$ rpki-client -vvf rpki.apnic.net/member_repository/A9185D6E/4CBFF4AEDFF111EB894F3067C4F9AE02/229CD24AF9FB11EB8CFF5E7DC4F9AE02.roa File: 229CD24AF9FB11EB8CFF5E7DC4F9AE02.roa (raw, json) Hash identifier: vxTnh7Ys9GK9aVV0JV17sEaOWGAhPV+32VGW/l83yYo= Subject key identifier: 8E:EF:FD:80:8D:F9:9A:C9:1A:AD:E5:74:0C:1F:6B:BF:70:6E:22:33 Certificate issuer: /CN=A9185D6E/serialNumber=9524EA9B823C20FA78923BE6667E14F6C4C3B47E Certificate serial: 045F Authority key identifier: 95:24:EA:9B:82:3C:20:FA:78:92:3B:E6:66:7E:14:F6:C4:C3:B4:7E Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/lSTqm4I8IPp4kjvmZn4U9sTDtH4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9185D6E/4CBFF4AEDFF111EB894F3067C4F9AE02/229CD24AF9FB11EB8CFF5E7DC4F9AE02.roa Signing time: Tue 07 Nov 2023 17:32:58 +0000 ROA not before: Tue 07 Nov 2023 17:32:58 +0000 ROA not after: Thu 31 Oct 2024 00:00:00 +0000 asID: 394808 IP address blocks: 104.161.234.0/23 maxlen: 24 104.161.252.0/24 maxlen: 24 104.161.253.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9185D6E/4CBFF4AEDFF111EB894F3067C4F9AE02/lSTqm4I8IPp4kjvmZn4U9sTDtH4.crl rsync://rpki.apnic.net/member_repository/A9185D6E/4CBFF4AEDFF111EB894F3067C4F9AE02/lSTqm4I8IPp4kjvmZn4U9sTDtH4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/lSTqm4I8IPp4kjvmZn4U9sTDtH4.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 02 May 2024 01:30:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1119 (0x45f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9185D6E/serialNumber=9524EA9B823C20FA78923BE6667E14F6C4C3B47E Validity Not Before: Nov 7 17:32:58 2023 GMT Not After : Oct 31 00:00:00 2024 GMT Subject: CN=654a74ca-4769 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:2f:d6:0a:fe:26:43:f3:92:a5:b5:8c:0e:fc: 03:4c:c3:10:1d:d8:85:e8:3f:76:72:fa:b7:a1:71: d6:07:68:95:42:80:37:36:da:ba:2c:84:2d:4e:13: b2:6c:fc:14:18:5b:50:5a:88:2d:fb:71:d7:50:d8: c3:cb:8e:71:f3:c1:82:60:2d:7e:13:fc:81:42:16: ca:34:38:97:e3:50:64:66:89:92:d7:6d:cb:83:7f: 30:0c:71:43:91:2b:12:14:5e:83:57:a4:c7:c9:0f: 2b:60:2b:89:38:62:3c:7c:18:09:e8:cb:89:5c:cf: cf:bf:6a:65:5d:76:3e:b1:2c:fc:4d:5a:32:c9:40: 23:92:7e:96:57:ce:74:5a:82:34:a0:2c:34:f1:fe: db:20:d7:b3:11:1d:04:5e:3c:2f:d8:ad:c5:6d:f4: 03:e8:44:2d:56:bf:74:c8:00:36:18:2d:e8:c7:db: 20:4f:d3:a2:9b:b5:8d:1c:ea:64:49:db:49:c6:8f: 28:e9:04:9d:51:db:d0:e0:5e:90:45:bd:a7:83:a5: 2e:58:30:36:21:3b:49:5e:15:a3:38:0e:58:df:25: 02:3a:ce:4e:5b:88:b1:86:b5:81:fb:ef:75:e9:d0: 5a:a1:1d:f8:77:7d:80:44:b9:e6:fe:6f:3a:cd:20: 42:c1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8E:EF:FD:80:8D:F9:9A:C9:1A:AD:E5:74:0C:1F:6B:BF:70:6E:22:33 X509v3 Authority Key Identifier: keyid:95:24:EA:9B:82:3C:20:FA:78:92:3B:E6:66:7E:14:F6:C4:C3:B4:7E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9185D6E/4CBFF4AEDFF111EB894F3067C4F9AE02/lSTqm4I8IPp4kjvmZn4U9sTDtH4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/lSTqm4I8IPp4kjvmZn4U9sTDtH4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9185D6E/4CBFF4AEDFF111EB894F3067C4F9AE02/229CD24AF9FB11EB8CFF5E7DC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 104.161.234.0/23 104.161.252.0/23 Signature Algorithm: sha256WithRSAEncryption 42:68:cf:f0:40:f7:2b:6d:98:cb:d0:0e:48:56:04:2f:b7:e9: eb:9c:3f:37:a3:bc:e3:c3:4a:c8:1a:58:b4:10:cb:da:42:0d: 21:41:f4:b1:77:ed:68:f6:80:73:3e:62:0d:b5:2f:f4:31:27: 67:f7:48:01:1a:71:5d:18:c7:b6:d0:62:ae:1b:3a:0f:aa:5f: 5e:3d:49:d3:3a:08:7b:76:2b:ad:85:c9:d1:64:84:7f:42:19: 2a:25:ce:4c:69:46:50:5c:81:dd:6f:c2:40:fc:6c:0b:6e:cc: f1:e4:b8:8d:15:50:d8:0e:41:ba:df:70:8f:fd:ce:76:9d:8c: a9:78:2b:04:aa:f7:72:8f:aa:cb:d9:32:7c:de:b8:6d:77:84: e3:28:21:4c:09:3f:f2:f3:b3:4b:ad:6a:92:4c:1d:e0:b9:43: 33:cf:ad:46:eb:37:01:f0:a9:ed:8d:80:7d:0e:45:22:9d:eb: de:e6:80:0e:54:04:22:c0:4d:aa:7c:49:65:f2:3b:ea:76:87: e7:ca:ef:9d:ef:07:05:d5:6a:a9:52:2a:95:af:4c:a9:52:c0: d1:e8:1c:f8:94:c8:dc:49:ca:2b:4e:84:bc:3b:43:9d:f7:02: 81:7e:26:1b:a4:b9:25:85:10:69:2f:be:ba:bb:17:ed:67:f6: 0a:f4:79:55 -----BEGIN CERTIFICATE----- MIIFdzCCBF+gAwIBAgICBF8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx ODVENkUxMTAvBgNVBAUTKDk1MjRFQTlCODIzQzIwRkE3ODkyM0JFNjY2N0UxNEY2 QzRDM0I0N0UwHhcNMjMxMTA3MTczMjU4WhcNMjQxMDMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NTRhNzRjYS00NzY5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAoy/WCv4mQ/OSpbWMDvwDTMMQHdiF6D92cvq3oXHWB2iVQoA3Ntq6LIQtThOy bPwUGFtQWogt+3HXUNjDy45x88GCYC1+E/yBQhbKNDiX41BkZomS123Lg38wDHFD kSsSFF6DV6THyQ8rYCuJOGI8fBgJ6MuJXM/Pv2plXXY+sSz8TVoyyUAjkn6WV850 WoI0oCw08f7bINezER0EXjwv2K3FbfQD6EQtVr90yAA2GC3ox9sgT9Oim7WNHOpk SdtJxo8o6QSdUdvQ4F6QRb2ng6UuWDA2ITtJXhWjOA5Y3yUCOs5OW4ixhrWB++91 6dBaoR34d32ARLnm/m86zSBCwQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFI7v/YCN +ZrJGq3ldAwfa79wbiIzMB8GA1UdIwQYMBaAFJUk6puCPCD6eJI75mZ+FPbEw7R+ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4NUQ2RS80Q0JGRjRBRURG RjExMUVCODk0RjMwNjdDNEY5QUUwMi9sU1RxbTRJOElQcDRranZtWm40VTlzVER0 SDQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL2xTVHFtNEk4SVBwNGtqdm1abjRVOXNURHRINC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx ODVENkUvNENCRkY0QUVERkYxMTFFQjg5NEYzMDY3QzRGOUFFMDIvMjI5Q0QyNEFG OUZCMTFFQjhDRkY1RTdEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E FjAUMBIEAgABMAwDBAFooeoDBAFoofwwDQYJKoZIhvcNAQELBQADggEBAEJoz/BA 9yttmMvQDkhWBC+36eucPzejvOPDSsgaWLQQy9pCDSFB9LF37Wj2gHM+Yg21L/Qx J2f3SAEacV0Yx7bQYq4bOg+qX149SdM6CHt2K62FydFkhH9CGSolzkxpRlBcgd1v wkD8bAtuzPHkuI0VUNgOQbrfcI/9znadjKl4KwSq93KPqsvZMnzeuG13hOMoIUwJ P/Lzs0utapJMHeC5QzPPrUbrNwHwqe2NgH0ORSKd697mgA5UBCLATap8SWXyO+p2 h+fK753vBwXVaqlSKpWvTKlSwNHoHPiUyNxJyitOhLw7Q533AoF+JhukuSWFEGkv vrq7F+1n9gr0eVU= -----END CERTIFICATE-----Generated at Thu Apr 25 03:22:00 2024 by rpki-client on console-ams.rpki-client.org