$ rpki-client -vvf rpki.apnic.net/member_repository/A9167B50/9D1305C81D8F11E2A02BCDEE08B02CD2/925D8646772A11EBAE8A8181C4F9AE02.roa File: 925D8646772A11EBAE8A8181C4F9AE02.roa (raw, json) Hash identifier: 96XsaHGbBlvdPveuzctBmWEVFay9353tTmIoY6pIwfU= Subject key identifier: FA:75:14:C9:1A:97:7F:3A:BB:41:8A:D7:AC:2E:7A:75:03:6C:74:28 Certificate issuer: /CN=A9167B50/serialNumber=991B3F17084F76F12F9F0509D597F0FFECA04B4A Certificate serial: 3497 Authority key identifier: 99:1B:3F:17:08:4F:76:F1:2F:9F:05:09:D5:97:F0:FF:EC:A0:4B:4A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/mRs_FwhPdvEvnwUJ1Zfw_-ygS0o.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9167B50/9D1305C81D8F11E2A02BCDEE08B02CD2/925D8646772A11EBAE8A8181C4F9AE02.roa Signing time: Sat 02 Nov 2024 14:50:51 +0000 ROA not before: Sat 02 Nov 2024 14:50:51 +0000 ROA not after: Tue 30 Dec 2025 00:00:00 +0000 asID: 198949 IP address blocks: 112.121.110.0/24 maxlen: 24 112.121.111.0/24 maxlen: 24 112.121.118.0/24 maxlen: 24 112.121.119.0/24 maxlen: 24 112.121.124.0/24 maxlen: 24 112.121.125.0/24 maxlen: 24 112.121.126.0/24 maxlen: 24 112.121.127.0/24 maxlen: 24 202.80.109.0/24 maxlen: 24 202.80.110.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9167B50/9D1305C81D8F11E2A02BCDEE08B02CD2/mRs_FwhPdvEvnwUJ1Zfw_-ygS0o.crl rsync://rpki.apnic.net/member_repository/A9167B50/9D1305C81D8F11E2A02BCDEE08B02CD2/mRs_FwhPdvEvnwUJ1Zfw_-ygS0o.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/mRs_FwhPdvEvnwUJ1Zfw_-ygS0o.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 Nov 2024 14:40:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13463 (0x3497) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9167B50/serialNumber=991B3F17084F76F12F9F0509D597F0FFECA04B4A Validity Not Before: Nov 2 14:50:51 2024 GMT Not After : Dec 30 00:00:00 2025 GMT Subject: CN=67263c4a-9cd7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:5f:1c:6f:71:56:48:ab:fe:84:b2:53:7f:2c: 40:19:6c:b0:d9:f4:48:64:42:3e:16:66:53:5c:dd: 65:aa:a7:4a:dc:bd:07:f8:cb:87:2e:29:e4:9e:f3: 7f:d9:78:f9:2e:20:94:5a:a5:ae:2b:40:29:45:2d: fb:aa:6e:39:66:ee:d3:c7:72:ca:56:41:51:dc:d4: 7e:d7:a8:2f:c8:dc:5c:04:5e:c4:55:14:f5:4b:6d: 41:7c:de:59:6a:cd:3a:7b:59:4f:2a:d2:46:e9:25: 9e:2f:c0:eb:24:d3:32:29:36:a4:5f:ba:71:57:43: 37:8b:e1:96:f4:f3:03:c7:d2:9f:40:d5:5d:38:02: ca:f9:6c:ae:fb:5b:dc:cc:16:48:72:79:c0:33:50: 2c:d6:ca:93:29:3f:f7:2f:e8:8b:82:e5:3d:99:72: 95:11:9b:9e:3f:1e:7b:1b:1b:e5:85:d4:dd:be:a8: a3:be:a0:22:be:10:0e:be:c5:15:e9:a3:1b:35:06: 94:e1:db:a2:14:f9:37:b6:02:2d:fb:df:23:54:5b: 36:2c:9b:0d:4b:6f:8f:c4:c9:03:c7:44:2d:08:21: 77:73:ab:e1:a8:c8:8c:1c:65:7d:49:84:84:a6:dc: 9e:b7:ed:cb:8d:35:04:07:c1:98:9c:88:52:92:ac: f2:ad Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FA:75:14:C9:1A:97:7F:3A:BB:41:8A:D7:AC:2E:7A:75:03:6C:74:28 X509v3 Authority Key Identifier: keyid:99:1B:3F:17:08:4F:76:F1:2F:9F:05:09:D5:97:F0:FF:EC:A0:4B:4A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9167B50/9D1305C81D8F11E2A02BCDEE08B02CD2/mRs_FwhPdvEvnwUJ1Zfw_-ygS0o.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/mRs_FwhPdvEvnwUJ1Zfw_-ygS0o.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9167B50/9D1305C81D8F11E2A02BCDEE08B02CD2/925D8646772A11EBAE8A8181C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 112.121.110.0/23 112.121.118.0/23 112.121.124.0/22 202.80.109.0-202.80.110.255 Signature Algorithm: sha256WithRSAEncryption 34:e6:6d:fb:d1:f2:23:d4:72:5d:8e:e5:52:e4:43:3c:94:2f: a6:57:02:af:20:46:91:55:90:21:31:52:c9:e3:86:8e:2f:30: c7:42:cb:ca:9b:57:e7:a4:6b:52:d2:e4:36:64:02:fe:8e:72: 85:56:15:15:33:f3:54:8e:5b:8a:c2:8e:e5:ea:e9:a0:8e:09: 11:45:22:81:58:da:a2:a8:36:a0:97:22:6a:3d:a2:ed:9d:d4: f5:49:eb:ee:62:5b:3f:cc:a3:1a:26:7b:9f:19:84:03:2f:fe: 9c:dd:77:d2:88:49:78:9a:85:c4:c3:be:47:c9:f7:d1:c1:81: 4c:52:45:b7:de:f4:a9:ac:ba:15:13:b6:04:e6:60:16:65:8a: 92:61:73:1f:85:0e:76:56:3b:db:e9:fc:8d:23:fd:40:1a:cf: ee:2d:78:25:4d:21:af:40:b6:4b:5c:84:20:ad:bc:5f:1e:3e: c4:11:24:f8:dd:0a:a0:14:06:dd:af:a4:45:b6:cd:35:4c:be: 71:5c:54:35:ac:68:ec:c7:ec:74:72:3b:86:a3:0a:f8:2d:60: 62:6d:8c:57:83:9d:1a:c0:20:fb:5e:be:d5:da:14:16:7a:e0: ab:a2:bd:11:4a:ba:b2:73:44:21:c6:98:e8:a9:fd:ba:36:7a: 79:09:7e:ac -----BEGIN CERTIFICATE----- MIIFizCCBHOgAwIBAgICNJcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NjdCNTAxMTAvBgNVBAUTKDk5MUIzRjE3MDg0Rjc2RjEyRjlGMDUwOUQ1OTdGMEZG RUNBMDRCNEEwHhcNMjQxMTAyMTQ1MDUxWhcNMjUxMjMwMDAwMDAwWjAYMRYwFAYD VQQDEw02NzI2M2M0YS05Y2Q3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAyl8cb3FWSKv+hLJTfyxAGWyw2fRIZEI+FmZTXN1lqqdK3L0H+MuHLinknvN/ 2Xj5LiCUWqWuK0ApRS37qm45Zu7Tx3LKVkFR3NR+16gvyNxcBF7EVRT1S21BfN5Z as06e1lPKtJG6SWeL8DrJNMyKTakX7pxV0M3i+GW9PMDx9KfQNVdOALK+Wyu+1vc zBZIcnnAM1As1sqTKT/3L+iLguU9mXKVEZuePx57GxvlhdTdvqijvqAivhAOvsUV 6aMbNQaU4duiFPk3tgIt+98jVFs2LJsNS2+PxMkDx0QtCCF3c6vhqMiMHGV9SYSE ptyet+3LjTUEB8GYnIhSkqzyrQIDAQABo4ICrzCCAqswHQYDVR0OBBYEFPp1FMka l386u0GK16wuenUDbHQoMB8GA1UdIwQYMBaAFJkbPxcIT3bxL58FCdWX8P/soEtK MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2N0I1MC85RDEzMDVDODFE OEYxMUUyQTAyQkNERUUwOEIwMkNEMi9tUnNfRndoUGR2RXZud1VKMVpmd18teWdT MG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL21Sc19Gd2hQZHZFdm53VUoxWmZ3Xy15Z1Mwby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NjdCNTAvOUQxMzA1QzgxRDhGMTFFMkEwMkJDREVFMDhCMDJDRDIvOTI1RDg2NDY3 NzJBMTFFQkFFOEE4MTgxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOQYIKwYBBQUHAQcBAf8E KjAoMCYEAgABMCADBAFweW4DBAFweXYDBAJweXwwDAMEAMpQbQMEAMpQbjANBgkq hkiG9w0BAQsFAAOCAQEANOZt+9HyI9RyXY7lUuRDPJQvplcCryBGkVWQITFSyeOG ji8wx0LLyptX56RrUtLkNmQC/o5yhVYVFTPzVI5bisKO5erpoI4JEUUigVjaoqg2 oJciaj2i7Z3U9Unr7mJbP8yjGiZ7nxmEAy/+nN130ohJeJqFxMO+R8n30cGBTFJF t970qay6FRO2BOZgFmWKkmFzH4UOdlY72+n8jSP9QBrP7i14JU0hr0C2S1yEIK28 Xx4+xBEk+N0KoBQG3a+kRbbNNUy+cVxUNaxo7MfsdHI7hqMK+C1gYm2MV4OdGsAg +16+1doUFnrgq6K9EUq6snNEIcaY6Kn9ujZ6eQl+rA== -----END CERTIFICATE-----Generated at Wed Nov 20 16:11:27 2024 by rpki-client on console-fra.rpki-client.org