$ rpki-client -vvf rpki.apnic.net/member_repository/A917AAAD/E3B2B644F7C111EA8275CB66C4F9AE02/CAB0B6B2F7C311EA8A722484C4F9AE02.roa File: CAB0B6B2F7C311EA8A722484C4F9AE02.roa (raw, json) Hash identifier: KDUtG1J4AENbekyCq++mfX0HRm1bug372S4zxJx9wNg= Subject key identifier: D7:AA:5E:52:9E:19:D8:8D:55:C4:13:7E:B6:AE:23:C0:6A:29:39:66 Certificate issuer: /CN=A917AAAD/serialNumber=D617D4710482C7F775752057DC8682259B319C78 Certificate serial: 0761 Authority key identifier: D6:17:D4:71:04:82:C7:F7:75:75:20:57:DC:86:82:25:9B:31:9C:78 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1hfUcQSCx_d1dSBX3IaCJZsxnHg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917AAAD/E3B2B644F7C111EA8275CB66C4F9AE02/CAB0B6B2F7C311EA8A722484C4F9AE02.roa Signing time: Wed 16 Oct 2024 21:40:21 +0000 ROA not before: Wed 16 Oct 2024 21:40:21 +0000 ROA not after: Tue 30 Dec 2025 00:00:00 +0000 asID: 17977 IP address blocks: 120.72.64.0/20 maxlen: 20 203.173.64.0/20 maxlen: 20 2404:1000::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917AAAD/E3B2B644F7C111EA8275CB66C4F9AE02/1hfUcQSCx_d1dSBX3IaCJZsxnHg.crl rsync://rpki.apnic.net/member_repository/A917AAAD/E3B2B644F7C111EA8275CB66C4F9AE02/1hfUcQSCx_d1dSBX3IaCJZsxnHg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1hfUcQSCx_d1dSBX3IaCJZsxnHg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Nov 2024 20:43:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1889 (0x761) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917AAAD/serialNumber=D617D4710482C7F775752057DC8682259B319C78 Validity Not Before: Oct 16 21:40:21 2024 GMT Not After : Dec 30 00:00:00 2025 GMT Subject: CN=671032c5-c9bd Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:d8:c3:14:02:70:d8:29:9e:a3:c6:04:6c:13: 9d:1c:0d:84:d9:65:70:1d:59:b7:dd:7d:27:41:9d: 86:27:f7:44:23:03:25:c7:ea:2f:c2:b9:a7:ae:3c: b7:3a:83:f7:14:00:0e:38:40:63:cd:5f:f6:ee:0e: f0:eb:0c:66:ca:11:1f:55:34:1f:e9:af:cb:01:ec: c4:58:b8:94:7a:f0:86:d3:de:4c:e4:65:c2:0a:07: 04:04:e3:f8:ca:be:26:16:e7:7f:4f:95:88:67:fd: d9:dc:2f:0e:c5:d8:fe:3b:48:58:4b:d7:98:fd:ad: af:e7:af:3b:af:18:4c:da:4c:e2:d8:11:a0:01:12: fd:57:33:a2:c2:23:f2:ad:c2:b5:26:5f:e0:5b:20: 49:6d:eb:b1:89:7d:a5:73:aa:9b:cb:17:1e:7e:1a: a8:9f:1d:6a:c1:9b:82:66:b8:cd:84:52:20:89:df: 9b:23:14:e7:35:91:c0:40:70:82:25:3d:66:18:48: 03:48:4a:dc:44:39:e8:49:ef:06:70:08:23:48:df: ff:f0:71:e5:b6:9d:aa:fc:a2:08:2b:ae:03:2d:de: e1:8f:56:80:5e:b3:e2:42:36:f9:73:c3:93:ed:53: 83:1b:53:b2:6e:ed:85:fd:89:66:b7:eb:ad:64:6e: 7a:3b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D7:AA:5E:52:9E:19:D8:8D:55:C4:13:7E:B6:AE:23:C0:6A:29:39:66 X509v3 Authority Key Identifier: keyid:D6:17:D4:71:04:82:C7:F7:75:75:20:57:DC:86:82:25:9B:31:9C:78 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917AAAD/E3B2B644F7C111EA8275CB66C4F9AE02/1hfUcQSCx_d1dSBX3IaCJZsxnHg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1hfUcQSCx_d1dSBX3IaCJZsxnHg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917AAAD/E3B2B644F7C111EA8275CB66C4F9AE02/CAB0B6B2F7C311EA8A722484C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 120.72.64.0/20 203.173.64.0/20 IPv6: 2404:1000::/32 Signature Algorithm: sha256WithRSAEncryption 4f:5c:fc:f8:1e:d1:70:22:f1:fe:6a:fa:9d:d1:f5:a2:06:4c: 28:d5:dd:e6:e3:bd:b3:b1:91:71:38:b0:72:5e:9e:01:20:60: 74:63:ab:a4:ed:bc:6f:3a:8b:db:f2:8d:aa:ee:fb:da:d8:e1: 80:c0:80:31:10:1a:79:45:27:5a:93:a7:14:f8:22:83:a8:db: c1:94:06:31:ff:a4:d5:02:c7:53:fc:b8:d9:ee:b1:05:55:49: 67:6e:d4:ce:72:07:34:b8:ee:b0:53:65:4d:35:d8:a6:23:5b: 95:06:0e:0d:b3:f8:b6:0e:68:d5:b1:46:fa:4a:e8:af:46:ba: 91:d6:11:aa:86:5f:20:08:f6:5f:be:d9:38:47:d8:50:38:ed: ef:81:01:f5:6d:af:fd:5f:e6:9b:25:d4:8f:ba:25:3f:59:4d: cc:dd:85:9a:48:64:eb:a2:ac:07:16:79:ab:46:ee:a7:f6:cd: f9:7a:48:e4:98:58:bd:37:64:91:e8:95:ff:da:83:a3:c5:e1: 2b:f2:69:05:25:3c:bd:53:5f:92:d1:4b:db:5e:ce:68:25:44: 85:03:a3:c9:e5:1a:4b:c5:98:a5:db:21:2b:27:b7:7c:9d:65: f7:3b:5d:ea:f3:3c:12:67:8c:ce:0e:46:fa:26:39:8a:95:f8: 0b:09:b8:f4 -----BEGIN CERTIFICATE----- MIIFhjCCBG6gAwIBAgICB2EwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0FBQUQxMTAvBgNVBAUTKEQ2MTdENDcxMDQ4MkM3Rjc3NTc1MjA1N0RDODY4MjI1 OUIzMTlDNzgwHhcNMjQxMDE2MjE0MDIxWhcNMjUxMjMwMDAwMDAwWjAYMRYwFAYD VQQDEw02NzEwMzJjNS1jOWJkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAstjDFAJw2Cmeo8YEbBOdHA2E2WVwHVm33X0nQZ2GJ/dEIwMlx+ovwrmnrjy3 OoP3FAAOOEBjzV/27g7w6wxmyhEfVTQf6a/LAezEWLiUevCG095M5GXCCgcEBOP4 yr4mFud/T5WIZ/3Z3C8Oxdj+O0hYS9eY/a2v5687rxhM2kzi2BGgARL9VzOiwiPy rcK1Jl/gWyBJbeuxiX2lc6qbyxcefhqonx1qwZuCZrjNhFIgid+bIxTnNZHAQHCC JT1mGEgDSErcRDnoSe8GcAgjSN//8HHltp2q/KIIK64DLd7hj1aAXrPiQjb5c8OT 7VODG1Oybu2F/Ylmt+utZG56OwIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFNeqXlKe GdiNVcQTfrauI8BqKTlmMB8GA1UdIwQYMBaAFNYX1HEEgsf3dXUgV9yGgiWbMZx4 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3QUFBRC9FM0IyQjY0NEY3 QzExMUVBODI3NUNCNjZDNEY5QUUwMi8xaGZVY1FTQ3hfZDFkU0JYM0lhQ0pac3hu SGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzFoZlVjUVNDeF9kMWRTQlgzSWFDSlpzeG5IZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx N0FBQUQvRTNCMkI2NDRGN0MxMTFFQTgyNzVDQjY2QzRGOUFFMDIvQ0FCMEI2QjJG N0MzMTFFQThBNzIyNDg0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E JTAjMBIEAgABMAwDBAR4SEADBATLrUAwDQQCAAIwBwMFACQEEAAwDQYJKoZIhvcN AQELBQADggEBAE9c/Pge0XAi8f5q+p3R9aIGTCjV3ebjvbOxkXE4sHJengEgYHRj q6TtvG86i9vyjaru+9rY4YDAgDEQGnlFJ1qTpxT4IoOo28GUBjH/pNUCx1P8uNnu sQVVSWdu1M5yBzS47rBTZU012KYjW5UGDg2z+LYOaNWxRvpK6K9GupHWEaqGXyAI 9l++2ThH2FA47e+BAfVtr/1f5psl1I+6JT9ZTczdhZpIZOuirAcWeatG7qf2zfl6 SOSYWL03ZJHolf/ag6PF4SvyaQUlPL1TX5LRS9tezmglRIUDo8nlGkvFmKXbISsn t3ydZfc7XerzPBJnjM4ORvomOYqV+AsJuPQ= -----END CERTIFICATE-----Generated at Fri Nov 22 22:14:31 2024 by rpki-client on console-ams.rpki-client.org