$ rpki-client -vvf rpki.apnic.net/member_repository/A917BB59/B68B90D60DCA11EBA7C2E22DC4F9AE02/8FEA9564C2AE11EB94777A0CC4F9AE02.roa File: 8FEA9564C2AE11EB94777A0CC4F9AE02.roa (raw, json) Hash identifier: IPmClsdSMbassfXddv44p/mv8kyQ7PdScutwrTiO+q0= Subject key identifier: CE:F1:6C:B2:9E:45:24:24:20:6F:D6:B5:52:D2:FE:F2:2A:30:73:1A Certificate issuer: /CN=A917BB59/serialNumber=22892E3D8C449F5A9AC64CFCB634B59F6C53136B Certificate serial: 06ED Authority key identifier: 22:89:2E:3D:8C:44:9F:5A:9A:C6:4C:FC:B6:34:B5:9F:6C:53:13:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IokuPYxEn1qaxkz8tjS1n2xTE2s.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917BB59/B68B90D60DCA11EBA7C2E22DC4F9AE02/8FEA9564C2AE11EB94777A0CC4F9AE02.roa Signing time: Sat 06 Jul 2024 22:30:19 +0000 ROA not before: Sat 06 Jul 2024 22:30:19 +0000 ROA not after: Sun 31 Aug 2025 00:00:00 +0000 asID: 134202 IP address blocks: 45.117.228.0/22 maxlen: 22 45.117.228.0/24 maxlen: 24 45.117.229.0/24 maxlen: 24 45.117.231.0/24 maxlen: 24 103.58.16.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917BB59/B68B90D60DCA11EBA7C2E22DC4F9AE02/IokuPYxEn1qaxkz8tjS1n2xTE2s.crl rsync://rpki.apnic.net/member_repository/A917BB59/B68B90D60DCA11EBA7C2E22DC4F9AE02/IokuPYxEn1qaxkz8tjS1n2xTE2s.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IokuPYxEn1qaxkz8tjS1n2xTE2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 Nov 2024 20:33:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1773 (0x6ed) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917BB59/serialNumber=22892E3D8C449F5A9AC64CFCB634B59F6C53136B Validity Not Before: Jul 6 22:30:19 2024 GMT Not After : Aug 31 00:00:00 2025 GMT Subject: CN=6689c57b-5d7d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:b6:15:a2:1a:11:ff:88:d2:40:9d:c6:3c:61: d7:ea:7d:42:13:11:47:7c:19:96:97:e9:0d:93:f1: b8:27:48:91:f1:a8:6f:f2:fd:74:e5:71:fc:0f:d7: e4:52:2d:c5:3d:74:0f:a3:05:e5:60:f8:4e:06:6b: 7b:f7:47:85:f7:e2:59:bf:f5:c2:bb:f3:48:9c:5e: 29:c6:aa:33:28:df:39:37:7e:84:dc:66:83:ef:a6: aa:27:7e:4e:bf:f5:52:c0:66:d1:00:ae:8a:e9:7d: e9:7f:68:81:2a:5e:37:67:2e:da:fa:9d:73:4c:11: b8:f9:e1:15:ca:c8:2c:ed:64:7a:c1:52:4b:c6:5c: 6a:1b:4c:ab:79:a2:d7:b2:56:55:c0:5d:ea:fa:1a: d2:87:88:9e:4d:21:9b:06:7c:c7:f1:82:61:a2:60: 5f:30:38:ae:da:73:0b:fc:e3:34:ae:65:66:72:f8: c9:73:1d:03:e3:9f:1c:e5:9e:ec:ed:25:b7:8c:f8: 4b:89:ac:8c:c6:e8:dd:0f:f3:74:0e:77:55:a9:30: b7:0e:43:75:64:31:cb:5c:7c:cc:1a:92:9b:a4:95: cf:e0:cd:ad:af:0f:2b:e8:ba:80:a5:42:f8:13:b5: 12:70:a4:53:ec:5b:d4:40:7c:0e:2a:6a:b6:ef:6a: a9:47 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CE:F1:6C:B2:9E:45:24:24:20:6F:D6:B5:52:D2:FE:F2:2A:30:73:1A X509v3 Authority Key Identifier: keyid:22:89:2E:3D:8C:44:9F:5A:9A:C6:4C:FC:B6:34:B5:9F:6C:53:13:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917BB59/B68B90D60DCA11EBA7C2E22DC4F9AE02/IokuPYxEn1qaxkz8tjS1n2xTE2s.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IokuPYxEn1qaxkz8tjS1n2xTE2s.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917BB59/B68B90D60DCA11EBA7C2E22DC4F9AE02/8FEA9564C2AE11EB94777A0CC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 45.117.228.0/22 103.58.16.0/22 Signature Algorithm: sha256WithRSAEncryption 1c:cb:bb:69:fc:41:92:a4:4a:3a:a4:81:30:c5:b7:00:9f:99: aa:10:10:f0:c2:df:78:db:c1:ab:89:13:0c:30:8f:70:39:7e: 3f:ff:29:f7:c0:b6:0c:63:22:70:35:e3:fe:14:55:51:8a:70: 57:ba:22:5a:0d:97:3f:54:a7:b0:2e:ab:78:80:b7:8a:b3:2b: 5f:01:54:5b:1a:cd:7f:7a:de:7d:98:3a:0f:10:f6:24:44:0b: f8:83:77:2c:d6:5c:ad:59:3b:49:4e:de:aa:a5:ae:e3:5a:b9: f3:3c:05:ca:d8:0b:0d:d7:ae:9a:89:67:da:6e:8d:5b:90:68: 6f:60:a1:3b:17:26:c6:a3:6a:4f:62:f4:9c:9a:53:c1:39:80: 1c:22:6f:92:d9:39:56:ef:8a:7a:b6:1f:06:7b:e8:d9:57:df: 2f:a6:5c:cf:b6:63:08:37:25:03:15:31:e8:04:9b:b7:c9:76: 16:8a:fc:f9:98:e5:36:42:8d:0c:5a:e6:1b:e1:26:0d:9d:f1: fa:06:86:dc:10:50:3f:50:68:09:ea:9c:bf:49:a3:b4:7e:01: 5f:3b:d4:b9:3a:60:83:97:bd:02:1a:74:43:b4:45:5f:26:48: 84:c1:5a:c6:4e:f7:75:2b:c2:9f:f6:0f:c4:f2:b6:43:a0:bc: b9:0a:28:39 -----BEGIN CERTIFICATE----- MIIFdzCCBF+gAwIBAgICBu0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0JCNTkxMTAvBgNVBAUTKDIyODkyRTNEOEM0NDlGNUE5QUM2NENGQ0I2MzRCNTlG NkM1MzEzNkIwHhcNMjQwNzA2MjIzMDE5WhcNMjUwODMxMDAwMDAwWjAYMRYwFAYD VQQDEw02Njg5YzU3Yi01ZDdkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAv7YVohoR/4jSQJ3GPGHX6n1CExFHfBmWl+kNk/G4J0iR8ahv8v105XH8D9fk Ui3FPXQPowXlYPhOBmt790eF9+JZv/XCu/NInF4pxqozKN85N36E3GaD76aqJ35O v/VSwGbRAK6K6X3pf2iBKl43Zy7a+p1zTBG4+eEVysgs7WR6wVJLxlxqG0yreaLX slZVwF3q+hrSh4ieTSGbBnzH8YJhomBfMDiu2nML/OM0rmVmcvjJcx0D458c5Z7s 7SW3jPhLiayMxujdD/N0DndVqTC3DkN1ZDHLXHzMGpKbpJXP4M2trw8r6LqApUL4 E7UScKRT7FvUQHwOKmq272qpRwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFM7xbLKe RSQkIG/WtVLS/vIqMHMaMB8GA1UdIwQYMBaAFCKJLj2MRJ9amsZM/LY0tZ9sUxNr MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3QkI1OS9CNjhCOTBENjBE Q0ExMUVCQTdDMkUyMkRDNEY5QUUwMi9Jb2t1UFl4RW4xcWF4a3o4dGpTMW4yeFRF MnMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0lva3VQWXhFbjFxYXhrejh0alMxbjJ4VEUycy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx N0JCNTkvQjY4QjkwRDYwRENBMTFFQkE3QzJFMjJEQzRGOUFFMDIvOEZFQTk1NjRD MkFFMTFFQjk0Nzc3QTBDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E FjAUMBIEAgABMAwDBAItdeQDBAJnOhAwDQYJKoZIhvcNAQELBQADggEBABzLu2n8 QZKkSjqkgTDFtwCfmaoQEPDC33jbwauJEwwwj3A5fj//KffAtgxjInA14/4UVVGK cFe6IloNlz9Up7Auq3iAt4qzK18BVFsazX963n2YOg8Q9iREC/iDdyzWXK1ZO0lO 3qqlruNaufM8BcrYCw3XrpqJZ9pujVuQaG9goTsXJsajak9i9JyaU8E5gBwib5LZ OVbvinq2HwZ76NlX3y+mXM+2Ywg3JQMVMegEm7fJdhaK/PmY5TZCjQxa5hvhJg2d 8foGhtwQUD9QaAnqnL9Jo7R+AV871Lk6YIOXvQIadEO0RV8mSITBWsZO93Urwp/2 D8TytkOgvLkKKDk= -----END CERTIFICATE-----Generated at Wed Nov 20 23:55:44 2024 by rpki-client on console-ams.rpki-client.org