$ rpki-client -vvf rpki.apnic.net/member_repository/A9194C0D/AD258890575411EE940CD954C4F9AE02/F6FAEC5CCB0411EEAB05F93CC4F9AE02.roa File: F6FAEC5CCB0411EEAB05F93CC4F9AE02.roa (raw, json) Hash identifier: Q5xfP/rxctegJfF/XF0qbq9akmxzTe+E/Xbws8tDwz8= Subject key identifier: DF:9B:CB:37:F1:FC:52:59:91:61:E5:F0:22:03:8F:51:6E:B1:D8:A4 Certificate issuer: /CN=A9194C0D/serialNumber=634E28B1002E556E8EB14F953EAD63B6D6775809 Certificate serial: F9 Authority key identifier: 63:4E:28:B1:00:2E:55:6E:8E:B1:4F:95:3E:AD:63:B6:D6:77:58:09 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Y04osQAuVW6OsU-VPq1jttZ3WAk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9194C0D/AD258890575411EE940CD954C4F9AE02/F6FAEC5CCB0411EEAB05F93CC4F9AE02.roa Signing time: Sun 03 Nov 2024 03:57:05 +0000 ROA not before: Sun 03 Nov 2024 03:57:05 +0000 ROA not after: Tue 30 Dec 2025 00:00:00 +0000 asID: 134090 IP address blocks: 45.249.116.0/22 maxlen: 24 103.51.112.0/22 maxlen: 24 103.85.36.0/22 maxlen: 24 103.95.112.0/22 maxlen: 24 103.106.88.0/22 maxlen: 24 123.253.188.0/22 maxlen: 24 202.128.112.0/20 maxlen: 20 202.128.112.0/21 maxlen: 24 202.128.120.0/21 maxlen: 24 202.179.128.0/22 maxlen: 24 2400:a840::/31 maxlen: 34 2400:a842::/31 maxlen: 34 2400:a844::/30 maxlen: 30 2400:a844::/31 maxlen: 34 2400:a846::/31 maxlen: 34 2400:a848::/31 maxlen: 34 2400:a84a::/31 maxlen: 34 2400:a84c::/31 maxlen: 34 2400:a84e::/31 maxlen: 34 2402:2c80::/32 maxlen: 34 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9194C0D/AD258890575411EE940CD954C4F9AE02/Y04osQAuVW6OsU-VPq1jttZ3WAk.crl rsync://rpki.apnic.net/member_repository/A9194C0D/AD258890575411EE940CD954C4F9AE02/Y04osQAuVW6OsU-VPq1jttZ3WAk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Y04osQAuVW6OsU-VPq1jttZ3WAk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 28 Nov 2024 03:40:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 249 (0xf9) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9194C0D/serialNumber=634E28B1002E556E8EB14F953EAD63B6D6775809 Validity Not Before: Nov 3 03:57:05 2024 GMT Not After : Dec 30 00:00:00 2025 GMT Subject: CN=6726f491-8552 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:e5:b5:41:e8:f1:ae:85:2d:2f:4d:3f:20:9a: 6b:80:b0:aa:39:43:32:88:23:25:ff:ec:10:f5:b9: 5b:2e:1e:96:13:41:83:a0:18:6d:95:2e:61:15:5a: c1:7b:6a:04:d9:8a:17:ff:9a:08:b3:a6:45:76:42: 36:5f:c9:0a:e5:b6:09:74:3f:6b:ae:c6:bf:81:ef: 0c:07:ab:4d:a8:ac:ca:b6:8c:5d:3c:f1:3a:89:59: b6:7d:b9:47:74:03:5e:26:5f:05:d2:73:8c:67:f2: 5d:3a:ee:99:3b:d3:7a:a7:e8:41:c4:5b:76:58:a7: d5:bc:92:ba:27:67:fb:08:55:ba:86:61:a6:fc:5d: 83:9c:a1:5d:95:68:9a:b9:c3:c8:25:a2:27:2b:29: 42:93:d0:b8:b7:b2:c9:bc:c6:b7:c3:2f:97:6f:37: 2d:80:af:8e:26:a2:38:a8:0f:9a:2c:77:a2:7e:28: 45:7e:c4:5a:e8:8c:df:99:f1:66:c5:81:c6:35:37: a1:0d:b2:0a:cd:12:35:a7:8b:04:a1:10:db:ec:83: 42:22:43:5e:15:be:9f:df:17:7b:86:f1:c7:0a:a6: b3:d1:1e:66:68:d2:a2:f8:87:e6:67:6e:63:46:db: b6:8c:c8:95:78:dd:d2:6f:a4:fc:7b:17:e4:67:c6: 1a:0d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DF:9B:CB:37:F1:FC:52:59:91:61:E5:F0:22:03:8F:51:6E:B1:D8:A4 X509v3 Authority Key Identifier: keyid:63:4E:28:B1:00:2E:55:6E:8E:B1:4F:95:3E:AD:63:B6:D6:77:58:09 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9194C0D/AD258890575411EE940CD954C4F9AE02/Y04osQAuVW6OsU-VPq1jttZ3WAk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Y04osQAuVW6OsU-VPq1jttZ3WAk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9194C0D/AD258890575411EE940CD954C4F9AE02/F6FAEC5CCB0411EEAB05F93CC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 45.249.116.0/22 103.51.112.0/22 103.85.36.0/22 103.95.112.0/22 103.106.88.0/22 123.253.188.0/22 202.128.112.0/20 202.179.128.0/22 IPv6: 2400:a840::/28 2402:2c80::/32 Signature Algorithm: sha256WithRSAEncryption 8f:fe:a8:be:5a:cc:6e:62:01:e2:a5:cc:74:92:e8:dd:86:3c: 34:ed:ad:4a:96:b2:78:f9:d9:bc:f9:8f:8f:c8:a2:17:41:f4: 76:de:c5:34:1e:48:e6:03:bf:4c:4d:61:0b:b9:c9:80:6d:71: 56:ae:24:a3:10:b0:39:8a:cb:31:b2:72:5f:6d:1c:91:e3:dc: 3d:13:bf:ca:6f:54:d4:e5:c1:6c:fd:5c:03:26:43:62:0c:09: 7d:54:e6:86:46:81:5d:f0:bd:5b:b9:e8:be:5a:e0:7d:2c:23: a9:0b:79:14:85:77:c4:6e:32:83:b9:10:41:6c:c8:bd:1d:ae: 3c:2a:e2:58:a9:28:9b:cb:65:73:3b:96:fb:53:5d:26:6a:ad: a4:aa:24:b0:3d:fc:2b:2b:81:e0:68:b0:73:e6:8b:6a:4e:c0: 64:2c:bb:3c:1f:be:a9:9c:c6:b9:3a:16:ea:99:4d:d4:2f:b9: f2:27:e5:c5:50:78:d0:54:40:87:3a:8a:8f:76:ff:cb:bd:01: 74:60:60:84:25:a7:70:d4:9d:6a:52:01:c1:94:0c:0b:81:17: 9a:2a:4b:fd:7f:a0:93:63:bf:e7:83:79:1a:6f:5c:b6:c2:6a: 12:aa:1c:5c:2a:e9:5e:66:b7:12:4e:44:ad:65:a4:c6:59:b6: ba:98:27:28 -----BEGIN CERTIFICATE----- MIIFsTCCBJmgAwIBAgICAPkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OTRDMEQxMTAvBgNVBAUTKDYzNEUyOEIxMDAyRTU1NkU4RUIxNEY5NTNFQUQ2M0I2 RDY3NzU4MDkwHhcNMjQxMTAzMDM1NzA1WhcNMjUxMjMwMDAwMDAwWjAYMRYwFAYD VQQDEw02NzI2ZjQ5MS04NTUyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxOW1QejxroUtL00/IJprgLCqOUMyiCMl/+wQ9blbLh6WE0GDoBhtlS5hFVrB e2oE2YoX/5oIs6ZFdkI2X8kK5bYJdD9rrsa/ge8MB6tNqKzKtoxdPPE6iVm2fblH dANeJl8F0nOMZ/JdOu6ZO9N6p+hBxFt2WKfVvJK6J2f7CFW6hmGm/F2DnKFdlWia ucPIJaInKylCk9C4t7LJvMa3wy+XbzctgK+OJqI4qA+aLHeifihFfsRa6IzfmfFm xYHGNTehDbIKzRI1p4sEoRDb7INCIkNeFb6f3xd7hvHHCqaz0R5maNKi+IfmZ25j Rtu2jMiVeN3Sb6T8exfkZ8YaDQIDAQABo4IC1TCCAtEwHQYDVR0OBBYEFN+byzfx /FJZkWHl8CIDj1FusdikMB8GA1UdIwQYMBaAFGNOKLEALlVujrFPlT6tY7bWd1gJ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5NEMwRC9BRDI1ODg5MDU3 NTQxMUVFOTQwQ0Q5NTRDNEY5QUUwMi9ZMDRvc1FBdVZXNk9zVS1WUHExanR0WjNX QWsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1kwNG9zUUF1Vlc2T3NVLVZQcTFqdHRaM1dBay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx OTRDMEQvQUQyNTg4OTA1NzU0MTFFRTk0MENEOTU0QzRGOUFFMDIvRjZGQUVDNUND QjA0MTFFRUFCMDVGOTNDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwXwYIKwYBBQUHAQcBAf8E UDBOMDYEAgABMDADBAIt+XQDBAJnM3ADBAJnVSQDBAJnX3ADBAJnalgDBAJ7/bwD BATKgHADBALKs4AwFAQCAAIwDgMFBCQAqEADBQAkAiyAMA0GCSqGSIb3DQEBCwUA A4IBAQCP/qi+WsxuYgHipcx0kujdhjw07a1KlrJ4+dm8+Y+PyKIXQfR23sU0Hkjm A79MTWELucmAbXFWriSjELA5issxsnJfbRyR49w9E7/Kb1TU5cFs/VwDJkNiDAl9 VOaGRoFd8L1buei+WuB9LCOpC3kUhXfEbjKDuRBBbMi9Ha48KuJYqSiby2VzO5b7 U10maq2kqiSwPfwrK4HgaLBz5otqTsBkLLs8H76pnMa5OhbqmU3UL7nyJ+XFUHjQ VECHOoqPdv/LvQF0YGCEJadw1J1qUgHBlAwLgReaKkv9f6CTY7/ng3kab1y2wmoS qhxcKuleZrcSTkStZaTGWba6mCco -----END CERTIFICATE-----Generated at Thu Nov 21 05:06:01 2024 by rpki-client on console-fra.rpki-client.org