$ rpki-client -vvf rpki.apnic.net/member_repository/A911C5B0/40C8D5A61D8311E2823A5FD808B02CD2/1EEE3E0AC35111EE9D744F36C4F9AE02.roa File: 1EEE3E0AC35111EE9D744F36C4F9AE02.roa (raw, json) Hash identifier: ucV0kVixfHpuy12BVYVN62sGm8utgsjQ/0NVbfikRis= Subject key identifier: BC:A6:E3:A1:F6:6E:FB:85:B8:7A:54:A5:E3:F4:FE:D9:97:4C:AF:24 Certificate issuer: /CN=A911C5B0/serialNumber=7A961769549E0AAD0A9BF9925683BAEF733A2F1A Certificate serial: 3433 Authority key identifier: 7A:96:17:69:54:9E:0A:AD:0A:9B:F9:92:56:83:BA:EF:73:3A:2F:1A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/epYXaVSeCq0Km_mSVoO673M6Lxo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A911C5B0/40C8D5A61D8311E2823A5FD808B02CD2/1EEE3E0AC35111EE9D744F36C4F9AE02.roa Signing time: Tue 30 Jul 2024 14:50:16 +0000 ROA not before: Tue 30 Jul 2024 14:50:16 +0000 ROA not after: Tue 30 Sep 2025 00:00:00 +0000 asID: 17901 IP address blocks: 210.246.156.0/23 maxlen: 24 210.246.194.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A911C5B0/40C8D5A61D8311E2823A5FD808B02CD2/epYXaVSeCq0Km_mSVoO673M6Lxo.crl rsync://rpki.apnic.net/member_repository/A911C5B0/40C8D5A61D8311E2823A5FD808B02CD2/epYXaVSeCq0Km_mSVoO673M6Lxo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/epYXaVSeCq0Km_mSVoO673M6Lxo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Nov 2024 14:22:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13363 (0x3433) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A911C5B0/serialNumber=7A961769549E0AAD0A9BF9925683BAEF733A2F1A Validity Not Before: Jul 30 14:50:16 2024 GMT Not After : Sep 30 00:00:00 2025 GMT Subject: CN=66a8fda8-718a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d1:8f:ba:ff:2c:cf:44:6a:c7:dc:d5:f4:91:8d: 0e:01:cc:9a:59:5b:86:f3:5b:27:96:30:ef:d9:7e: 75:ee:14:05:33:ae:dd:9b:89:c1:8a:3d:6f:f3:d6: 52:4d:10:d6:28:d3:93:de:31:3e:e6:8f:43:74:d5: 58:cc:c4:cd:57:ca:ea:9c:ad:c5:f3:ca:dd:64:f5: d3:00:09:e0:ac:d6:02:d1:d7:a5:b6:5f:4e:2f:32: a4:35:39:96:59:46:54:b1:3a:e8:e2:e9:96:df:2d: e1:50:20:25:05:90:b9:50:7b:b6:19:34:e7:24:13: 96:a6:7f:db:d1:12:27:de:7e:3c:ba:f8:1e:e5:cf: 48:e7:b9:5d:9a:43:1c:da:f4:34:ad:03:3a:70:c0: 7c:7b:7c:3e:36:97:42:8d:5b:d4:e5:f8:0a:5f:bb: b9:1e:22:d3:d9:6c:8c:b9:aa:4f:74:0e:8c:0f:08: c5:26:2d:cc:78:f6:35:c6:4f:d1:62:a9:2c:71:02: d0:ae:24:c6:1e:df:54:1e:9d:67:be:73:d8:01:e3: 08:d8:ca:56:5e:5d:05:c2:36:1e:a9:48:dc:b0:7c: 5a:88:d3:08:80:cd:d8:4d:a1:46:1f:a4:2c:4c:b7: f2:07:05:96:85:b8:05:8b:7a:7b:4e:0e:98:c6:c2: ac:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BC:A6:E3:A1:F6:6E:FB:85:B8:7A:54:A5:E3:F4:FE:D9:97:4C:AF:24 X509v3 Authority Key Identifier: keyid:7A:96:17:69:54:9E:0A:AD:0A:9B:F9:92:56:83:BA:EF:73:3A:2F:1A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A911C5B0/40C8D5A61D8311E2823A5FD808B02CD2/epYXaVSeCq0Km_mSVoO673M6Lxo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/epYXaVSeCq0Km_mSVoO673M6Lxo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911C5B0/40C8D5A61D8311E2823A5FD808B02CD2/1EEE3E0AC35111EE9D744F36C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 210.246.156.0/23 210.246.194.0/23 Signature Algorithm: sha256WithRSAEncryption ae:76:40:59:c7:97:6a:04:64:9f:0c:b0:4d:7d:d2:05:bc:92: 7a:c2:25:1c:46:d9:a2:ce:06:fe:43:5c:82:d2:49:10:15:aa: 91:b7:46:73:53:e7:c5:bb:4a:8c:03:9c:9c:58:09:f1:29:17: c8:91:44:ae:ef:ef:0b:92:7b:19:12:0e:61:ce:72:10:49:16: af:53:f3:5e:02:b0:e8:2c:f1:66:29:66:9c:8a:2e:52:be:38: e2:a7:af:56:63:09:fa:40:fb:33:1c:a6:3e:c2:7d:d6:c5:62: 22:a2:d4:e7:82:33:70:ce:d3:d7:e8:c0:ab:a9:5e:7a:94:44: 58:9c:84:ce:b8:3d:f2:5b:c5:ad:b2:ad:fb:12:ba:c5:30:23: a2:54:11:1b:f8:f6:e2:85:98:3b:54:ab:e7:49:40:b6:f5:d8: 08:2d:5f:a0:af:5b:3a:15:be:f8:f7:24:14:5b:86:8a:27:8c: 40:60:be:5f:b8:9e:63:91:f9:82:b5:d5:67:07:b3:3d:e4:b9: 3a:0d:0e:e0:28:0f:b1:83:95:b6:3e:54:0a:6e:9b:b5:de:3d: 03:be:e1:55:55:27:22:f3:ec:3a:cc:02:09:0d:ab:79:34:12: a5:1d:69:d5:1d:79:b7:f1:41:28:e4:e2:8a:1d:c4:6d:0f:22: a6:cd:b8:e9 -----BEGIN CERTIFICATE----- MIIFdzCCBF+gAwIBAgICNDMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MUM1QjAxMTAvBgNVBAUTKDdBOTYxNzY5NTQ5RTBBQUQwQTlCRjk5MjU2ODNCQUVG NzMzQTJGMUEwHhcNMjQwNzMwMTQ1MDE2WhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD VQQDEw02NmE4ZmRhOC03MThhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA0Y+6/yzPRGrH3NX0kY0OAcyaWVuG81snljDv2X517hQFM67dm4nBij1v89ZS TRDWKNOT3jE+5o9DdNVYzMTNV8rqnK3F88rdZPXTAAngrNYC0deltl9OLzKkNTmW WUZUsTro4umW3y3hUCAlBZC5UHu2GTTnJBOWpn/b0RIn3n48uvge5c9I57ldmkMc 2vQ0rQM6cMB8e3w+NpdCjVvU5fgKX7u5HiLT2WyMuapPdA6MDwjFJi3MePY1xk/R YqkscQLQriTGHt9UHp1nvnPYAeMI2MpWXl0FwjYeqUjcsHxaiNMIgM3YTaFGH6Qs TLfyBwWWhbgFi3p7Tg6YxsKsnwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFLym46H2 bvuFuHpUpeP0/tmXTK8kMB8GA1UdIwQYMBaAFHqWF2lUngqtCpv5klaDuu9zOi8a MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQzVCMC80MEM4RDVBNjFE ODMxMUUyODIzQTVGRDgwOEIwMkNEMi9lcFlYYVZTZUNxMEttX21TVm9PNjczTTZM eG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2VwWVhhVlNlQ3EwS21fbVNWb082NzNNNkx4by5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MUM1QjAvNDBDOEQ1QTYxRDgzMTFFMjgyM0E1RkQ4MDhCMDJDRDIvMUVFRTNFMEFD MzUxMTFFRTlENzQ0RjM2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E FjAUMBIEAgABMAwDBAHS9pwDBAHS9sIwDQYJKoZIhvcNAQELBQADggEBAK52QFnH l2oEZJ8MsE190gW8knrCJRxG2aLOBv5DXILSSRAVqpG3RnNT58W7SowDnJxYCfEp F8iRRK7v7wuSexkSDmHOchBJFq9T814CsOgs8WYpZpyKLlK+OOKnr1ZjCfpA+zMc pj7CfdbFYiKi1OeCM3DO09fowKupXnqURFichM64PfJbxa2yrfsSusUwI6JUERv4 9uKFmDtUq+dJQLb12AgtX6CvWzoVvvj3JBRbhoonjEBgvl+4nmOR+YK11WcHsz3k uToNDuAoD7GDlbY+VApum7XePQO+4VVVJyLz7DrMAgkNq3k0EqUdadUdebfxQSjk 4oodxG0PIqbNuOk= -----END CERTIFICATE-----Generated at Fri Nov 22 16:49:14 2024 by rpki-client on console-ams.rpki-client.org