$ rpki-client -vvf rpki.apnic.net/member_repository/A9164860/B401C982E97011E8B0359359C4F9AE02/3A9AD3CEDAD411EBB35DA50AC4F9AE02.roa File: 3A9AD3CEDAD411EBB35DA50AC4F9AE02.roa (raw, json) Hash identifier: EztUCIPqk3y/a6AcLfvax6DUhCHP6l9BEvQIvIo9iws= Subject key identifier: 5B:6D:62:CD:25:9C:47:84:75:C2:DA:67:52:E0:09:D9:A7:E0:11:94 Certificate issuer: /CN=A9164860/serialNumber=BC536C00F85F59041D9C4C2961F72242BF60D51E Certificate serial: 120B Authority key identifier: BC:53:6C:00:F8:5F:59:04:1D:9C:4C:29:61:F7:22:42:BF:60:D5:1E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vFNsAPhfWQQdnEwpYfciQr9g1R4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9164860/B401C982E97011E8B0359359C4F9AE02/3A9AD3CEDAD411EBB35DA50AC4F9AE02.roa Signing time: Sat 28 Dec 2024 17:15:00 +0000 ROA not before: Sat 28 Dec 2024 17:15:00 +0000 ROA not after: Mon 02 Mar 2026 00:00:00 +0000 asID: 141013 IP address blocks: 116.89.245.0/24 maxlen: 24 2401:fdc0:10::/44 maxlen: 44 2401:fdc0:20::/44 maxlen: 44 2401:fdc0:30::/44 maxlen: 44 2401:fdc0:ff00::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9164860/B401C982E97011E8B0359359C4F9AE02/vFNsAPhfWQQdnEwpYfciQr9g1R4.crl rsync://rpki.apnic.net/member_repository/A9164860/B401C982E97011E8B0359359C4F9AE02/vFNsAPhfWQQdnEwpYfciQr9g1R4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vFNsAPhfWQQdnEwpYfciQr9g1R4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 21 Feb 2025 05:15:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4619 (0x120b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9164860 Validity Not Before: Dec 28 17:15:00 2024 GMT Not After : Mar 2 00:00:00 2026 GMT Subject: CN=67703214-f1b6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:01:47:3f:a9:ac:fc:2b:36:50:9d:39:21:80: df:ce:0a:c7:f5:8e:90:47:64:9e:7a:03:15:e0:76: d9:ae:99:17:fb:79:74:26:1c:f9:69:c2:41:29:b7: 6e:07:e0:c1:4e:6f:1c:39:5f:bd:ae:c5:30:21:48: 75:03:7e:49:05:99:66:13:8c:50:58:b9:d9:4c:14: 74:df:b7:5d:be:81:b0:16:82:48:9c:63:d5:4f:7d: 1f:1f:44:a5:1a:76:d4:85:c5:96:e5:73:35:66:6b: d0:cd:2d:a1:86:ab:27:a9:bd:77:2b:bd:b6:01:49: 80:f7:f8:c4:aa:29:30:38:c1:3e:4f:f5:27:2f:f5: 72:ff:30:8d:65:83:11:f0:16:a2:47:3b:a0:73:78: 8a:73:54:62:43:a4:12:57:f2:04:f6:37:df:78:04: ca:30:69:75:e9:75:25:1e:3a:94:9f:24:69:0a:1e: c4:94:ab:79:f9:27:8b:cd:e1:d3:eb:5d:38:17:12: 81:90:c6:7b:bc:09:44:ad:e3:77:99:83:f6:a9:28: dc:df:b5:29:55:a0:58:b1:81:1a:2a:78:f2:e3:63: a9:fa:69:4b:7c:ed:6f:6f:29:2f:91:c2:37:e0:38: 97:e9:7e:f1:46:27:60:7f:7a:d4:a7:36:40:30:1e: 5f:81 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5B:6D:62:CD:25:9C:47:84:75:C2:DA:67:52:E0:09:D9:A7:E0:11:94 X509v3 Authority Key Identifier: keyid:BC:53:6C:00:F8:5F:59:04:1D:9C:4C:29:61:F7:22:42:BF:60:D5:1E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9164860/B401C982E97011E8B0359359C4F9AE02/vFNsAPhfWQQdnEwpYfciQr9g1R4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vFNsAPhfWQQdnEwpYfciQr9g1R4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9164860/B401C982E97011E8B0359359C4F9AE02/3A9AD3CEDAD411EBB35DA50AC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 116.89.245.0/24 IPv6: 2401:fdc0:10::-2401:fdc0:3f:ffff:ffff:ffff:ffff:ffff 2401:fdc0:ff00::/40 Signature Algorithm: sha256WithRSAEncryption 0b:26:ef:7f:0e:fc:db:a2:b5:22:52:f2:d7:80:77:f5:49:99: eb:4f:34:b6:8a:1d:d6:84:87:a7:43:19:52:b6:aa:85:91:dd: 04:93:ea:15:d2:4d:f3:f9:7a:86:2d:49:70:b4:60:47:1c:6a: 31:ec:44:b9:ab:68:dd:92:1c:be:b6:d9:10:60:df:fc:87:ca: db:65:1d:0b:52:82:dd:b1:7f:28:01:27:7b:6e:a0:6d:e2:9c: 85:64:a0:90:bb:d1:1c:cb:af:06:6c:a4:61:0f:bc:04:07:af: 9d:f3:bb:70:4c:5f:43:9c:b9:07:ca:2b:4a:ff:05:74:29:58: b4:04:a3:8e:63:56:3a:6b:c7:40:0c:67:dc:18:ea:12:4c:39: b4:3e:a2:2c:5f:f8:31:3c:cc:29:dc:3a:09:c0:07:0d:bf:2f: 43:b8:b9:8f:9b:84:af:75:51:c5:22:58:fb:7e:77:34:e6:31: b8:c1:3d:b7:2a:96:17:bf:2f:21:64:7e:f7:1e:3f:ab:d0:31: 16:5f:00:db:69:29:e1:6e:c9:3e:d3:d0:c6:93:ec:24:eb:c9: cd:6f:d6:37:cf:b4:c9:27:41:df:83:04:35:9a:33:69:fc:5c: f2:38:9a:e5:99:22:5b:3a:3d:42:e1:82:40:11:21:14:a2:31: dc:df:43:04 -----BEGIN CERTIFICATE----- MIIFlTCCBH2gAwIBAgICEgswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NjQ4NjAxMTAvBgNVBAUTKEJDNTM2QzAwRjg1RjU5MDQxRDlDNEMyOTYxRjcyMjQy QkY2MEQ1MUUwHhcNMjQxMjI4MTcxNTAwWhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD VQQDEw02NzcwMzIxNC1mMWI2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA0gFHP6ms/Cs2UJ05IYDfzgrH9Y6QR2SeegMV4HbZrpkX+3l0Jhz5acJBKbdu B+DBTm8cOV+9rsUwIUh1A35JBZlmE4xQWLnZTBR037ddvoGwFoJInGPVT30fH0Sl GnbUhcWW5XM1ZmvQzS2hhqsnqb13K722AUmA9/jEqikwOME+T/UnL/Vy/zCNZYMR 8BaiRzugc3iKc1RiQ6QSV/IE9jffeATKMGl16XUlHjqUnyRpCh7ElKt5+SeLzeHT 6104FxKBkMZ7vAlEreN3mYP2qSjc37UpVaBYsYEaKnjy42Op+mlLfO1vbykvkcI3 4DiX6X7xRidgf3rUpzZAMB5fgQIDAQABo4ICuTCCArUwHQYDVR0OBBYEFFttYs0l nEeEdcLaZ1LgCdmn4BGUMB8GA1UdIwQYMBaAFLxTbAD4X1kEHZxMKWH3IkK/YNUe MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2NDg2MC9CNDAxQzk4MkU5 NzAxMUU4QjAzNTkzNTlDNEY5QUUwMi92Rk5zQVBoZldRUWRuRXdwWWZjaVFyOWcx UjQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3ZGTnNBUGhmV1FRZG5Fd3BZZmNpUXI5ZzFSNC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NjQ4NjAvQjQwMUM5ODJFOTcwMTFFOEIwMzU5MzU5QzRGOUFFMDIvM0E5QUQzQ0VE QUQ0MTFFQkIzNURBNTBBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQwYIKwYBBQUHAQcBAf8E NDAyMAwEAgABMAYDBAB0WfUwIgQCAAIwHDASAwcEJAH9wAAQAwcGJAH9wAAAAwYA JAH9wP8wDQYJKoZIhvcNAQELBQADggEBAAsm738O/NuitSJS8teAd/VJmetPNLaK HdaEh6dDGVK2qoWR3QST6hXSTfP5eoYtSXC0YEccajHsRLmraN2SHL622RBg3/yH yttlHQtSgt2xfygBJ3tuoG3inIVkoJC70RzLrwZspGEPvAQHr53zu3BMX0OcuQfK K0r/BXQpWLQEo45jVjprx0AMZ9wY6hJMObQ+oixf+DE8zCncOgnABw2/L0O4uY+b hK91UcUiWPt+dzTmMbjBPbcqlhe/LyFkfvceP6vQMRZfANtpKeFuyT7T0MaT7CTr yc1v1jfPtMknQd+DBDWaM2n8XPI4muWZIls6PULhgkARIRSiMdzfQwQ= -----END CERTIFICATE-----Generated at Sun Feb 16 20:36:50 2025 by rpki-client