$ rpki-client -vvf rpki.apnic.net/member_repository/A911CC1D/8CFE1D9AD1E211ED923C611FC4F9AE02/8FF4E2E2EFAE11EDBD96F26BC4F9AE02.roa File: 8FF4E2E2EFAE11EDBD96F26BC4F9AE02.roa (raw, json) Hash identifier: W+oeT9rREoYMeOrigBJ91wQkGtgMzcafqibSzxam1Bk= Subject key identifier: E3:54:A2:95:98:26:07:F2:A3:2F:2F:21:05:17:BD:3A:8C:5D:13:22 Certificate issuer: /CN=A911CC1D/serialNumber=FB0197D802A66186E840BD62E88EE40ED95E9529 Certificate serial: 011B Authority key identifier: FB:01:97:D8:02:A6:61:86:E8:40:BD:62:E8:8E:E4:0E:D9:5E:95:29 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-wGX2AKmYYboQL1i6I7kDtlelSk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A911CC1D/8CFE1D9AD1E211ED923C611FC4F9AE02/8FF4E2E2EFAE11EDBD96F26BC4F9AE02.roa Signing time: Tue 03 Sep 2024 05:18:02 +0000 ROA not before: Tue 03 Sep 2024 05:18:02 +0000 ROA not after: Fri 31 Oct 2025 00:00:00 +0000 asID: 45177 IP address blocks: 123.253.208.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A911CC1D/8CFE1D9AD1E211ED923C611FC4F9AE02/-wGX2AKmYYboQL1i6I7kDtlelSk.crl rsync://rpki.apnic.net/member_repository/A911CC1D/8CFE1D9AD1E211ED923C611FC4F9AE02/-wGX2AKmYYboQL1i6I7kDtlelSk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-wGX2AKmYYboQL1i6I7kDtlelSk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 28 Nov 2024 02:48:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 283 (0x11b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A911CC1D/serialNumber=FB0197D802A66186E840BD62E88EE40ED95E9529 Validity Not Before: Sep 3 05:18:02 2024 GMT Not After : Oct 31 00:00:00 2025 GMT Subject: CN=66d69c09-68a5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:ae:b0:d6:2c:d9:b8:69:5d:18:31:86:3b:7d: ce:71:d2:c6:c2:cd:79:c5:9a:1a:0d:e0:b9:a3:55: 6b:c1:8b:0d:50:0c:be:a9:46:b0:89:ca:82:96:3c: 36:22:bf:36:a1:a0:db:00:41:71:07:b7:ae:ea:a4: 48:42:2a:60:97:5b:cb:75:86:46:c2:75:78:6b:6f: 53:55:dc:94:4d:9a:54:20:fc:2b:fb:db:38:2d:34: 97:74:4d:c8:c8:60:66:cd:fc:b0:68:24:60:43:85: 8f:eb:1d:a5:a5:3f:80:d3:36:79:fb:d4:23:f1:08: d9:3f:eb:34:4c:ae:0f:31:80:6b:08:70:01:f9:fe: f1:10:7f:b2:7f:55:e0:7d:7b:32:4e:84:b8:54:b3: 26:12:b1:47:ae:97:67:0f:16:01:7a:b4:1f:9d:8d: 9d:7d:20:19:71:2c:d7:55:57:71:54:b1:8a:13:ba: 30:41:49:05:8e:04:25:c0:ac:21:51:47:a3:dc:7c: 28:f0:07:a7:fc:84:fa:f3:f0:8d:7f:ea:bf:65:ec: b6:da:bc:02:47:c3:d4:7a:16:71:4f:6a:84:e1:41: d8:4b:92:9a:a3:8f:c3:63:b7:f8:3a:a9:50:e9:69: 99:12:1e:f5:fe:72:85:66:6f:84:56:a9:9e:5c:29: 3a:b7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E3:54:A2:95:98:26:07:F2:A3:2F:2F:21:05:17:BD:3A:8C:5D:13:22 X509v3 Authority Key Identifier: keyid:FB:01:97:D8:02:A6:61:86:E8:40:BD:62:E8:8E:E4:0E:D9:5E:95:29 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A911CC1D/8CFE1D9AD1E211ED923C611FC4F9AE02/-wGX2AKmYYboQL1i6I7kDtlelSk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-wGX2AKmYYboQL1i6I7kDtlelSk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911CC1D/8CFE1D9AD1E211ED923C611FC4F9AE02/8FF4E2E2EFAE11EDBD96F26BC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 123.253.208.0/22 Signature Algorithm: sha256WithRSAEncryption bb:52:79:8f:01:95:86:86:43:a7:48:95:df:d6:bd:df:fb:2f: 0a:11:25:b2:b6:d5:52:03:24:a4:42:b9:49:e8:55:a4:46:c3: 2d:ac:9e:aa:60:92:30:f9:6e:2c:68:89:76:19:6e:aa:fa:c4: ab:03:8f:e1:c5:1b:b7:6f:6d:bb:b9:70:d6:e3:89:b7:71:88: 2e:47:d6:ad:7e:75:45:89:17:e6:aa:77:9e:e7:ff:52:60:2c: 17:9f:da:cc:59:03:62:7b:dd:40:16:17:f1:b5:ec:cb:f0:2f: 85:8e:cd:a1:a8:a2:4d:c4:3f:d8:54:92:9e:54:b3:0f:3d:d9: e7:8c:dd:67:56:38:1a:cc:88:fd:e3:88:64:b6:48:10:0e:46: bf:37:74:97:ae:7c:0d:95:2e:73:6c:2f:67:00:63:cd:5e:a7: 73:5a:07:57:bf:c9:8a:97:52:4b:51:b9:ee:95:94:89:79:91: ef:9e:51:2b:71:70:37:17:96:98:42:a7:4b:fb:e6:a1:b2:7c: 08:d5:16:cc:7c:6f:31:ce:b9:84:eb:bc:18:ea:e0:cb:d7:ae: fa:ab:5a:a4:a8:ed:34:29:9c:ae:24:91:5d:e3:f3:7f:7e:6f: b0:13:02:01:5f:73:7a:9d:85:a9:92:38:61:f6:c0:4b:6c:f3: eb:00:5b:cd -----BEGIN CERTIFICATE----- MIIFcTCCBFmgAwIBAgICARswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MUNDMUQxMTAvBgNVBAUTKEZCMDE5N0Q4MDJBNjYxODZFODQwQkQ2MkU4OEVFNDBF RDk1RTk1MjkwHhcNMjQwOTAzMDUxODAyWhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NmQ2OWMwOS02OGE1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAqa6w1izZuGldGDGGO33OcdLGws15xZoaDeC5o1VrwYsNUAy+qUawicqCljw2 Ir82oaDbAEFxB7eu6qRIQipgl1vLdYZGwnV4a29TVdyUTZpUIPwr+9s4LTSXdE3I yGBmzfywaCRgQ4WP6x2lpT+A0zZ5+9Qj8QjZP+s0TK4PMYBrCHAB+f7xEH+yf1Xg fXsyToS4VLMmErFHrpdnDxYBerQfnY2dfSAZcSzXVVdxVLGKE7owQUkFjgQlwKwh UUej3Hwo8Aen/IT68/CNf+q/Zey22rwCR8PUehZxT2qE4UHYS5Kao4/DY7f4OqlQ 6WmZEh71/nKFZm+EVqmeXCk6twIDAQABo4IClTCCApEwHQYDVR0OBBYEFONUopWY Jgfyoy8vIQUXvTqMXRMiMB8GA1UdIwQYMBaAFPsBl9gCpmGG6EC9YuiO5A7ZXpUp MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQ0MxRC84Q0ZFMUQ5QUQx RTIxMUVEOTIzQzYxMUZDNEY5QUUwMi8td0dYMkFLbVlZYm9RTDFpNkk3a0R0bGVs U2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLy13R1gyQUttWVlib1FMMWk2STdrRHRsZWxTay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MUNDMUQvOENGRTFEOUFEMUUyMTFFRDkyM0M2MTFGQzRGOUFFMDIvOEZGNEUyRTJF RkFFMTFFREJEOTZGMjZCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E EDAOMAwEAgABMAYDBAJ7/dAwDQYJKoZIhvcNAQELBQADggEBALtSeY8BlYaGQ6dI ld/Wvd/7LwoRJbK21VIDJKRCuUnoVaRGwy2snqpgkjD5bixoiXYZbqr6xKsDj+HF G7dvbbu5cNbjibdxiC5H1q1+dUWJF+aqd57n/1JgLBef2sxZA2J73UAWF/G17Mvw L4WOzaGook3EP9hUkp5Usw892eeM3WdWOBrMiP3jiGS2SBAORr83dJeufA2VLnNs L2cAY81ep3NaB1e/yYqXUktRue6VlIl5ke+eUStxcDcXlphCp0v75qGyfAjVFsx8 bzHOuYTrvBjq4MvXrvqrWqSo7TQpnK4kkV3j839+b7ATAgFfc3qdhamSOGH2wEts 8+sAW80= -----END CERTIFICATE-----Generated at Thu Nov 21 05:05:53 2024 by rpki-client on console-fra.rpki-client.org