$ rpki-client -vvf rpki.apnic.net/member_repository/A918495F/848C857CDFEC11E7A27A2213C4F9AE02/DD145D6E023A11EBBDF8B35FC4F9AE02.roa File: DD145D6E023A11EBBDF8B35FC4F9AE02.roa (raw, json) Hash identifier: rlaLzwVaLuL4ngSmjTuU0HKWW8Z5rb2WxCS8BXA4T2A= Subject key identifier: 5D:F7:FF:F6:24:89:6A:B2:18:66:81:48:9F:22:08:FC:92:B0:CC:D5 Certificate issuer: /CN=A918495F/serialNumber=90C22F7393850E8ECF6B5F1E320D07B2D1ACD8FD Certificate serial: 171A Authority key identifier: 90:C2:2F:73:93:85:0E:8E:CF:6B:5F:1E:32:0D:07:B2:D1:AC:D8:FD Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kMIvc5OFDo7Pa18eMg0HstGs2P0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918495F/848C857CDFEC11E7A27A2213C4F9AE02/DD145D6E023A11EBBDF8B35FC4F9AE02.roa Signing time: Thu 20 Jun 2024 17:26:42 +0000 ROA not before: Thu 20 Jun 2024 17:26:42 +0000 ROA not after: Wed 30 Jul 2025 00:00:00 +0000 asID: 9444 IP address blocks: 1.65.190.0/23 maxlen: 24 116.48.208.0/21 maxlen: 21 116.48.213.0/24 maxlen: 24 116.48.214.0/23 maxlen: 23 116.48.215.0/24 maxlen: 24 116.48.224.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918495F/848C857CDFEC11E7A27A2213C4F9AE02/kMIvc5OFDo7Pa18eMg0HstGs2P0.crl rsync://rpki.apnic.net/member_repository/A918495F/848C857CDFEC11E7A27A2213C4F9AE02/kMIvc5OFDo7Pa18eMg0HstGs2P0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kMIvc5OFDo7Pa18eMg0HstGs2P0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 Nov 2024 16:36:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5914 (0x171a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918495F/serialNumber=90C22F7393850E8ECF6B5F1E320D07B2D1ACD8FD Validity Not Before: Jun 20 17:26:42 2024 GMT Not After : Jul 30 00:00:00 2025 GMT Subject: CN=66746652-0885 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:82:74:74:46:c5:35:82:3e:8a:eb:df:f4:f5: ce:ad:82:fa:d6:99:c5:35:e2:99:40:5c:07:46:f8: 33:33:70:e0:a0:fb:7a:83:cb:64:ba:67:5b:68:c2: 04:48:4d:ef:ed:38:ab:ab:6d:70:b8:58:48:30:c6: f4:35:98:3c:f0:88:97:43:f6:6c:84:ff:35:2d:97: 27:b3:90:ba:41:63:bb:64:7f:91:1d:af:9e:4a:8a: d7:45:c2:a0:b0:92:16:eb:39:e9:ea:b8:21:c2:84: 6c:ed:7c:ba:37:42:34:c9:1b:1d:01:df:b0:a2:69: ee:76:c6:08:42:2f:ae:a8:ca:0c:fe:2b:49:2f:29: 3c:2b:e9:d0:c4:ac:6c:89:3a:9e:33:75:27:ed:f8: a6:c7:aa:ba:51:98:cf:78:db:69:dc:ae:75:09:1b: 24:4c:c2:bc:d5:64:e8:70:20:96:1b:19:e6:ab:76: 6b:a1:76:59:42:f6:e3:65:43:32:22:ad:b2:c4:88: 1e:a3:9d:a6:2a:38:e4:89:8d:9b:b2:71:23:6a:45: 7f:95:01:02:2e:f8:6b:6b:df:da:a7:d8:15:29:ea: d2:0b:60:35:5f:99:2b:d4:3b:98:0c:49:62:09:05: f0:25:32:26:00:4d:66:b0:db:ac:c8:9c:09:56:e4: a6:c3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5D:F7:FF:F6:24:89:6A:B2:18:66:81:48:9F:22:08:FC:92:B0:CC:D5 X509v3 Authority Key Identifier: keyid:90:C2:2F:73:93:85:0E:8E:CF:6B:5F:1E:32:0D:07:B2:D1:AC:D8:FD X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918495F/848C857CDFEC11E7A27A2213C4F9AE02/kMIvc5OFDo7Pa18eMg0HstGs2P0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kMIvc5OFDo7Pa18eMg0HstGs2P0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918495F/848C857CDFEC11E7A27A2213C4F9AE02/DD145D6E023A11EBBDF8B35FC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 1.65.190.0/23 116.48.208.0/21 116.48.224.0/22 Signature Algorithm: sha256WithRSAEncryption 16:7e:a9:8e:55:96:96:48:e4:4f:2c:6f:48:83:da:09:2c:99: 94:d2:c8:8a:ca:11:e4:63:26:f3:31:da:14:71:74:d6:90:59: ec:54:15:37:ee:94:67:8f:a0:a3:96:91:91:12:44:d8:f7:42: 6e:0c:76:4a:08:62:f7:3d:1e:48:50:49:c2:3e:2f:c9:31:7e: 10:9a:3d:a8:0a:09:9e:0e:c7:af:9b:4f:f2:80:2a:b9:b4:c5: 7d:c8:70:6a:3b:f8:7b:01:23:66:32:ee:59:f3:ca:50:d5:86: 55:18:fc:5f:d4:2b:13:be:bd:c8:91:46:ec:20:0f:6d:2a:8b: e0:3f:94:a3:73:25:a5:6c:6c:88:15:57:cf:b7:24:d4:95:63: f3:57:84:9b:55:d8:e0:91:d1:77:f5:8d:71:47:b5:50:62:c5: 03:09:56:a6:b6:51:c0:c3:d0:96:a6:78:07:ee:7f:24:69:b3: 2b:fa:ce:56:f0:63:88:c1:6c:02:6c:0b:5f:83:dd:92:a6:bb: 1a:76:55:05:22:2e:b7:03:e5:32:ef:c2:bd:a0:a9:b3:ff:81: be:c2:52:4b:1a:37:aa:c9:e3:ef:df:bd:08:98:72:6f:ba:12: 5d:c9:81:fe:4d:d5:ea:0d:65:ad:11:6e:4a:0c:cd:30:a9:79: 0f:bc:78:a4 -----BEGIN CERTIFICATE----- MIIFfTCCBGWgAwIBAgICFxowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx ODQ5NUYxMTAvBgNVBAUTKDkwQzIyRjczOTM4NTBFOEVDRjZCNUYxRTMyMEQwN0Iy RDFBQ0Q4RkQwHhcNMjQwNjIwMTcyNjQyWhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD VQQDEw02Njc0NjY1Mi0wODg1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAr4J0dEbFNYI+iuvf9PXOrYL61pnFNeKZQFwHRvgzM3DgoPt6g8tkumdbaMIE SE3v7Tirq21wuFhIMMb0NZg88IiXQ/ZshP81LZcns5C6QWO7ZH+RHa+eSorXRcKg sJIW6znp6rghwoRs7Xy6N0I0yRsdAd+womnudsYIQi+uqMoM/itJLyk8K+nQxKxs iTqeM3Un7fimx6q6UZjPeNtp3K51CRskTMK81WTocCCWGxnmq3ZroXZZQvbjZUMy Iq2yxIgeo52mKjjkiY2bsnEjakV/lQECLvhra9/ap9gVKerSC2A1X5kr1DuYDEli CQXwJTImAE1msNusyJwJVuSmwwIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFF33//Yk iWqyGGaBSJ8iCPySsMzVMB8GA1UdIwQYMBaAFJDCL3OThQ6Oz2tfHjINB7LRrNj9 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4NDk1Ri84NDhDODU3Q0RG RUMxMUU3QTI3QTIyMTNDNEY5QUUwMi9rTUl2YzVPRkRvN1BhMThlTWcwSHN0R3My UDAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2tNSXZjNU9GRG83UGExOGVNZzBIc3RHczJQMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx ODQ5NUYvODQ4Qzg1N0NERkVDMTFFN0EyN0EyMjEzQzRGOUFFMDIvREQxNDVENkUw MjNBMTFFQkJERjhCMzVGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E HDAaMBgEAgABMBIDBAEBQb4DBAN0MNADBAJ0MOAwDQYJKoZIhvcNAQELBQADggEB ABZ+qY5VlpZI5E8sb0iD2gksmZTSyIrKEeRjJvMx2hRxdNaQWexUFTfulGePoKOW kZESRNj3Qm4MdkoIYvc9HkhQScI+L8kxfhCaPagKCZ4Ox6+bT/KAKrm0xX3IcGo7 +HsBI2Yy7lnzylDVhlUY/F/UKxO+vciRRuwgD20qi+A/lKNzJaVsbIgVV8+3JNSV Y/NXhJtV2OCR0Xf1jXFHtVBixQMJVqa2UcDD0JameAfufyRpsyv6zlbwY4jBbAJs C1+D3ZKmuxp2VQUiLrcD5TLvwr2gqbP/gb7CUksaN6rJ4+/fvQiYcm+6El3Jgf5N 1eoNZa0RbkoMzTCpeQ+8eKQ= -----END CERTIFICATE-----Generated at Wed Nov 20 19:05:22 2024 by rpki-client on console-ams.rpki-client.org