$ rpki-client -vvf rpki.apnic.net/member_repository/A9174EB5/AFEA29C2061911EA854A3516C4F9AE02/D47B21C24FFE11EAA0E4ED42C4F9AE02.roa File: D47B21C24FFE11EAA0E4ED42C4F9AE02.roa (raw, json) Hash identifier: ZMkvn8M/+ZjeMYlcx5BpRn45pEDyzj9iUfMiESTYCg8= Subject key identifier: 8D:D9:74:5A:56:C1:B2:D7:49:CE:BD:8A:DA:62:0C:A2:33:AD:C7:41 Certificate issuer: /CN=A9174EB5/serialNumber=48E99851C189FA921B86664E30BC57C20ED1A8C4 Certificate serial: 0BAA Authority key identifier: 48:E9:98:51:C1:89:FA:92:1B:86:66:4E:30:BC:57:C2:0E:D1:A8:C4 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SOmYUcGJ-pIbhmZOMLxXwg7RqMQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9174EB5/AFEA29C2061911EA854A3516C4F9AE02/D47B21C24FFE11EAA0E4ED42C4F9AE02.roa Signing time: Tue 06 Feb 2024 19:37:26 +0000 ROA not before: Tue 06 Feb 2024 19:37:26 +0000 ROA not after: Thu 01 May 2025 00:00:00 +0000 asID: 24373 IP address blocks: 45.119.4.0/23 maxlen: 23 45.119.4.0/24 maxlen: 24 103.133.93.0/24 maxlen: 24 203.34.110.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9174EB5/AFEA29C2061911EA854A3516C4F9AE02/SOmYUcGJ-pIbhmZOMLxXwg7RqMQ.crl rsync://rpki.apnic.net/member_repository/A9174EB5/AFEA29C2061911EA854A3516C4F9AE02/SOmYUcGJ-pIbhmZOMLxXwg7RqMQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SOmYUcGJ-pIbhmZOMLxXwg7RqMQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 Nov 2024 18:24:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2986 (0xbaa) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9174EB5/serialNumber=48E99851C189FA921B86664E30BC57C20ED1A8C4 Validity Not Before: Feb 6 19:37:26 2024 GMT Not After : May 1 00:00:00 2025 GMT Subject: CN=65c28a76-c2e3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:55:4c:52:99:3b:d9:b0:da:77:f7:16:50:a0: 2b:29:17:b2:4e:19:c8:dc:17:70:f4:64:35:6c:60: 6e:3b:3d:c5:a3:a5:4f:c5:17:3d:6f:78:0b:6b:3a: a2:32:91:8c:af:32:1f:b1:fa:db:cb:1c:18:4c:82: 85:2d:ac:6d:0c:f7:64:62:cc:dd:53:e9:61:7d:eb: ea:6b:51:7b:cc:03:89:c6:f5:7f:4f:66:57:73:06: 94:8b:db:a9:48:f3:66:db:6d:2e:78:6c:18:ff:e4: 03:ff:70:fa:17:81:66:d4:db:45:96:f4:ca:38:3e: 34:a8:ba:a4:57:7e:b9:09:2d:f3:4f:22:0c:81:30: bb:16:0d:b2:4b:14:0c:d1:94:a8:3d:b1:7f:26:65: 43:0b:b8:c8:d7:b0:52:85:8a:bc:68:82:89:dc:c6: 5a:93:87:b6:1b:3e:0b:ae:62:ea:39:95:0a:99:f8: 11:95:7b:bd:9e:fa:42:f3:1e:25:01:5a:f7:ab:8f: fe:23:f8:13:d1:f5:c2:31:cc:20:11:ff:e4:d7:c5: c0:61:87:e3:57:a4:55:f1:c9:e6:8d:3b:da:7c:e1: d0:01:b3:0f:7b:aa:de:cc:43:d0:1a:95:47:22:54: 6c:ec:bd:8d:9f:de:6d:5b:f3:ea:fe:c4:02:64:7c: c6:67 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8D:D9:74:5A:56:C1:B2:D7:49:CE:BD:8A:DA:62:0C:A2:33:AD:C7:41 X509v3 Authority Key Identifier: keyid:48:E9:98:51:C1:89:FA:92:1B:86:66:4E:30:BC:57:C2:0E:D1:A8:C4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9174EB5/AFEA29C2061911EA854A3516C4F9AE02/SOmYUcGJ-pIbhmZOMLxXwg7RqMQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SOmYUcGJ-pIbhmZOMLxXwg7RqMQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9174EB5/AFEA29C2061911EA854A3516C4F9AE02/D47B21C24FFE11EAA0E4ED42C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 45.119.4.0/23 103.133.93.0/24 203.34.110.0/24 Signature Algorithm: sha256WithRSAEncryption 01:b1:c4:67:eb:cb:89:34:18:9e:59:f2:24:b2:80:68:8a:95: 03:8c:ea:80:17:14:59:c2:ad:a8:44:8c:0c:ff:ee:1b:03:0e: ca:e5:6f:8f:85:86:e4:3a:58:d3:92:18:0e:da:04:2b:65:d7: f4:81:08:05:21:66:10:31:3f:7d:35:f0:f4:8f:ca:2e:61:19: ed:58:e7:be:09:78:90:c8:a5:16:70:67:e9:90:74:d9:ae:23: e9:6c:f1:aa:21:a1:09:61:1f:cf:d2:90:8e:5b:66:a8:c0:86: 62:bf:80:79:d7:29:db:ad:bf:ea:9c:60:9b:29:82:3e:43:2e: d8:fe:7a:04:36:34:9e:1c:36:b3:07:55:6c:94:e7:a5:67:af: 0f:00:e6:e7:41:a2:33:00:4f:fc:92:a1:4a:5e:ba:b0:15:ee: 87:bb:80:49:be:88:46:90:fb:b6:3e:15:c0:d7:e1:d2:12:31: dd:7b:6a:3e:76:db:f5:da:45:46:30:52:85:8a:d0:35:7b:72: 00:e1:2b:4f:d2:fd:4e:20:0a:38:0e:86:b4:f2:d4:ab:37:8b: 9d:a2:77:fb:02:74:4f:fb:79:e5:dd:bd:30:3c:e4:00:32:2d: 4e:d4:cc:fb:5b:ce:39:4d:8f:36:74:18:50:60:98:47:95:93: 30:5b:2a:2c -----BEGIN CERTIFICATE----- MIIFfTCCBGWgAwIBAgICC6owDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NzRFQjUxMTAvBgNVBAUTKDQ4RTk5ODUxQzE4OUZBOTIxQjg2NjY0RTMwQkM1N0My MEVEMUE4QzQwHhcNMjQwMjA2MTkzNzI2WhcNMjUwNTAxMDAwMDAwWjAYMRYwFAYD VQQDEw02NWMyOGE3Ni1jMmUzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAyVVMUpk72bDad/cWUKArKReyThnI3Bdw9GQ1bGBuOz3Fo6VPxRc9b3gLazqi MpGMrzIfsfrbyxwYTIKFLaxtDPdkYszdU+lhfevqa1F7zAOJxvV/T2ZXcwaUi9up SPNm220ueGwY/+QD/3D6F4Fm1NtFlvTKOD40qLqkV365CS3zTyIMgTC7Fg2ySxQM 0ZSoPbF/JmVDC7jI17BShYq8aIKJ3MZak4e2Gz4LrmLqOZUKmfgRlXu9nvpC8x4l AVr3q4/+I/gT0fXCMcwgEf/k18XAYYfjV6RV8cnmjTvafOHQAbMPe6rezEPQGpVH IlRs7L2Nn95tW/Pq/sQCZHzGZwIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFI3ZdFpW wbLXSc69itpiDKIzrcdBMB8GA1UdIwQYMBaAFEjpmFHBifqSG4ZmTjC8V8IO0ajE MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3NEVCNS9BRkVBMjlDMjA2 MTkxMUVBODU0QTM1MTZDNEY5QUUwMi9TT21ZVWNHSi1wSWJobVpPTUx4WHdnN1Jx TVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1NPbVlVY0dKLXBJYmhtWk9NTHhYd2c3UnFNUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NzRFQjUvQUZFQTI5QzIwNjE5MTFFQTg1NEEzNTE2QzRGOUFFMDIvRDQ3QjIxQzI0 RkZFMTFFQUEwRTRFRDQyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E HDAaMBgEAgABMBIDBAEtdwQDBABnhV0DBADLIm4wDQYJKoZIhvcNAQELBQADggEB AAGxxGfry4k0GJ5Z8iSygGiKlQOM6oAXFFnCrahEjAz/7hsDDsrlb4+FhuQ6WNOS GA7aBCtl1/SBCAUhZhAxP3018PSPyi5hGe1Y574JeJDIpRZwZ+mQdNmuI+ls8aoh oQlhH8/SkI5bZqjAhmK/gHnXKdutv+qcYJspgj5DLtj+egQ2NJ4cNrMHVWyU56Vn rw8A5udBojMAT/ySoUpeurAV7oe7gEm+iEaQ+7Y+FcDX4dISMd17aj522/XaRUYw UoWK0DV7cgDhK0/S/U4gCjgOhrTy1Ks3i52id/sCdE/7eeXdvTA85AAyLU7UzPtb zjlNjzZ0GFBgmEeVkzBbKiw= -----END CERTIFICATE-----Generated at Wed Nov 20 20:07:24 2024 by rpki-client on console-fra.rpki-client.org