$ rpki-client -vvf rpki.apnic.net/member_repository/A917C23C/090744C23A3F11EBB63B7551C4F9AE02/BA4B22643AC911EBB83D7F0EC4F9AE02.roa File: BA4B22643AC911EBB83D7F0EC4F9AE02.roa (raw, json) Hash identifier: 49sLLzSLtNmidSVGS5udGErAMHHN/OeLE93kClICECY= Subject key identifier: 33:08:90:B3:69:BD:E0:0B:C0:BD:18:8A:F1:6A:FA:89:A0:61:4D:8C Certificate issuer: /CN=A917C23C/serialNumber=AC32E99CB092E62E3ACA187463DA99E73D5AAF3E Certificate serial: 06C1 Authority key identifier: AC:32:E9:9C:B0:92:E6:2E:3A:CA:18:74:63:DA:99:E7:3D:5A:AF:3E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rDLpnLCS5i46yhh0Y9qZ5z1arz4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917C23C/090744C23A3F11EBB63B7551C4F9AE02/BA4B22643AC911EBB83D7F0EC4F9AE02.roa Signing time: Tue 08 Oct 2024 22:31:32 +0000 ROA not before: Tue 08 Oct 2024 22:31:32 +0000 ROA not after: Tue 30 Dec 2025 00:00:00 +0000 asID: 24323 IP address blocks: 116.206.44.0/22 maxlen: 22 116.206.44.0/24 maxlen: 24 116.206.45.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917C23C/090744C23A3F11EBB63B7551C4F9AE02/rDLpnLCS5i46yhh0Y9qZ5z1arz4.crl rsync://rpki.apnic.net/member_repository/A917C23C/090744C23A3F11EBB63B7551C4F9AE02/rDLpnLCS5i46yhh0Y9qZ5z1arz4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rDLpnLCS5i46yhh0Y9qZ5z1arz4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Nov 2024 20:43:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1729 (0x6c1) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917C23C/serialNumber=AC32E99CB092E62E3ACA187463DA99E73D5AAF3E Validity Not Before: Oct 8 22:31:32 2024 GMT Not After : Dec 30 00:00:00 2025 GMT Subject: CN=6705b2c4-0502 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:cd:df:50:4d:f0:d2:00:6f:53:e9:25:f6:cb: 04:ee:2d:f5:01:0e:88:87:44:6d:f2:eb:ce:ad:b0: c4:db:c1:15:43:53:33:7c:a4:d9:a6:ae:6c:fe:85: 53:ec:90:06:a0:55:a7:df:f1:73:96:95:a2:38:73: af:e4:fc:9a:1b:37:70:ab:7a:2b:a4:e0:ba:a4:5e: 22:39:cc:0d:62:6c:30:3a:74:81:bb:22:2a:21:7f: 4c:c5:79:fd:8e:dd:80:7d:3e:83:28:15:00:90:c1: a2:96:67:e2:8e:61:17:67:3d:0b:72:a3:f0:e1:ca: 21:f2:34:e0:9b:f1:49:6f:6b:e9:0d:5e:86:2e:6a: 34:22:ee:8e:4b:84:6d:9b:b4:0d:76:8c:3f:0d:fc: dd:04:8a:c2:ef:20:7c:08:ae:47:ac:2f:18:e5:4e: ec:68:dd:25:f3:24:5b:4a:ef:27:77:ff:21:05:39: 7f:9e:dc:70:f5:5b:f9:0b:f0:ff:29:15:cf:57:67: 77:69:7e:b2:98:82:1d:a2:48:3a:73:8c:e2:df:ad: c6:da:d6:78:08:9a:3f:86:56:e9:3e:13:3d:c4:5d: 83:a6:83:b4:28:44:fe:d5:34:f4:f3:aa:43:87:11: df:8f:03:52:4b:1e:7f:87:78:e7:57:ef:29:39:36: ef:11 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 33:08:90:B3:69:BD:E0:0B:C0:BD:18:8A:F1:6A:FA:89:A0:61:4D:8C X509v3 Authority Key Identifier: keyid:AC:32:E9:9C:B0:92:E6:2E:3A:CA:18:74:63:DA:99:E7:3D:5A:AF:3E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917C23C/090744C23A3F11EBB63B7551C4F9AE02/rDLpnLCS5i46yhh0Y9qZ5z1arz4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rDLpnLCS5i46yhh0Y9qZ5z1arz4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917C23C/090744C23A3F11EBB63B7551C4F9AE02/BA4B22643AC911EBB83D7F0EC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 116.206.44.0/22 Signature Algorithm: sha256WithRSAEncryption 62:7e:4f:cf:87:96:ba:38:c4:41:bf:21:20:51:63:7f:2e:52: c7:61:9f:f9:52:d7:d1:c4:76:dc:c8:cb:83:80:bf:05:1d:d1: d7:aa:7a:41:1e:fb:84:bb:b2:e7:20:a7:fe:b1:66:57:ef:97: 7d:80:0e:1b:ef:b4:4c:b6:b6:f7:9b:e3:35:47:44:df:1c:da: 4e:bf:0c:47:51:f0:c6:6f:86:2b:8d:cd:fc:26:21:70:f9:57: f7:62:27:e5:61:12:af:cf:75:21:a8:7c:d6:89:96:e1:a1:e7: 1c:85:24:e5:13:04:9c:f5:ea:5c:8b:19:d3:7d:9f:19:d1:bb: 3a:fc:8c:58:a6:dc:41:01:08:80:74:7c:52:e5:4e:30:cf:fc: 2a:17:2f:68:d9:47:0f:d1:06:f4:06:c3:1c:2d:e2:33:e3:24: d2:1b:6b:44:bc:e0:e1:bf:2a:90:9b:58:f7:62:4d:7c:e2:90: 6e:a3:31:f4:9e:e8:94:28:34:d1:11:ba:bd:79:b4:4d:18:f8: 5b:48:2c:8e:83:71:2b:11:c8:f9:65:68:f7:e0:16:d1:e7:66: 8d:7c:f4:79:b1:63:89:d0:69:4b:b2:45:6f:10:6d:16:a7:5c: 33:b3:04:85:5c:d9:20:df:23:7a:ef:ea:cb:c2:5a:b1:f8:6e: b8:cd:9e:10 -----BEGIN CERTIFICATE----- MIIFcTCCBFmgAwIBAgICBsEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0MyM0MxMTAvBgNVBAUTKEFDMzJFOTlDQjA5MkU2MkUzQUNBMTg3NDYzREE5OUU3 M0Q1QUFGM0UwHhcNMjQxMDA4MjIzMTMyWhcNMjUxMjMwMDAwMDAwWjAYMRYwFAYD VQQDEw02NzA1YjJjNC0wNTAyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAts3fUE3w0gBvU+kl9ssE7i31AQ6Ih0Rt8uvOrbDE28EVQ1MzfKTZpq5s/oVT 7JAGoFWn3/FzlpWiOHOv5PyaGzdwq3orpOC6pF4iOcwNYmwwOnSBuyIqIX9MxXn9 jt2AfT6DKBUAkMGilmfijmEXZz0LcqPw4coh8jTgm/FJb2vpDV6GLmo0Iu6OS4Rt m7QNdow/DfzdBIrC7yB8CK5HrC8Y5U7saN0l8yRbSu8nd/8hBTl/ntxw9Vv5C/D/ KRXPV2d3aX6ymIIdokg6c4zi363G2tZ4CJo/hlbpPhM9xF2DpoO0KET+1TT086pD hxHfjwNSSx5/h3jnV+8pOTbvEQIDAQABo4IClTCCApEwHQYDVR0OBBYEFDMIkLNp veALwL0YivFq+omgYU2MMB8GA1UdIwQYMBaAFKwy6ZywkuYuOsoYdGPamec9Wq8+ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3QzIzQy8wOTA3NDRDMjNB M0YxMUVCQjYzQjc1NTFDNEY5QUUwMi9yRExwbkxDUzVpNDZ5aGgwWTlxWjV6MWFy ejQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3JETHBuTENTNWk0NnloaDBZOXFaNXoxYXJ6NC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx N0MyM0MvMDkwNzQ0QzIzQTNGMTFFQkI2M0I3NTUxQzRGOUFFMDIvQkE0QjIyNjQz QUM5MTFFQkI4M0Q3RjBFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E EDAOMAwEAgABMAYDBAJ0ziwwDQYJKoZIhvcNAQELBQADggEBAGJ+T8+Hlro4xEG/ ISBRY38uUsdhn/lS19HEdtzIy4OAvwUd0deqekEe+4S7sucgp/6xZlfvl32ADhvv tEy2tveb4zVHRN8c2k6/DEdR8MZvhiuNzfwmIXD5V/diJ+VhEq/PdSGofNaJluGh 5xyFJOUTBJz16lyLGdN9nxnRuzr8jFim3EEBCIB0fFLlTjDP/CoXL2jZRw/RBvQG wxwt4jPjJNIba0S84OG/KpCbWPdiTXzikG6jMfSe6JQoNNERur15tE0Y+FtILI6D cSsRyPllaPfgFtHnZo189HmxY4nQaUuyRW8QbRanXDOzBIVc2SDfI3rv6svCWrH4 brjNnhA= -----END CERTIFICATE-----Generated at Sat Nov 23 00:08:43 2024 by rpki-client on console-ams.rpki-client.org