$ rpki-client -vvf rpki.apnic.net/member_repository/A9148C7B/675208AE1D9311E2BCBDE5F608B02CD2/A8F46E3ACE3C11EE9418F274C4F9AE02.roa File: A8F46E3ACE3C11EE9418F274C4F9AE02.roa (raw, json) Hash identifier: k25puRX4BdWVRPYjE6qhQYjwuDv+2e85ycXNsRtKBV4= Subject key identifier: 4D:1A:23:79:87:83:18:3B:76:BE:51:21:CA:45:14:F9:8F:0F:8C:39 Certificate issuer: /CN=A9148C7B/serialNumber=17577F1E92EB33B2CDE6E489C0B9A99A2E02FDA3 Certificate serial: 340E Authority key identifier: 17:57:7F:1E:92:EB:33:B2:CD:E6:E4:89:C0:B9:A9:9A:2E:02:FD:A3 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/F1d_HpLrM7LN5uSJwLmpmi4C_aM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9148C7B/675208AE1D9311E2BCBDE5F608B02CD2/A8F46E3ACE3C11EE9418F274C4F9AE02.roa Signing time: Sun 18 Feb 2024 09:04:02 +0000 ROA not before: Sun 18 Feb 2024 09:04:02 +0000 ROA not after: Mon 30 Dec 2024 00:00:00 +0000 asID: 133066 IP address blocks: 61.5.192.0/24 maxlen: 24 119.59.81.0/24 maxlen: 24 119.59.83.0/24 maxlen: 24 119.59.84.0/24 maxlen: 24 119.59.85.0/24 maxlen: 24 121.100.51.0/24 maxlen: 24 121.100.52.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9148C7B/675208AE1D9311E2BCBDE5F608B02CD2/F1d_HpLrM7LN5uSJwLmpmi4C_aM.crl rsync://rpki.apnic.net/member_repository/A9148C7B/675208AE1D9311E2BCBDE5F608B02CD2/F1d_HpLrM7LN5uSJwLmpmi4C_aM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/F1d_HpLrM7LN5uSJwLmpmi4C_aM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 23 May 2024 14:52:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13326 (0x340e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9148C7B/serialNumber=17577F1E92EB33B2CDE6E489C0B9A99A2E02FDA3 Validity Not Before: Feb 18 09:04:02 2024 GMT Not After : Dec 30 00:00:00 2024 GMT Subject: CN=65d1c802-9ea6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e1:43:5f:2b:1b:43:2f:5d:e8:08:fa:cf:54:32: 06:13:9e:b1:4b:a2:bd:ff:29:90:d9:78:bf:70:ea: fa:f7:68:41:fb:e3:de:df:e9:14:87:84:db:7e:d3: 9c:a0:9c:7f:c0:0d:cc:34:91:6d:ef:2b:16:ad:1e: 9b:20:57:72:ad:ca:f9:aa:d8:08:41:fc:5b:0b:45: 11:71:b1:56:e3:0e:2b:03:0f:9e:97:b6:c4:1f:7b: b1:a3:ee:86:1a:aa:53:7f:72:3c:4d:d6:08:79:f2: 5c:31:69:70:81:1c:dd:a4:26:a7:ac:88:83:83:88: 10:04:d7:a2:2d:ec:91:38:55:56:33:2f:ab:cc:e9: 7b:f7:94:1e:1a:9c:9d:79:93:9f:db:ba:11:4d:5d: 9c:c6:f0:7f:bf:83:51:04:87:d7:01:a9:b7:38:28: c2:68:18:13:1d:d2:ad:26:92:32:51:20:52:eb:26: 67:67:a7:b1:00:47:5e:1e:50:0d:e1:7b:ef:e9:82: ea:3d:73:cd:d4:d4:eb:78:7d:8a:b8:9d:cf:fd:a6: 75:6b:be:b4:6b:da:14:b0:15:b8:f3:06:0d:a7:b4: d5:10:2b:86:30:61:d0:01:2e:b3:cb:f1:dd:80:98: 09:0c:de:d9:5b:3e:19:da:df:68:02:40:30:41:2c: ca:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4D:1A:23:79:87:83:18:3B:76:BE:51:21:CA:45:14:F9:8F:0F:8C:39 X509v3 Authority Key Identifier: keyid:17:57:7F:1E:92:EB:33:B2:CD:E6:E4:89:C0:B9:A9:9A:2E:02:FD:A3 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9148C7B/675208AE1D9311E2BCBDE5F608B02CD2/F1d_HpLrM7LN5uSJwLmpmi4C_aM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/F1d_HpLrM7LN5uSJwLmpmi4C_aM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9148C7B/675208AE1D9311E2BCBDE5F608B02CD2/A8F46E3ACE3C11EE9418F274C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 61.5.192.0/24 119.59.81.0/24 119.59.83.0-119.59.85.255 121.100.51.0-121.100.52.255 Signature Algorithm: sha256WithRSAEncryption 11:65:4d:ab:ac:26:84:29:ee:12:1f:f6:5e:83:4b:1b:9a:31: 4f:f1:a8:14:ad:95:84:52:3b:0f:b3:5c:5b:98:65:a4:90:5f: b4:5f:c1:2e:03:9a:82:e9:31:5d:0c:0f:be:c0:f3:9f:83:1b: 4f:ba:65:96:02:60:43:48:7f:76:f4:00:5a:27:4e:a7:c7:ea: be:56:e2:08:59:a0:cb:9c:51:f9:a4:d0:92:05:a4:19:c2:f6: 32:f5:fd:de:79:88:93:82:6f:ec:84:ab:da:86:41:87:40:46: e5:93:ae:9d:dd:d0:62:e2:50:f3:8f:85:d8:96:02:21:a3:7e: 9a:c9:ab:6d:13:d8:4c:31:a5:5d:98:ed:d2:78:01:40:5f:13: 33:9f:78:39:2e:77:51:b2:fb:4f:50:34:8b:1d:d4:f0:3d:87: dd:5b:39:5b:0d:ac:7b:df:c1:23:42:2a:9e:cc:61:bc:ac:6e: 27:8d:83:08:14:40:d7:9d:7a:51:d6:d4:d5:e9:58:e0:90:93: f2:f7:0b:89:0e:c4:3e:1d:72:1d:f1:dc:92:d5:b8:3f:56:55: f8:80:82:62:9e:76:7d:11:e6:69:21:09:59:04:e5:95:3c:84: 8d:b3:f8:42:54:31:52:26:a7:1f:13:8e:bf:1d:fd:88:a8:2f: e7:11:7a:9c -----BEGIN CERTIFICATE----- MIIFkzCCBHugAwIBAgICNA4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDhDN0IxMTAvBgNVBAUTKDE3NTc3RjFFOTJFQjMzQjJDREU2RTQ4OUMwQjlBOTlB MkUwMkZEQTMwHhcNMjQwMjE4MDkwNDAyWhcNMjQxMjMwMDAwMDAwWjAYMRYwFAYD VQQDEw02NWQxYzgwMi05ZWE2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA4UNfKxtDL13oCPrPVDIGE56xS6K9/ymQ2Xi/cOr692hB++Pe3+kUh4TbftOc oJx/wA3MNJFt7ysWrR6bIFdyrcr5qtgIQfxbC0URcbFW4w4rAw+el7bEH3uxo+6G GqpTf3I8TdYIefJcMWlwgRzdpCanrIiDg4gQBNeiLeyROFVWMy+rzOl795QeGpyd eZOf27oRTV2cxvB/v4NRBIfXAam3OCjCaBgTHdKtJpIyUSBS6yZnZ6exAEdeHlAN 4Xvv6YLqPXPN1NTreH2KuJ3P/aZ1a760a9oUsBW48wYNp7TVECuGMGHQAS6zy/Hd gJgJDN7ZWz4Z2t9oAkAwQSzKKwIDAQABo4ICtzCCArMwHQYDVR0OBBYEFE0aI3mH gxg7dr5RIcpFFPmPD4w5MB8GA1UdIwQYMBaAFBdXfx6S6zOyzebkicC5qZouAv2j MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0OEM3Qi82NzUyMDhBRTFE OTMxMUUyQkNCREU1RjYwOEIwMkNEMi9GMWRfSHBMck03TE41dVNKd0xtcG1pNENf YU0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0YxZF9IcExyTTdMTjV1U0p3TG1wbWk0Q19hTS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NDhDN0IvNjc1MjA4QUUxRDkzMTFFMkJDQkRFNUY2MDhCMDJDRDIvQThGNDZFM0FD RTNDMTFFRTk0MThGMjc0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQQYIKwYBBQUHAQcBAf8E MjAwMC4EAgABMCgDBAA9BcADBAB3O1EwDAMEAHc7UwMEAXc7VDAMAwQAeWQzAwQA eWQ0MA0GCSqGSIb3DQEBCwUAA4IBAQARZU2rrCaEKe4SH/Zeg0sbmjFP8agUrZWE UjsPs1xbmGWkkF+0X8EuA5qC6TFdDA++wPOfgxtPumWWAmBDSH929ABaJ06nx+q+ VuIIWaDLnFH5pNCSBaQZwvYy9f3eeYiTgm/shKvahkGHQEblk66d3dBi4lDzj4XY lgIho36ayattE9hMMaVdmO3SeAFAXxMzn3g5LndRsvtPUDSLHdTwPYfdWzlbDax7 38EjQiqezGG8rG4njYMIFEDXnXpR1tTV6VjgkJPy9wuJDsQ+HXId8dyS1bg/VlX4 gIJinnZ9EeZpIQlZBOWVPISNs/hCVDFSJqcfE46/Hf2IqC/nEXqc -----END CERTIFICATE-----Generated at Thu May 16 17:51:19 2024 by rpki-client on console-ams.rpki-client.org