$ rpki-client -vvf rpki.apnic.net/member_repository/A911ABCE/90099C4057DD11EEBAFFE42DC4F9AE02/1B2EC2A457E411EEB143C80EC4F9AE02.roa File: 1B2EC2A457E411EEB143C80EC4F9AE02.roa (raw, json) Hash identifier: 2vNMz8bsWYuC9H/vzhdbGUA1HfH3KNf6jV9tK3X2cTM= Subject key identifier: 62:A7:C1:4A:F5:CF:1E:85:0E:F5:B1:BA:C7:5B:B2:3C:1A:1F:DD:3B Certificate issuer: /CN=A911ABCE/serialNumber=300742E4AD547AE49DD82C82F7ECEB095B902A20 Certificate serial: D1 Authority key identifier: 30:07:42:E4:AD:54:7A:E4:9D:D8:2C:82:F7:EC:EB:09:5B:90:2A:20 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MAdC5K1UeuSd2CyC9-zrCVuQKiA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A911ABCE/90099C4057DD11EEBAFFE42DC4F9AE02/1B2EC2A457E411EEB143C80EC4F9AE02.roa Signing time: Sat 05 Oct 2024 04:38:36 +0000 ROA not before: Sat 05 Oct 2024 04:38:36 +0000 ROA not after: Mon 01 Dec 2025 00:00:00 +0000 asID: 174 IP address blocks: 43.239.250.0/24 maxlen: 24 114.31.208.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A911ABCE/90099C4057DD11EEBAFFE42DC4F9AE02/MAdC5K1UeuSd2CyC9-zrCVuQKiA.crl rsync://rpki.apnic.net/member_repository/A911ABCE/90099C4057DD11EEBAFFE42DC4F9AE02/MAdC5K1UeuSd2CyC9-zrCVuQKiA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MAdC5K1UeuSd2CyC9-zrCVuQKiA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 21 Feb 2025 05:15:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 209 (0xd1) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A911ABCE Validity Not Before: Oct 5 04:38:36 2024 GMT Not After : Dec 1 00:00:00 2025 GMT Subject: CN=6700c2cc-6d38 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:9a:39:c9:76:6f:a7:cb:f0:c4:ed:4c:64:99: e5:37:d5:41:36:b5:6e:1b:70:e5:67:6b:3f:99:06: c5:40:ab:98:1c:71:35:63:fc:fe:dc:7f:ea:87:43: dd:2e:0c:3a:6e:e0:c2:91:cf:21:5f:cc:3c:8b:23: a1:77:3f:de:91:f0:56:b6:3d:36:dd:17:36:e1:2e: 47:ec:7a:57:01:63:e1:9a:b2:cc:d0:a6:19:9e:99: 01:9e:1a:da:90:5b:40:2a:5c:3a:1c:d6:a6:25:a4: 0f:20:2b:6c:5d:19:84:c5:12:09:35:50:70:a7:0f: 12:87:0d:d7:fd:9c:27:8f:a6:f8:32:87:a3:36:ed: 14:a9:98:3a:8d:4d:8b:b7:05:c9:29:91:e9:c0:eb: 12:52:df:0d:48:2c:2d:db:11:43:97:ef:8e:c9:44: 64:0d:4e:61:74:d2:be:4d:6f:77:43:eb:4e:dd:71: f4:6c:4d:b9:a8:40:04:4a:5e:dd:b8:c1:ad:90:c3: 2f:9c:8e:06:a4:25:0e:73:71:56:b7:83:ce:20:ca: 33:dc:a6:a2:3f:9e:c1:d1:37:73:c3:68:ed:ea:18: b7:7b:ee:a8:69:68:c6:ec:79:f0:51:56:08:d8:96: 00:43:e2:8d:4e:cc:a2:e4:ff:3b:73:02:ff:76:67: ae:09 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 62:A7:C1:4A:F5:CF:1E:85:0E:F5:B1:BA:C7:5B:B2:3C:1A:1F:DD:3B X509v3 Authority Key Identifier: keyid:30:07:42:E4:AD:54:7A:E4:9D:D8:2C:82:F7:EC:EB:09:5B:90:2A:20 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A911ABCE/90099C4057DD11EEBAFFE42DC4F9AE02/MAdC5K1UeuSd2CyC9-zrCVuQKiA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MAdC5K1UeuSd2CyC9-zrCVuQKiA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911ABCE/90099C4057DD11EEBAFFE42DC4F9AE02/1B2EC2A457E411EEB143C80EC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.239.250.0/24 114.31.208.0/22 Signature Algorithm: sha256WithRSAEncryption af:53:26:5f:e6:01:36:ef:27:a3:a7:e6:10:19:7d:0b:6f:5d: a2:f1:80:35:17:fa:f8:f7:62:37:0e:9b:77:78:68:74:d1:22: 6d:dd:ab:48:24:46:e3:06:ad:63:8e:1b:01:77:ca:9a:c1:e8: b1:68:fc:2d:6e:a5:55:5c:5b:cd:4f:51:1f:81:e0:07:b1:0e: 69:43:9b:01:f8:71:d5:95:68:81:f2:e7:7a:b0:be:90:f0:33: d8:2a:00:76:ba:2d:5d:07:0b:4e:40:59:55:fd:8b:6c:31:5e: ed:1c:a9:db:aa:ac:d4:0e:54:40:8d:49:23:f1:d0:40:a9:aa: 05:c7:a8:cc:30:a1:53:57:5b:a7:47:e6:63:50:e6:6c:08:62: ec:ca:39:df:a1:d3:8f:93:80:91:be:ee:64:05:10:0c:b8:52: 24:43:f3:b3:10:1e:64:42:76:00:dd:2d:01:d9:e2:cf:3f:bb: 3e:ed:ed:e0:99:96:03:1a:27:c4:52:36:f4:0f:86:89:f6:34: dd:b6:cb:83:b2:73:c1:bf:03:c4:9a:ad:c9:c9:7f:a5:cb:60: 38:2e:24:67:93:31:ec:0d:8f:57:fc:a1:da:cd:d3:a1:11:28: 5f:02:b8:80:88:35:ba:32:62:cb:c1:63:67:00:20:bd:77:d9: 4f:5a:ee:0a -----BEGIN CERTIFICATE----- MIIFdzCCBF+gAwIBAgICANEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MUFCQ0UxMTAvBgNVBAUTKDMwMDc0MkU0QUQ1NDdBRTQ5REQ4MkM4MkY3RUNFQjA5 NUI5MDJBMjAwHhcNMjQxMDA1MDQzODM2WhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD VQQDEw02NzAwYzJjYy02ZDM4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwZo5yXZvp8vwxO1MZJnlN9VBNrVuG3DlZ2s/mQbFQKuYHHE1Y/z+3H/qh0Pd Lgw6buDCkc8hX8w8iyOhdz/ekfBWtj023Rc24S5H7HpXAWPhmrLM0KYZnpkBnhra kFtAKlw6HNamJaQPICtsXRmExRIJNVBwpw8Shw3X/Zwnj6b4MoejNu0UqZg6jU2L twXJKZHpwOsSUt8NSCwt2xFDl++OyURkDU5hdNK+TW93Q+tO3XH0bE25qEAESl7d uMGtkMMvnI4GpCUOc3FWt4POIMoz3KaiP57B0Tdzw2jt6hi3e+6oaWjG7HnwUVYI 2JYAQ+KNTsyi5P87cwL/dmeuCQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFGKnwUr1 zx6FDvWxusdbsjwaH907MB8GA1UdIwQYMBaAFDAHQuStVHrkndgsgvfs6wlbkCog MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQUJDRS85MDA5OUM0MDU3 REQxMUVFQkFGRkU0MkRDNEY5QUUwMi9NQWRDNUsxVWV1U2QyQ3lDOS16ckNWdVFL aUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL01BZEM1SzFVZXVTZDJDeUM5LXpyQ1Z1UUtpQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MUFCQ0UvOTAwOTlDNDA1N0REMTFFRUJBRkZFNDJEQzRGOUFFMDIvMUIyRUMyQTQ1 N0U0MTFFRUIxNDNDODBFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E FjAUMBIEAgABMAwDBAAr7/oDBAJyH9AwDQYJKoZIhvcNAQELBQADggEBAK9TJl/m ATbvJ6On5hAZfQtvXaLxgDUX+vj3YjcOm3d4aHTRIm3dq0gkRuMGrWOOGwF3yprB 6LFo/C1upVVcW81PUR+B4AexDmlDmwH4cdWVaIHy53qwvpDwM9gqAHa6LV0HC05A WVX9i2wxXu0cqduqrNQOVECNSSPx0ECpqgXHqMwwoVNXW6dH5mNQ5mwIYuzKOd+h 04+TgJG+7mQFEAy4UiRD87MQHmRCdgDdLQHZ4s8/uz7t7eCZlgMaJ8RSNvQPhon2 NN22y4Oyc8G/A8SarcnJf6XLYDguJGeTMewNj1f8odrN06ERKF8CuICINboyYsvB Y2cAIL132U9a7go= -----END CERTIFICATE-----Generated at Sun Feb 16 15:41:53 2025 by rpki-client