$ rpki-client -vvf rpki.apnic.net/member_repository/A917B520/161D4C0AE4CA11EDA414E259C4F9AE02/D13FCAEAA62E11EFBC284C42C4F9AE02.roa File: D13FCAEAA62E11EFBC284C42C4F9AE02.roa (raw, json) Hash identifier: 6hgdKa35Z/wgme43twsAUwJcx1mczDKYn29trz55Beo= Subject key identifier: D3:42:DE:98:B9:48:BD:8D:D4:AC:23:8D:39:FC:B9:76:F8:FC:BC:52 Certificate issuer: /CN=A917B520/serialNumber=542B94D8625CF711964FD13741295D27AD7A9004 Certificate serial: 0175 Authority key identifier: 54:2B:94:D8:62:5C:F7:11:96:4F:D1:37:41:29:5D:27:AD:7A:90:04 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VCuU2GJc9xGWT9E3QSldJ616kAQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917B520/161D4C0AE4CA11EDA414E259C4F9AE02/D13FCAEAA62E11EFBC284C42C4F9AE02.roa Signing time: Tue 19 Nov 2024 04:47:00 +0000 ROA not before: Tue 19 Nov 2024 04:47:00 +0000 ROA not after: Wed 30 Jul 2025 00:00:00 +0000 asID: 150436 IP address blocks: 101.47.0.0/18 maxlen: 24 101.47.64.0/20 maxlen: 24 101.47.80.0/20 maxlen: 23 101.47.80.0/21 maxlen: 24 101.47.88.0/22 maxlen: 24 101.47.92.0/23 maxlen: 24 101.47.95.0/24 maxlen: 24 101.47.96.0/21 maxlen: 24 101.47.128.0/18 maxlen: 24 101.47.253.0/24 maxlen: 24 150.5.128.0/17 maxlen: 24 2401:4c20::/40 maxlen: 44 2401:4c20:100::/40 maxlen: 40 2401:4c20:200::/40 maxlen: 44 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917B520/161D4C0AE4CA11EDA414E259C4F9AE02/VCuU2GJc9xGWT9E3QSldJ616kAQ.crl rsync://rpki.apnic.net/member_repository/A917B520/161D4C0AE4CA11EDA414E259C4F9AE02/VCuU2GJc9xGWT9E3QSldJ616kAQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VCuU2GJc9xGWT9E3QSldJ616kAQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 21 Feb 2025 05:15:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 373 (0x175) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917B520 Validity Not Before: Nov 19 04:47:00 2024 GMT Not After : Jul 30 00:00:00 2025 GMT Subject: CN=673c1843-ef75 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e7:d3:e4:a5:64:0c:ea:5f:b9:42:41:91:d7:0f: e5:df:90:a9:ba:e2:a3:83:88:0a:d7:c0:8c:99:7b: 01:19:8f:f1:ca:5a:9f:3c:0a:5c:ae:45:54:d6:4d: 41:67:51:bc:ba:21:b5:73:7d:49:9e:12:46:96:bf: 28:e7:a6:49:a1:a0:eb:66:d0:67:79:57:5d:50:d0: 3b:81:89:3b:a2:9e:9d:06:07:bb:2a:a1:aa:5e:1b: a4:15:59:fb:e8:6d:b7:13:64:5c:53:9c:ba:b4:0a: 1f:cd:d9:1a:b0:90:f0:fb:ad:ef:8b:8f:88:e6:24: a0:fc:d6:3c:37:71:ee:9b:15:cb:63:a5:38:b8:11: ca:7e:ee:1c:8a:a7:6d:99:a9:d5:ff:1d:20:d2:84: f7:56:cf:ae:5a:de:1e:f7:df:ac:b4:d0:a3:ea:e2: e6:f9:c1:09:69:31:cf:7c:a2:02:21:a7:d2:d7:32: 32:e9:e0:88:c5:35:2a:c8:05:09:1e:79:18:0b:41: ac:3f:e9:a5:46:f0:67:f2:9e:c9:1f:24:49:88:eb: 58:1a:b3:7b:76:19:c8:ff:a9:75:0f:b7:13:86:e5: 52:25:43:22:7a:de:1f:b0:3b:46:69:99:d8:ee:90: 63:0c:0d:86:69:fe:31:b9:1a:83:a6:64:3c:b1:76: 6f:7f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D3:42:DE:98:B9:48:BD:8D:D4:AC:23:8D:39:FC:B9:76:F8:FC:BC:52 X509v3 Authority Key Identifier: keyid:54:2B:94:D8:62:5C:F7:11:96:4F:D1:37:41:29:5D:27:AD:7A:90:04 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917B520/161D4C0AE4CA11EDA414E259C4F9AE02/VCuU2GJc9xGWT9E3QSldJ616kAQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VCuU2GJc9xGWT9E3QSldJ616kAQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917B520/161D4C0AE4CA11EDA414E259C4F9AE02/D13FCAEAA62E11EFBC284C42C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 101.47.0.0-101.47.103.255 101.47.128.0/18 101.47.253.0/24 150.5.128.0/17 IPv6: 2401:4c20::-2401:4c20:2ff:ffff:ffff:ffff:ffff:ffff Signature Algorithm: sha256WithRSAEncryption 6d:f9:dd:90:59:29:05:3d:40:c8:bd:26:1f:fa:c7:b6:51:7d: 29:3c:dc:be:8b:21:e3:aa:49:f9:9c:2a:7c:d2:4a:14:62:e2: 36:3e:cd:8d:51:b4:bf:1c:f9:c2:8a:ea:a2:d4:1f:9d:07:ed: 2f:b0:d4:f5:af:31:70:00:0d:32:8e:fe:4f:b2:48:a7:82:5e: 5b:ea:6c:de:6b:c0:0e:4d:97:89:24:31:be:14:03:16:30:9c: 3b:0c:2b:ad:3d:28:6c:9f:9a:6e:78:08:4f:f5:df:6c:fb:95: 98:38:5e:78:4d:40:62:d6:0a:5f:3f:6b:a0:e3:e7:32:c9:e4: da:c5:b6:01:41:7f:be:11:cc:8e:f7:cd:4f:58:49:2f:d1:b3: 31:94:65:22:2a:bd:aa:77:6e:3f:7d:75:2b:92:53:92:84:37: a0:37:47:85:c8:9c:20:47:8b:05:d1:1d:80:8b:3e:17:5a:4b: 28:49:d4:a5:86:f3:3c:41:ea:d8:78:f4:15:81:05:f9:d9:9f: 0c:19:40:93:7d:db:54:3d:ff:43:32:02:28:5f:5b:c2:14:a2: d8:b6:ef:22:33:8b:3f:ce:fd:fd:40:7c:cf:d9:75:69:5b:2a: a3:f9:2e:77:cf:ae:3b:d5:09:a9:5e:97:5c:e6:ef:c1:f9:68: b8:64:be:e7 -----BEGIN CERTIFICATE----- MIIFozCCBIugAwIBAgICAXUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0I1MjAxMTAvBgNVBAUTKDU0MkI5NEQ4NjI1Q0Y3MTE5NjRGRDEzNzQxMjk1RDI3 QUQ3QTkwMDQwHhcNMjQxMTE5MDQ0NzAwWhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD VQQDEw02NzNjMTg0My1lZjc1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA59PkpWQM6l+5QkGR1w/l35CpuuKjg4gK18CMmXsBGY/xylqfPApcrkVU1k1B Z1G8uiG1c31JnhJGlr8o56ZJoaDrZtBneVddUNA7gYk7op6dBge7KqGqXhukFVn7 6G23E2RcU5y6tAofzdkasJDw+63vi4+I5iSg/NY8N3HumxXLY6U4uBHKfu4ciqdt manV/x0g0oT3Vs+uWt4e99+stNCj6uLm+cEJaTHPfKICIafS1zIy6eCIxTUqyAUJ HnkYC0GsP+mlRvBn8p7JHyRJiOtYGrN7dhnI/6l1D7cThuVSJUMiet4fsDtGaZnY 7pBjDA2Gaf4xuRqDpmQ8sXZvfwIDAQABo4ICxzCCAsMwHQYDVR0OBBYEFNNC3pi5 SL2N1KwjjTn8uXb4/LxSMB8GA1UdIwQYMBaAFFQrlNhiXPcRlk/RN0EpXSetepAE MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3QjUyMC8xNjFENEMwQUU0 Q0ExMUVEQTQxNEUyNTlDNEY5QUUwMi9WQ3VVMkdKYzl4R1dUOUUzUVNsZEo2MTZr QVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1ZDdVUyR0pjOXhHV1Q5RTNRU2xkSjYxNmtBUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx N0I1MjAvMTYxRDRDMEFFNENBMTFFREE0MTRFMjU5QzRGOUFFMDIvRDEzRkNBRUFB NjJFMTFFRkJDMjg0QzQyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwUQYIKwYBBQUHAQcBAf8E QjBAMCUEAgABMB8wCwMDAGUvAwQDZS9gAwQGZS+AAwQAZS/9AwQHlgWAMBcEAgAC MBEwDwMFBSQBTCADBgAkAUwgAjANBgkqhkiG9w0BAQsFAAOCAQEAbfndkFkpBT1A yL0mH/rHtlF9KTzcvosh46pJ+ZwqfNJKFGLiNj7NjVG0vxz5worqotQfnQftL7DU 9a8xcAANMo7+T7JIp4JeW+ps3mvADk2XiSQxvhQDFjCcOwwrrT0obJ+abngIT/Xf bPuVmDheeE1AYtYKXz9roOPnMsnk2sW2AUF/vhHMjvfNT1hJL9GzMZRlIiq9qndu P311K5JTkoQ3oDdHhcicIEeLBdEdgIs+F1pLKEnUpYbzPEHq2Hj0FYEF+dmfDBlA k33bVD3/QzICKF9bwhSi2LbvIjOLP879/UB8z9l1aVsqo/kud8+uO9UJqV6XXObv wflouGS+5w== -----END CERTIFICATE-----Generated at Sun Feb 16 22:34:59 2025 by rpki-client