$ rpki-client -vvf rpki.apnic.net/member_repository/A914EAE4/6753B8AE257511E7AC0D172AC4F9AE02/4F2C2040066011EEA5F59657C4F9AE02.roa File: 4F2C2040066011EEA5F59657C4F9AE02.roa (raw, json) Hash identifier: lhjk5dsFqap680wNoXTnx9Dur4BBQliXjVLuUUi2pb4= Subject key identifier: 93:A1:44:78:50:5D:4B:5F:16:DB:D0:65:9A:CB:54:E9:71:2A:F2:1B Certificate issuer: /CN=A914EAE4/serialNumber=AD56B67187A98BA314084405797BD9656E8AC8BA Certificate serial: 1E28 Authority key identifier: AD:56:B6:71:87:A9:8B:A3:14:08:44:05:79:7B:D9:65:6E:8A:C8:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rVa2cYepi6MUCEQFeXvZZW6KyLo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A914EAE4/6753B8AE257511E7AC0D172AC4F9AE02/4F2C2040066011EEA5F59657C4F9AE02.roa Signing time: Fri 20 Sep 2024 16:34:57 +0000 ROA not before: Fri 20 Sep 2024 16:34:57 +0000 ROA not after: Mon 01 Dec 2025 00:00:00 +0000 asID: 4812 IP address blocks: 116.232.0.0/16 maxlen: 24 124.74.0.0/16 maxlen: 24 124.75.0.0/16 maxlen: 16 124.76.0.0/15 maxlen: 24 124.78.0.0/15 maxlen: 24 202.96.194.0/24 maxlen: 24 202.101.0.0/19 maxlen: 24 202.101.32.0/19 maxlen: 19 202.109.0.0/18 maxlen: 18 202.109.64.0/18 maxlen: 24 218.1.0.0/16 maxlen: 24 218.30.132.0/24 maxlen: 24 222.68.240.0/20 maxlen: 20 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A914EAE4/6753B8AE257511E7AC0D172AC4F9AE02/rVa2cYepi6MUCEQFeXvZZW6KyLo.crl rsync://rpki.apnic.net/member_repository/A914EAE4/6753B8AE257511E7AC0D172AC4F9AE02/rVa2cYepi6MUCEQFeXvZZW6KyLo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rVa2cYepi6MUCEQFeXvZZW6KyLo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 19 Mar 2025 16:18:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7720 (0x1e28) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A914EAE4 Validity Not Before: Sep 20 16:34:57 2024 GMT Not After : Dec 1 00:00:00 2025 GMT Subject: CN=66eda431-b8f2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:57:12:ce:9f:36:97:a4:9f:04:eb:3e:4b:15: e5:4c:12:9e:d6:ff:e6:8a:05:a9:b1:eb:56:18:53: cc:c8:85:1c:a6:57:73:ca:d6:c8:b4:5e:49:92:a3: f7:6a:d4:31:c6:35:09:6c:68:4b:2d:aa:ee:8c:e4: 1e:39:bb:64:d6:a0:5a:50:29:b4:9d:44:9e:df:e6: eb:e0:01:6c:ab:e8:87:c2:83:25:45:e8:05:4b:81: 73:95:d6:3a:52:87:8e:11:f2:8c:6e:98:80:c2:97: 16:2c:03:0c:f4:9c:68:de:37:c8:83:82:e8:7b:49: da:be:e9:82:e5:d7:7e:a5:f1:67:84:69:c3:7a:34: 37:d5:28:cf:c3:cc:4e:80:cb:2a:e7:57:1a:3e:c6: 6f:a5:2d:f5:69:8a:c0:2b:41:8f:15:f2:9e:5e:cd: ca:4c:66:b1:2d:f8:26:31:f8:44:3a:e0:eb:3c:f7: c2:a5:c1:a3:21:72:67:ed:1a:45:da:8b:9e:73:ea: 28:9b:ed:78:83:0b:cb:9b:10:60:33:5f:4f:48:8f: b0:c9:20:70:bd:e2:3a:d3:68:57:0e:5e:b6:5c:58: fe:0f:93:27:74:ad:aa:94:bc:da:f7:14:a6:86:59: ea:a7:fb:1e:87:e4:03:db:d8:bf:a5:91:0a:6b:06: ee:1d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 93:A1:44:78:50:5D:4B:5F:16:DB:D0:65:9A:CB:54:E9:71:2A:F2:1B X509v3 Authority Key Identifier: keyid:AD:56:B6:71:87:A9:8B:A3:14:08:44:05:79:7B:D9:65:6E:8A:C8:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A914EAE4/6753B8AE257511E7AC0D172AC4F9AE02/rVa2cYepi6MUCEQFeXvZZW6KyLo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rVa2cYepi6MUCEQFeXvZZW6KyLo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914EAE4/6753B8AE257511E7AC0D172AC4F9AE02/4F2C2040066011EEA5F59657C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 116.232.0.0/16 124.74.0.0-124.79.255.255 202.96.194.0/24 202.101.0.0/18 202.109.0.0/17 218.1.0.0/16 218.30.132.0/24 222.68.240.0/20 Signature Algorithm: sha256WithRSAEncryption 5b:b6:bf:e4:c6:5d:2d:b5:6a:77:1c:74:94:53:2f:c0:64:75: 6f:69:ad:d0:fc:d0:ef:57:1b:88:a2:68:a4:98:14:54:9d:6f: 4a:d1:3e:dd:dd:36:b4:b1:eb:f1:1e:cb:2b:97:a6:8f:cf:83: f5:c6:0b:29:e7:83:23:3d:10:03:0e:cd:bf:99:65:13:68:21: f5:a2:af:2d:5b:af:08:9f:c9:9e:7b:ff:cb:94:c2:99:01:1b: 26:b9:3d:bc:d4:e5:76:27:c8:5f:ba:6e:ff:63:ea:8d:e0:71: a6:b2:0a:12:2f:0e:72:67:d6:e8:47:e1:11:0c:c8:bb:48:8a: 70:7d:84:7b:a8:3d:d8:14:9f:28:0f:ba:67:33:19:75:de:d5: ac:d9:9e:cb:71:94:c5:34:db:c7:e5:11:3d:54:41:e8:1c:0b: 8f:bc:e3:4e:25:d2:0a:7f:c7:59:53:73:36:e3:b8:6f:56:74: ab:d0:ac:f1:10:9d:3d:89:fb:3f:7a:cd:cb:2f:67:bb:fe:28: 97:92:36:fe:39:e2:12:6d:86:18:16:92:1b:9c:97:04:30:db: 6b:30:e9:ab:00:78:b6:23:58:74:89:57:db:f9:84:cf:ec:ef: d0:e9:c8:1f:33:b2:5a:18:29:0d:ce:c6:c4:3d:9c:9a:be:c3: 19:ae:40:02 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgICHigwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NEVBRTQxMTAvBgNVBAUTKEFENTZCNjcxODdBOThCQTMxNDA4NDQwNTc5N0JEOTY1 NkU4QUM4QkEwHhcNMjQwOTIwMTYzNDU3WhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD VQQDEw02NmVkYTQzMS1iOGYyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAulcSzp82l6SfBOs+SxXlTBKe1v/migWpsetWGFPMyIUcpldzytbItF5JkqP3 atQxxjUJbGhLLarujOQeObtk1qBaUCm0nUSe3+br4AFsq+iHwoMlRegFS4FzldY6 UoeOEfKMbpiAwpcWLAMM9Jxo3jfIg4Loe0navumC5dd+pfFnhGnDejQ31SjPw8xO gMsq51caPsZvpS31aYrAK0GPFfKeXs3KTGaxLfgmMfhEOuDrPPfCpcGjIXJn7RpF 2ouec+oom+14gwvLmxBgM19PSI+wySBwveI602hXDl62XFj+D5MndK2qlLza9xSm hlnqp/seh+QD29i/pZEKawbuHQIDAQABo4ICwzCCAr8wHQYDVR0OBBYEFJOhRHhQ XUtfFtvQZZrLVOlxKvIbMB8GA1UdIwQYMBaAFK1WtnGHqYujFAhEBXl72WVuisi6 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0RUFFNC82NzUzQjhBRTI1 NzUxMUU3QUMwRDE3MkFDNEY5QUUwMi9yVmEyY1llcGk2TVVDRVFGZVh2WlpXNkt5 TG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3JWYTJjWWVwaTZNVUNFUUZlWHZaWlc2S3lMby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NEVBRTQvNjc1M0I4QUUyNTc1MTFFN0FDMEQxNzJBQzRGOUFFMDIvNEYyQzIwNDAw NjYwMTFFRUE1RjU5NjU3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwTQYIKwYBBQUHAQcBAf8E PjA8MDoEAgABMDQDAwB06DAKAwMBfEoDAwR8QAMEAMpgwgMEBsplAAMEB8ptAAMD ANoBAwQA2h6EAwQE3kTwMA0GCSqGSIb3DQEBCwUAA4IBAQBbtr/kxl0ttWp3HHSU Uy/AZHVvaa3Q/NDvVxuIomikmBRUnW9K0T7d3Ta0sevxHssrl6aPz4P1xgsp54Mj PRADDs2/mWUTaCH1oq8tW68In8mee//LlMKZARsmuT281OV2J8hfum7/Y+qN4HGm sgoSLw5yZ9boR+ERDMi7SIpwfYR7qD3YFJ8oD7pnMxl13tWs2Z7LcZTFNNvH5RE9 VEHoHAuPvONOJdIKf8dZU3M247hvVnSr0KzxEJ09ifs/es3LL2e7/iiXkjb+OeIS bYYYFpIbnJcEMNtrMOmrAHi2I1h0iVfb+YTP7O/Q6cgfM7JaGCkNzsbEPZyavsMZ rkAC -----END CERTIFICATE-----Generated at Thu Mar 13 21:52:29 2025 by rpki-client