$ rpki-client -vvf rpki.apnic.net/member_repository/A91406AA/8F5BB4F886C111EBBAB3184BC4F9AE02/B3570772A69A11ED83470E12C4F9AE02.roa File: B3570772A69A11ED83470E12C4F9AE02.roa (raw, json) Hash identifier: qaDLSiSx+lNzQth9wUbdJTiJNSRL5y4t4gF/7gfcWEI= Subject key identifier: 3E:65:CC:78:E6:DD:C5:BA:BB:F1:DE:B2:5C:DE:11:B8:14:92:DF:DD Certificate issuer: /CN=A91406AA/serialNumber=315513E54AB0C99B8BCA84042E38358B60DB1B2C Certificate serial: 06D6 Authority key identifier: 31:55:13:E5:4A:B0:C9:9B:8B:CA:84:04:2E:38:35:8B:60:DB:1B:2C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MVUT5UqwyZuLyoQELjg1i2DbGyw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91406AA/8F5BB4F886C111EBBAB3184BC4F9AE02/B3570772A69A11ED83470E12C4F9AE02.roa Signing time: Mon 14 Oct 2024 22:52:50 +0000 ROA not before: Mon 14 Oct 2024 22:52:50 +0000 ROA not after: Mon 01 Dec 2025 00:00:00 +0000 asID: 9889 IP address blocks: 123.100.64.0/18 maxlen: 24 124.198.128.0/18 maxlen: 24 124.198.192.0/18 maxlen: 20 202.89.32.0/19 maxlen: 19 203.89.160.0/19 maxlen: 19 203.89.176.0/24 maxlen: 24 203.89.177.0/24 maxlen: 24 2401:5c00::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91406AA/8F5BB4F886C111EBBAB3184BC4F9AE02/MVUT5UqwyZuLyoQELjg1i2DbGyw.crl rsync://rpki.apnic.net/member_repository/A91406AA/8F5BB4F886C111EBBAB3184BC4F9AE02/MVUT5UqwyZuLyoQELjg1i2DbGyw.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MVUT5UqwyZuLyoQELjg1i2DbGyw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 21 Feb 2025 05:15:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1750 (0x6d6) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91406AA Validity Not Before: Oct 14 22:52:50 2024 GMT Not After : Dec 1 00:00:00 2025 GMT Subject: CN=670da0c1-3042 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:69:e5:0b:1b:78:3d:00:67:66:e8:03:6f:0a: 37:94:8f:b2:7f:31:52:b9:37:67:91:46:9d:b5:0e: 1e:88:7f:9d:08:b9:6b:d9:f9:91:59:68:45:6e:52: 15:5f:8a:4f:66:a6:9e:3e:10:d8:af:ce:c3:e2:0b: eb:80:37:bf:b2:79:12:6e:b7:c7:a6:03:0f:e6:3e: a4:b4:9c:b6:6f:44:57:4f:c7:ec:f0:c6:a6:fc:77: 15:cf:17:f7:b4:0b:f1:03:a5:87:c7:00:3c:ec:c1: dd:bb:91:dc:f6:de:00:1b:59:3f:31:5d:bf:c5:51: 60:cd:c3:2c:c5:5d:14:6e:1f:fa:0b:16:8a:52:00: 06:6f:fa:a9:28:0f:12:bd:5a:e7:59:e3:00:56:c3: 28:97:12:b4:15:6d:d2:2f:85:4c:16:30:a9:ac:1a: 6c:41:65:1d:91:57:56:1b:f8:36:44:c9:aa:b8:2b: 1d:0a:07:49:d5:90:e5:5a:4d:0b:4a:d7:9b:7d:e1: dd:5c:f6:9c:ce:42:9d:85:6a:13:49:a5:4d:1c:02: f7:e8:94:a4:e6:a6:6c:27:f9:aa:2d:62:a3:32:2b: 6d:be:73:50:ff:3e:c8:95:b1:55:c0:c6:f4:79:61: 97:c0:1a:c0:99:11:15:cc:31:a5:3a:b4:36:2d:31: bf:95 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3E:65:CC:78:E6:DD:C5:BA:BB:F1:DE:B2:5C:DE:11:B8:14:92:DF:DD X509v3 Authority Key Identifier: keyid:31:55:13:E5:4A:B0:C9:9B:8B:CA:84:04:2E:38:35:8B:60:DB:1B:2C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91406AA/8F5BB4F886C111EBBAB3184BC4F9AE02/MVUT5UqwyZuLyoQELjg1i2DbGyw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MVUT5UqwyZuLyoQELjg1i2DbGyw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91406AA/8F5BB4F886C111EBBAB3184BC4F9AE02/B3570772A69A11ED83470E12C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 123.100.64.0/18 124.198.128.0/17 202.89.32.0/19 203.89.160.0/19 IPv6: 2401:5c00::/32 Signature Algorithm: sha256WithRSAEncryption 4d:9a:dd:28:fd:7c:6d:9f:17:da:65:f7:b2:0d:4d:f0:c6:75: af:18:1d:9d:59:8e:1f:da:c4:4c:d8:9f:35:be:f7:e4:59:40: 6d:9b:9e:9e:ea:04:e4:9f:21:b1:dc:8f:9e:87:41:25:68:0b: 3a:10:c5:a8:8d:98:8f:72:45:67:ed:40:87:c5:5d:3d:a7:b4: b6:37:d8:39:82:13:b4:e7:5e:86:8a:5b:0f:de:cb:47:3d:9c: 8d:83:1e:99:7d:db:ed:ab:2b:1f:3a:26:00:0f:f3:7a:5e:85: 42:1a:9b:43:c9:f6:98:e7:8d:01:6c:33:bf:3c:f4:4c:33:85: e1:9f:4b:b8:ce:2d:11:9c:c3:c9:44:32:cb:7b:08:28:ba:31: cf:7e:bd:68:5f:8e:84:e6:08:16:89:6b:e0:4c:14:fd:92:34: b2:40:19:d2:41:ac:9a:a8:14:18:83:b1:42:f2:3b:54:14:85: 51:4c:bb:08:32:49:5f:f2:df:e0:98:86:c2:3a:3c:7b:8d:6a: 70:6e:6b:f6:ef:e0:09:57:7f:35:00:cf:a0:c4:0f:5a:0f:3f: b3:1e:42:5f:1e:de:1d:2f:c1:0d:c1:7a:a1:90:bc:88:20:6b: fe:05:b7:55:14:64:4b:32:e8:5f:38:ae:19:6e:82:9a:0f:92: 47:ac:9e:2d -----BEGIN CERTIFICATE----- MIIFkjCCBHqgAwIBAgICBtYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDA2QUExMTAvBgNVBAUTKDMxNTUxM0U1NEFCMEM5OUI4QkNBODQwNDJFMzgzNThC NjBEQjFCMkMwHhcNMjQxMDE0MjI1MjUwWhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD VQQDEw02NzBkYTBjMS0zMDQyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAyGnlCxt4PQBnZugDbwo3lI+yfzFSuTdnkUadtQ4eiH+dCLlr2fmRWWhFblIV X4pPZqaePhDYr87D4gvrgDe/snkSbrfHpgMP5j6ktJy2b0RXT8fs8Mam/HcVzxf3 tAvxA6WHxwA87MHdu5Hc9t4AG1k/MV2/xVFgzcMsxV0Ubh/6CxaKUgAGb/qpKA8S vVrnWeMAVsMolxK0FW3SL4VMFjCprBpsQWUdkVdWG/g2RMmquCsdCgdJ1ZDlWk0L StebfeHdXPaczkKdhWoTSaVNHAL36JSk5qZsJ/mqLWKjMittvnNQ/z7IlbFVwMb0 eWGXwBrAmREVzDGlOrQ2LTG/lQIDAQABo4ICtjCCArIwHQYDVR0OBBYEFD5lzHjm 3cW6u/HeslzeEbgUkt/dMB8GA1UdIwQYMBaAFDFVE+VKsMmbi8qEBC44NYtg2xss MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0MDZBQS84RjVCQjRGODg2 QzExMUVCQkFCMzE4NEJDNEY5QUUwMi9NVlVUNVVxd3ladUx5b1FFTGpnMWkyRGJH eXcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL01WVVQ1VXF3eVp1THlvUUVMamcxaTJEYkd5dy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NDA2QUEvOEY1QkI0Rjg4NkMxMTFFQkJBQjMxODRCQzRGOUFFMDIvQjM1NzA3NzJB NjlBMTFFRDgzNDcwRTEyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQAYIKwYBBQUHAQcBAf8E MTAvMB4EAgABMBgDBAZ7ZEADBAd8xoADBAXKWSADBAXLWaAwDQQCAAIwBwMFACQB XAAwDQYJKoZIhvcNAQELBQADggEBAE2a3Sj9fG2fF9pl97INTfDGda8YHZ1Zjh/a xEzYnzW+9+RZQG2bnp7qBOSfIbHcj56HQSVoCzoQxaiNmI9yRWftQIfFXT2ntLY3 2DmCE7TnXoaKWw/ey0c9nI2DHpl92+2rKx86JgAP83pehUIam0PJ9pjnjQFsM788 9EwzheGfS7jOLRGcw8lEMst7CCi6Mc9+vWhfjoTmCBaJa+BMFP2SNLJAGdJBrJqo FBiDsULyO1QUhVFMuwgySV/y3+CYhsI6PHuNanBua/bv4AlXfzUAz6DED1oPP7Me Ql8e3h0vwQ3BeqGQvIgga/4Ft1UUZEsy6F84rhlugpoPkkesni0= -----END CERTIFICATE-----Generated at Sun Feb 16 20:25:55 2025 by rpki-client