$ rpki-client -vvf rpki.apnic.net/member_repository/A9174EB5/AFEA29C2061911EA854A3516C4F9AE02/0EF9BE4E276F11EEB328204AC4F9AE02.roa File: 0EF9BE4E276F11EEB328204AC4F9AE02.roa (raw, json) Hash identifier: a6Xwc4IgmpEHrW4twM+UR9anddZ08NYax5VtnbtXTkI= Subject key identifier: CD:C4:58:7E:BA:AA:6F:F9:68:39:36:22:A3:49:C5:B1:22:6E:87:C5 Certificate issuer: /CN=A9174EB5/serialNumber=48E99851C189FA921B86664E30BC57C20ED1A8C4 Certificate serial: 0BAC Authority key identifier: 48:E9:98:51:C1:89:FA:92:1B:86:66:4E:30:BC:57:C2:0E:D1:A8:C4 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SOmYUcGJ-pIbhmZOMLxXwg7RqMQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9174EB5/AFEA29C2061911EA854A3516C4F9AE02/0EF9BE4E276F11EEB328204AC4F9AE02.roa Signing time: Tue 06 Feb 2024 19:37:28 +0000 ROA not before: Tue 06 Feb 2024 19:37:28 +0000 ROA not after: Thu 01 May 2025 00:00:00 +0000 asID: 394881 IP address blocks: 45.119.4.0/24 maxlen: 24 103.133.94.0/24 maxlen: 24 203.23.176.0/24 maxlen: 24 203.23.177.0/24 maxlen: 24 203.34.110.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9174EB5/AFEA29C2061911EA854A3516C4F9AE02/SOmYUcGJ-pIbhmZOMLxXwg7RqMQ.crl rsync://rpki.apnic.net/member_repository/A9174EB5/AFEA29C2061911EA854A3516C4F9AE02/SOmYUcGJ-pIbhmZOMLxXwg7RqMQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SOmYUcGJ-pIbhmZOMLxXwg7RqMQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 09 May 2024 19:32:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2988 (0xbac) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9174EB5/serialNumber=48E99851C189FA921B86664E30BC57C20ED1A8C4 Validity Not Before: Feb 6 19:37:28 2024 GMT Not After : May 1 00:00:00 2025 GMT Subject: CN=65c28a77-f82c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:4a:f1:cb:96:df:3e:aa:a0:b9:58:08:69:0e: 05:37:4d:b7:76:ac:ac:5b:27:87:20:bc:9f:1c:5a: c2:27:02:8a:38:51:f1:59:29:70:74:96:f7:82:b8: 4a:d8:65:ef:e8:f3:33:aa:3b:dc:d4:bf:91:d6:3b: 7a:a0:c8:b4:30:43:72:35:2d:66:ba:a3:a8:5b:f4: 54:67:c2:bf:20:e2:19:68:96:b1:aa:cf:c4:59:90: 3b:db:15:fa:be:7f:bb:91:6b:b3:1b:fb:15:9d:1a: 05:60:7b:e8:20:d3:aa:0f:61:a0:89:0f:f3:7c:48: d6:b3:d5:99:79:c5:4a:2c:05:63:4a:51:40:bc:71: e2:20:df:9b:12:60:8b:29:25:75:3f:78:d3:b8:cd: db:65:46:6d:aa:19:dd:79:36:f2:ef:1e:e8:83:f9: e3:5a:53:43:2e:a4:8c:8a:97:03:33:d9:bb:f4:0d: 6a:31:fb:84:58:05:af:75:56:1d:5b:30:70:93:13: a2:20:ab:79:7c:27:ce:a1:70:f8:82:b0:c4:b1:79: 3e:9c:e2:fd:e5:19:a4:8a:db:1a:2e:70:5f:51:c8: 2b:fb:0a:54:38:6b:8c:6e:89:a0:c7:6b:75:d7:95: 3c:ad:1c:d2:40:4c:8a:f8:dd:38:7f:78:da:8e:7d: 0e:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CD:C4:58:7E:BA:AA:6F:F9:68:39:36:22:A3:49:C5:B1:22:6E:87:C5 X509v3 Authority Key Identifier: keyid:48:E9:98:51:C1:89:FA:92:1B:86:66:4E:30:BC:57:C2:0E:D1:A8:C4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9174EB5/AFEA29C2061911EA854A3516C4F9AE02/SOmYUcGJ-pIbhmZOMLxXwg7RqMQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SOmYUcGJ-pIbhmZOMLxXwg7RqMQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9174EB5/AFEA29C2061911EA854A3516C4F9AE02/0EF9BE4E276F11EEB328204AC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 45.119.4.0/24 103.133.94.0/24 203.23.176.0/23 203.34.110.0/24 Signature Algorithm: sha256WithRSAEncryption 6f:8e:b7:42:61:a1:24:f0:c2:83:0a:20:fa:ae:d1:7a:11:c4: fc:1f:ea:56:32:c3:c1:ea:da:ec:41:47:f4:c5:02:f2:27:d1: c2:57:b8:80:32:ae:fc:45:7f:c3:4a:c9:42:4c:b8:60:8d:38: 9d:10:b7:b8:63:06:d6:0c:32:f2:82:30:78:b5:ec:b5:d0:cd: d5:8b:84:32:1d:88:85:cd:91:23:d3:64:1a:a9:d1:f4:b4:a9: 50:96:34:b5:4d:68:df:c3:6a:51:ad:f8:0b:ea:80:90:48:b1: 8b:1c:f1:d5:80:05:25:4d:3f:3e:f4:58:df:02:0f:60:2a:3d: 30:2d:c7:70:93:0d:e8:19:e8:0a:48:bb:ac:72:92:da:eb:b5: af:bd:ea:b1:1b:25:ed:c3:5b:eb:e8:ac:33:43:22:ec:3f:64: 11:7f:4b:f7:f7:5a:a4:a2:49:9c:b0:1a:2b:89:3b:cb:3e:53: 24:e6:1e:77:7f:5c:d5:77:84:07:58:f0:ac:eb:6a:ae:56:54: ce:b4:fd:35:e9:14:00:ad:50:1e:6e:a8:48:08:a3:a2:e1:d5: 4f:d8:b5:26:fe:ad:18:25:2e:62:db:2c:b5:8e:56:eb:e4:c6: eb:63:f8:58:57:e2:42:5f:5b:54:a5:ab:db:83:d9:6d:74:f0: 76:42:e7:f7 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgICC6wwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NzRFQjUxMTAvBgNVBAUTKDQ4RTk5ODUxQzE4OUZBOTIxQjg2NjY0RTMwQkM1N0My MEVEMUE4QzQwHhcNMjQwMjA2MTkzNzI4WhcNMjUwNTAxMDAwMDAwWjAYMRYwFAYD VQQDEw02NWMyOGE3Ny1mODJjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA2Erxy5bfPqqguVgIaQ4FN023dqysWyeHILyfHFrCJwKKOFHxWSlwdJb3grhK 2GXv6PMzqjvc1L+R1jt6oMi0MENyNS1muqOoW/RUZ8K/IOIZaJaxqs/EWZA72xX6 vn+7kWuzG/sVnRoFYHvoINOqD2GgiQ/zfEjWs9WZecVKLAVjSlFAvHHiIN+bEmCL KSV1P3jTuM3bZUZtqhndeTby7x7og/njWlNDLqSMipcDM9m79A1qMfuEWAWvdVYd WzBwkxOiIKt5fCfOoXD4grDEsXk+nOL95RmkitsaLnBfUcgr+wpUOGuMbomgx2t1 15U8rRzSQEyK+N04f3jajn0OMwIDAQABo4ICpzCCAqMwHQYDVR0OBBYEFM3EWH66 qm/5aDk2IqNJxbEibofFMB8GA1UdIwQYMBaAFEjpmFHBifqSG4ZmTjC8V8IO0ajE MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3NEVCNS9BRkVBMjlDMjA2 MTkxMUVBODU0QTM1MTZDNEY5QUUwMi9TT21ZVWNHSi1wSWJobVpPTUx4WHdnN1Jx TVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1NPbVlVY0dKLXBJYmhtWk9NTHhYd2c3UnFNUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NzRFQjUvQUZFQTI5QzIwNjE5MTFFQTg1NEEzNTE2QzRGOUFFMDIvMEVGOUJFNEUy NzZGMTFFRUIzMjgyMDRBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMQYIKwYBBQUHAQcBAf8E IjAgMB4EAgABMBgDBAAtdwQDBABnhV4DBAHLF7ADBADLIm4wDQYJKoZIhvcNAQEL BQADggEBAG+Ot0JhoSTwwoMKIPqu0XoRxPwf6lYyw8Hq2uxBR/TFAvIn0cJXuIAy rvxFf8NKyUJMuGCNOJ0Qt7hjBtYMMvKCMHi17LXQzdWLhDIdiIXNkSPTZBqp0fS0 qVCWNLVNaN/DalGt+AvqgJBIsYsc8dWABSVNPz70WN8CD2AqPTAtx3CTDegZ6ApI u6xyktrrta+96rEbJe3DW+vorDNDIuw/ZBF/S/f3WqSiSZywGiuJO8s+UyTmHnd/ XNV3hAdY8Kzraq5WVM60/TXpFACtUB5uqEgIo6Lh1U/YtSb+rRglLmLbLLWOVuvk xutj+FhX4kJfW1Slq9uD2W108HZC5/c= -----END CERTIFICATE-----Generated at Thu May 2 20:50:28 2024 by rpki-client on console-fra.rpki-client.org