$ rpki-client -vvf rpki.apnic.net/member_repository/A917E678/BEB333FA225111EAB2CB8469C4F9AE02/69FDEAC6645511EFB98C143DC4F9AE02.roa File: 69FDEAC6645511EFB98C143DC4F9AE02.roa (raw, json) Hash identifier: qivQLsHNzU/QR4YYFcLI1nCh+5bk088Iwh6VG9GQU+o= Subject key identifier: B1:27:E0:EE:86:7D:67:41:67:63:93:22:2A:D3:66:EE:82:1B:81:7A Certificate issuer: /CN=A917E678/serialNumber=FF3341972DD8A1F6871EDE869A3A1DD92528AEB6 Certificate serial: 0C2B Authority key identifier: FF:33:41:97:2D:D8:A1:F6:87:1E:DE:86:9A:3A:1D:D9:25:28:AE:B6 Authority info access: rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/_zNBly3YofaHHt6Gmjod2SUorrY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917E678/BEB333FA225111EAB2CB8469C4F9AE02/69FDEAC6645511EFB98C143DC4F9AE02.roa Signing time: Mon 23 Dec 2024 11:02:15 +0000 ROA not before: Mon 23 Dec 2024 11:02:15 +0000 ROA not after: Tue 30 Sep 2025 00:00:00 +0000 asID: 141180 IP address blocks: 87.119.2.0/24 maxlen: 24 87.119.3.0/24 maxlen: 24 87.119.4.0/24 maxlen: 24 87.119.5.0/24 maxlen: 24 87.119.6.0/24 maxlen: 24 87.119.7.0/24 maxlen: 24 87.119.8.0/24 maxlen: 24 87.119.10.0/24 maxlen: 24 87.119.11.0/24 maxlen: 24 87.119.13.0/24 maxlen: 24 87.119.14.0/24 maxlen: 24 87.119.16.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917E678/BEB333FA225111EAB2CB8469C4F9AE02/_zNBly3YofaHHt6Gmjod2SUorrY.crl rsync://rpki.apnic.net/member_repository/A917E678/BEB333FA225111EAB2CB8469C4F9AE02/_zNBly3YofaHHt6Gmjod2SUorrY.mft rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/_zNBly3YofaHHt6Gmjod2SUorrY.cer rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.crl rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 21 Feb 2025 05:15:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3115 (0xc2b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917E678 Validity Not Before: Dec 23 11:02:15 2024 GMT Not After : Sep 30 00:00:00 2025 GMT Subject: CN=67694337-9403 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:79:bc:00:2c:85:53:94:d9:73:3d:f8:c3:06: 63:0b:41:95:9f:dc:9a:0a:97:d4:7e:c2:58:76:c7: 8a:9c:45:be:cf:58:e4:e3:e7:5d:22:0c:26:22:a1: 38:24:a7:c8:7b:07:08:c6:26:cd:92:7f:03:ee:c5: fa:28:bc:55:c9:71:20:23:aa:c0:e1:69:07:68:67: fa:9c:fe:3d:68:3d:31:b4:7b:ab:d5:24:13:b3:e5: f6:64:a3:89:3b:8d:de:42:20:98:37:21:80:61:46: 1a:cb:c9:94:eb:20:38:eb:f1:fa:8f:80:0a:e1:cb: 88:45:0e:f9:0c:af:a4:c5:75:5a:a9:d7:ad:69:4b: 6a:01:15:e8:e7:69:18:8a:df:34:26:d3:3e:db:80: e3:e1:72:dc:aa:e2:16:74:6c:bc:d3:3a:fc:e7:47: ef:a2:ef:d3:44:b6:c4:91:f9:44:eb:7d:81:72:92: 79:94:b2:2a:1b:57:28:33:61:90:95:44:2d:ca:7d: 23:ea:71:d3:2d:c2:7b:d7:44:2a:7b:7d:ea:8b:e1: 73:b6:01:be:9b:4b:90:be:3f:b2:11:2f:de:61:cf: f8:d4:df:9e:04:73:61:9a:3d:75:7b:b3:a9:92:f0: 03:de:b0:a9:d6:03:ed:9d:50:9b:20:63:39:29:50: 37:b1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B1:27:E0:EE:86:7D:67:41:67:63:93:22:2A:D3:66:EE:82:1B:81:7A X509v3 Authority Key Identifier: keyid:FF:33:41:97:2D:D8:A1:F6:87:1E:DE:86:9A:3A:1D:D9:25:28:AE:B6 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917E678/BEB333FA225111EAB2CB8469C4F9AE02/_zNBly3YofaHHt6Gmjod2SUorrY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/_zNBly3YofaHHt6Gmjod2SUorrY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917E678/BEB333FA225111EAB2CB8469C4F9AE02/69FDEAC6645511EFB98C143DC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 87.119.2.0-87.119.8.255 87.119.10.0/23 87.119.13.0-87.119.14.255 87.119.16.0/24 Signature Algorithm: sha256WithRSAEncryption d1:3b:b0:86:0a:d2:6d:38:03:36:98:cd:56:f0:f1:ba:12:ca: 9b:32:2f:9c:c1:cf:e1:ca:da:5c:32:81:46:8c:f8:6f:4b:44: 09:1e:40:d7:3e:7a:2c:70:52:fb:4b:5b:e9:ae:6b:f4:55:90: 66:e9:2e:00:40:2f:e7:c0:5e:04:5f:07:4f:65:9d:d4:67:09: 30:95:cb:95:d0:b3:c9:4a:d0:bd:7e:50:34:3f:f1:c9:b8:fb: 7b:0f:57:f5:19:8d:5c:36:67:aa:14:9f:0d:27:88:f1:d8:38: 41:eb:f2:ed:12:bb:f0:20:04:cc:37:2e:4a:a7:5a:b8:4f:52: fc:5c:1c:26:87:bf:b4:92:f5:c2:62:94:1a:56:5d:78:5f:ca: d1:d3:7d:8e:9c:04:6a:5b:9c:e1:3f:76:3f:f3:c4:6d:09:b0: 06:b9:63:d1:4c:23:9d:48:8a:a4:60:27:9d:f4:31:d8:87:73: d6:45:ad:81:4b:aa:3b:4b:f2:3c:39:05:1c:6d:7b:7d:cd:62: 95:eb:5d:1d:68:a2:43:7d:2e:e3:2e:21:48:af:12:7c:47:39: bd:f5:b4:b4:3a:15:2a:68:4e:14:38:f0:d2:be:31:a2:ee:69: a2:80:4d:fc:ac:bb:5f:3f:f2:36:a9:40:f9:d7:9b:84:ed:c7: d7:9c:e2:4e -----BEGIN CERTIFICATE----- MIIFkzCCBHugAwIBAgICDCswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0U2NzgxMTAvBgNVBAUTKEZGMzM0MTk3MkREOEExRjY4NzFFREU4NjlBM0ExREQ5 MjUyOEFFQjYwHhcNMjQxMjIzMTEwMjE1WhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD VQQDEw02NzY5NDMzNy05NDAzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwnm8ACyFU5TZcz34wwZjC0GVn9yaCpfUfsJYdseKnEW+z1jk4+ddIgwmIqE4 JKfIewcIxibNkn8D7sX6KLxVyXEgI6rA4WkHaGf6nP49aD0xtHur1SQTs+X2ZKOJ O43eQiCYNyGAYUYay8mU6yA46/H6j4AK4cuIRQ75DK+kxXVaqdetaUtqARXo52kY it80JtM+24Dj4XLcquIWdGy80zr850fvou/TRLbEkflE632BcpJ5lLIqG1coM2GQ lUQtyn0j6nHTLcJ710Qqe33qi+FztgG+m0uQvj+yES/eYc/41N+eBHNhmj11e7Op kvAD3rCp1gPtnVCbIGM5KVA3sQIDAQABo4ICtzCCArMwHQYDVR0OBBYEFLEn4O6G fWdBZ2OTIirTZu6CG4F6MB8GA1UdIwQYMBaAFP8zQZct2KH2hx7ehpo6HdklKK62 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3RTY3OC9CRUIzMzNGQTIy NTExMUVBQjJDQjg0NjlDNEY5QUUwMi9fek5CbHkzWW9mYUhIdDZHbWpvZDJTVW9y clkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzMjJBNUY0MUQ2NjExRTJBM0YyN0Y3Qzcy RkQxRkYyL196TkJseTNZb2ZhSEh0Nkdtam9kMlNVb3JyWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx N0U2NzgvQkVCMzMzRkEyMjUxMTFFQUIyQ0I4NDY5QzRGOUFFMDIvNjlGREVBQzY2 NDU1MTFFRkI5OEMxNDNEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQQYIKwYBBQUHAQcBAf8E MjAwMC4EAgABMCgwDAMEAVd3AgMEAFd3CAMEAVd3CjAMAwQAV3cNAwQAV3cOAwQA V3cQMA0GCSqGSIb3DQEBCwUAA4IBAQDRO7CGCtJtOAM2mM1W8PG6EsqbMi+cwc/h ytpcMoFGjPhvS0QJHkDXPnoscFL7S1vprmv0VZBm6S4AQC/nwF4EXwdPZZ3UZwkw lcuV0LPJStC9flA0P/HJuPt7D1f1GY1cNmeqFJ8NJ4jx2DhB6/LtErvwIATMNy5K p1q4T1L8XBwmh7+0kvXCYpQaVl14X8rR032OnARqW5zhP3Y/88RtCbAGuWPRTCOd SIqkYCed9DHYh3PWRa2BS6o7S/I8OQUcbXt9zWKV610daKJDfS7jLiFIrxJ8Rzm9 9bS0OhUqaE4UOPDSvjGi7mmigE38rLtfP/I2qUD515uE7cfXnOJO -----END CERTIFICATE-----Generated at Sun Feb 16 21:41:00 2025 by rpki-client