$ rpki-client -vvf rpki.apnic.net/member_repository/A914EAE4/6753B8AE257511E7AC0D172AC4F9AE02/4F2C2040066011EEA5F59657C4F9AE02.roa File: 4F2C2040066011EEA5F59657C4F9AE02.roa (raw, json) Hash identifier: CiYWSKcGom7LDClQYRKkAwo2j6PBwUWB/ELGNUhzwWA= Subject key identifier: 1A:27:65:C0:7E:F4:8A:A5:A2:86:91:75:4F:41:6D:41:71:64:4C:BA Certificate issuer: /CN=A914EAE4/serialNumber=AD56B67187A98BA314084405797BD9656E8AC8BA Certificate serial: 1D32 Authority key identifier: AD:56:B6:71:87:A9:8B:A3:14:08:44:05:79:7B:D9:65:6E:8A:C8:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rVa2cYepi6MUCEQFeXvZZW6KyLo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A914EAE4/6753B8AE257511E7AC0D172AC4F9AE02/4F2C2040066011EEA5F59657C4F9AE02.roa Signing time: Tue 02 Jan 2024 16:54:34 +0000 ROA not before: Tue 02 Jan 2024 16:54:34 +0000 ROA not after: Sun 01 Dec 2024 00:00:00 +0000 asID: 4812 IP address blocks: 116.232.0.0/16 maxlen: 24 124.74.0.0/16 maxlen: 24 124.75.0.0/16 maxlen: 16 124.76.0.0/15 maxlen: 24 124.78.0.0/15 maxlen: 24 202.96.194.0/24 maxlen: 24 202.101.0.0/19 maxlen: 24 202.101.32.0/19 maxlen: 19 202.109.0.0/18 maxlen: 18 202.109.64.0/18 maxlen: 24 218.1.0.0/16 maxlen: 24 218.30.132.0/24 maxlen: 24 222.68.240.0/20 maxlen: 20 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A914EAE4/6753B8AE257511E7AC0D172AC4F9AE02/rVa2cYepi6MUCEQFeXvZZW6KyLo.crl rsync://rpki.apnic.net/member_repository/A914EAE4/6753B8AE257511E7AC0D172AC4F9AE02/rVa2cYepi6MUCEQFeXvZZW6KyLo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rVa2cYepi6MUCEQFeXvZZW6KyLo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 25 May 2024 14:50:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7474 (0x1d32) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A914EAE4/serialNumber=AD56B67187A98BA314084405797BD9656E8AC8BA Validity Not Before: Jan 2 16:54:34 2024 GMT Not After : Dec 1 00:00:00 2024 GMT Subject: CN=65943fca-75cf Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:27:5f:bd:a6:bd:68:5e:a4:64:7f:d3:5b:df: 2c:af:d9:ca:92:b4:f5:2b:57:71:2b:0f:e0:5b:a4: 9a:f7:b9:ce:4b:61:1d:f6:1e:98:88:be:53:a2:ee: 00:1f:3a:54:a4:04:ef:8f:84:aa:f5:24:66:89:3b: fb:50:2e:49:af:07:28:4e:0c:0c:76:c8:7c:a6:13: 4f:d0:5c:1f:58:54:5d:7b:f1:48:df:b5:64:9a:4b: 8f:41:8a:10:57:aa:7a:27:87:1a:15:91:0d:0c:20: ef:29:d1:66:23:8a:66:d6:08:a2:1a:fc:60:7a:02: d1:49:5e:de:f0:76:8e:d7:9e:c3:6d:72:6b:68:07: c7:19:da:48:e2:d9:bc:f9:fa:67:bd:4b:58:ee:e9: 9d:27:25:0f:3b:29:69:3c:db:c0:49:a0:1b:f9:ba: c6:62:95:76:42:ea:53:0d:ab:ca:86:c5:d9:2f:fe: 5c:1b:ca:2a:56:c5:5a:f9:e3:56:b8:6b:7d:3a:04: 14:82:07:0c:ef:3b:89:d7:02:3f:96:19:50:a3:62: 4b:3e:63:6e:c7:2f:97:4e:8e:90:60:a1:50:f0:83: d8:8c:55:4a:55:f1:59:91:93:f8:1f:7d:65:36:b6: 77:e4:c9:72:12:ed:71:bd:72:7e:83:dc:0d:98:6e: 2f:ef Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1A:27:65:C0:7E:F4:8A:A5:A2:86:91:75:4F:41:6D:41:71:64:4C:BA X509v3 Authority Key Identifier: keyid:AD:56:B6:71:87:A9:8B:A3:14:08:44:05:79:7B:D9:65:6E:8A:C8:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A914EAE4/6753B8AE257511E7AC0D172AC4F9AE02/rVa2cYepi6MUCEQFeXvZZW6KyLo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rVa2cYepi6MUCEQFeXvZZW6KyLo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914EAE4/6753B8AE257511E7AC0D172AC4F9AE02/4F2C2040066011EEA5F59657C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 116.232.0.0/16 124.74.0.0-124.79.255.255 202.96.194.0/24 202.101.0.0/18 202.109.0.0/17 218.1.0.0/16 218.30.132.0/24 222.68.240.0/20 Signature Algorithm: sha256WithRSAEncryption 00:0e:0f:f3:1d:68:60:c0:96:bf:74:f2:a4:01:16:64:9b:99: 8e:bc:2e:37:92:a3:3c:4c:4d:da:ba:99:51:a8:0d:bd:14:1c: b3:ad:d4:76:88:da:81:25:86:5d:d8:4c:c4:3f:e2:5c:8d:e5: 92:bf:00:de:01:4b:c5:3b:22:35:26:a7:5b:48:11:84:77:d4: c1:a5:5f:94:2f:ae:a5:be:57:b8:7b:b1:72:e8:ba:b1:81:a7: 54:6f:d5:cc:ae:7a:04:37:e3:cc:98:61:22:4a:2b:d6:b3:73: bd:c6:22:fa:80:5c:de:81:48:c9:7b:b7:98:cb:27:82:39:52: 5e:a3:36:9d:ac:27:47:2d:f7:2d:0a:99:dd:c4:60:b8:16:e6: 9e:64:fa:0f:43:72:7b:92:b6:3f:40:7e:9e:62:a3:44:a7:43: c1:ae:5b:98:9e:9a:0b:24:b1:24:a5:03:59:4e:39:2a:2a:93: a7:ad:6f:37:6c:a7:6c:00:7c:41:df:4a:5b:11:97:ae:04:9f: 82:d3:13:a1:0a:5e:a5:a3:6f:14:31:98:c0:65:57:3f:4f:b7: e5:e5:61:22:5f:55:56:4b:76:bc:cc:4f:33:3e:45:5d:aa:9f: fe:0c:ae:ca:dc:a6:87:91:0b:3a:4a:42:99:6b:ba:7e:b8:91: 3a:2a:e8:dd -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgICHTIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NEVBRTQxMTAvBgNVBAUTKEFENTZCNjcxODdBOThCQTMxNDA4NDQwNTc5N0JEOTY1 NkU4QUM4QkEwHhcNMjQwMTAyMTY1NDM0WhcNMjQxMjAxMDAwMDAwWjAYMRYwFAYD VQQDEw02NTk0M2ZjYS03NWNmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAyCdfvaa9aF6kZH/TW98sr9nKkrT1K1dxKw/gW6Sa97nOS2Ed9h6YiL5Tou4A HzpUpATvj4Sq9SRmiTv7UC5JrwcoTgwMdsh8phNP0FwfWFRde/FI37VkmkuPQYoQ V6p6J4caFZENDCDvKdFmI4pm1giiGvxgegLRSV7e8HaO157DbXJraAfHGdpI4tm8 +fpnvUtY7umdJyUPOylpPNvASaAb+brGYpV2QupTDavKhsXZL/5cG8oqVsVa+eNW uGt9OgQUggcM7zuJ1wI/lhlQo2JLPmNuxy+XTo6QYKFQ8IPYjFVKVfFZkZP4H31l NrZ35MlyEu1xvXJ+g9wNmG4v7wIDAQABo4ICwzCCAr8wHQYDVR0OBBYEFBonZcB+ 9IqlooaRdU9BbUFxZEy6MB8GA1UdIwQYMBaAFK1WtnGHqYujFAhEBXl72WVuisi6 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0RUFFNC82NzUzQjhBRTI1 NzUxMUU3QUMwRDE3MkFDNEY5QUUwMi9yVmEyY1llcGk2TVVDRVFGZVh2WlpXNkt5 TG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3JWYTJjWWVwaTZNVUNFUUZlWHZaWlc2S3lMby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NEVBRTQvNjc1M0I4QUUyNTc1MTFFN0FDMEQxNzJBQzRGOUFFMDIvNEYyQzIwNDAw NjYwMTFFRUE1RjU5NjU3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwTQYIKwYBBQUHAQcBAf8E PjA8MDoEAgABMDQDAwB06DAKAwMBfEoDAwR8QAMEAMpgwgMEBsplAAMEB8ptAAMD ANoBAwQA2h6EAwQE3kTwMA0GCSqGSIb3DQEBCwUAA4IBAQAADg/zHWhgwJa/dPKk ARZkm5mOvC43kqM8TE3auplRqA29FByzrdR2iNqBJYZd2EzEP+JcjeWSvwDeAUvF OyI1JqdbSBGEd9TBpV+UL66lvle4e7Fy6LqxgadUb9XMrnoEN+PMmGEiSivWs3O9 xiL6gFzegUjJe7eYyyeCOVJeozadrCdHLfctCpndxGC4FuaeZPoPQ3J7krY/QH6e YqNEp0PBrluYnpoLJLEkpQNZTjkqKpOnrW83bKdsAHxB30pbEZeuBJ+C0xOhCl6l o28UMZjAZVc/T7fl5WEiX1VWS3a8zE8zPkVdqp/+DK7K3KaHkQs6SkKZa7p+uJE6 Kujd -----END CERTIFICATE-----Generated at Sat May 18 18:21:36 2024 by rpki-client on console-ams.rpki-client.org