$ rpki-client -vvf rpki.apnic.net/member_repository/A91338F0/0A771A3693AE11EF8F48AB43C4F9AE02/1A824A0E993511EF9BB0A677C4F9AE02.roa File: 1A824A0E993511EF9BB0A677C4F9AE02.roa (raw, json) Hash identifier: hHmJZ4kZTc3eByWyfovBTyBy7zoc4MRBKG9FMUzpQOk= Subject key identifier: 10:23:5E:10:D8:EE:48:9E:6A:F0:9C:9E:0D:9B:FE:97:FF:BF:58:6F Certificate issuer: /CN=A91338F0/serialNumber=8317FC7A82B0EE86520DF18FFD57295116DA5DF2 Certificate serial: 0A Authority key identifier: 83:17:FC:7A:82:B0:EE:86:52:0D:F1:8F:FD:57:29:51:16:DA:5D:F2 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gxf8eoKw7oZSDfGP_VcpURbaXfI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91338F0/0A771A3693AE11EF8F48AB43C4F9AE02/1A824A0E993511EF9BB0A677C4F9AE02.roa Signing time: Sat 02 Nov 2024 16:11:23 +0000 ROA not before: Sat 02 Nov 2024 16:11:23 +0000 ROA not after: Fri 31 Oct 2025 00:00:00 +0000 asID: 45327 IP address blocks: 116.90.64.0/21 maxlen: 21 116.90.64.0/24 maxlen: 24 116.90.65.0/24 maxlen: 24 116.90.66.0/24 maxlen: 24 116.90.67.0/24 maxlen: 24 116.90.70.0/24 maxlen: 24 116.90.71.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91338F0/0A771A3693AE11EF8F48AB43C4F9AE02/gxf8eoKw7oZSDfGP_VcpURbaXfI.crl rsync://rpki.apnic.net/member_repository/A91338F0/0A771A3693AE11EF8F48AB43C4F9AE02/gxf8eoKw7oZSDfGP_VcpURbaXfI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gxf8eoKw7oZSDfGP_VcpURbaXfI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 28 Nov 2024 05:18:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 10 (0xa) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91338F0/serialNumber=8317FC7A82B0EE86520DF18FFD57295116DA5DF2 Validity Not Before: Nov 2 16:11:23 2024 GMT Not After : Oct 31 00:00:00 2025 GMT Subject: CN=67264f2b-f56b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9d:1b:fe:c9:b3:7e:b2:5d:5f:bb:9b:18:f4:b4: d8:11:73:fc:34:24:cc:4e:ce:2b:54:75:6e:59:fb: 67:c3:10:5c:19:26:64:2f:2a:1b:18:40:52:20:3e: a0:00:46:46:d3:b6:e0:a8:9c:c1:de:88:66:7b:cc: 34:0a:2a:cc:55:11:6b:d8:a7:15:a0:62:6b:9b:bc: 03:bf:92:e0:12:a1:29:a4:1a:6d:56:b1:ac:f0:11: 66:7e:af:38:2b:9d:db:c8:a7:eb:3e:0e:35:87:01: 9f:f5:68:d9:a5:ce:63:a0:5a:cb:3f:de:64:ea:20: 1e:ac:9b:f3:42:6f:04:ea:ea:6a:7c:97:6c:71:e8: 6b:53:82:97:1c:69:af:87:c8:8d:9e:e8:ed:ae:e9: b1:04:68:7d:25:6e:bd:ff:2a:aa:67:69:de:6d:cc: 3b:9b:f3:de:30:4a:8d:62:11:87:da:18:c6:9a:42: 50:6f:df:69:31:65:fb:9e:ea:64:2e:71:4b:31:65: 0a:bd:86:f5:10:73:94:fa:a4:93:fe:22:d4:bf:f8: b6:aa:2b:dd:3c:f3:4d:28:3a:da:26:35:24:7e:cd: 21:23:0b:58:9d:1e:24:80:37:d1:92:8f:87:63:47: 9e:f3:41:b3:16:34:31:42:c2:40:12:20:35:25:4c: 55:c5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 10:23:5E:10:D8:EE:48:9E:6A:F0:9C:9E:0D:9B:FE:97:FF:BF:58:6F X509v3 Authority Key Identifier: keyid:83:17:FC:7A:82:B0:EE:86:52:0D:F1:8F:FD:57:29:51:16:DA:5D:F2 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91338F0/0A771A3693AE11EF8F48AB43C4F9AE02/gxf8eoKw7oZSDfGP_VcpURbaXfI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gxf8eoKw7oZSDfGP_VcpURbaXfI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91338F0/0A771A3693AE11EF8F48AB43C4F9AE02/1A824A0E993511EF9BB0A677C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 116.90.64.0/21 Signature Algorithm: sha256WithRSAEncryption 9a:76:0c:c9:ff:7a:ad:29:11:2c:05:b5:c9:4d:b1:be:7b:f6: 98:48:85:09:c0:2a:4c:5c:14:5e:ac:9e:fd:8d:8d:33:27:eb: cf:84:94:59:73:c8:7a:ff:de:1f:5b:63:d8:f6:c7:55:59:f9: 1f:e2:e8:30:3b:0a:03:8e:9e:61:63:e0:aa:d1:a4:7a:60:4c: 28:08:f6:bf:e0:42:82:3f:9a:7a:22:9f:7b:b4:01:59:b1:fc: 1f:53:f2:a8:2a:eb:70:72:c7:f8:23:2a:fa:35:0c:c8:b4:a6: e5:15:ea:3a:71:0f:48:9b:ca:51:44:09:60:07:01:3f:33:ae: b6:5f:7b:ec:71:f6:77:55:f6:0b:cd:4b:47:ae:59:50:c8:b5: c3:d5:9d:ff:97:b4:2d:9c:a8:76:6c:47:97:58:43:32:b2:68: ea:93:88:df:2c:e0:06:da:fb:9c:b9:77:5b:0c:42:c8:09:c9: d1:84:4c:9a:17:90:df:4e:be:3d:c3:93:00:95:7e:a2:14:c8: dd:5d:1f:7e:88:f7:20:d5:34:75:63:3d:0d:4a:91:5c:a6:06: 57:d3:8c:fb:4a:b7:fd:b4:f3:48:d6:fa:8a:c5:82:09:d4:e7: 53:1e:b7:08:32:82:e0:67:b5:3a:51:b1:fa:23:fe:10:26:29: 20:eb:3a:24 -----BEGIN CERTIFICATE----- MIIFcDCCBFigAwIBAgIBCjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEz MzhGMDExMC8GA1UEBRMoODMxN0ZDN0E4MkIwRUU4NjUyMERGMThGRkQ1NzI5NTEx NkRBNURGMjAeFw0yNDExMDIxNjExMjNaFw0yNTEwMzEwMDAwMDBaMBgxFjAUBgNV BAMTDTY3MjY0ZjJiLWY1NmIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCdG/7Js36yXV+7mxj0tNgRc/w0JMxOzitUdW5Z+2fDEFwZJmQvKhsYQFIgPqAA RkbTtuConMHeiGZ7zDQKKsxVEWvYpxWgYmubvAO/kuASoSmkGm1WsazwEWZ+rzgr ndvIp+s+DjWHAZ/1aNmlzmOgWss/3mTqIB6sm/NCbwTq6mp8l2xx6GtTgpccaa+H yI2e6O2u6bEEaH0lbr3/Kqpnad5tzDub894wSo1iEYfaGMaaQlBv32kxZfue6mQu cUsxZQq9hvUQc5T6pJP+ItS/+LaqK908800oOtomNSR+zSEjC1idHiSAN9GSj4dj R57zQbMWNDFCwkASIDUlTFXFAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUECNeENju SJ5q8JyeDZv+l/+/WG8wHwYDVR0jBBgwFoAUgxf8eoKw7oZSDfGP/VcpURbaXfIw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTMzOEYwLzBBNzcxQTM2OTNB RTExRUY4RjQ4QUI0M0M0RjlBRTAyL2d4Zjhlb0t3N29aU0RmR1BfVmNwVVJiYVhm SS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvZ3hmOGVvS3c3b1pTRGZHUF9WY3BVUmJhWGZJLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz MzhGMC8wQTc3MUEzNjkzQUUxMUVGOEY0OEFCNDNDNEY5QUUwMi8xQTgyNEEwRTk5 MzUxMUVGOUJCMEE2NzdDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ MA4wDAQCAAEwBgMEA3RaQDANBgkqhkiG9w0BAQsFAAOCAQEAmnYMyf96rSkRLAW1 yU2xvnv2mEiFCcAqTFwUXqye/Y2NMyfrz4SUWXPIev/eH1tj2PbHVVn5H+LoMDsK A46eYWPgqtGkemBMKAj2v+BCgj+aeiKfe7QBWbH8H1PyqCrrcHLH+CMq+jUMyLSm 5RXqOnEPSJvKUUQJYAcBPzOutl977HH2d1X2C81LR65ZUMi1w9Wd/5e0LZyodmxH l1hDMrJo6pOI3yzgBtr7nLl3WwxCyAnJ0YRMmheQ306+PcOTAJV+ohTI3V0ffoj3 INU0dWM9DUqRXKYGV9OM+0q3/bTzSNb6isWCCdTnUx63CDKC4Ge1OlGx+iP+ECYp IOs6JA== -----END CERTIFICATE-----Generated at Thu Nov 21 07:40:01 2024 by rpki-client on console-ams.rpki-client.org