$ rpki-client -vvf rpki.apnic.net/member_repository/A91813F1/D0CAF384BA5911EA904FF91DC4F9AE02/096864742F4C11EDB0375D6CC4F9AE02.roa File: 096864742F4C11EDB0375D6CC4F9AE02.roa (raw, json) Hash identifier: jla9AG1gExZIQpCD/EW4q3Wp+FwlnerqSvxfxkw43CI= Subject key identifier: 4D:43:81:4D:D4:EC:8E:23:0E:61:AA:CC:75:7B:86:DE:12:8B:3C:9C Certificate issuer: /CN=A91813F1/serialNumber=9EFEAA724D708CFE82C6B6BF270CBB5DD4306F20 Certificate serial: 0843 Authority key identifier: 9E:FE:AA:72:4D:70:8C:FE:82:C6:B6:BF:27:0C:BB:5D:D4:30:6F:20 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nv6qck1wjP6Cxra_Jwy7XdQwbyA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91813F1/D0CAF384BA5911EA904FF91DC4F9AE02/096864742F4C11EDB0375D6CC4F9AE02.roa Signing time: Mon 02 Sep 2024 21:29:49 +0000 ROA not before: Mon 02 Sep 2024 21:29:49 +0000 ROA not after: Fri 31 Oct 2025 00:00:00 +0000 asID: 38001 IP address blocks: 111.221.44.0/22 maxlen: 22 111.221.44.0/24 maxlen: 24 111.221.45.0/24 maxlen: 24 111.221.46.0/24 maxlen: 24 111.221.47.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91813F1/D0CAF384BA5911EA904FF91DC4F9AE02/nv6qck1wjP6Cxra_Jwy7XdQwbyA.crl rsync://rpki.apnic.net/member_repository/A91813F1/D0CAF384BA5911EA904FF91DC4F9AE02/nv6qck1wjP6Cxra_Jwy7XdQwbyA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nv6qck1wjP6Cxra_Jwy7XdQwbyA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 Nov 2024 19:45:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2115 (0x843) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91813F1/serialNumber=9EFEAA724D708CFE82C6B6BF270CBB5DD4306F20 Validity Not Before: Sep 2 21:29:49 2024 GMT Not After : Oct 31 00:00:00 2025 GMT Subject: CN=66d62e4d-5723 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:85:1c:e7:7c:a2:22:09:f6:79:49:d3:3d:05: 11:e7:13:4f:64:e5:45:ec:e4:eb:f0:0d:34:81:4a: 35:87:59:a7:fe:bf:6d:a6:74:2d:b4:0b:c9:a7:2f: 02:0f:cc:b9:90:48:43:49:ec:91:17:5b:90:53:68: 4f:c5:02:37:9e:2a:a0:08:08:97:2f:9d:f4:b7:f0: fd:6e:51:34:aa:61:8c:80:80:01:5a:59:7a:78:79: f8:3f:ff:d4:07:1a:cd:ab:f3:15:e5:ba:35:f5:8a: 08:f6:39:7a:d2:f6:45:c4:0a:85:64:15:cc:3c:e1: db:d7:59:45:4d:91:fb:c2:87:cd:0a:79:cd:db:24: 09:c8:48:d9:88:13:5f:75:23:c6:e4:15:d2:b2:ed: 03:52:de:b8:82:6d:6f:41:94:81:68:43:8d:db:8e: 5a:a0:72:77:61:ed:da:c2:1d:83:f6:a1:5f:29:05: 8c:21:95:74:60:ab:10:31:1d:32:7d:e2:00:da:54: 16:62:38:ef:01:da:3e:92:1b:e7:62:8c:77:6b:7a: fc:2e:f6:2a:22:78:2c:15:93:15:a7:16:bf:1d:31: 9d:0f:c5:f9:79:64:cb:66:8a:85:57:ac:f7:43:db: 1d:cf:04:8a:91:2f:f5:3a:d9:2f:47:10:a9:62:94: d1:bf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4D:43:81:4D:D4:EC:8E:23:0E:61:AA:CC:75:7B:86:DE:12:8B:3C:9C X509v3 Authority Key Identifier: keyid:9E:FE:AA:72:4D:70:8C:FE:82:C6:B6:BF:27:0C:BB:5D:D4:30:6F:20 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91813F1/D0CAF384BA5911EA904FF91DC4F9AE02/nv6qck1wjP6Cxra_Jwy7XdQwbyA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nv6qck1wjP6Cxra_Jwy7XdQwbyA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91813F1/D0CAF384BA5911EA904FF91DC4F9AE02/096864742F4C11EDB0375D6CC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 111.221.44.0/22 Signature Algorithm: sha256WithRSAEncryption 28:d7:eb:97:bf:7a:a7:cc:d3:45:fd:6e:7e:7d:a1:3c:22:5a: 84:53:7b:87:05:6b:b4:02:59:e4:ee:08:ca:43:cb:6c:54:5b: af:c2:68:0f:df:ee:27:44:c8:e3:d6:1e:44:60:3f:76:86:d8: 44:2e:86:62:ed:73:74:30:7f:18:d1:c1:e3:f1:8f:fc:e3:39: 60:1c:90:84:1f:aa:04:2c:be:04:b0:34:87:30:fd:e3:01:3c: 7e:16:cf:68:2c:f6:4e:d4:1f:81:1b:45:e6:3e:e4:44:b0:2f: 88:82:03:4c:e5:64:c4:48:5d:4f:72:4e:3f:4a:b2:d8:a0:07: ff:d0:24:62:58:81:a2:66:91:7e:8b:6c:c0:6f:88:21:3d:74: d4:8a:be:a2:4e:cd:bd:f7:de:ac:98:9f:f8:89:d4:44:07:89: fb:fa:b3:b7:00:2f:ea:3c:f9:35:e5:77:16:38:b9:08:47:ff: 0c:1c:86:33:e6:ed:1c:68:ba:63:9b:36:05:77:4d:38:86:c4: f2:a0:bf:97:62:3f:80:e2:01:aa:57:3f:74:2e:95:41:78:92: d3:88:e5:17:00:3a:fa:e7:5d:25:a6:f1:1a:a4:6b:75:87:51: 2c:63:68:60:22:0a:d6:10:d2:9d:50:22:53:68:bf:2a:fa:47: 21:5c:98:60 -----BEGIN CERTIFICATE----- MIIFcTCCBFmgAwIBAgICCEMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx ODEzRjExMTAvBgNVBAUTKDlFRkVBQTcyNEQ3MDhDRkU4MkM2QjZCRjI3MENCQjVE RDQzMDZGMjAwHhcNMjQwOTAyMjEyOTQ5WhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NmQ2MmU0ZC01NzIzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAy4Uc53yiIgn2eUnTPQUR5xNPZOVF7OTr8A00gUo1h1mn/r9tpnQttAvJpy8C D8y5kEhDSeyRF1uQU2hPxQI3niqgCAiXL530t/D9blE0qmGMgIABWll6eHn4P//U BxrNq/MV5bo19YoI9jl60vZFxAqFZBXMPOHb11lFTZH7wofNCnnN2yQJyEjZiBNf dSPG5BXSsu0DUt64gm1vQZSBaEON245aoHJ3Ye3awh2D9qFfKQWMIZV0YKsQMR0y feIA2lQWYjjvAdo+khvnYox3a3r8LvYqIngsFZMVpxa/HTGdD8X5eWTLZoqFV6z3 Q9sdzwSKkS/1OtkvRxCpYpTRvwIDAQABo4IClTCCApEwHQYDVR0OBBYEFE1DgU3U 7I4jDmGqzHV7ht4SizycMB8GA1UdIwQYMBaAFJ7+qnJNcIz+gsa2vycMu13UMG8g MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4MTNGMS9EMENBRjM4NEJB NTkxMUVBOTA0RkY5MURDNEY5QUUwMi9udjZxY2sxd2pQNkN4cmFfSnd5N1hkUXdi eUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL252NnFjazF3alA2Q3hyYV9Kd3k3WGRRd2J5QS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx ODEzRjEvRDBDQUYzODRCQTU5MTFFQTkwNEZGOTFEQzRGOUFFMDIvMDk2ODY0NzQy RjRDMTFFREIwMzc1RDZDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E EDAOMAwEAgABMAYDBAJv3SwwDQYJKoZIhvcNAQELBQADggEBACjX65e/eqfM00X9 bn59oTwiWoRTe4cFa7QCWeTuCMpDy2xUW6/CaA/f7idEyOPWHkRgP3aG2EQuhmLt c3QwfxjRwePxj/zjOWAckIQfqgQsvgSwNIcw/eMBPH4Wz2gs9k7UH4EbReY+5ESw L4iCA0zlZMRIXU9yTj9KstigB//QJGJYgaJmkX6LbMBviCE9dNSKvqJOzb333qyY n/iJ1EQHifv6s7cAL+o8+TXldxY4uQhH/wwchjPm7RxoumObNgV3TTiGxPKgv5di P4DiAapXP3QulUF4ktOI5RcAOvrnXSWm8Rqka3WHUSxjaGAiCtYQ0p1QIlNovyr6 RyFcmGA= -----END CERTIFICATE-----Generated at Wed Nov 20 21:34:54 2024 by rpki-client on console-ams.rpki-client.org