$ rpki-client -vvf rpki.apnic.net/member_repository/A911E509/79EA591EA7BD11EAAAA62948C4F9AE02/2E18EB105D0C11EE873B1C2AC4F9AE02.roa File: 2E18EB105D0C11EE873B1C2AC4F9AE02.roa (raw, json) Hash identifier: 32vqSpioV/ocfZ8lNVlLrP1HBCXvPW2r4a1wVHXWwtw= Subject key identifier: 77:3F:48:C1:16:4F:F5:ED:BE:BB:C0:16:60:20:8A:0F:71:8B:0F:EB Certificate issuer: /CN=A911E509/serialNumber=AA8E1BE3624240DC3302047FB41A7D4E47808EF8 Certificate serial: 0877 Authority key identifier: AA:8E:1B:E3:62:42:40:DC:33:02:04:7F:B4:1A:7D:4E:47:80:8E:F8 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qo4b42JCQNwzAgR_tBp9TkeAjvg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A911E509/79EA591EA7BD11EAAAA62948C4F9AE02/2E18EB105D0C11EE873B1C2AC4F9AE02.roa Signing time: Mon 20 May 2024 22:00:55 +0000 ROA not before: Mon 20 May 2024 22:00:55 +0000 ROA not after: Wed 30 Jul 2025 00:00:00 +0000 asID: 138077 IP address blocks: 61.29.241.0/24 maxlen: 24 61.29.249.0/24 maxlen: 24 103.216.100.0/24 maxlen: 24 103.216.101.0/24 maxlen: 24 157.119.235.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A911E509/79EA591EA7BD11EAAAA62948C4F9AE02/qo4b42JCQNwzAgR_tBp9TkeAjvg.crl rsync://rpki.apnic.net/member_repository/A911E509/79EA591EA7BD11EAAAA62948C4F9AE02/qo4b42JCQNwzAgR_tBp9TkeAjvg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qo4b42JCQNwzAgR_tBp9TkeAjvg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 Nov 2024 19:45:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2167 (0x877) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A911E509/serialNumber=AA8E1BE3624240DC3302047FB41A7D4E47808EF8 Validity Not Before: May 20 22:00:55 2024 GMT Not After : Jul 30 00:00:00 2025 GMT Subject: CN=664bc817-b7e1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:6d:04:f8:f7:bb:35:e7:f0:05:7b:da:9a:b5: 05:70:43:9f:18:be:c9:b7:81:a4:b0:ec:0c:0d:a8: c6:28:70:42:c6:6b:1f:c6:95:49:9e:86:9d:10:03: 8e:af:b2:0f:de:9f:d0:01:a1:bc:77:6c:d5:61:b2: 18:a8:99:90:1b:0b:6c:6a:64:0b:a6:a0:fb:4c:7f: 5d:91:58:e2:84:c1:04:75:0d:f1:99:20:3e:aa:84: 63:64:67:30:bd:ec:0b:84:2e:80:9f:43:7c:b5:a1: 83:6e:25:d1:34:25:c4:9b:98:ce:23:c9:7c:58:37: ab:2a:fc:eb:f5:3c:53:d9:da:45:7c:ff:23:64:77: 5b:03:94:1f:d5:b3:7a:76:22:ac:55:a0:35:f4:db: 27:bc:fa:4e:dd:76:01:85:56:29:c5:01:65:83:70: a2:86:0d:0f:14:27:09:f8:37:69:26:33:9a:c4:cc: 03:4f:65:2c:a7:cb:0f:3c:f3:d3:b1:72:79:1c:f8: 94:21:87:e5:ae:c1:a8:3a:a9:ac:58:4d:9c:6a:af: 5f:88:b5:d4:d0:b0:54:28:d0:2e:81:65:15:f5:39: 68:1d:7c:11:03:a0:f9:42:68:77:e5:e3:b7:53:c9: 31:91:da:6d:83:90:1a:ee:dc:cb:2a:a1:9d:ee:f4: 51:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 77:3F:48:C1:16:4F:F5:ED:BE:BB:C0:16:60:20:8A:0F:71:8B:0F:EB X509v3 Authority Key Identifier: keyid:AA:8E:1B:E3:62:42:40:DC:33:02:04:7F:B4:1A:7D:4E:47:80:8E:F8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A911E509/79EA591EA7BD11EAAAA62948C4F9AE02/qo4b42JCQNwzAgR_tBp9TkeAjvg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qo4b42JCQNwzAgR_tBp9TkeAjvg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911E509/79EA591EA7BD11EAAAA62948C4F9AE02/2E18EB105D0C11EE873B1C2AC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 61.29.241.0/24 61.29.249.0/24 103.216.100.0/23 157.119.235.0/24 Signature Algorithm: sha256WithRSAEncryption 12:aa:a6:4f:41:cf:2f:be:e9:ea:88:0a:07:4d:99:ca:79:5e: 56:02:6b:27:56:e1:17:56:09:4b:98:7d:c1:8b:b1:72:e6:6c: d4:05:49:8e:0d:a2:7a:dc:a3:b9:cf:09:6e:06:bd:55:93:0a: 09:92:b7:7d:3e:1c:21:fb:b2:95:31:27:f2:27:a9:44:f4:3b: c5:3f:84:65:de:e4:b9:64:d8:bd:8c:fd:58:70:96:3e:f3:2d: 40:c0:f0:18:ea:10:8e:d3:90:33:05:33:4f:30:36:8a:fe:bc: 12:26:96:d1:90:40:a7:90:9d:45:f7:54:13:ce:cd:d4:cb:5b: bf:57:4c:fa:ed:a3:de:c0:93:98:1e:c0:14:b6:21:dd:a6:3f: b1:e2:b8:e8:34:fa:2a:76:12:c9:44:1b:91:f9:cf:92:ba:4c: c3:96:c1:f0:a7:72:f1:69:1c:17:45:f7:3b:59:04:33:c6:c1: 2c:b1:09:a1:3d:39:44:0d:6c:f4:dc:61:a4:76:12:c3:25:bf: 6b:8a:80:e2:0f:b6:0c:50:ab:5a:c9:fd:0b:d7:7e:32:ad:7c: 5b:6d:7d:a0:fd:4a:d7:63:24:4e:99:21:08:2d:ee:81:85:9b: 20:7d:8c:d1:0a:02:90:d2:5e:d7:ca:0d:d1:dc:9c:33:87:9b: b5:3f:66:9f -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgICCHcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MUU1MDkxMTAvBgNVBAUTKEFBOEUxQkUzNjI0MjQwREMzMzAyMDQ3RkI0MUE3RDRF NDc4MDhFRjgwHhcNMjQwNTIwMjIwMDU1WhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD VQQDEw02NjRiYzgxNy1iN2UxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAy20E+Pe7NefwBXvamrUFcEOfGL7Jt4GksOwMDajGKHBCxmsfxpVJnoadEAOO r7IP3p/QAaG8d2zVYbIYqJmQGwtsamQLpqD7TH9dkVjihMEEdQ3xmSA+qoRjZGcw vewLhC6An0N8taGDbiXRNCXEm5jOI8l8WDerKvzr9TxT2dpFfP8jZHdbA5Qf1bN6 diKsVaA19NsnvPpO3XYBhVYpxQFlg3Cihg0PFCcJ+DdpJjOaxMwDT2Usp8sPPPPT sXJ5HPiUIYflrsGoOqmsWE2caq9fiLXU0LBUKNAugWUV9TloHXwRA6D5Qmh35eO3 U8kxkdptg5Aa7tzLKqGd7vRRKwIDAQABo4ICpzCCAqMwHQYDVR0OBBYEFHc/SMEW T/XtvrvAFmAgig9xiw/rMB8GA1UdIwQYMBaAFKqOG+NiQkDcMwIEf7QafU5HgI74 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExRTUwOS83OUVBNTkxRUE3 QkQxMUVBQUFBNjI5NDhDNEY5QUUwMi9xbzRiNDJKQ1FOd3pBZ1JfdEJwOVRrZUFq dmcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3FvNGI0MkpDUU53ekFnUl90QnA5VGtlQWp2Zy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MUU1MDkvNzlFQTU5MUVBN0JEMTFFQUFBQTYyOTQ4QzRGOUFFMDIvMkUxOEVCMTA1 RDBDMTFFRTg3M0IxQzJBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMQYIKwYBBQUHAQcBAf8E IjAgMB4EAgABMBgDBAA9HfEDBAA9HfkDBAFn2GQDBACdd+swDQYJKoZIhvcNAQEL BQADggEBABKqpk9Bzy++6eqICgdNmcp5XlYCaydW4RdWCUuYfcGLsXLmbNQFSY4N onrco7nPCW4GvVWTCgmSt30+HCH7spUxJ/InqUT0O8U/hGXe5Llk2L2M/Vhwlj7z LUDA8BjqEI7TkDMFM08wNor+vBImltGQQKeQnUX3VBPOzdTLW79XTPrto97Ak5ge wBS2Id2mP7HiuOg0+ip2EslEG5H5z5K6TMOWwfCncvFpHBdF9ztZBDPGwSyxCaE9 OUQNbPTcYaR2EsMlv2uKgOIPtgxQq1rJ/QvXfjKtfFttfaD9StdjJE6ZIQgt7oGF myB9jNEKApDSXtfKDdHcnDOHm7U/Zp8= -----END CERTIFICATE-----Generated at Wed Nov 20 21:34:45 2024 by rpki-client on console-ams.rpki-client.org