$ rpki-client -vvf rpki.apnic.net/member_repository/A916BCDF/ECE0FBE6E36D11E8956F3516C4F9AE02/698B3FA6986011EE969A225FC4F9AE02.roa File: 698B3FA6986011EE969A225FC4F9AE02.roa (raw, json) Hash identifier: IPMaIsA9uRnd6F5Aml0jreWHK2WPPMV0a6PLoDBBAuw= Subject key identifier: B7:B9:06:32:12:44:FA:3B:22:50:4E:35:49:1A:10:BA:9B:41:DB:EE Certificate issuer: /CN=A916BCDF/serialNumber=87954C0231CAACB2BE2DFDB567C74AF5ECB75B0C Certificate serial: 11B5 Authority key identifier: 87:95:4C:02:31:CA:AC:B2:BE:2D:FD:B5:67:C7:4A:F5:EC:B7:5B:0C Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/h5VMAjHKrLK-Lf21Z8dK9ey3Www.cer Subject info access: rsync://rpki.apnic.net/member_repository/A916BCDF/ECE0FBE6E36D11E8956F3516C4F9AE02/698B3FA6986011EE969A225FC4F9AE02.roa Signing time: Sat 02 Nov 2024 17:25:46 +0000 ROA not before: Sat 02 Nov 2024 17:25:46 +0000 ROA not after: Tue 30 Dec 2025 00:00:00 +0000 asID: 20473 IP address blocks: 66.42.32.0/20 maxlen: 32 66.42.48.0/20 maxlen: 32 139.180.128.0/19 maxlen: 32 139.180.160.0/19 maxlen: 32 139.180.192.0/20 maxlen: 32 139.180.208.0/20 maxlen: 32 158.247.192.0/18 maxlen: 32 167.179.64.0/18 maxlen: 32 207.148.64.0/20 maxlen: 32 207.148.80.0/21 maxlen: 32 207.148.88.0/21 maxlen: 32 207.148.96.0/20 maxlen: 32 207.148.112.0/22 maxlen: 32 207.148.116.0/22 maxlen: 32 207.148.120.0/21 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A916BCDF/ECE0FBE6E36D11E8956F3516C4F9AE02/h5VMAjHKrLK-Lf21Z8dK9ey3Www.crl rsync://rpki.apnic.net/member_repository/A916BCDF/ECE0FBE6E36D11E8956F3516C4F9AE02/h5VMAjHKrLK-Lf21Z8dK9ey3Www.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/h5VMAjHKrLK-Lf21Z8dK9ey3Www.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 21 Feb 2025 05:15:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4533 (0x11b5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A916BCDF Validity Not Before: Nov 2 17:25:46 2024 GMT Not After : Dec 30 00:00:00 2025 GMT Subject: CN=6726609a-1173 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:76:b0:86:41:f9:c4:7b:45:cf:39:ba:98:14: 28:a3:95:2d:cb:b5:27:22:f2:0d:d3:71:91:63:03: 0a:ff:5f:3d:39:09:fc:49:fa:c5:a1:24:3b:b1:f4: 3c:86:c3:63:e1:9e:50:47:6a:e5:a9:2e:40:d1:6e: fe:b4:d0:9f:c0:a9:91:d0:af:bc:69:31:ca:8b:8d: 57:0d:84:94:b4:f7:fa:b7:b8:38:8d:e8:b5:b3:4d: f0:b5:16:38:2a:02:a3:1b:24:a4:61:17:12:50:36: 7a:d2:44:8a:fc:e8:99:03:0c:dd:c6:45:01:6d:47: b4:1a:7e:39:cc:f5:95:86:a0:f1:e8:06:c6:dd:67: d0:5b:63:df:c4:2c:55:42:f5:37:1f:ae:50:e4:ed: e2:1d:c9:08:4f:b8:7d:4d:b6:7f:25:bd:51:5b:00: cb:15:d7:b4:11:c4:c9:6c:1d:a9:a0:41:b1:d7:cc: 76:16:7d:e4:bd:a7:37:85:4a:21:07:1c:5b:9d:6c: c3:94:9b:d9:25:22:d6:84:55:f2:59:1e:1e:d2:02: ad:41:fa:2e:2f:3d:1c:a0:a1:f2:f4:fa:9e:ce:54: 9a:ed:1c:ee:c1:15:18:98:1c:f8:4a:a8:13:4e:2c: fd:9e:63:c1:f2:19:dc:75:7a:12:f2:36:fb:b9:22: fb:f3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B7:B9:06:32:12:44:FA:3B:22:50:4E:35:49:1A:10:BA:9B:41:DB:EE X509v3 Authority Key Identifier: keyid:87:95:4C:02:31:CA:AC:B2:BE:2D:FD:B5:67:C7:4A:F5:EC:B7:5B:0C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A916BCDF/ECE0FBE6E36D11E8956F3516C4F9AE02/h5VMAjHKrLK-Lf21Z8dK9ey3Www.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/h5VMAjHKrLK-Lf21Z8dK9ey3Www.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916BCDF/ECE0FBE6E36D11E8956F3516C4F9AE02/698B3FA6986011EE969A225FC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 66.42.32.0/19 139.180.128.0-139.180.223.255 158.247.192.0/18 167.179.64.0/18 207.148.64.0/18 Signature Algorithm: sha256WithRSAEncryption 30:1e:22:a4:8e:70:bf:43:53:17:9e:35:eb:c6:58:b9:ce:53: 21:50:4d:7d:e6:02:33:0f:db:d0:f6:17:8a:ff:25:ff:86:f9: 8d:35:b0:38:81:49:b7:48:80:d0:68:8a:be:26:29:b1:23:b3: 10:b3:3b:5b:b2:8b:b4:8f:21:50:5c:8e:4f:ed:b9:be:8f:cc: e2:58:e9:54:56:b2:2b:a1:44:52:d8:de:21:76:17:1d:4d:36: ba:16:f3:96:5e:63:7d:32:3b:4c:b9:a0:44:9f:64:d8:fd:af: 4e:83:7b:dd:9e:56:79:59:56:2c:56:fc:61:2a:4d:3a:df:5a: 49:26:05:0b:c8:03:56:5b:43:03:29:6b:35:72:50:ef:96:aa: 4e:d1:70:a6:05:fb:84:df:36:af:44:d1:77:fd:15:5b:d7:42: 84:9a:5e:a9:43:2d:7e:ee:16:99:32:65:2d:d5:28:b5:d3:b0: a1:da:b8:0f:3c:1b:f1:b2:4c:c0:39:f4:16:ff:7f:f5:22:ea: 90:70:86:db:53:9c:18:38:a4:3f:c8:8e:35:dd:0f:ba:0f:0b: 19:89:30:0c:72:48:06:f1:76:81:0a:a9:0c:cc:6f:09:69:a1: 99:1c:5f:c6:ab:9a:a2:c6:1a:4e:00:b2:7b:82:4d:fd:f6:9c: 97:fd:5e:a6 -----BEGIN CERTIFICATE----- MIIFkTCCBHmgAwIBAgICEbUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NkJDREYxMTAvBgNVBAUTKDg3OTU0QzAyMzFDQUFDQjJCRTJERkRCNTY3Qzc0QUY1 RUNCNzVCMEMwHhcNMjQxMTAyMTcyNTQ2WhcNMjUxMjMwMDAwMDAwWjAYMRYwFAYD VQQDEw02NzI2NjA5YS0xMTczMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAonawhkH5xHtFzzm6mBQoo5Uty7UnIvIN03GRYwMK/189OQn8SfrFoSQ7sfQ8 hsNj4Z5QR2rlqS5A0W7+tNCfwKmR0K+8aTHKi41XDYSUtPf6t7g4jei1s03wtRY4 KgKjGySkYRcSUDZ60kSK/OiZAwzdxkUBbUe0Gn45zPWVhqDx6AbG3WfQW2PfxCxV QvU3H65Q5O3iHckIT7h9TbZ/Jb1RWwDLFde0EcTJbB2poEGx18x2Fn3kvac3hUoh BxxbnWzDlJvZJSLWhFXyWR4e0gKtQfouLz0coKHy9PqezlSa7RzuwRUYmBz4SqgT Tiz9nmPB8hncdXoS8jb7uSL78wIDAQABo4ICtTCCArEwHQYDVR0OBBYEFLe5BjIS RPo7IlBONUkaELqbQdvuMB8GA1UdIwQYMBaAFIeVTAIxyqyyvi39tWfHSvXst1sM MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2QkNERi9FQ0UwRkJFNkUz NkQxMUU4OTU2RjM1MTZDNEY5QUUwMi9oNVZNQWpIS3JMSy1MZjIxWjhkSzlleTNX d3cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL2g1Vk1BakhLckxLLUxmMjFaOGRLOWV5M1d3dy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NkJDREYvRUNFMEZCRTZFMzZEMTFFODk1NkYzNTE2QzRGOUFFMDIvNjk4QjNGQTY5 ODYwMTFFRTk2OUEyMjVGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwPwYIKwYBBQUHAQcBAf8E MDAuMCwEAgABMCYDBAVCKiAwDAMEB4u0gAMEBYu0wAMEBp73wAMEBqezQAMEBs+U QDANBgkqhkiG9w0BAQsFAAOCAQEAMB4ipI5wv0NTF54168ZYuc5TIVBNfeYCMw/b 0PYXiv8l/4b5jTWwOIFJt0iA0GiKviYpsSOzELM7W7KLtI8hUFyOT+25vo/M4ljp VFayK6FEUtjeIXYXHU02uhbzll5jfTI7TLmgRJ9k2P2vToN73Z5WeVlWLFb8YSpN Ot9aSSYFC8gDVltDAylrNXJQ75aqTtFwpgX7hN82r0TRd/0VW9dChJpeqUMtfu4W mTJlLdUotdOwodq4Dzwb8bJMwDn0Fv9/9SLqkHCG21OcGDikP8iONd0Pug8LGYkw DHJIBvF2gQqpDMxvCWmhmRxfxquaosYaTgCye4JN/facl/1epg== -----END CERTIFICATE-----Generated at Sun Feb 16 15:54:10 2025 by rpki-client