$ rpki-client -vvf rpki.apnic.net/member_repository/A91304A9/A374A1B6467111EA81ABB25FC4F9AE02/89E1ED764CC111EE87453D77C4F9AE02.roa File: 89E1ED764CC111EE87453D77C4F9AE02.roa (raw, json) Hash identifier: wnVWpYyGZvdbcpCddfvTfqXktC/2rHPqlpAJVaUv9/Q= Subject key identifier: 3B:31:14:52:5A:81:C3:9F:89:79:2D:45:B5:D9:1C:88:D8:5A:66:08 Certificate issuer: /CN=A91304A9/serialNumber=580553B883DEC3DDB24F688E6C2D1BFA93C263AA Certificate serial: 09E5 Authority key identifier: 58:05:53:B8:83:DE:C3:DD:B2:4F:68:8E:6C:2D:1B:FA:93:C2:63:AA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WAVTuIPew92yT2iObC0b-pPCY6o.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91304A9/A374A1B6467111EA81ABB25FC4F9AE02/89E1ED764CC111EE87453D77C4F9AE02.roa Signing time: Wed 06 Sep 2023 14:27:42 +0000 ROA not before: Wed 06 Sep 2023 14:27:42 +0000 ROA not after: Sat 31 Aug 2024 00:00:00 +0000 asID: 3491 IP address blocks: 116.66.208.0/20 maxlen: 20 116.66.210.0/23 maxlen: 24 116.66.212.0/22 maxlen: 22 116.66.216.0/22 maxlen: 22 116.66.217.0/24 maxlen: 24 116.66.220.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91304A9/A374A1B6467111EA81ABB25FC4F9AE02/WAVTuIPew92yT2iObC0b-pPCY6o.crl rsync://rpki.apnic.net/member_repository/A91304A9/A374A1B6467111EA81ABB25FC4F9AE02/WAVTuIPew92yT2iObC0b-pPCY6o.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WAVTuIPew92yT2iObC0b-pPCY6o.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 27 May 2024 20:34:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2533 (0x9e5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91304A9/serialNumber=580553B883DEC3DDB24F688E6C2D1BFA93C263AA Validity Not Before: Sep 6 14:27:42 2023 GMT Not After : Aug 31 00:00:00 2024 GMT Subject: CN=64f88c5e-e61a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9f:b7:a6:a3:4b:08:2f:8d:77:7b:ed:00:46:e4: 25:ac:1f:24:26:1d:bb:3b:b6:bc:60:a1:94:4a:f9: 75:80:bc:c5:cf:9c:42:a3:a1:77:4e:6f:04:1f:01: fe:67:ee:00:23:9c:e8:7d:bd:b2:f0:dc:a0:11:6d: e9:e6:94:ca:c6:8b:51:c9:17:c0:43:ad:b5:6b:89: 30:bb:1a:cc:82:a0:e5:01:f9:a2:6c:73:ae:1b:13: 4f:1f:60:31:79:64:86:41:f0:19:e9:a3:1a:f0:7a: ab:92:7a:7a:4b:16:a7:7c:9a:2e:a4:75:98:f7:3f: 66:78:64:de:67:ea:88:35:69:7b:d0:9f:74:72:f3: 42:15:b0:46:aa:fc:f5:a0:d3:54:1a:1d:25:7e:91: 15:f2:5a:de:a4:57:6b:f0:1b:45:72:93:e4:e6:ff: a1:29:c7:02:eb:0d:da:5f:ce:3d:03:5c:4d:e1:5e: 16:54:dd:a2:71:0b:34:67:16:2c:6d:4b:23:fe:b0: df:37:c3:a5:61:28:b4:da:74:c0:25:7e:04:b3:25: 0d:b8:17:7e:65:88:87:24:46:75:09:f8:b7:2f:fa: b5:4d:f9:f4:83:19:b3:25:7d:26:b0:6d:93:49:ba: f2:ef:2a:97:1a:e2:00:02:76:ea:0a:6b:5b:7f:00: b4:4d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3B:31:14:52:5A:81:C3:9F:89:79:2D:45:B5:D9:1C:88:D8:5A:66:08 X509v3 Authority Key Identifier: keyid:58:05:53:B8:83:DE:C3:DD:B2:4F:68:8E:6C:2D:1B:FA:93:C2:63:AA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91304A9/A374A1B6467111EA81ABB25FC4F9AE02/WAVTuIPew92yT2iObC0b-pPCY6o.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WAVTuIPew92yT2iObC0b-pPCY6o.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91304A9/A374A1B6467111EA81ABB25FC4F9AE02/89E1ED764CC111EE87453D77C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 116.66.208.0/20 Signature Algorithm: sha256WithRSAEncryption 28:45:6c:71:85:a3:0f:de:8b:15:46:93:27:69:9e:5a:2c:7a: f8:af:51:7f:a4:27:eb:8b:56:32:f4:62:93:8f:a2:47:c3:bf: ae:4b:95:f3:bf:6b:32:37:ea:6a:69:5c:a9:ae:1e:a5:31:ca: 4e:d8:1a:8d:23:65:80:91:b3:46:3c:a7:6b:63:c3:37:a8:43: 5d:df:a4:8b:a1:08:ec:6f:80:4a:ba:97:6e:36:95:c9:39:08: 84:91:a0:01:65:5e:6a:41:b3:71:a2:d1:6c:43:04:50:ef:47: 1a:eb:13:ac:1b:96:01:bd:4b:21:d8:b1:44:e7:69:e8:d0:25: 04:eb:3c:ff:83:bc:ad:3e:3d:9e:65:dd:ee:36:2e:04:38:65: 6a:c3:27:dd:ec:29:88:21:7d:76:56:d8:f2:01:35:10:ca:f0: 11:ed:81:ba:3e:71:2c:fd:dd:80:53:10:11:05:d0:09:3c:97: ed:ce:58:1e:b8:43:08:2d:65:20:cb:da:66:11:c5:2e:9f:d1: 84:f7:96:9f:01:3d:59:cb:9f:a0:15:93:df:0c:97:a8:63:96: c2:6f:88:14:c1:32:c3:7e:92:87:08:78:c5:69:ba:c8:f5:8f: f2:17:d3:20:b5:e1:dc:e8:94:66:8a:46:8d:cd:f6:c2:0d:04: d2:06:10:68 -----BEGIN CERTIFICATE----- MIIFcTCCBFmgAwIBAgICCeUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MzA0QTkxMTAvBgNVBAUTKDU4MDU1M0I4ODNERUMzRERCMjRGNjg4RTZDMkQxQkZB OTNDMjYzQUEwHhcNMjMwOTA2MTQyNzQyWhcNMjQwODMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NGY4OGM1ZS1lNjFhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAn7emo0sIL413e+0ARuQlrB8kJh27O7a8YKGUSvl1gLzFz5xCo6F3Tm8EHwH+ Z+4AI5zofb2y8NygEW3p5pTKxotRyRfAQ621a4kwuxrMgqDlAfmibHOuGxNPH2Ax eWSGQfAZ6aMa8Hqrknp6SxanfJoupHWY9z9meGTeZ+qINWl70J90cvNCFbBGqvz1 oNNUGh0lfpEV8lrepFdr8BtFcpPk5v+hKccC6w3aX849A1xN4V4WVN2icQs0ZxYs bUsj/rDfN8OlYSi02nTAJX4EsyUNuBd+ZYiHJEZ1Cfi3L/q1Tfn0gxmzJX0msG2T Sbry7yqXGuIAAnbqCmtbfwC0TQIDAQABo4IClTCCApEwHQYDVR0OBBYEFDsxFFJa gcOfiXktRbXZHIjYWmYIMB8GA1UdIwQYMBaAFFgFU7iD3sPdsk9ojmwtG/qTwmOq MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzMDRBOS9BMzc0QTFCNjQ2 NzExMUVBODFBQkIyNUZDNEY5QUUwMi9XQVZUdUlQZXc5MnlUMmlPYkMwYi1wUENZ Nm8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1dBVlR1SVBldzkyeVQyaU9iQzBiLXBQQ1k2by5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MzA0QTkvQTM3NEExQjY0NjcxMTFFQTgxQUJCMjVGQzRGOUFFMDIvODlFMUVENzY0 Q0MxMTFFRTg3NDUzRDc3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E EDAOMAwEAgABMAYDBAR0QtAwDQYJKoZIhvcNAQELBQADggEBAChFbHGFow/eixVG kydpnlosevivUX+kJ+uLVjL0YpOPokfDv65LlfO/azI36mppXKmuHqUxyk7YGo0j ZYCRs0Y8p2tjwzeoQ13fpIuhCOxvgEq6l242lck5CISRoAFlXmpBs3Gi0WxDBFDv RxrrE6wblgG9SyHYsUTnaejQJQTrPP+DvK0+PZ5l3e42LgQ4ZWrDJ93sKYghfXZW 2PIBNRDK8BHtgbo+cSz93YBTEBEF0Ak8l+3OWB64QwgtZSDL2mYRxS6f0YT3lp8B PVnLn6AVk98Ml6hjlsJviBTBMsN+kocIeMVpusj1j/IX0yC14dzolGaKRo3N9sIN BNIGEGg= -----END CERTIFICATE-----Generated at Mon May 20 21:23:08 2024 by rpki-client on console-fra.rpki-client.org