$ rpki-client -vvf rpki.apnic.net/member_repository/A911BD54/3E281C98004911E5B4B64F63C4F9AE02/251E5BC2C72011EC9501FE0FC4F9AE02.roa File: 251E5BC2C72011EC9501FE0FC4F9AE02.roa (raw, json) Hash identifier: DsbDeNGNtBPmhWKPE4kewuvYP5UnzMgODRR9FI7G+BM= Subject key identifier: 6B:5A:B9:EE:88:2F:DD:DE:7E:64:1D:D5:39:1A:26:45:69:98:42:8E Certificate issuer: /CN=A911BD54/serialNumber=BCFAF8D33F18A8D3602029EBCEDE1E36AF20715C Certificate serial: 2823 Authority key identifier: BC:FA:F8:D3:3F:18:A8:D3:60:20:29:EB:CE:DE:1E:36:AF:20:71:5C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vPr40z8YqNNgICnrzt4eNq8gcVw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A911BD54/3E281C98004911E5B4B64F63C4F9AE02/251E5BC2C72011EC9501FE0FC4F9AE02.roa Signing time: Thu 28 Dec 2023 16:03:07 +0000 ROA not before: Thu 28 Dec 2023 16:03:07 +0000 ROA not after: Sun 02 Mar 2025 00:00:00 +0000 asID: 149640 IP address blocks: 49.229.94.0/24 maxlen: 24 58.64.0.0/24 maxlen: 24 58.64.11.0/24 maxlen: 24 2405:9800:c921::/48 maxlen: 48 2405:9800:c922::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A911BD54/3E281C98004911E5B4B64F63C4F9AE02/vPr40z8YqNNgICnrzt4eNq8gcVw.crl rsync://rpki.apnic.net/member_repository/A911BD54/3E281C98004911E5B4B64F63C4F9AE02/vPr40z8YqNNgICnrzt4eNq8gcVw.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vPr40z8YqNNgICnrzt4eNq8gcVw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 07 Jun 2024 16:10:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 10275 (0x2823) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A911BD54/serialNumber=BCFAF8D33F18A8D3602029EBCEDE1E36AF20715C Validity Not Before: Dec 28 16:03:07 2023 GMT Not After : Mar 2 00:00:00 2025 GMT Subject: CN=658d9c3b-d3e3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dc:f0:6f:27:40:ce:de:3c:45:57:46:c5:bb:2a: d9:e6:83:57:72:b6:41:c1:02:32:f3:eb:82:95:43: ac:ce:10:12:3f:06:4e:a2:58:20:d2:ed:ff:2d:89: 52:06:b9:a1:fa:02:50:93:2d:4a:1c:6a:51:a6:6d: 68:67:6d:3c:73:93:9c:e8:95:2b:aa:33:52:36:5f: 27:87:ca:a3:9b:59:99:42:27:08:d0:3b:e3:18:87: a1:fb:18:3c:b0:8c:5f:f7:c6:4d:e3:13:ad:85:62: 32:8e:b8:84:e8:58:fc:e0:65:9a:5c:cc:c9:74:a0: 0e:0f:bb:68:db:c4:70:31:6c:a3:eb:31:ae:d3:41: 3d:62:97:56:6f:c4:8d:75:c9:93:79:f5:ac:85:55: 81:98:d8:5c:39:94:33:98:5d:99:21:1b:07:13:ed: 31:ac:f6:01:15:38:fd:ed:20:7d:f0:da:b5:2f:2c: fd:8f:27:c4:8a:0a:93:04:bf:c9:f7:47:b2:7d:60: 95:f9:3e:48:24:a6:1d:7f:f3:2f:8a:fd:e5:d3:94: 11:95:2b:03:0f:af:7d:30:12:c5:7f:02:fa:d2:1f: d0:03:f4:29:fd:2e:d5:d5:fe:c8:f6:d4:3c:57:e1: 2c:be:5e:7d:b3:f8:be:ae:11:c2:7b:c1:76:be:cb: 43:fb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6B:5A:B9:EE:88:2F:DD:DE:7E:64:1D:D5:39:1A:26:45:69:98:42:8E X509v3 Authority Key Identifier: keyid:BC:FA:F8:D3:3F:18:A8:D3:60:20:29:EB:CE:DE:1E:36:AF:20:71:5C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A911BD54/3E281C98004911E5B4B64F63C4F9AE02/vPr40z8YqNNgICnrzt4eNq8gcVw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vPr40z8YqNNgICnrzt4eNq8gcVw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911BD54/3E281C98004911E5B4B64F63C4F9AE02/251E5BC2C72011EC9501FE0FC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 49.229.94.0/24 58.64.0.0/24 58.64.11.0/24 IPv6: 2405:9800:c921::-2405:9800:c922:ffff:ffff:ffff:ffff:ffff Signature Algorithm: sha256WithRSAEncryption 15:d1:5d:a2:b7:a1:e8:db:84:12:a4:8a:53:fb:e7:97:6b:c5: 1a:80:35:4a:49:6e:16:4e:6a:c4:d8:8b:7f:a3:65:18:fc:15: 48:47:2b:ed:36:16:d2:a5:2b:cb:cb:67:ed:22:11:dc:fa:00: 80:ff:b0:38:e7:33:9f:58:2d:8d:77:91:73:59:26:df:6d:97: ea:a6:75:52:e9:a5:a0:58:b3:1d:a9:3d:2b:b5:15:8a:4f:5c: a6:4e:f9:cc:1c:60:c3:d4:61:b4:79:4f:d0:9b:38:28:8b:6b: b6:a6:3f:90:aa:8b:d6:7f:7d:a7:5e:24:f6:cd:9d:dd:23:73: 25:d3:15:a4:6a:77:13:bb:b3:c7:50:ca:54:69:f4:26:b9:74: 88:ce:6a:c4:95:4e:7e:e2:d2:53:5c:11:22:31:d6:3e:5e:f4: 28:c0:bf:5d:13:8e:37:a1:1e:27:7b:85:46:26:cc:8a:95:a0: e5:f4:6b:d9:07:e2:ec:d5:ef:84:4b:ac:84:5c:97:af:c8:fc: fa:60:6a:b8:00:c4:bd:46:ca:61:eb:72:ab:bf:72:c7:5f:60: 3b:1b:6c:49:36:5d:63:91:b3:45:36:c4:c3:5e:b8:19:18:7c: 12:0e:76:8d:d0:0a:2d:a6:7f:16:95:03:df:d1:fc:e9:4d:3e: 73:c3:40:96 -----BEGIN CERTIFICATE----- MIIFmTCCBIGgAwIBAgICKCMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MUJENTQxMTAvBgNVBAUTKEJDRkFGOEQzM0YxOEE4RDM2MDIwMjlFQkNFREUxRTM2 QUYyMDcxNUMwHhcNMjMxMjI4MTYwMzA3WhcNMjUwMzAyMDAwMDAwWjAYMRYwFAYD VQQDEw02NThkOWMzYi1kM2UzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA3PBvJ0DO3jxFV0bFuyrZ5oNXcrZBwQIy8+uClUOszhASPwZOolgg0u3/LYlS Brmh+gJQky1KHGpRpm1oZ208c5Oc6JUrqjNSNl8nh8qjm1mZQicI0DvjGIeh+xg8 sIxf98ZN4xOthWIyjriE6Fj84GWaXMzJdKAOD7to28RwMWyj6zGu00E9YpdWb8SN dcmTefWshVWBmNhcOZQzmF2ZIRsHE+0xrPYBFTj97SB98Nq1Lyz9jyfEigqTBL/J 90eyfWCV+T5IJKYdf/Mviv3l05QRlSsDD699MBLFfwL60h/QA/Qp/S7V1f7I9tQ8 V+Esvl59s/i+rhHCe8F2vstD+wIDAQABo4ICvTCCArkwHQYDVR0OBBYEFGtaue6I L93efmQd1TkaJkVpmEKOMB8GA1UdIwQYMBaAFLz6+NM/GKjTYCAp687eHjavIHFc MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQkQ1NC8zRTI4MUM5ODAw NDkxMUU1QjRCNjRGNjNDNEY5QUUwMi92UHI0MHo4WXFOTmdJQ25yenQ0ZU5xOGdj VncuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3ZQcjQwejhZcU5OZ0lDbnJ6dDRlTnE4Z2NWdy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MUJENTQvM0UyODFDOTgwMDQ5MTFFNUI0QjY0RjYzQzRGOUFFMDIvMjUxRTVCQzJD NzIwMTFFQzk1MDFGRTBGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwRwYIKwYBBQUHAQcBAf8E ODA2MBgEAgABMBIDBAAx5V4DBAA6QAADBAA6QAswGgQCAAIwFDASAwcAJAWYAMkh AwcAJAWYAMkiMA0GCSqGSIb3DQEBCwUAA4IBAQAV0V2it6Ho24QSpIpT++eXa8Ua gDVKSW4WTmrE2It/o2UY/BVIRyvtNhbSpSvLy2ftIhHc+gCA/7A45zOfWC2Nd5Fz WSbfbZfqpnVS6aWgWLMdqT0rtRWKT1ymTvnMHGDD1GG0eU/Qmzgoi2u2pj+QqovW f32nXiT2zZ3dI3Ml0xWkancTu7PHUMpUafQmuXSIzmrElU5+4tJTXBEiMdY+XvQo wL9dE443oR4ne4VGJsyKlaDl9GvZB+Ls1e+ES6yEXJevyPz6YGq4AMS9Rsph63Kr v3LHX2A7G2xJNl1jkbNFNsTDXrgZGHwSDnaN0Aotpn8WlQPf0fzpTT5zw0CW -----END CERTIFICATE-----Generated at Fri May 31 20:33:57 2024 by rpki-client on console-ams.rpki-client.org