$ rpki-client -vvf rpki.apnic.net/member_repository/A9120AC1/3E9A4AE0309711ECB285A64BC4F9AE02/ECC109EA3C8811EC889B9D78C4F9AE02.roa File: ECC109EA3C8811EC889B9D78C4F9AE02.roa (raw, json) Hash identifier: XrzDpLQm0V+9lneCAa/NLIKLtQrYT59YvNC+sD19lgk= Subject key identifier: BD:F4:51:C5:8D:8B:93:47:58:E8:2E:23:E9:D5:F6:98:F3:DC:29:36 Certificate issuer: /CN=A9120AC1/serialNumber=E43DD233316BF0E29BA06D20DEC25DB4CC116E08 Certificate serial: 03B8 Authority key identifier: E4:3D:D2:33:31:6B:F0:E2:9B:A0:6D:20:DE:C2:5D:B4:CC:11:6E:08 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/5D3SMzFr8OKboG0g3sJdtMwRbgg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9120AC1/3E9A4AE0309711ECB285A64BC4F9AE02/ECC109EA3C8811EC889B9D78C4F9AE02.roa Signing time: Wed 17 Jan 2024 02:03:52 +0000 ROA not before: Wed 17 Jan 2024 02:03:52 +0000 ROA not after: Mon 31 Mar 2025 00:00:00 +0000 asID: 45753 IP address blocks: 69.72.80.0/21 maxlen: 21 69.72.80.0/24 maxlen: 24 69.72.81.0/24 maxlen: 24 69.72.82.0/24 maxlen: 24 69.72.83.0/24 maxlen: 24 69.72.84.0/24 maxlen: 24 69.72.85.0/24 maxlen: 24 69.72.86.0/24 maxlen: 24 69.72.87.0/24 maxlen: 24 148.66.48.0/20 maxlen: 20 148.66.48.0/24 maxlen: 24 148.66.49.0/24 maxlen: 24 148.66.50.0/24 maxlen: 24 148.66.52.0/24 maxlen: 24 148.66.53.0/24 maxlen: 24 148.66.54.0/24 maxlen: 24 148.66.55.0/24 maxlen: 24 148.66.56.0/24 maxlen: 24 148.66.57.0/24 maxlen: 24 148.66.58.0/24 maxlen: 24 148.66.59.0/24 maxlen: 24 148.66.60.0/24 maxlen: 24 148.66.61.0/24 maxlen: 24 148.66.62.0/24 maxlen: 24 148.66.63.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9120AC1/3E9A4AE0309711ECB285A64BC4F9AE02/5D3SMzFr8OKboG0g3sJdtMwRbgg.crl rsync://rpki.apnic.net/member_repository/A9120AC1/3E9A4AE0309711ECB285A64BC4F9AE02/5D3SMzFr8OKboG0g3sJdtMwRbgg.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/5D3SMzFr8OKboG0g3sJdtMwRbgg.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 Nov 2024 19:45:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 952 (0x3b8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9120AC1/serialNumber=E43DD233316BF0E29BA06D20DEC25DB4CC116E08 Validity Not Before: Jan 17 02:03:52 2024 GMT Not After : Mar 31 00:00:00 2025 GMT Subject: CN=65a73588-b853 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:ad:a3:b0:03:c7:3a:32:3c:76:e2:5a:ac:59: dd:b7:b7:e1:a3:ba:5a:55:49:47:e6:ae:77:d9:f9: 6a:bf:63:81:70:f6:7f:1c:45:8f:88:2b:aa:59:45: b4:b3:eb:00:f2:69:3c:11:f4:87:37:89:59:11:45: 83:ac:fb:e3:ff:33:e0:fb:ee:24:75:10:26:56:5d: 35:11:42:58:c7:e7:70:0b:34:e9:fb:a6:54:c5:1b: df:ac:d4:bd:96:40:57:33:26:24:35:ca:2d:b3:58: 61:ed:6a:c2:fb:57:98:96:0c:bf:ae:c9:b0:d8:d0: eb:5d:bd:89:3b:f0:4e:fb:75:8e:66:5a:d5:61:ca: a6:32:fa:e8:68:ed:0b:5a:a0:92:d1:38:1e:c9:32: 34:30:9f:7b:05:b3:b2:6e:0d:03:94:91:7f:5b:23: f6:7f:10:ee:f0:1f:98:46:56:2d:d2:cd:c0:a6:2e: 64:5c:b6:6c:7b:c4:fa:e4:4b:33:12:98:c5:38:1b: 96:c7:7f:cb:9a:3f:0e:96:73:b3:7f:3f:46:e2:90: 01:83:6b:77:61:e4:d8:34:62:6f:0b:dd:ea:b3:98: fa:68:b3:95:b5:c5:37:ec:be:e2:7f:84:db:22:fc: 45:9c:e4:2d:ed:5f:0b:da:43:e6:84:0f:39:36:4d: f1:a1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BD:F4:51:C5:8D:8B:93:47:58:E8:2E:23:E9:D5:F6:98:F3:DC:29:36 X509v3 Authority Key Identifier: keyid:E4:3D:D2:33:31:6B:F0:E2:9B:A0:6D:20:DE:C2:5D:B4:CC:11:6E:08 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9120AC1/3E9A4AE0309711ECB285A64BC4F9AE02/5D3SMzFr8OKboG0g3sJdtMwRbgg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/5D3SMzFr8OKboG0g3sJdtMwRbgg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9120AC1/3E9A4AE0309711ECB285A64BC4F9AE02/ECC109EA3C8811EC889B9D78C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 69.72.80.0/21 148.66.48.0/20 Signature Algorithm: sha256WithRSAEncryption 2c:19:a2:85:b3:2a:18:23:ef:a4:3f:14:21:2a:8e:80:15:7a: c4:b2:da:29:55:24:56:f9:74:b7:a7:87:b3:0a:b7:63:94:60: 3c:f5:c2:1f:93:e0:43:55:54:9d:61:4b:2e:9c:70:e2:d4:58: 21:49:0a:9a:36:fa:50:8e:7a:f2:46:c1:e3:3f:cf:0b:5d:81: ce:15:e2:f8:c0:b2:bd:68:40:b2:04:aa:15:94:64:8c:f2:b1: 93:b1:5d:d5:4f:8e:5e:3a:d7:bf:bc:c5:2c:1c:ef:8c:46:01: 6c:11:f4:66:69:56:d7:11:6a:78:31:68:bc:8b:2a:d2:00:45: 0a:c8:bf:0c:4c:04:9c:83:43:31:c2:4e:0c:a9:51:fa:5d:3c: 20:46:15:d1:b9:81:60:34:aa:b8:e4:70:4c:9c:b7:61:b8:1a: 04:d5:25:3a:fc:d6:64:ee:83:dc:13:53:a4:47:a2:be:95:cd: 14:53:35:65:e5:45:1c:ff:68:e2:30:b6:f5:fd:a6:bb:fc:41: 28:7f:f7:eb:61:f9:7f:5d:a1:23:bd:03:d5:1c:55:8e:c4:f2: 40:9a:81:9b:d1:eb:d1:17:f7:a7:24:87:6f:ee:30:14:ee:6d: 04:f5:18:5d:c1:04:fb:72:df:5e:00:bd:9a:a0:b4:57:d5:87: b9:10:04:7e -----BEGIN CERTIFICATE----- MIIFdzCCBF+gAwIBAgICA7gwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MjBBQzExMTAvBgNVBAUTKEU0M0REMjMzMzE2QkYwRTI5QkEwNkQyMERFQzI1REI0 Q0MxMTZFMDgwHhcNMjQwMTE3MDIwMzUyWhcNMjUwMzMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NWE3MzU4OC1iODUzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAr62jsAPHOjI8duJarFndt7fho7paVUlH5q532flqv2OBcPZ/HEWPiCuqWUW0 s+sA8mk8EfSHN4lZEUWDrPvj/zPg++4kdRAmVl01EUJYx+dwCzTp+6ZUxRvfrNS9 lkBXMyYkNcots1hh7WrC+1eYlgy/rsmw2NDrXb2JO/BO+3WOZlrVYcqmMvroaO0L WqCS0TgeyTI0MJ97BbOybg0DlJF/WyP2fxDu8B+YRlYt0s3Api5kXLZse8T65Esz EpjFOBuWx3/Lmj8OlnOzfz9G4pABg2t3YeTYNGJvC93qs5j6aLOVtcU37L7if4Tb IvxFnOQt7V8L2kPmhA85Nk3xoQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFL30UcWN i5NHWOguI+nV9pjz3Ck2MB8GA1UdIwQYMBaAFOQ90jMxa/Dim6BtIN7CXbTMEW4I MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyMEFDMS8zRTlBNEFFMDMw OTcxMUVDQjI4NUE2NEJDNEY5QUUwMi81RDNTTXpGcjhPS2JvRzBnM3NKZHRNd1Ji Z2cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyLzVEM1NNekZyOE9LYm9HMGczc0pkdE13UmJnZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MjBBQzEvM0U5QTRBRTAzMDk3MTFFQ0IyODVBNjRCQzRGOUFFMDIvRUNDMTA5RUEz Qzg4MTFFQzg4OUI5RDc4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E FjAUMBIEAgABMAwDBANFSFADBASUQjAwDQYJKoZIhvcNAQELBQADggEBACwZooWz Khgj76Q/FCEqjoAVesSy2ilVJFb5dLenh7MKt2OUYDz1wh+T4ENVVJ1hSy6ccOLU WCFJCpo2+lCOevJGweM/zwtdgc4V4vjAsr1oQLIEqhWUZIzysZOxXdVPjl4617+8 xSwc74xGAWwR9GZpVtcRangxaLyLKtIARQrIvwxMBJyDQzHCTgypUfpdPCBGFdG5 gWA0qrjkcEyct2G4GgTVJTr81mTug9wTU6RHor6VzRRTNWXlRRz/aOIwtvX9prv8 QSh/9+th+X9doSO9A9UcVY7E8kCagZvR69EX96ckh2/uMBTubQT1GF3BBPty314A vZqgtFfVh7kQBH4= -----END CERTIFICATE-----Generated at Thu Nov 21 01:25:55 2024 by rpki-client on console-ams.rpki-client.org