$ rpki-client -vvf rpki.apnic.net/member_repository/A91406AA/8F5BB4F886C111EBBAB3184BC4F9AE02/3558D5DC1F1711EC924DB151C4F9AE02.roa File: 3558D5DC1F1711EC924DB151C4F9AE02.roa (raw, json) Hash identifier: vP7WBLiBPm6eopYthgQWNFdOovCQ9GXjnNo/bFTZOgc= Subject key identifier: B9:49:39:02:8F:28:36:F4:E4:25:5C:45:08:25:93:44:CD:92:49:E4 Certificate issuer: /CN=A91406AA/serialNumber=315513E54AB0C99B8BCA84042E38358B60DB1B2C Certificate serial: 06CD Authority key identifier: 31:55:13:E5:4A:B0:C9:9B:8B:CA:84:04:2E:38:35:8B:60:DB:1B:2C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MVUT5UqwyZuLyoQELjg1i2DbGyw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91406AA/8F5BB4F886C111EBBAB3184BC4F9AE02/3558D5DC1F1711EC924DB151C4F9AE02.roa Signing time: Mon 14 Oct 2024 22:52:42 +0000 ROA not before: Mon 14 Oct 2024 22:52:42 +0000 ROA not after: Mon 01 Dec 2025 00:00:00 +0000 asID: 38793 IP address blocks: 118.148.0.0/15 maxlen: 16 118.148.0.0/24 maxlen: 24 118.148.1.0/24 maxlen: 24 118.148.2.0/24 maxlen: 24 118.148.3.0/24 maxlen: 24 118.148.5.0/24 maxlen: 24 118.148.128.0/18 maxlen: 18 118.148.128.0/19 maxlen: 19 118.148.192.0/18 maxlen: 18 118.148.192.0/19 maxlen: 19 118.149.1.0/24 maxlen: 24 118.149.2.0/24 maxlen: 24 118.149.3.0/24 maxlen: 24 118.149.5.0/24 maxlen: 24 118.149.25.0/24 maxlen: 24 118.149.128.0/17 maxlen: 18 118.149.128.0/19 maxlen: 19 118.149.192.0/19 maxlen: 19 2405:a400::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91406AA/8F5BB4F886C111EBBAB3184BC4F9AE02/MVUT5UqwyZuLyoQELjg1i2DbGyw.crl rsync://rpki.apnic.net/member_repository/A91406AA/8F5BB4F886C111EBBAB3184BC4F9AE02/MVUT5UqwyZuLyoQELjg1i2DbGyw.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MVUT5UqwyZuLyoQELjg1i2DbGyw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 Nov 2024 20:33:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1741 (0x6cd) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91406AA/serialNumber=315513E54AB0C99B8BCA84042E38358B60DB1B2C Validity Not Before: Oct 14 22:52:42 2024 GMT Not After : Dec 1 00:00:00 2025 GMT Subject: CN=670da0ba-196b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:c0:e1:6b:01:b9:10:a7:12:04:e7:12:2a:8e: 59:60:32:3a:10:fc:b5:de:3c:b9:0d:7a:97:dd:e4: 18:49:72:51:52:6a:4b:1f:21:ff:a1:0a:66:e6:b6: cd:88:84:15:ce:7f:8d:1d:a5:d8:2f:2f:f0:63:4f: dc:65:1c:5a:67:c6:53:02:83:21:a1:eb:b0:82:f5: 0e:b5:38:e7:8f:1f:0a:6d:7e:aa:df:00:d5:2e:d3: 70:f7:60:56:53:98:aa:98:11:1e:a7:56:96:12:5b: 61:22:eb:9a:b7:d8:58:2d:03:4b:52:4a:fc:3d:09: 6a:1f:4b:de:0e:6e:48:1c:6b:7f:6d:18:e8:ca:dd: e0:76:21:a6:8a:56:07:b8:50:00:36:34:ca:a5:6a: 08:8a:86:9a:03:cc:fb:c7:f5:9d:c2:ae:b8:9d:07: ef:ce:7d:be:0a:9e:27:c1:64:2c:2d:32:b7:4b:a9: c2:d3:74:37:4e:aa:a7:9f:2d:31:a5:2f:5f:a2:b1: 21:f9:dc:c3:df:73:2f:99:3a:0d:ec:aa:a9:49:0f: b4:33:1e:6d:8d:a1:2f:1a:89:f5:ca:e4:d1:a2:9a: db:f2:c2:20:43:2c:2e:a9:cd:42:2b:7f:a8:a5:6c: 70:17:47:ca:cf:70:bf:3a:75:bf:4e:0e:fa:e5:62: f2:8b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B9:49:39:02:8F:28:36:F4:E4:25:5C:45:08:25:93:44:CD:92:49:E4 X509v3 Authority Key Identifier: keyid:31:55:13:E5:4A:B0:C9:9B:8B:CA:84:04:2E:38:35:8B:60:DB:1B:2C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91406AA/8F5BB4F886C111EBBAB3184BC4F9AE02/MVUT5UqwyZuLyoQELjg1i2DbGyw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MVUT5UqwyZuLyoQELjg1i2DbGyw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91406AA/8F5BB4F886C111EBBAB3184BC4F9AE02/3558D5DC1F1711EC924DB151C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 118.148.0.0/15 IPv6: 2405:a400::/32 Signature Algorithm: sha256WithRSAEncryption b6:15:c6:cd:5e:d7:02:50:8e:43:3a:77:e8:88:71:39:e1:ad: ca:55:8f:67:8a:4f:26:50:e1:44:e8:d2:d0:2f:17:7d:0f:cd: e0:47:53:cc:fd:0a:f7:83:45:9e:e7:a9:31:b6:02:1c:a9:98: 9c:ea:43:d0:ce:4d:69:1f:84:67:89:6d:69:8a:7f:97:b5:7a: 3f:8c:9e:b1:2c:db:0f:6b:80:26:d1:73:3b:ae:f4:eb:a2:82: 25:03:ee:21:00:dc:1a:e3:86:a6:4f:a2:54:2c:41:b1:22:5d: e8:36:79:c4:ed:0f:43:df:0a:ce:86:fb:2a:9b:f6:34:2e:de: db:45:e5:59:af:05:ab:83:ce:3e:ff:4b:ae:f9:3e:56:b3:5e: 38:89:c7:f5:5f:dc:cf:22:2b:54:3f:a5:2b:52:43:86:f0:45: 42:60:8b:78:79:62:b1:3b:02:d2:2d:68:28:ac:ee:6d:fc:8f: 1f:81:26:03:ea:61:77:9d:a4:96:95:2d:52:f9:96:24:cb:c1: 6c:4f:ca:2d:63:e7:48:8e:cd:ee:7b:23:96:bc:05:82:ac:02: 50:2f:4d:21:54:60:1d:8e:1d:bc:dc:34:45:eb:7a:70:17:ed: e7:66:8a:5c:fd:c1:f7:ea:18:95:7a:89:c7:94:e8:b8:cc:26: 8d:d7:4c:3b -----BEGIN CERTIFICATE----- MIIFfzCCBGegAwIBAgICBs0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDA2QUExMTAvBgNVBAUTKDMxNTUxM0U1NEFCMEM5OUI4QkNBODQwNDJFMzgzNThC NjBEQjFCMkMwHhcNMjQxMDE0MjI1MjQyWhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD VQQDEw02NzBkYTBiYS0xOTZiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAzcDhawG5EKcSBOcSKo5ZYDI6EPy13jy5DXqX3eQYSXJRUmpLHyH/oQpm5rbN iIQVzn+NHaXYLy/wY0/cZRxaZ8ZTAoMhoeuwgvUOtTjnjx8KbX6q3wDVLtNw92BW U5iqmBEep1aWElthIuuat9hYLQNLUkr8PQlqH0veDm5IHGt/bRjoyt3gdiGmilYH uFAANjTKpWoIioaaA8z7x/Wdwq64nQfvzn2+Cp4nwWQsLTK3S6nC03Q3Tqqnny0x pS9forEh+dzD33MvmToN7KqpSQ+0Mx5tjaEvGon1yuTRoprb8sIgQywuqc1CK3+o pWxwF0fKz3C/OnW/Tg765WLyiwIDAQABo4ICozCCAp8wHQYDVR0OBBYEFLlJOQKP KDb05CVcRQglk0TNkknkMB8GA1UdIwQYMBaAFDFVE+VKsMmbi8qEBC44NYtg2xss MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0MDZBQS84RjVCQjRGODg2 QzExMUVCQkFCMzE4NEJDNEY5QUUwMi9NVlVUNVVxd3ladUx5b1FFTGpnMWkyRGJH eXcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL01WVVQ1VXF3eVp1THlvUUVMamcxaTJEYkd5dy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NDA2QUEvOEY1QkI0Rjg4NkMxMTFFQkJBQjMxODRCQzRGOUFFMDIvMzU1OEQ1REMx RjE3MTFFQzkyNERCMTUxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLQYIKwYBBQUHAQcBAf8E HjAcMAsEAgABMAUDAwF2lDANBAIAAjAHAwUAJAWkADANBgkqhkiG9w0BAQsFAAOC AQEAthXGzV7XAlCOQzp36IhxOeGtylWPZ4pPJlDhROjS0C8XfQ/N4EdTzP0K94NF nuepMbYCHKmYnOpD0M5NaR+EZ4ltaYp/l7V6P4yesSzbD2uAJtFzO67066KCJQPu IQDcGuOGpk+iVCxBsSJd6DZ5xO0PQ98Kzob7Kpv2NC7e20XlWa8Fq4POPv9Lrvk+ VrNeOInH9V/czyIrVD+lK1JDhvBFQmCLeHlisTsC0i1oKKzubfyPH4EmA+phd52k lpUtUvmWJMvBbE/KLWPnSI7N7nsjlrwFgqwCUC9NIVRgHY4dvNw0Ret6cBft52aK XP3B9+oYlXqJx5TouMwmjddMOw== -----END CERTIFICATE-----Generated at Wed Nov 20 23:11:44 2024 by rpki-client on console-fra.rpki-client.org