$ rpki-client -vvf rpki.apnic.net/member_repository/A91406AA/8658E46686C111EBBAB3184BC4F9AE02/A08AFBB284F211EE89828225C4F9AE02.roa File: A08AFBB284F211EE89828225C4F9AE02.roa (raw, json) Hash identifier: o0/UmqHBu35TkHikAhbVdhXHi+7hDM8lM9U+g+mEr/c= Subject key identifier: 6F:BC:68:7F:5E:BA:0B:1C:AF:35:AC:20:CB:3E:3E:53:48:C4:AB:C8 Certificate issuer: /CN=A91406AA/serialNumber=218A8AA050267B0805E3FDC8A939BF8FBCB00101 Certificate serial: 0623 Authority key identifier: 21:8A:8A:A0:50:26:7B:08:05:E3:FD:C8:A9:39:BF:8F:BC:B0:01:01 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IYqKoFAmewgF4_3IqTm_j7ywAQE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91406AA/8658E46686C111EBBAB3184BC4F9AE02/A08AFBB284F211EE89828225C4F9AE02.roa Signing time: Mon 14 Oct 2024 22:52:33 +0000 ROA not before: Mon 14 Oct 2024 22:52:33 +0000 ROA not after: Mon 01 Dec 2025 00:00:00 +0000 asID: 9790 IP address blocks: 131.203.0.0/16 maxlen: 20 131.203.29.0/24 maxlen: 24 131.203.48.0/24 maxlen: 24 131.203.49.0/24 maxlen: 24 131.203.78.0/24 maxlen: 24 131.203.79.0/24 maxlen: 24 151.210.224.0/20 maxlen: 24 158.140.224.0/20 maxlen: 24 158.140.240.0/21 maxlen: 24 158.140.248.0/22 maxlen: 24 161.29.0.0/16 maxlen: 20 161.65.0.0/19 maxlen: 20 161.65.64.0/18 maxlen: 22 161.65.128.0/19 maxlen: 19 161.65.192.0/18 maxlen: 22 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91406AA/8658E46686C111EBBAB3184BC4F9AE02/IYqKoFAmewgF4_3IqTm_j7ywAQE.crl rsync://rpki.apnic.net/member_repository/A91406AA/8658E46686C111EBBAB3184BC4F9AE02/IYqKoFAmewgF4_3IqTm_j7ywAQE.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IYqKoFAmewgF4_3IqTm_j7ywAQE.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 Nov 2024 19:45:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1571 (0x623) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91406AA/serialNumber=218A8AA050267B0805E3FDC8A939BF8FBCB00101 Validity Not Before: Oct 14 22:52:33 2024 GMT Not After : Dec 1 00:00:00 2025 GMT Subject: CN=670da0b1-8908 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:37:83:ee:f5:fb:eb:90:8d:67:85:d9:60:2b: e2:1c:70:5b:5c:f2:ec:76:9e:9f:33:d5:ca:b4:b0: 0f:ea:c0:71:69:8e:84:70:6f:c1:fb:73:ac:24:cf: 6a:19:64:52:0e:20:d3:7d:fa:fd:ae:3c:5b:02:88: 7a:2a:bb:da:07:05:70:47:f2:6d:d5:99:9e:6e:20: 7d:88:10:96:8b:67:81:73:a6:e6:80:bf:57:fc:47: 58:e4:d7:3a:de:ba:55:67:bd:75:3b:31:cc:26:62: ef:9a:5b:d6:71:4b:3e:73:20:2b:36:5b:ff:89:82: 32:e7:d4:03:41:6e:25:ca:ac:8a:f1:ea:1b:de:27: 09:52:d7:7b:cc:2d:69:bb:d9:73:a8:df:f2:08:f4: 3b:b6:95:cb:3a:93:07:7b:2a:f3:4c:c5:db:65:ec: d2:38:e4:af:90:b7:10:e1:fa:63:5d:df:e2:2e:8b: ec:d6:25:ef:1f:67:4c:4c:3d:48:c5:02:ce:f6:f8: 50:0c:7b:f5:19:e4:21:85:f6:cf:cf:51:c7:0f:f0: 39:42:44:17:e4:4b:fd:fa:86:fc:a0:f6:48:3b:c2: 05:50:f4:9e:df:6a:4c:e7:8a:da:7b:7e:2d:30:ac: 00:4e:52:19:1a:64:93:40:55:39:f3:4d:d2:6b:44: f9:f3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6F:BC:68:7F:5E:BA:0B:1C:AF:35:AC:20:CB:3E:3E:53:48:C4:AB:C8 X509v3 Authority Key Identifier: keyid:21:8A:8A:A0:50:26:7B:08:05:E3:FD:C8:A9:39:BF:8F:BC:B0:01:01 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91406AA/8658E46686C111EBBAB3184BC4F9AE02/IYqKoFAmewgF4_3IqTm_j7ywAQE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IYqKoFAmewgF4_3IqTm_j7ywAQE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91406AA/8658E46686C111EBBAB3184BC4F9AE02/A08AFBB284F211EE89828225C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 131.203.0.0/16 151.210.224.0/20 158.140.224.0-158.140.251.255 161.29.0.0/16 161.65.0.0/19 161.65.64.0-161.65.159.255 161.65.192.0/18 Signature Algorithm: sha256WithRSAEncryption 9e:2b:43:af:aa:7d:6d:b9:10:9b:0a:76:2a:de:d6:f8:1b:c5: 6c:d6:a4:f9:51:fd:b4:0e:4d:05:b5:6f:c2:82:56:54:23:79: be:dc:fd:7a:ff:49:10:fc:57:d1:11:61:8d:cf:2c:78:fb:52: 51:04:5e:0e:ab:8a:a0:62:13:57:53:47:2f:de:29:f3:3b:59: 39:2d:8f:e7:cd:2d:85:2d:78:9b:cc:85:5d:51:45:dd:e6:96: a2:9b:0a:92:5e:59:eb:46:0c:30:d1:cc:7e:66:a8:75:db:2b: 70:e7:54:8b:5a:84:5b:ef:1f:1f:e9:b4:df:6b:bd:67:01:dd: 81:c0:dd:d5:9c:53:10:9b:5b:4e:0b:c0:7b:7f:e7:36:8f:81: 0a:cb:ee:d9:1c:71:64:f2:04:3a:82:43:b6:7e:5d:9a:2b:0b: 47:82:55:b4:bf:db:dc:24:d9:ff:9c:3b:52:4f:90:45:c5:96: 34:aa:8b:36:f3:a0:74:00:bf:56:50:32:03:18:bf:10:eb:83: 75:a9:3c:ed:01:36:e8:d9:e0:87:e0:e3:9a:97:ac:b5:60:a6: 0a:7c:8a:e2:1b:3f:b6:0d:f6:36:35:df:8c:4a:7e:b5:4b:38: cf:b1:88:eb:bc:3a:99:be:8f:c8:e8:5f:2b:8e:88:db:ec:93: ce:2b:9b:d0 -----BEGIN CERTIFICATE----- MIIFozCCBIugAwIBAgICBiMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDA2QUExMTAvBgNVBAUTKDIxOEE4QUEwNTAyNjdCMDgwNUUzRkRDOEE5MzlCRjhG QkNCMDAxMDEwHhcNMjQxMDE0MjI1MjMzWhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD VQQDEw02NzBkYTBiMS04OTA4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtjeD7vX765CNZ4XZYCviHHBbXPLsdp6fM9XKtLAP6sBxaY6EcG/B+3OsJM9q GWRSDiDTffr9rjxbAoh6KrvaBwVwR/Jt1ZmebiB9iBCWi2eBc6bmgL9X/EdY5Nc6 3rpVZ711OzHMJmLvmlvWcUs+cyArNlv/iYIy59QDQW4lyqyK8eob3icJUtd7zC1p u9lzqN/yCPQ7tpXLOpMHeyrzTMXbZezSOOSvkLcQ4fpjXd/iLovs1iXvH2dMTD1I xQLO9vhQDHv1GeQhhfbPz1HHD/A5QkQX5Ev9+ob8oPZIO8IFUPSe32pM54rae34t MKwATlIZGmSTQFU5803Sa0T58wIDAQABo4ICxzCCAsMwHQYDVR0OBBYEFG+8aH9e ugscrzWsIMs+PlNIxKvIMB8GA1UdIwQYMBaAFCGKiqBQJnsIBeP9yKk5v4+8sAEB MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0MDZBQS84NjU4RTQ2Njg2 QzExMUVCQkFCMzE4NEJDNEY5QUUwMi9JWXFLb0ZBbWV3Z0Y0XzNJcVRtX2o3eXdB UUUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL0lZcUtvRkFtZXdnRjRfM0lxVG1fajd5d0FRRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NDA2QUEvODY1OEU0NjY4NkMxMTFFQkJBQjMxODRCQzRGOUFFMDIvQTA4QUZCQjI4 NEYyMTFFRTg5ODI4MjI1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwUQYIKwYBBQUHAQcBAf8E QjBAMD4EAgABMDgDAwCDywMEBJfS4DAMAwQFnozgAwQCnoz4AwMAoR0DBAWhQQAw DAMEBqFBQAMEBaFBgAMEBqFBwDANBgkqhkiG9w0BAQsFAAOCAQEAnitDr6p9bbkQ mwp2Kt7W+BvFbNak+VH9tA5NBbVvwoJWVCN5vtz9ev9JEPxX0RFhjc8sePtSUQRe DquKoGITV1NHL94p8ztZOS2P580thS14m8yFXVFF3eaWopsKkl5Z60YMMNHMfmao ddsrcOdUi1qEW+8fH+m032u9ZwHdgcDd1ZxTEJtbTgvAe3/nNo+BCsvu2RxxZPIE OoJDtn5dmisLR4JVtL/b3CTZ/5w7Uk+QRcWWNKqLNvOgdAC/VlAyAxi/EOuDdak8 7QE26Nngh+DjmpestWCmCnyK4hs/tg32NjXfjEp+tUs4z7GI67w6mb6PyOhfK46I 2+yTziub0A== -----END CERTIFICATE-----Generated at Wed Nov 20 23:55:38 2024 by rpki-client on console-ams.rpki-client.org