$ rpki-client -vvf rpki.apnic.net/member_repository/A917DEA4/A2426B60982911EBB7882081C4F9AE02/DF7AF1FC42D811EF8EEF4E51C4F9AE02.roa File: DF7AF1FC42D811EF8EEF4E51C4F9AE02.roa (raw, json) Hash identifier: /Fi2NyP9RW+oE4JZ2QosLJgdN+J2La4mxZzLwfkB21c= Subject key identifier: 4A:E6:19:66:11:78:6E:27:CB:C0:9B:CB:B6:B7:58:D5:FB:55:04:E6 Certificate issuer: /CN=A917DEA4/serialNumber=B4D6FFD5DFF9EAC413AB4408E09637B09494DBC8 Certificate serial: 062F Authority key identifier: B4:D6:FF:D5:DF:F9:EA:C4:13:AB:44:08:E0:96:37:B0:94:94:DB:C8 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tNb_1d_56sQTq0QI4JY3sJSU28g.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917DEA4/A2426B60982911EBB7882081C4F9AE02/DF7AF1FC42D811EF8EEF4E51C4F9AE02.roa Signing time: Sat 31 Aug 2024 00:32:45 +0000 ROA not before: Sat 31 Aug 2024 00:32:45 +0000 ROA not after: Fri 31 Oct 2025 00:00:00 +0000 asID: 134540 IP address blocks: 14.96.64.0/20 maxlen: 24 14.96.80.0/20 maxlen: 24 14.96.96.0/20 maxlen: 20 14.96.96.0/20 maxlen: 24 14.96.112.0/20 maxlen: 24 2406:e00::/48 maxlen: 51 2406:e00:1::/48 maxlen: 51 2406:e00:2::/48 maxlen: 51 2406:e00:3::/48 maxlen: 51 2406:e00:4::/48 maxlen: 51 2406:e00:5::/48 maxlen: 51 2406:e00:6::/48 maxlen: 51 2406:e00:7::/48 maxlen: 51 2406:e00:8::/48 maxlen: 51 2406:e00:a::/48 maxlen: 51 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917DEA4/A2426B60982911EBB7882081C4F9AE02/tNb_1d_56sQTq0QI4JY3sJSU28g.crl rsync://rpki.apnic.net/member_repository/A917DEA4/A2426B60982911EBB7882081C4F9AE02/tNb_1d_56sQTq0QI4JY3sJSU28g.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tNb_1d_56sQTq0QI4JY3sJSU28g.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 19 Mar 2025 22:29:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1583 (0x62f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917DEA4 Validity Not Before: Aug 31 00:32:45 2024 GMT Not After : Oct 31 00:00:00 2025 GMT Subject: CN=66d264ad-9ac3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:a6:79:ee:9a:c9:06:62:7f:db:33:81:16:0e: 0a:e4:9e:e8:fb:2a:e7:5b:66:35:f7:29:8f:f4:60: b4:3f:b1:a6:8c:92:ae:44:de:bc:c7:3d:6e:d4:46: 35:df:22:53:f0:15:82:63:c5:ac:45:58:ea:de:0e: 43:0f:31:46:6a:1d:6a:13:76:7e:c1:a4:44:fd:89: e8:2e:cf:01:47:5a:6b:d0:b0:99:dd:06:72:c4:ac: 11:fd:d0:fa:39:df:a0:c1:d2:be:6f:52:d4:f3:c9: 1e:fd:54:70:a4:74:c8:48:c3:6f:a1:c3:9a:f5:83: 2a:2c:6c:d7:e7:06:97:5c:11:d1:eb:62:97:f8:80: 85:ce:69:77:47:ba:34:8d:bc:b0:25:05:3e:7f:db: 01:46:6b:80:4b:03:d7:13:54:41:eb:76:9f:37:6f: f8:90:f3:2f:cc:dc:42:5a:36:6b:c2:ab:a2:f8:d5: bc:c5:c1:8d:71:1a:64:a6:66:47:e6:17:2b:c4:d4: 1e:10:0e:db:80:d5:da:d5:a6:c1:0a:40:c4:ae:2f: cb:1d:4c:e3:94:78:9c:01:72:b9:b7:12:91:97:0f: ac:5e:57:8c:a8:41:81:46:75:a2:73:eb:40:55:1c: 20:1e:a4:59:d0:f9:e1:62:f1:5b:9e:72:c7:98:f9: 98:17 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4A:E6:19:66:11:78:6E:27:CB:C0:9B:CB:B6:B7:58:D5:FB:55:04:E6 X509v3 Authority Key Identifier: keyid:B4:D6:FF:D5:DF:F9:EA:C4:13:AB:44:08:E0:96:37:B0:94:94:DB:C8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917DEA4/A2426B60982911EBB7882081C4F9AE02/tNb_1d_56sQTq0QI4JY3sJSU28g.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tNb_1d_56sQTq0QI4JY3sJSU28g.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917DEA4/A2426B60982911EBB7882081C4F9AE02/DF7AF1FC42D811EF8EEF4E51C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 14.96.64.0/18 IPv6: 2406:e00::-2406:e00:8:ffff:ffff:ffff:ffff:ffff 2406:e00:a::/48 Signature Algorithm: sha256WithRSAEncryption a2:91:46:ed:33:1c:f7:fc:5e:11:3a:d4:1b:3b:9e:fe:d2:47: 9c:5c:0b:bf:9f:0c:cd:0e:1c:9e:7a:96:e5:59:15:84:4b:4d: 27:8e:cc:06:0b:06:1f:d0:00:45:f5:9b:f7:18:cb:5c:d3:2b: 26:cf:09:a8:70:10:76:bc:c4:3e:0e:89:a6:ec:2d:d2:15:8a: fc:a1:ca:88:84:f0:47:cb:3a:8e:3e:51:ae:96:c6:d7:8c:c6: 91:4c:0c:35:31:ba:65:f5:32:98:71:7f:4d:8d:c8:b2:2a:88: 1e:dc:05:cb:a2:a7:0e:1c:c0:d3:1b:89:83:0f:03:98:3f:18: 9f:f6:34:f7:5a:5a:8e:18:d6:9d:b2:b7:77:3d:c8:29:2c:f0: 16:a4:a0:e4:37:fe:bf:60:d4:cb:c1:71:31:1e:f1:ee:42:c2: 48:8e:a8:c8:4d:2b:04:74:7c:21:6f:92:ae:c4:e7:0a:08:6b: b0:d7:74:15:df:11:79:81:9b:e9:ec:8f:4d:bc:ed:09:9e:d1: e7:3e:ba:8d:ee:c3:f3:bf:8c:ea:d2:fa:72:cb:80:17:d6:f4: bc:32:76:c5:26:0d:79:56:e2:9f:d8:2f:5d:50:2e:d1:f9:7f: 8b:8d:12:17:57:d5:b4:f0:6b:13:23:a7:45:26:1c:1f:73:6e: 09:65:86:78 -----BEGIN CERTIFICATE----- MIIFkzCCBHugAwIBAgICBi8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0RFQTQxMTAvBgNVBAUTKEI0RDZGRkQ1REZGOUVBQzQxM0FCNDQwOEUwOTYzN0Iw OTQ5NERCQzgwHhcNMjQwODMxMDAzMjQ1WhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NmQyNjRhZC05YWMzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxaZ57prJBmJ/2zOBFg4K5J7o+yrnW2Y19ymP9GC0P7GmjJKuRN68xz1u1EY1 3yJT8BWCY8WsRVjq3g5DDzFGah1qE3Z+waRE/YnoLs8BR1pr0LCZ3QZyxKwR/dD6 Od+gwdK+b1LU88ke/VRwpHTISMNvocOa9YMqLGzX5waXXBHR62KX+ICFzml3R7o0 jbywJQU+f9sBRmuASwPXE1RB63afN2/4kPMvzNxCWjZrwqui+NW8xcGNcRpkpmZH 5hcrxNQeEA7bgNXa1abBCkDEri/LHUzjlHicAXK5txKRlw+sXleMqEGBRnWic+tA VRwgHqRZ0PnhYvFbnnLHmPmYFwIDAQABo4ICtzCCArMwHQYDVR0OBBYEFErmGWYR eG4ny8Cby7a3WNX7VQTmMB8GA1UdIwQYMBaAFLTW/9Xf+erEE6tECOCWN7CUlNvI MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3REVBNC9BMjQyNkI2MDk4 MjkxMUVCQjc4ODIwODFDNEY5QUUwMi90TmJfMWRfNTZzUVRxMFFJNEpZM3NKU1Uy OGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3ROYl8xZF81NnNRVHEwUUk0Slkzc0pTVTI4Zy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx N0RFQTQvQTI0MjZCNjA5ODI5MTFFQkI3ODgyMDgxQzRGOUFFMDIvREY3QUYxRkM0 MkQ4MTFFRjhFRUY0RTUxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQQYIKwYBBQUHAQcBAf8E MjAwMAwEAgABMAYDBAYOYEAwIAQCAAIwGjAPAwQBJAYOAwcAJAYOAAAIAwcAJAYO AAAKMA0GCSqGSIb3DQEBCwUAA4IBAQCikUbtMxz3/F4ROtQbO57+0kecXAu/nwzN DhyeepblWRWES00njswGCwYf0ABF9Zv3GMtc0ysmzwmocBB2vMQ+Domm7C3SFYr8 ocqIhPBHyzqOPlGulsbXjMaRTAw1Mbpl9TKYcX9NjciyKoge3AXLoqcOHMDTG4mD DwOYPxif9jT3WlqOGNadsrd3PcgpLPAWpKDkN/6/YNTLwXExHvHuQsJIjqjITSsE dHwhb5KuxOcKCGuw13QV3xF5gZvp7I9NvO0JntHnPrqN7sPzv4zq0vpyy4AX1vS8 MnbFJg15VuKf2C9dUC7R+X+LjRIXV9W08GsTI6dFJhwfc24JZYZ4 -----END CERTIFICATE-----Generated at Thu Mar 13 21:50:06 2025 by rpki-client