$ rpki-client -vvf rpki.apnic.net/member_repository/A9125475/AB4479721D7811E2ADB6F2C408B02CD2/FF54461CC7BC11EB9E6C9A69C4F9AE02.roa File: FF54461CC7BC11EB9E6C9A69C4F9AE02.roa (raw, json) Hash identifier: 9KQKh8CJ7V7pqBlD1MLNAVC/6HrQaCC5g6O6l97gnaQ= Subject key identifier: 19:9D:3F:73:4B:AF:86:DD:21:71:10:0A:D0:62:86:4B:CF:C6:3F:7B Certificate issuer: /CN=A9125475/serialNumber=4440F6C422E9500C7D46A62D7DEB70D33A88750E Certificate serial: 3530 Authority key identifier: 44:40:F6:C4:22:E9:50:0C:7D:46:A6:2D:7D:EB:70:D3:3A:88:75:0E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/RED2xCLpUAx9RqYtfetw0zqIdQ4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9125475/AB4479721D7811E2ADB6F2C408B02CD2/FF54461CC7BC11EB9E6C9A69C4F9AE02.roa Signing time: Sat 02 Dec 2023 14:40:27 +0000 ROA not before: Sat 02 Dec 2023 14:40:27 +0000 ROA not after: Fri 31 Jan 2025 00:00:00 +0000 asID: 20940 IP address blocks: 61.19.5.0/24 maxlen: 24 61.19.8.0/24 maxlen: 24 61.19.11.0/24 maxlen: 24 61.19.12.0/24 maxlen: 24 61.19.13.0/24 maxlen: 24 122.155.239.0/24 maxlen: 24 2001:c38:500a::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9125475/AB4479721D7811E2ADB6F2C408B02CD2/RED2xCLpUAx9RqYtfetw0zqIdQ4.crl rsync://rpki.apnic.net/member_repository/A9125475/AB4479721D7811E2ADB6F2C408B02CD2/RED2xCLpUAx9RqYtfetw0zqIdQ4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/RED2xCLpUAx9RqYtfetw0zqIdQ4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 Nov 2024 14:20:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13616 (0x3530) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9125475/serialNumber=4440F6C422E9500C7D46A62D7DEB70D33A88750E Validity Not Before: Dec 2 14:40:27 2023 GMT Not After : Jan 31 00:00:00 2025 GMT Subject: CN=656b41db-738f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9c:c7:a7:c7:98:82:7e:94:f9:67:cc:f3:fd:c2: bc:ae:c5:a6:a2:67:40:1d:c9:9b:21:3f:33:e9:b8: bc:b1:23:48:fb:18:91:6f:70:73:85:e8:e6:4b:a6: 5b:e2:9c:bc:89:43:f3:88:53:fb:c7:3b:2d:f4:3d: 4e:ef:59:5d:ce:72:60:53:72:a9:2e:91:10:04:41: f5:27:5b:73:fe:07:f3:93:23:84:8d:10:65:43:68: d7:68:ed:b0:00:d7:4f:2a:c4:a0:9b:03:fe:51:60: e1:79:5d:98:79:99:16:b0:fe:2b:0c:a9:ff:a3:f8: 97:25:31:31:b1:9c:cf:0b:57:fe:65:63:79:b4:7a: 6f:53:40:4c:0c:0f:4d:2f:a5:78:b0:35:a7:3c:4d: 9c:1b:04:e6:fc:5a:03:c9:3b:49:ee:10:2c:4c:de: d7:ab:0a:63:cf:97:b3:c6:12:1f:1f:0c:5b:9f:bb: 54:de:f5:20:79:aa:b2:f7:f6:df:7b:d4:6b:b1:b4: b5:78:c5:85:50:04:67:d8:ac:1f:4a:6d:c9:a5:5e: 18:02:8e:ee:da:7d:94:9c:e2:2b:ae:b4:16:c8:5c: 52:62:ff:1a:8c:75:d8:58:a2:8f:25:33:4d:86:bb: d5:52:ac:6f:38:01:73:c4:ce:4c:b6:6c:21:eb:b5: d4:e9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 19:9D:3F:73:4B:AF:86:DD:21:71:10:0A:D0:62:86:4B:CF:C6:3F:7B X509v3 Authority Key Identifier: keyid:44:40:F6:C4:22:E9:50:0C:7D:46:A6:2D:7D:EB:70:D3:3A:88:75:0E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9125475/AB4479721D7811E2ADB6F2C408B02CD2/RED2xCLpUAx9RqYtfetw0zqIdQ4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/RED2xCLpUAx9RqYtfetw0zqIdQ4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9125475/AB4479721D7811E2ADB6F2C408B02CD2/FF54461CC7BC11EB9E6C9A69C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 61.19.5.0/24 61.19.8.0/24 61.19.11.0-61.19.13.255 122.155.239.0/24 IPv6: 2001:c38:500a::/48 Signature Algorithm: sha256WithRSAEncryption 29:e8:f5:0e:d8:1a:f7:58:6f:cd:ed:9b:db:2c:c0:4e:d6:24: f8:2e:e2:46:25:42:67:6e:9d:28:cf:ce:f4:f1:1b:7c:3c:c6: 68:f2:a3:09:26:ef:4c:3a:8c:21:a7:76:d9:6d:fe:22:c6:c5: 56:01:8b:58:a0:6b:99:2a:32:73:b2:88:13:56:2c:76:61:2f: 93:86:6b:e5:3a:f4:57:5e:1d:8a:dd:3f:af:4b:b9:71:4e:ce: b3:5e:de:bf:92:1e:fa:98:94:50:58:a5:4b:e5:39:92:6f:ac: 26:46:31:b6:40:8d:67:22:cc:6e:62:93:06:30:97:b1:25:ee: 82:09:5b:b0:88:14:c7:0f:d9:d8:d5:fc:47:f8:98:68:ec:d1: c8:4b:85:3b:fb:27:bf:60:8b:bf:24:5d:24:fb:95:af:cd:51: 84:43:82:db:d5:b7:4b:e3:fa:95:26:f6:0e:ea:8f:5b:e0:48: be:5f:4f:05:8b:29:f9:7b:bd:21:aa:8c:cb:20:a9:f6:83:01: 6b:02:21:05:f7:84:39:dd:1f:b0:df:bf:02:3c:7a:82:c2:6e: 45:b4:0c:9a:7d:55:48:92:c7:a3:50:42:c0:96:b5:a3:02:08: 8d:e5:8b:6e:dd:74:e9:19:98:93:8c:b3:a3:98:ba:98:08:80: 4d:dd:6e:17 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgICNTAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MjU0NzUxMTAvBgNVBAUTKDQ0NDBGNkM0MjJFOTUwMEM3RDQ2QTYyRDdERUI3MEQz M0E4ODc1MEUwHhcNMjMxMjAyMTQ0MDI3WhcNMjUwMTMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NTZiNDFkYi03MzhmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAnMenx5iCfpT5Z8zz/cK8rsWmomdAHcmbIT8z6bi8sSNI+xiRb3BzhejmS6Zb 4py8iUPziFP7xzst9D1O71ldznJgU3KpLpEQBEH1J1tz/gfzkyOEjRBlQ2jXaO2w ANdPKsSgmwP+UWDheV2YeZkWsP4rDKn/o/iXJTExsZzPC1f+ZWN5tHpvU0BMDA9N L6V4sDWnPE2cGwTm/FoDyTtJ7hAsTN7Xqwpjz5ezxhIfHwxbn7tU3vUgeaqy9/bf e9RrsbS1eMWFUARn2KwfSm3JpV4YAo7u2n2UnOIrrrQWyFxSYv8ajHXYWKKPJTNN hrvVUqxvOAFzxM5Mtmwh67XU6QIDAQABo4ICwDCCArwwHQYDVR0OBBYEFBmdP3NL r4bdIXEQCtBihkvPxj97MB8GA1UdIwQYMBaAFERA9sQi6VAMfUamLX3rcNM6iHUO MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyNTQ3NS9BQjQ0Nzk3MjFE NzgxMUUyQURCNkYyQzQwOEIwMkNEMi9SRUQyeENMcFVBeDlScVl0ZmV0dzB6cUlk UTQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1JFRDJ4Q0xwVUF4OVJxWXRmZXR3MHpxSWRRNC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MjU0NzUvQUI0NDc5NzIxRDc4MTFFMkFEQjZGMkM0MDhCMDJDRDIvRkY1NDQ2MUND N0JDMTFFQjlFNkM5QTY5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwSgYIKwYBBQUHAQcBAf8E OzA5MCYEAgABMCADBAA9EwUDBAA9EwgwDAMEAD0TCwMEAT0TDAMEAHqb7zAPBAIA AjAJAwcAIAEMOFAKMA0GCSqGSIb3DQEBCwUAA4IBAQAp6PUO2Br3WG/N7ZvbLMBO 1iT4LuJGJUJnbp0oz8708Rt8PMZo8qMJJu9MOowhp3bZbf4ixsVWAYtYoGuZKjJz sogTVix2YS+ThmvlOvRXXh2K3T+vS7lxTs6zXt6/kh76mJRQWKVL5TmSb6wmRjG2 QI1nIsxuYpMGMJexJe6CCVuwiBTHD9nY1fxH+Jho7NHIS4U7+ye/YIu/JF0k+5Wv zVGEQ4Lb1bdL4/qVJvYO6o9b4Ei+X08Fiyn5e70hqozLIKn2gwFrAiEF94Q53R+w 378CPHqCwm5FtAyafVVIksejUELAlrWjAgiN5Ytu3XTpGZiTjLOjmLqYCIBN3W4X -----END CERTIFICATE-----Generated at Wed Nov 20 16:00:06 2024 by rpki-client on console-ams.rpki-client.org