$ rpki-client -vvf rpki.apnic.net/member_repository/A915CCEA/406EF178A0C311EA8764236FC4F9AE02/70FED13CCEF611ED9DDE0A39C4F9AE02.roa File: 70FED13CCEF611ED9DDE0A39C4F9AE02.roa (raw, json) Hash identifier: 9BlYu2PTk5dV4bHJ7RwjBjbWZFG8OxFIELZVhhxp048= Subject key identifier: F2:3D:E6:65:5B:EB:E7:8D:AD:60:D0:AF:8A:97:6E:9C:7A:A7:CF:60 Certificate issuer: /CN=A915CCEA/serialNumber=862B73B9CE3504B0BA241D14FDAC0EC4B4E4ADC2 Certificate serial: 08BB Authority key identifier: 86:2B:73:B9:CE:35:04:B0:BA:24:1D:14:FD:AC:0E:C4:B4:E4:AD:C2 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hitzuc41BLC6JB0U_awOxLTkrcI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A915CCEA/406EF178A0C311EA8764236FC4F9AE02/70FED13CCEF611ED9DDE0A39C4F9AE02.roa Signing time: Mon 02 Sep 2024 21:29:22 +0000 ROA not before: Mon 02 Sep 2024 21:29:22 +0000 ROA not after: Mon 01 Dec 2025 00:00:00 +0000 asID: 3300 IP address blocks: 61.14.0.0/18 maxlen: 24 203.187.128.0/19 maxlen: 24 2402:fb00::/32 maxlen: 32 2402:fb00::/34 maxlen: 40 2402:fb00:4000::/34 maxlen: 40 2402:fb00:8000::/34 maxlen: 40 2402:fb00:c000::/34 maxlen: 40 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A915CCEA/406EF178A0C311EA8764236FC4F9AE02/hitzuc41BLC6JB0U_awOxLTkrcI.crl rsync://rpki.apnic.net/member_repository/A915CCEA/406EF178A0C311EA8764236FC4F9AE02/hitzuc41BLC6JB0U_awOxLTkrcI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hitzuc41BLC6JB0U_awOxLTkrcI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 21 Feb 2025 05:15:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2235 (0x8bb) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A915CCEA Validity Not Before: Sep 2 21:29:22 2024 GMT Not After : Dec 1 00:00:00 2025 GMT Subject: CN=66d62e31-b811 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:db:3e:b7:73:25:92:b6:4b:e5:f3:9c:7a:75:92: b5:ee:4e:39:9c:04:9c:68:25:2f:aa:d3:8b:10:6b: 75:fd:d3:a2:b9:58:e8:04:0a:b2:4b:a0:69:cb:89: d2:99:77:1f:4d:08:25:02:22:85:b8:6b:07:97:93: 1d:f3:3d:95:2d:c3:54:bd:36:bc:74:1c:9d:d4:b4: 97:ac:ad:c0:59:ed:fb:81:4d:39:ca:ed:bb:cd:49: 1b:25:b6:86:4c:bb:bf:e7:9a:02:a9:24:26:1b:da: 6b:8b:2b:ee:bc:1f:dc:53:97:2d:9f:b4:51:b0:97: 5e:05:96:cc:ff:23:98:ec:9a:05:0b:54:94:e8:b0: 62:aa:33:82:0a:d1:7d:f7:02:92:56:3b:ff:f1:68: d5:66:7e:63:c7:c6:e9:95:db:71:62:48:7e:af:f9: 97:95:dc:2f:a1:5e:f0:57:40:b3:4c:95:10:3b:0b: 6a:dc:b9:af:f5:a2:6d:7c:58:db:4b:49:3d:53:ac: b1:d0:70:6b:b5:ac:22:a2:33:d2:27:42:ac:5d:d1: e4:d3:5b:d7:b7:7c:3f:ed:02:ce:78:93:09:9f:c3: 82:2c:6a:66:0b:a0:e1:a4:17:b3:10:39:8a:d7:e4: cf:52:fd:c6:d2:4a:90:84:86:0b:22:49:bf:3e:60: a5:67 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F2:3D:E6:65:5B:EB:E7:8D:AD:60:D0:AF:8A:97:6E:9C:7A:A7:CF:60 X509v3 Authority Key Identifier: keyid:86:2B:73:B9:CE:35:04:B0:BA:24:1D:14:FD:AC:0E:C4:B4:E4:AD:C2 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A915CCEA/406EF178A0C311EA8764236FC4F9AE02/hitzuc41BLC6JB0U_awOxLTkrcI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hitzuc41BLC6JB0U_awOxLTkrcI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915CCEA/406EF178A0C311EA8764236FC4F9AE02/70FED13CCEF611ED9DDE0A39C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 61.14.0.0/18 203.187.128.0/19 IPv6: 2402:fb00::/32 Signature Algorithm: sha256WithRSAEncryption ab:5a:23:5a:0e:0f:cc:a0:85:aa:87:50:30:64:1d:cc:e1:5e: b5:7a:96:e4:54:1e:94:f8:c9:42:e7:d7:ae:41:e2:d4:22:17: dd:e4:99:6b:78:e7:f8:85:a8:97:3f:98:0a:6a:13:99:b1:5f: 59:51:44:0e:47:1c:0b:c7:de:91:3d:c7:f8:12:46:df:d6:a3: b8:7c:91:0c:0a:f0:2b:8a:b0:e7:80:05:7b:a2:be:21:62:8d: 1c:25:de:d3:e7:ea:1c:a5:81:41:a6:20:ea:64:64:16:83:00: 81:79:29:2a:f5:83:ae:90:19:c4:7b:4d:1a:d2:56:03:3c:5b: 8a:e1:73:4c:ad:11:d7:63:d8:7b:07:49:a8:10:82:40:fa:42: f9:00:27:2c:20:a0:7c:c8:4f:37:72:f8:d8:2e:20:fa:4e:ca: 3a:14:27:55:75:69:4b:85:71:b9:3b:6d:d1:c0:d2:8f:52:88: 41:ed:83:19:48:fd:d8:33:c0:be:a1:bf:b7:34:3a:51:d3:c1: c8:22:6a:c4:15:f8:57:ea:0c:e1:f4:33:ec:98:8e:42:ad:42: d5:59:d5:48:d4:72:bb:e0:6f:eb:51:b3:99:ba:b7:fd:7b:d2: 20:75:70:1a:fe:e3:ba:21:05:be:11:12:dd:99:6b:7d:85:fd: 06:65:d9:2e -----BEGIN CERTIFICATE----- MIIFhjCCBG6gAwIBAgICCLswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NUNDRUExMTAvBgNVBAUTKDg2MkI3M0I5Q0UzNTA0QjBCQTI0MUQxNEZEQUMwRUM0 QjRFNEFEQzIwHhcNMjQwOTAyMjEyOTIyWhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD VQQDEw02NmQ2MmUzMS1iODExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA2z63cyWStkvl85x6dZK17k45nAScaCUvqtOLEGt1/dOiuVjoBAqyS6Bpy4nS mXcfTQglAiKFuGsHl5Md8z2VLcNUvTa8dByd1LSXrK3AWe37gU05yu27zUkbJbaG TLu/55oCqSQmG9priyvuvB/cU5ctn7RRsJdeBZbM/yOY7JoFC1SU6LBiqjOCCtF9 9wKSVjv/8WjVZn5jx8bpldtxYkh+r/mXldwvoV7wV0CzTJUQOwtq3Lmv9aJtfFjb S0k9U6yx0HBrtawiojPSJ0KsXdHk01vXt3w/7QLOeJMJn8OCLGpmC6DhpBezEDmK 1+TPUv3G0kqQhIYLIkm/PmClZwIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFPI95mVb 6+eNrWDQr4qXbpx6p89gMB8GA1UdIwQYMBaAFIYrc7nONQSwuiQdFP2sDsS05K3C MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1Q0NFQS80MDZFRjE3OEEw QzMxMUVBODc2NDIzNkZDNEY5QUUwMi9oaXR6dWM0MUJMQzZKQjBVX2F3T3hMVGty Y0kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2hpdHp1YzQxQkxDNkpCMFVfYXdPeExUa3JjSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NUNDRUEvNDA2RUYxNzhBMEMzMTFFQTg3NjQyMzZGQzRGOUFFMDIvNzBGRUQxM0ND RUY2MTFFRDlEREUwQTM5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E JTAjMBIEAgABMAwDBAY9DgADBAXLu4AwDQQCAAIwBwMFACQC+wAwDQYJKoZIhvcN AQELBQADggEBAKtaI1oOD8yghaqHUDBkHczhXrV6luRUHpT4yULn165B4tQiF93k mWt45/iFqJc/mApqE5mxX1lRRA5HHAvH3pE9x/gSRt/Wo7h8kQwK8CuKsOeABXui viFijRwl3tPn6hylgUGmIOpkZBaDAIF5KSr1g66QGcR7TRrSVgM8W4rhc0ytEddj 2HsHSagQgkD6QvkAJywgoHzITzdy+NguIPpOyjoUJ1V1aUuFcbk7bdHA0o9SiEHt gxlI/dgzwL6hv7c0OlHTwcgiasQV+FfqDOH0M+yYjkKtQtVZ1UjUcrvgb+tRs5m6 t/170iB1cBr+47ohBb4REt2Za32F/QZl2S4= -----END CERTIFICATE-----Generated at Sun Feb 16 20:47:29 2025 by rpki-client