$ rpki-client -vvf rpki.apnic.net/member_repository/A911DF1F/F5CB6E6A5C5311EBB6627853C4F9AE02/B24078AA6A8D11EB82AF1144C4F9AE02.roa File: B24078AA6A8D11EB82AF1144C4F9AE02.roa (raw, json) Hash identifier: 3GgLx+CbNEwoDetwa0xclFosAF0ThnHDNkGy9hkBwHY= Subject key identifier: DF:BE:B0:20:5B:3E:F7:3D:6A:2B:FD:7E:9D:8C:9B:4A:45:C4:8A:18 Certificate issuer: /CN=A911DF1F/serialNumber=D37179CBB97D680E6A80DC12EE422FE8B6E363F5 Certificate serial: 06D5 Authority key identifier: D3:71:79:CB:B9:7D:68:0E:6A:80:DC:12:EE:42:2F:E8:B6:E3:63:F5 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/03F5y7l9aA5qgNwS7kIv6LbjY_U.cer Subject info access: rsync://rpki.apnic.net/member_repository/A911DF1F/F5CB6E6A5C5311EBB6627853C4F9AE02/B24078AA6A8D11EB82AF1144C4F9AE02.roa Signing time: Tue 22 Oct 2024 22:31:56 +0000 ROA not before: Tue 22 Oct 2024 22:31:56 +0000 ROA not after: Tue 30 Dec 2025 00:00:00 +0000 asID: 10103 IP address blocks: 58.64.128.0/17 maxlen: 24 59.188.0.0/16 maxlen: 24 103.84.32.0/22 maxlen: 24 113.10.128.0/17 maxlen: 24 123.1.128.0/17 maxlen: 24 192.188.82.0/23 maxlen: 24 202.4.162.0/23 maxlen: 24 203.98.128.0/18 maxlen: 24 203.176.192.0/18 maxlen: 24 210.209.64.0/18 maxlen: 24 210.245.128.0/17 maxlen: 24 2401:4a00::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A911DF1F/F5CB6E6A5C5311EBB6627853C4F9AE02/03F5y7l9aA5qgNwS7kIv6LbjY_U.crl rsync://rpki.apnic.net/member_repository/A911DF1F/F5CB6E6A5C5311EBB6627853C4F9AE02/03F5y7l9aA5qgNwS7kIv6LbjY_U.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/03F5y7l9aA5qgNwS7kIv6LbjY_U.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 Nov 2024 20:33:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1749 (0x6d5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A911DF1F/serialNumber=D37179CBB97D680E6A80DC12EE422FE8B6E363F5 Validity Not Before: Oct 22 22:31:56 2024 GMT Not After : Dec 30 00:00:00 2025 GMT Subject: CN=671827dc-1026 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:1a:78:0d:9e:1b:f6:c0:33:ad:00:dd:74:f2: 8f:62:48:5f:3e:a3:1a:33:44:fd:d1:fb:3c:9d:da: d0:18:d7:29:7c:6f:bc:a6:d9:2c:74:72:3c:9b:6b: 0d:5b:49:d6:5d:cb:f9:d1:ad:54:a6:ea:68:b6:3a: 84:79:9c:33:79:30:f8:f1:ff:e9:97:12:3b:3e:bf: a3:26:b5:e7:42:e8:e8:9e:15:82:44:05:7a:c7:41: c6:91:69:c0:fa:5b:f9:51:46:32:97:bc:ee:f3:20: f2:d3:75:7a:49:b4:9e:41:b2:d0:fe:0d:4d:67:61: fb:e4:cc:99:65:dc:be:61:1a:38:d3:cd:15:b4:be: 0d:a9:12:51:aa:de:2b:33:34:4d:39:dc:6e:41:60: 84:92:c4:2e:ac:01:93:c5:6d:49:25:cf:84:73:3f: 9f:06:90:87:b7:fe:eb:89:5a:58:a6:75:7d:f8:6c: 71:de:05:ba:15:c5:f8:3b:64:56:07:f6:74:e4:7c: 2d:54:93:70:87:4d:1a:b8:20:9d:93:c9:be:d8:b0: 2d:35:26:23:58:c0:d6:a1:8c:08:63:65:ff:39:6a: ea:33:7a:76:fd:df:80:a1:ad:36:d2:32:0c:6b:f8: cc:76:50:1b:dd:fc:70:3d:fb:f1:a5:b4:14:5c:73: 23:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DF:BE:B0:20:5B:3E:F7:3D:6A:2B:FD:7E:9D:8C:9B:4A:45:C4:8A:18 X509v3 Authority Key Identifier: keyid:D3:71:79:CB:B9:7D:68:0E:6A:80:DC:12:EE:42:2F:E8:B6:E3:63:F5 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A911DF1F/F5CB6E6A5C5311EBB6627853C4F9AE02/03F5y7l9aA5qgNwS7kIv6LbjY_U.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/03F5y7l9aA5qgNwS7kIv6LbjY_U.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911DF1F/F5CB6E6A5C5311EBB6627853C4F9AE02/B24078AA6A8D11EB82AF1144C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 58.64.128.0/17 59.188.0.0/16 103.84.32.0/22 113.10.128.0/17 123.1.128.0/17 192.188.82.0/23 202.4.162.0/23 203.98.128.0/18 203.176.192.0/18 210.209.64.0/18 210.245.128.0/17 IPv6: 2401:4a00::/32 Signature Algorithm: sha256WithRSAEncryption 12:a4:12:b7:c7:5d:36:18:46:09:29:df:29:03:dc:61:75:d4: 95:97:fb:2d:82:67:d0:95:c8:69:6b:ac:22:5f:66:5e:64:5f: f5:78:8d:df:8a:2b:1c:1d:15:7e:6f:5f:82:a4:1d:f6:8e:20: 13:1d:c5:3e:65:1f:49:f9:55:c7:34:c2:65:34:62:b9:cb:cb: f4:f0:f6:20:c0:bb:90:2c:19:81:d7:01:83:a6:6f:2f:d6:87: 59:3a:66:b8:d4:54:07:61:fa:42:b0:4e:18:5f:fd:20:22:bb: ab:4f:ef:12:0f:ac:04:58:59:bb:0a:aa:2b:e1:f2:ec:1f:e8: db:0a:32:a7:b0:ef:b3:9b:34:0a:63:91:63:2b:60:e2:e1:e1: 53:53:4b:64:e4:f1:b3:eb:8f:72:b3:06:e0:7b:9f:54:6d:73: ba:5c:99:d6:a5:0b:8a:71:3a:00:21:d5:cd:c1:cb:ee:ee:d6: 7b:9a:4d:00:3f:5a:bd:ab:09:11:81:8c:0f:17:72:aa:d3:c3: 30:cf:47:8b:4b:a1:ef:5f:74:7d:13:00:d6:d2:59:a7:0a:6b: 41:5f:6c:74:7c:16:54:a8:7a:c2:86:7f:41:9c:52:b3:7d:88: 2e:db:d5:69:01:42:41:43:43:1c:47:62:d6:0f:f8:e9:66:f8: 3f:55:88:72 -----BEGIN CERTIFICATE----- MIIFuzCCBKOgAwIBAgICBtUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MURGMUYxMTAvBgNVBAUTKEQzNzE3OUNCQjk3RDY4MEU2QTgwREMxMkVFNDIyRkU4 QjZFMzYzRjUwHhcNMjQxMDIyMjIzMTU2WhcNMjUxMjMwMDAwMDAwWjAYMRYwFAYD VQQDEw02NzE4MjdkYy0xMDI2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAthp4DZ4b9sAzrQDddPKPYkhfPqMaM0T90fs8ndrQGNcpfG+8ptksdHI8m2sN W0nWXcv50a1UpupotjqEeZwzeTD48f/plxI7Pr+jJrXnQujonhWCRAV6x0HGkWnA +lv5UUYyl7zu8yDy03V6SbSeQbLQ/g1NZ2H75MyZZdy+YRo4080VtL4NqRJRqt4r MzRNOdxuQWCEksQurAGTxW1JJc+Ecz+fBpCHt/7riVpYpnV9+Gxx3gW6FcX4O2RW B/Z05HwtVJNwh00auCCdk8m+2LAtNSYjWMDWoYwIY2X/OWrqM3p2/d+Aoa020jIM a/jMdlAb3fxwPfvxpbQUXHMj3QIDAQABo4IC3zCCAtswHQYDVR0OBBYEFN++sCBb Pvc9aiv9fp2Mm0pFxIoYMB8GA1UdIwQYMBaAFNNxecu5fWgOaoDcEu5CL+i242P1 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExREYxRi9GNUNCNkU2QTVD NTMxMUVCQjY2Mjc4NTNDNEY5QUUwMi8wM0Y1eTdsOWFBNXFnTndTN2tJdjZMYmpZ X1UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzAzRjV5N2w5YUE1cWdOd1M3a0l2NkxiallfVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MURGMUYvRjVDQjZFNkE1QzUzMTFFQkI2NjI3ODUzQzRGOUFFMDIvQjI0MDc4QUE2 QThEMTFFQjgyQUYxMTQ0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwaQYIKwYBBQUHAQcBAf8E WjBYMEcEAgABMEEDBAc6QIADAwA7vAMEAmdUIAMEB3EKgAMEB3sBgAMEAcC8UgME AcoEogMEBstigAMEBsuwwAMEBtLRQAMEB9L1gDANBAIAAjAHAwUAJAFKADANBgkq hkiG9w0BAQsFAAOCAQEAEqQSt8ddNhhGCSnfKQPcYXXUlZf7LYJn0JXIaWusIl9m XmRf9XiN34orHB0Vfm9fgqQd9o4gEx3FPmUfSflVxzTCZTRiucvL9PD2IMC7kCwZ gdcBg6ZvL9aHWTpmuNRUB2H6QrBOGF/9ICK7q0/vEg+sBFhZuwqqK+Hy7B/o2woy p7Dvs5s0CmORYytg4uHhU1NLZOTxs+uPcrMG4HufVG1zulyZ1qULinE6ACHVzcHL 7u7We5pNAD9avasJEYGMDxdyqtPDMM9Hi0uh7190fRMA1tJZpwprQV9sdHwWVKh6 woZ/QZxSs32ILtvVaQFCQUNDHEdi1g/46Wb4P1WIcg== -----END CERTIFICATE-----Generated at Wed Nov 20 23:11:42 2024 by rpki-client on console-fra.rpki-client.org