$ rpki-client -vvf rpki.apnic.net/member_repository/A91477C3/5DA48C20E76E11EA8142A839C4F9AE02/5FB89FD4DA8511EEBD7AF854C4F9AE02.roa File: 5FB89FD4DA8511EEBD7AF854C4F9AE02.roa (raw, json) Hash identifier: 7JHMwVjCROL2NO+MkxXgRxb2ZHCCwLSy/kLqZ1Og33E= Subject key identifier: 5A:14:08:2A:A7:0F:C1:D2:44:7F:CF:E5:9D:0C:DE:48:1C:6D:53:70 Certificate issuer: /CN=A91477C3/serialNumber=B20E9FE64AF3CE8C982725D012A142927263CEF0 Certificate serial: 078F Authority key identifier: B2:0E:9F:E6:4A:F3:CE:8C:98:27:25:D0:12:A1:42:92:72:63:CE:F0 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sg6f5krzzoyYJyXQEqFCknJjzvA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91477C3/5DA48C20E76E11EA8142A839C4F9AE02/5FB89FD4DA8511EEBD7AF854C4F9AE02.roa Signing time: Wed 02 Oct 2024 21:29:59 +0000 ROA not before: Wed 02 Oct 2024 21:29:59 +0000 ROA not after: Mon 01 Dec 2025 00:00:00 +0000 asID: 45270 IP address blocks: 43.252.0.0/22 maxlen: 22 101.234.192.0/24 maxlen: 24 101.234.193.0/24 maxlen: 24 101.234.194.0/24 maxlen: 24 101.234.195.0/24 maxlen: 24 101.234.196.0/24 maxlen: 24 101.234.200.0/24 maxlen: 24 101.234.201.0/24 maxlen: 24 103.233.16.0/22 maxlen: 22 223.25.228.0/23 maxlen: 23 223.25.231.0/24 maxlen: 24 2407:ab00::/48 maxlen: 48 2407:ab00:2::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91477C3/5DA48C20E76E11EA8142A839C4F9AE02/sg6f5krzzoyYJyXQEqFCknJjzvA.crl rsync://rpki.apnic.net/member_repository/A91477C3/5DA48C20E76E11EA8142A839C4F9AE02/sg6f5krzzoyYJyXQEqFCknJjzvA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sg6f5krzzoyYJyXQEqFCknJjzvA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Nov 2024 20:43:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1935 (0x78f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91477C3/serialNumber=B20E9FE64AF3CE8C982725D012A142927263CEF0 Validity Not Before: Oct 2 21:29:59 2024 GMT Not After : Dec 1 00:00:00 2025 GMT Subject: CN=66fdbb57-3d0c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:7c:c9:8f:6d:42:eb:99:18:56:04:e5:b7:6a: ee:09:b4:2a:6d:95:17:ac:b9:16:96:77:86:1d:41: 7e:c2:ee:33:eb:6e:22:d8:7e:a3:e4:3f:bb:21:df: 42:25:ff:d7:77:77:02:0c:1f:64:38:a8:31:33:b9: de:9a:28:af:c6:43:a2:95:8c:84:d6:01:b9:19:f4: 13:c6:7b:e1:1d:6b:f9:7f:74:e1:a6:38:66:af:30: c0:28:00:4f:45:1b:52:98:22:c3:da:8a:83:f3:05: 3a:1d:1d:7a:ba:79:5b:33:c5:49:3c:23:3b:87:04: 37:86:1e:7c:05:54:50:33:c0:81:aa:71:47:ff:6e: 65:1f:aa:53:24:25:8d:13:f4:13:81:88:4c:80:81: 15:25:df:42:a7:d2:c9:12:e4:41:55:eb:74:4a:82: 44:f9:e2:5a:85:1c:ec:d3:ae:8f:58:2e:67:3b:c6: d9:16:1b:84:11:a6:c8:60:04:69:30:11:bc:86:da: be:03:b0:9b:5b:6c:fe:9b:7d:a7:31:7d:43:77:d1: 39:88:f5:25:0c:03:1a:e4:98:77:e0:74:24:e9:f5: 3e:c5:36:2b:f9:79:cc:f4:46:ce:c0:75:a5:4d:c9: 56:ea:ff:22:f0:87:ec:6e:ce:eb:e4:e4:6b:11:04: 16:e5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5A:14:08:2A:A7:0F:C1:D2:44:7F:CF:E5:9D:0C:DE:48:1C:6D:53:70 X509v3 Authority Key Identifier: keyid:B2:0E:9F:E6:4A:F3:CE:8C:98:27:25:D0:12:A1:42:92:72:63:CE:F0 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91477C3/5DA48C20E76E11EA8142A839C4F9AE02/sg6f5krzzoyYJyXQEqFCknJjzvA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sg6f5krzzoyYJyXQEqFCknJjzvA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91477C3/5DA48C20E76E11EA8142A839C4F9AE02/5FB89FD4DA8511EEBD7AF854C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.252.0.0/22 101.234.192.0-101.234.196.255 101.234.200.0/23 103.233.16.0/22 223.25.228.0/23 223.25.231.0/24 IPv6: 2407:ab00::/48 2407:ab00:2::/48 Signature Algorithm: sha256WithRSAEncryption 03:da:57:35:aa:ad:cb:bc:78:75:12:c6:c3:38:bf:07:1f:6e: 57:f8:92:a5:6e:77:97:bb:05:06:3d:4d:de:b9:77:dd:ce:e4: 0f:cb:d0:59:4d:1f:cc:61:d0:5f:15:b3:fb:be:d1:e9:f7:26: 80:34:f3:0c:56:78:32:24:38:3a:90:2b:04:f7:b1:7c:3c:71: 39:4a:be:61:3f:15:c0:bc:59:09:d4:b7:6c:98:d8:3e:09:08: 04:d9:b6:f9:0f:2d:d9:6d:35:15:b2:fb:1f:cf:37:ad:86:47: 7d:4f:15:88:ab:9b:98:69:da:42:8e:44:34:a8:38:fe:6b:58: 2b:0d:f3:06:79:67:7c:5a:aa:36:95:c1:d7:6d:13:48:c8:d7: 13:de:12:34:62:00:91:d0:0f:2e:a4:db:d5:b8:29:0c:e7:a2: 14:78:74:dd:78:c1:e4:0b:82:56:be:4e:69:41:26:34:92:da: bf:47:fc:c0:cd:40:f7:ce:b1:8c:05:98:3a:2e:69:a6:72:ce: cd:8e:bd:6d:45:50:6a:3a:c5:18:fb:db:29:96:15:14:46:74: 9a:f0:9a:8f:30:07:86:5e:8a:04:1b:36:9a:50:ae:da:2f:ee: f6:52:4d:14:85:cd:9a:37:0c:97:18:b6:a2:b0:71:03:04:0d: d9:cb:ea:98 -----BEGIN CERTIFICATE----- MIIFsTCCBJmgAwIBAgICB48wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDc3QzMxMTAvBgNVBAUTKEIyMEU5RkU2NEFGM0NFOEM5ODI3MjVEMDEyQTE0Mjky NzI2M0NFRjAwHhcNMjQxMDAyMjEyOTU5WhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD VQQDEw02NmZkYmI1Ny0zZDBjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA1XzJj21C65kYVgTlt2ruCbQqbZUXrLkWlneGHUF+wu4z624i2H6j5D+7Id9C Jf/Xd3cCDB9kOKgxM7nemiivxkOilYyE1gG5GfQTxnvhHWv5f3ThpjhmrzDAKABP RRtSmCLD2oqD8wU6HR16unlbM8VJPCM7hwQ3hh58BVRQM8CBqnFH/25lH6pTJCWN E/QTgYhMgIEVJd9Cp9LJEuRBVet0SoJE+eJahRzs066PWC5nO8bZFhuEEabIYARp MBG8htq+A7CbW2z+m32nMX1Dd9E5iPUlDAMa5Jh34HQk6fU+xTYr+XnM9EbOwHWl TclW6v8i8Ifsbs7r5ORrEQQW5QIDAQABo4IC1TCCAtEwHQYDVR0OBBYEFFoUCCqn D8HSRH/P5Z0M3kgcbVNwMB8GA1UdIwQYMBaAFLIOn+ZK886MmCcl0BKhQpJyY87w MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0NzdDMy81REE0OEMyMEU3 NkUxMUVBODE0MkE4MzlDNEY5QUUwMi9zZzZmNWtyenpveVlKeVhRRXFGQ2tuSmp6 dkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3NnNmY1a3J6em95WUp5WFFFcUZDa25Kanp2QS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NDc3QzMvNURBNDhDMjBFNzZFMTFFQTgxNDJBODM5QzRGOUFFMDIvNUZCODlGRDRE QTg1MTFFRUJEN0FGODU0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwXwYIKwYBBQUHAQcBAf8E UDBOMDIEAgABMCwDBAIr/AAwDAMEBmXqwAMEAGXqxAMEAWXqyAMEAmfpEAMEAd8Z 5AMEAN8Z5zAYBAIAAjASAwcAJAerAAAAAwcAJAerAAACMA0GCSqGSIb3DQEBCwUA A4IBAQAD2lc1qq3LvHh1EsbDOL8HH25X+JKlbneXuwUGPU3euXfdzuQPy9BZTR/M YdBfFbP7vtHp9yaANPMMVngyJDg6kCsE97F8PHE5Sr5hPxXAvFkJ1LdsmNg+CQgE 2bb5Dy3ZbTUVsvsfzzethkd9TxWIq5uYadpCjkQ0qDj+a1grDfMGeWd8Wqo2lcHX bRNIyNcT3hI0YgCR0A8upNvVuCkM56IUeHTdeMHkC4JWvk5pQSY0ktq/R/zAzUD3 zrGMBZg6Lmmmcs7Njr1tRVBqOsUY+9splhUURnSa8JqPMAeGXooEGzaaUK7aL+72 Uk0Uhc2aNwyXGLaisHEDBA3Zy+qY -----END CERTIFICATE-----Generated at Fri Nov 22 22:24:07 2024 by rpki-client on console-fra.rpki-client.org