$ rpki-client -vvf rpki.apnic.net/member_repository/A911ABCE/90099C4057DD11EEBAFFE42DC4F9AE02/1AB7C58C57E411EEB143C80EC4F9AE02.roa File: 1AB7C58C57E411EEB143C80EC4F9AE02.roa (raw, json) Hash identifier: za2Ui3WUL1KtJyaUb1Afwi6LYp342P/Dlv/IorKk6Y8= Subject key identifier: EC:C6:D5:EC:98:4B:3B:00:9E:FC:B7:D4:10:06:AF:36:8F:E0:83:27 Certificate issuer: /CN=A911ABCE/serialNumber=300742E4AD547AE49DD82C82F7ECEB095B902A20 Certificate serial: D0 Authority key identifier: 30:07:42:E4:AD:54:7A:E4:9D:D8:2C:82:F7:EC:EB:09:5B:90:2A:20 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MAdC5K1UeuSd2CyC9-zrCVuQKiA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A911ABCE/90099C4057DD11EEBAFFE42DC4F9AE02/1AB7C58C57E411EEB143C80EC4F9AE02.roa Signing time: Sat 05 Oct 2024 04:38:35 +0000 ROA not before: Sat 05 Oct 2024 04:38:35 +0000 ROA not after: Mon 01 Dec 2025 00:00:00 +0000 asID: 1239 IP address blocks: 43.239.250.0/24 maxlen: 24 114.31.208.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A911ABCE/90099C4057DD11EEBAFFE42DC4F9AE02/MAdC5K1UeuSd2CyC9-zrCVuQKiA.crl rsync://rpki.apnic.net/member_repository/A911ABCE/90099C4057DD11EEBAFFE42DC4F9AE02/MAdC5K1UeuSd2CyC9-zrCVuQKiA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MAdC5K1UeuSd2CyC9-zrCVuQKiA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 20 Mar 2025 03:16:02 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 208 (0xd0) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A911ABCE Validity Not Before: Oct 5 04:38:35 2024 GMT Not After : Dec 1 00:00:00 2025 GMT Subject: CN=6700c2cb-3e9d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:6c:f8:74:c5:d9:65:4e:7f:9a:8c:b0:2d:34: 38:ce:cb:d8:38:80:ab:74:bd:92:4b:15:ae:87:d1: de:70:03:53:18:62:d6:67:41:8d:b7:c9:dd:53:2c: de:08:33:e1:3c:41:e0:90:07:73:7f:f6:91:05:ac: 94:07:91:09:79:7a:39:93:da:a5:85:74:99:66:31: 70:b5:5a:a0:9c:35:f0:bc:b2:7e:b1:63:7c:42:03: 81:17:b0:20:09:c2:ab:ce:20:d1:66:eb:99:3a:5a: 4d:56:f8:65:d7:e1:44:55:af:88:f1:80:19:31:3d: 73:bc:ac:fd:47:05:3b:56:8d:31:d8:de:73:4a:81: c2:e8:d8:0a:87:07:6c:33:51:b3:bb:12:ea:2a:a9: ae:41:a5:c1:bc:11:3f:60:ae:7b:33:82:b1:4a:27: f6:29:6e:38:04:2f:7e:4b:fe:94:93:1f:d3:90:f7: 19:d8:f4:dc:2a:b4:57:c3:71:57:52:03:8b:01:e0: 3a:ca:b3:02:2b:d3:8c:fb:75:c5:3d:ee:f0:b6:0d: 80:97:27:28:62:ce:c0:76:d6:16:c8:6e:f0:28:5c: 3b:58:f9:4b:93:1a:dd:ed:cc:47:fd:d2:6e:77:d0: 3e:c2:07:c0:cc:f4:ff:54:fe:40:c7:d2:30:a6:a7: 80:51 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EC:C6:D5:EC:98:4B:3B:00:9E:FC:B7:D4:10:06:AF:36:8F:E0:83:27 X509v3 Authority Key Identifier: keyid:30:07:42:E4:AD:54:7A:E4:9D:D8:2C:82:F7:EC:EB:09:5B:90:2A:20 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A911ABCE/90099C4057DD11EEBAFFE42DC4F9AE02/MAdC5K1UeuSd2CyC9-zrCVuQKiA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MAdC5K1UeuSd2CyC9-zrCVuQKiA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911ABCE/90099C4057DD11EEBAFFE42DC4F9AE02/1AB7C58C57E411EEB143C80EC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.239.250.0/24 114.31.208.0/22 Signature Algorithm: sha256WithRSAEncryption 96:66:ae:66:b2:d8:90:7b:8f:42:8b:ff:ad:91:d2:a8:0a:e2: da:b0:e0:24:4c:70:cf:28:12:43:1d:9f:d6:9f:f1:7a:11:b4: 18:4f:4b:f6:83:3d:14:00:f2:3b:e5:67:06:cb:f3:52:4f:10: c4:85:50:65:60:e2:ac:0c:dd:2d:4a:9f:35:ef:17:7f:0a:02: 82:90:f0:7d:64:7a:ea:64:9f:9a:7a:bd:1c:22:f4:91:fb:9a: 62:86:41:b0:bd:1b:6d:d6:8c:7a:85:e9:af:9c:ef:3f:70:85: 20:14:74:41:29:d2:82:4f:fe:fb:2d:f6:6c:0a:6a:9e:9b:e8: dd:d8:56:4a:58:7d:a7:7c:33:b5:75:c8:84:56:4c:65:d7:a7: 25:cf:17:7f:5c:f0:74:12:91:09:a8:c8:d2:39:f3:8a:8b:91: 5d:d6:77:07:4d:3f:e1:60:97:76:d0:44:7b:01:52:68:f2:23: dc:58:f3:0b:ef:db:95:5a:05:c7:9b:48:ba:51:63:e8:e2:dd: 43:59:e0:6b:1c:90:13:49:c1:21:0f:04:ff:29:c1:09:73:47: 67:b0:a3:02:ab:4a:cb:0d:a7:b3:c9:0c:42:ec:7f:4b:b5:9e: 56:56:ae:fe:54:c7:86:17:82:df:06:4b:a9:b8:26:d9:c9:79: a6:2c:c1:c4 -----BEGIN CERTIFICATE----- MIIFdzCCBF+gAwIBAgICANAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MUFCQ0UxMTAvBgNVBAUTKDMwMDc0MkU0QUQ1NDdBRTQ5REQ4MkM4MkY3RUNFQjA5 NUI5MDJBMjAwHhcNMjQxMDA1MDQzODM1WhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD VQQDEw02NzAwYzJjYi0zZTlkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAu2z4dMXZZU5/moywLTQ4zsvYOICrdL2SSxWuh9HecANTGGLWZ0GNt8ndUyze CDPhPEHgkAdzf/aRBayUB5EJeXo5k9qlhXSZZjFwtVqgnDXwvLJ+sWN8QgOBF7Ag CcKrziDRZuuZOlpNVvhl1+FEVa+I8YAZMT1zvKz9RwU7Vo0x2N5zSoHC6NgKhwds M1GzuxLqKqmuQaXBvBE/YK57M4KxSif2KW44BC9+S/6Ukx/TkPcZ2PTcKrRXw3FX UgOLAeA6yrMCK9OM+3XFPe7wtg2AlycoYs7AdtYWyG7wKFw7WPlLkxrd7cxH/dJu d9A+wgfAzPT/VP5Ax9IwpqeAUQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFOzG1eyY SzsAnvy31BAGrzaP4IMnMB8GA1UdIwQYMBaAFDAHQuStVHrkndgsgvfs6wlbkCog MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQUJDRS85MDA5OUM0MDU3 REQxMUVFQkFGRkU0MkRDNEY5QUUwMi9NQWRDNUsxVWV1U2QyQ3lDOS16ckNWdVFL aUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL01BZEM1SzFVZXVTZDJDeUM5LXpyQ1Z1UUtpQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MUFCQ0UvOTAwOTlDNDA1N0REMTFFRUJBRkZFNDJEQzRGOUFFMDIvMUFCN0M1OEM1 N0U0MTFFRUIxNDNDODBFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E FjAUMBIEAgABMAwDBAAr7/oDBAJyH9AwDQYJKoZIhvcNAQELBQADggEBAJZmrmay 2JB7j0KL/62R0qgK4tqw4CRMcM8oEkMdn9af8XoRtBhPS/aDPRQA8jvlZwbL81JP EMSFUGVg4qwM3S1KnzXvF38KAoKQ8H1keupkn5p6vRwi9JH7mmKGQbC9G23WjHqF 6a+c7z9whSAUdEEp0oJP/vst9mwKap6b6N3YVkpYfad8M7V1yIRWTGXXpyXPF39c 8HQSkQmoyNI584qLkV3WdwdNP+Fgl3bQRHsBUmjyI9xY8wvv25VaBcebSLpRY+ji 3UNZ4GsckBNJwSEPBP8pwQlzR2ewowKrSssNp7PJDELsf0u1nlZWrv5Ux4YXgt8G S6m4JtnJeaYswcQ= -----END CERTIFICATE-----Generated at Thu Mar 13 21:56:30 2025 by rpki-client