$ rpki-client -vvf rpki.apnic.net/member_repository/A911CA78/BE8846D235D811EAA730EC46C4F9AE02/9E638FF83C2B11EE80590B7DC4F9AE02.roa File: 9E638FF83C2B11EE80590B7DC4F9AE02.roa (raw, json) Hash identifier: 3BLTCCwoAUc2DJQsrVqzxu+RgFaeQ+AMdxl7wsX/2p0= Subject key identifier: C7:44:FE:75:D9:D2:75:69:A1:31:D0:34:F5:2C:EB:EC:3D:4D:13:B9 Certificate issuer: /CN=A911CA78/serialNumber=40562C143A29CB19C70FFC9B99B60BBECD1D73B6 Certificate serial: 0B48 Authority key identifier: 40:56:2C:14:3A:29:CB:19:C7:0F:FC:9B:99:B6:0B:BE:CD:1D:73:B6 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QFYsFDopyxnHD_ybmbYLvs0dc7Y.cer Subject info access: rsync://rpki.apnic.net/member_repository/A911CA78/BE8846D235D811EAA730EC46C4F9AE02/9E638FF83C2B11EE80590B7DC4F9AE02.roa Signing time: Tue 16 Apr 2024 09:13:38 +0000 ROA not before: Tue 16 Apr 2024 09:13:38 +0000 ROA not after: Sun 02 Mar 2025 00:00:00 +0000 asID: 17971 IP address blocks: 49.236.192.0/20 maxlen: 24 103.17.168.0/22 maxlen: 24 112.137.160.0/20 maxlen: 24 119.110.96.0/20 maxlen: 24 202.71.96.0/20 maxlen: 24 202.75.32.0/20 maxlen: 24 202.75.48.0/20 maxlen: 24 202.165.3.0/24 maxlen: 24 210.48.144.0/20 maxlen: 24 218.100.22.0/24 maxlen: 24 2401:b000::/32 maxlen: 32 2401:b000::/48 maxlen: 48 2401:b000:0:5::/64 maxlen: 64 2401:b000:0:6::/64 maxlen: 64 2401:b000:10::/48 maxlen: 48 2404:b8::/48 maxlen: 48 2404:b8:3::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A911CA78/BE8846D235D811EAA730EC46C4F9AE02/QFYsFDopyxnHD_ybmbYLvs0dc7Y.crl rsync://rpki.apnic.net/member_repository/A911CA78/BE8846D235D811EAA730EC46C4F9AE02/QFYsFDopyxnHD_ybmbYLvs0dc7Y.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QFYsFDopyxnHD_ybmbYLvs0dc7Y.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 07 Jun 2024 20:52:01 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2888 (0xb48) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A911CA78/serialNumber=40562C143A29CB19C70FFC9B99B60BBECD1D73B6 Validity Not Before: Apr 16 09:13:38 2024 GMT Not After : Mar 2 00:00:00 2025 GMT Subject: CN=661e4142-280a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:44:54:4c:0e:6e:cf:f1:fa:cb:79:3e:e6:c4: 97:c5:43:3f:68:13:7f:26:08:24:45:51:6b:38:d5: 3c:a8:65:2b:a1:59:34:a7:95:e6:f9:4e:fd:a9:5b: ac:49:f0:97:76:a2:3f:66:9b:a2:82:8b:87:92:5c: 8c:d5:b9:90:3f:9c:7f:79:d6:0b:6e:f2:f6:0b:32: 4f:54:6f:7f:79:55:36:d7:7e:b6:f3:07:a7:0a:41: a4:7c:26:9e:52:83:1c:e4:7c:42:2d:61:06:5a:a5: 88:d4:8c:d3:62:e4:ec:09:e7:a9:c0:e2:6f:52:e6: 66:6e:90:72:80:c9:5c:a5:fd:b5:bd:18:21:9f:f3: 95:ef:7d:e6:75:e5:d8:bb:b5:0c:8c:5c:e8:8b:92: c4:72:c2:7e:c9:c3:a1:c2:bd:72:c6:9a:35:3c:4d: 64:37:ca:4b:f1:b7:bd:78:c1:e1:82:fc:d9:aa:e8: 7e:8f:a5:e2:54:4c:1c:2c:52:f4:bb:ac:b7:bc:d0: 47:46:44:14:1a:34:b3:b1:a6:77:b9:f1:fb:ee:cc: 5d:96:77:5b:6e:a1:23:0d:40:6e:f4:45:2f:f4:eb: 3a:90:5f:ac:51:65:dd:c0:2e:39:02:48:92:a0:d1: 63:05:9a:a5:92:d3:b2:71:4b:51:ff:4b:6d:dc:05: 88:b9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C7:44:FE:75:D9:D2:75:69:A1:31:D0:34:F5:2C:EB:EC:3D:4D:13:B9 X509v3 Authority Key Identifier: keyid:40:56:2C:14:3A:29:CB:19:C7:0F:FC:9B:99:B6:0B:BE:CD:1D:73:B6 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A911CA78/BE8846D235D811EAA730EC46C4F9AE02/QFYsFDopyxnHD_ybmbYLvs0dc7Y.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QFYsFDopyxnHD_ybmbYLvs0dc7Y.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911CA78/BE8846D235D811EAA730EC46C4F9AE02/9E638FF83C2B11EE80590B7DC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 49.236.192.0/20 103.17.168.0/22 112.137.160.0/20 119.110.96.0/20 202.71.96.0/20 202.75.32.0/19 202.165.3.0/24 210.48.144.0/20 218.100.22.0/24 IPv6: 2401:b000::/32 2404:b8::/48 2404:b8:3::/48 Signature Algorithm: sha256WithRSAEncryption 79:da:aa:63:61:9e:09:00:ee:9c:d9:0f:18:65:35:8b:97:05: dc:c4:5f:9c:44:3d:12:a7:59:11:52:dc:02:69:fe:d6:3f:70: 4a:4f:77:15:62:00:3e:c5:7a:96:0c:e4:54:ba:60:3b:5f:fc: d0:9f:b3:d0:7a:6f:b9:5a:2e:5b:10:88:0b:8b:18:eb:28:26: 10:c3:3e:27:83:09:a8:f9:08:f9:85:6a:e1:fe:e9:06:cd:e3: f2:f9:a9:1d:76:c4:44:7b:2b:ef:03:d0:15:c0:fd:2b:98:6d: d8:f2:8a:4e:c8:7b:43:85:4e:46:cf:70:86:25:2f:b3:d5:4e: c5:b1:60:97:3b:d7:85:6b:e7:88:b7:4d:9f:09:1d:b7:28:26: 21:9b:e0:f8:e7:a4:e7:03:45:5e:3d:0d:5a:91:f0:3a:9e:90: 78:e5:aa:dc:82:39:0e:30:cd:d7:d3:52:99:c4:e8:f9:ed:00: 76:4e:59:b7:68:60:cc:92:7a:70:84:b8:62:29:25:f1:48:00: 19:3d:9d:30:67:b7:7d:60:62:6d:dd:30:c2:4a:02:7b:89:67: ce:0c:04:c9:17:cd:09:bd:84:76:4c:23:a8:64:f0:26:84:60: ae:e0:73:af:45:45:41:4e:e4:61:18:a7:e0:5a:cf:cc:f1:42: 2f:7f:12:f0 -----BEGIN CERTIFICATE----- MIIFwjCCBKqgAwIBAgICC0gwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MUNBNzgxMTAvBgNVBAUTKDQwNTYyQzE0M0EyOUNCMTlDNzBGRkM5Qjk5QjYwQkJF Q0QxRDczQjYwHhcNMjQwNDE2MDkxMzM4WhcNMjUwMzAyMDAwMDAwWjAYMRYwFAYD VQQDEw02NjFlNDE0Mi0yODBhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAoERUTA5uz/H6y3k+5sSXxUM/aBN/JggkRVFrONU8qGUroVk0p5Xm+U79qVus SfCXdqI/ZpuigouHklyM1bmQP5x/edYLbvL2CzJPVG9/eVU213628wenCkGkfCae UoMc5HxCLWEGWqWI1IzTYuTsCeepwOJvUuZmbpBygMlcpf21vRghn/OV733mdeXY u7UMjFzoi5LEcsJ+ycOhwr1yxpo1PE1kN8pL8be9eMHhgvzZquh+j6XiVEwcLFL0 u6y3vNBHRkQUGjSzsaZ3ufH77sxdlndbbqEjDUBu9EUv9Os6kF+sUWXdwC45AkiS oNFjBZqlktOycUtR/0tt3AWIuQIDAQABo4IC5jCCAuIwHQYDVR0OBBYEFMdE/nXZ 0nVpoTHQNPUs6+w9TRO5MB8GA1UdIwQYMBaAFEBWLBQ6KcsZxw/8m5m2C77NHXO2 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQ0E3OC9CRTg4NDZEMjM1 RDgxMUVBQTczMEVDNDZDNEY5QUUwMi9RRllzRkRvcHl4bkhEX3libWJZTHZzMGRj N1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1FGWXNGRG9weXhuSERfeWJtYllMdnMwZGM3WS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MUNBNzgvQkU4ODQ2RDIzNUQ4MTFFQUE3MzBFQzQ2QzRGOUFFMDIvOUU2MzhGRjgz QzJCMTFFRTgwNTkwQjdEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwcAYIKwYBBQUHAQcBAf8E YTBfMDwEAgABMDYDBAQx7MADBAJnEagDBARwiaADBAR3bmADBATKR2ADBAXKSyAD BADKpQMDBATSMJADBADaZBYwHwQCAAIwGQMFACQBsAADBwAkBAC4AAADBwAkBAC4 AAMwDQYJKoZIhvcNAQELBQADggEBAHnaqmNhngkA7pzZDxhlNYuXBdzEX5xEPRKn WRFS3AJp/tY/cEpPdxViAD7FepYM5FS6YDtf/NCfs9B6b7laLlsQiAuLGOsoJhDD PieDCaj5CPmFauH+6QbN4/L5qR12xER7K+8D0BXA/SuYbdjyik7Ie0OFTkbPcIYl L7PVTsWxYJc714Vr54i3TZ8JHbcoJiGb4PjnpOcDRV49DVqR8DqekHjlqtyCOQ4w zdfTUpnE6PntAHZOWbdoYMySenCEuGIpJfFIABk9nTBnt31gYm3dMMJKAnuJZ84M BMkXzQm9hHZMI6hk8CaEYK7gc69FRUFO5GEYp+Baz8zxQi9/EvA= -----END CERTIFICATE-----Generated at Sat Jun 1 00:13:09 2024 by rpki-client on console-ams.rpki-client.org