:99:b5:f0:f3:f0:a5:81:f8:6a:6e: 12:1a:1b:82:ba:81:62:64:0a:5c:92:93:55:7f:d1: 3d:b2:2f:b0:1d:8e:c9:7e:f0:21:9e:3b:0f:4e:cf: 3d:b7:ab:2a:0f:93:d5:49:fb:3c:d2:a6:5e:cc:3a: da:05:c7:c3:9c:0a:79:48:a5:08:48:1c:20:47:7e: 74:23:37:7f:e3:ab:c7:43:93:63:73:62:c2:44:4f: 6e:5b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AA:42:F7:DF:74:D9:98:1D:CD:5C:18:E3:AA:4E:7B:85:16:6D:ED:B0 X509v3 Authority Key Identifier: keyid:8A:E9:CD:E1:0B:E0:B7:7F:09:1B:0D:38:EB:C1:96:7C:8B:C0:91:9E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9116BB8/39DCF75442F011EB8A09C75AC4F9AE02/iunN4Qvgt38JGw0468GWfIvAkZ4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iunN4Qvgt38JGw0468GWfIvAkZ4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9116BB8/39DCF75442F011EB8A09C75AC4F9AE02/490CDADA42F211EBB34A1A60C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 45.125.216.0/22 103.86.64.0/22 103.108.185.0/24 103.142.244.0/23 103.194.104.0/22 116.204.176.0/22 IPv6: 2001:df1:5f80::/48 Signature Algorithm: sha256WithRSAEncryption c3:f5:4c:85:c3:79:2d:e2:e0:81:28:a9:46:d9:b2:cb:74:2e: fa:fc:6c:47:26:42:da:25:30:7c:90:ae:2e:66:82:3a:05:7c: 17:26:98:4f:1d:8d:13:c9:85:af:f4:1a:bc:ef:1c:bb:4d:23: 56:b9:04:4a:95:54:7e:0e:52:21:f2:02:8c:c4:95:44:3b:1f: b7:82:75:98:00:10:fa:58:a5:d7:3d:49:28:45:15:74:ac:de: ce:8a:45:96:83:44:12:47:55:1c:55:fc:74:71:50:93:f3:df: 8e:b1:b8:d1:f2:77:7c:54:7e:f8:d1:22:b9:b6:bc:45:19:b3: d5:30:b6:10:8a:ef:08:99:fd:10:7d:c0:af:95:19:3f:7a:de: f8:5c:12:c6:1b:04:f0:bd:f7:44:01:8b:3f:32:c3:d4:6a:ff: 83:12:19:38:47:e5:85:a8:87:37:30:1f:ad:7c:2d:db:05:8a: 31:5e:1e:a6:e8:38:cd:21:23:1e:f3:f5:80:61:dc:b6:9b:0b: 94:f6:73:64:c0:df:8f:77:f1:2d:a6:43:11:58:56:c3:fe:24: 37:f9:50:96:e2:49:e0:ef:9a:cc:1b:0a:9d:f5:10:bb:58:86: ce:99:8f:a8:09:29:22:1d:72:f3:a4:b8:6d:e1:cb:ac:42:74: 64:ad:13:3d -----BEGIN CERTIFICATE----- MIIFoDCCBIigAwIBAgICBqUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MTZCQjgxMTAvBgNVBAUTKDhBRTlDREUxMEJFMEI3N0YwOTFCMEQzOEVCQzE5NjdD OEJDMDkxOUUwHhcNMjQxMDAyMjIzMjA3WhcNMjUxMjMwMDAwMDAwWjAYMRYwFAYD VQQDEw02NmZkYzllNy1jY2M1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAu35QjKbzqo9366itr97uVC28f9HUPf/RRNs3tcmsSz6R7r1RHDUrKzJW0VsS +wjFywbGPmALuCnO9C/WIMY/DdQrZGPyyYCit8PiUrJpGQ116nSThCNhZOcylPvN K82A4bM3a84gr+r7PJf7VtmcslakxMygdaPH8CcNhTgvk9NGMgLHx6TCim23nxCn o1QSAAxDRzPltlPDNFhcT4cCGwwQ6XsaEBea1Jm18PPwpYH4am4SGhuCuoFiZApc kpNVf9E9si+wHY7JfvAhnjsPTs89t6sqD5PVSfs80qZezDraBcfDnAp5SKUISBwg R350Izd/46vHQ5Njc2LCRE9uWwIDAQABo4ICxDCCAsAwHQYDVR0OBBYEFKpC9990 2ZgdzVwY46pOe4UWbe2wMB8GA1UdIwQYMBaAFIrpzeEL4Ld/CRsNOOvBlnyLwJGe MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExNkJCOC8zOURDRjc1NDQy RjAxMUVCOEEwOUM3NUFDNEY5QUUwMi9pdW5ONFF2Z3QzOEpHdzA0NjhHV2ZJdkFr WjQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2l1bk40UXZndDM4Skd3MDQ2OEdXZkl2QWtaNC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MTZCQjgvMzlEQ0Y3NTQ0MkYwMTFFQjhBMDlDNzVBQzRGOUFFMDIvNDkwQ0RBREE0 MkYyMTFFQkIzNEExQTYwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwTgYIKwYBBQUHAQcBAf8E PzA9MCoEAgABMCQDBAItfdgDBAJnVkADBABnbLkDBAFnjvQDBAJnwmgDBAJ0zLAw DwQCAAIwCQMHACABDfFfgDANBgkqhkiG9w0BAQsFAAOCAQEAw/VMhcN5LeLggSip Rtmyy3Qu+vxsRyZC2iUwfJCuLmaCOgV8FyaYTx2NE8mFr/QavO8cu00jVrkESpVU fg5SIfICjMSVRDsft4J1mAAQ+lil1z1JKEUVdKzezopFloNEEkdVHFX8dHFQk/Pf jrG40fJ3fFR++NEiuba8RRmz1TC2EIrvCJn9EH3Ar5UZP3re+FwSxhsE8L33RAGL PzLD1Gr/gxIZOEflhaiHNzAfrXwt2wWKMV4epug4zSEjHvP1gGHctpsLlPZzZMDf j3fxLaZDEVhWw/4kN/lQluJJ4O+azBsKnfUQu1iGzpmPqAkpIh1y86S4beHLrEJ0 ZK0TPQ== -----END CERTIFICATE-----Generated at Wed Nov 20 23:11:42 2024 by rpki-client on console-fra.rpki-client.org