$ rpki-client -vvf rpki.apnic.net/member_repository/A919EAAD/77D950F209D511EAB76C7317C4F9AE02/956DEFE80CDB11EAB14B9162C4F9AE02.roa File: 956DEFE80CDB11EAB14B9162C4F9AE02.roa (raw, json) Hash identifier: BA4+rkh2SPpSokTG1BeEsEpJkA+FLG7pCWiAPmWCubw= Subject key identifier: FD:6A:2E:9F:8A:66:DC:E4:51:5E:FF:64:F5:03:F7:1A:52:22:B6:F8 Certificate issuer: /CN=A919EAAD/serialNumber=25099046EB59D645D419A428FC701A57353FBF2C Certificate serial: 0B47 Authority key identifier: 25:09:90:46:EB:59:D6:45:D4:19:A4:28:FC:70:1A:57:35:3F:BF:2C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JQmQRutZ1kXUGaQo_HAaVzU_vyw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A919EAAD/77D950F209D511EAB76C7317C4F9AE02/956DEFE80CDB11EAB14B9162C4F9AE02.roa Signing time: Tue 06 Feb 2024 19:37:41 +0000 ROA not before: Tue 06 Feb 2024 19:37:41 +0000 ROA not after: Mon 31 Mar 2025 00:00:00 +0000 asID: 133385 IP address blocks: 45.120.84.0/22 maxlen: 22 45.120.84.0/24 maxlen: 24 45.120.85.0/24 maxlen: 24 45.120.86.0/24 maxlen: 24 45.120.87.0/24 maxlen: 24 103.255.172.0/22 maxlen: 22 103.255.172.0/24 maxlen: 24 103.255.172.64/26 maxlen: 26 103.255.172.128/25 maxlen: 25 103.255.173.0/24 maxlen: 24 103.255.174.0/24 maxlen: 24 103.255.175.0/24 maxlen: 24 2400:8480:1000::/48 maxlen: 48 2400:8480:1100::/48 maxlen: 48 2400:8480:3010::/44 maxlen: 44 2400:8480:3020::/44 maxlen: 44 2400:8480:5000::/36 maxlen: 36 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A919EAAD/77D950F209D511EAB76C7317C4F9AE02/JQmQRutZ1kXUGaQo_HAaVzU_vyw.crl rsync://rpki.apnic.net/member_repository/A919EAAD/77D950F209D511EAB76C7317C4F9AE02/JQmQRutZ1kXUGaQo_HAaVzU_vyw.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JQmQRutZ1kXUGaQo_HAaVzU_vyw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 25 May 2024 14:50:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2887 (0xb47) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A919EAAD/serialNumber=25099046EB59D645D419A428FC701A57353FBF2C Validity Not Before: Feb 6 19:37:41 2024 GMT Not After : Mar 31 00:00:00 2025 GMT Subject: CN=65c28a85-e60a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e6:2a:27:20:82:a9:dc:13:ac:37:95:d3:b5:af: 04:eb:43:bc:a1:d5:ab:89:a6:80:77:ce:5c:fb:39: 56:70:42:31:3f:ec:a2:68:40:39:ee:d4:73:d9:20: ae:37:c8:03:2b:ee:8d:6d:89:df:70:16:ea:7d:32: f3:03:b3:3a:ef:bb:12:12:22:98:9a:ad:a2:1c:a9: 24:20:57:d4:7a:4d:e6:0f:36:e5:78:e6:b8:f6:f3: bf:b4:d6:4f:b8:8e:c0:17:a0:ba:37:7b:15:76:15: 59:e6:ce:67:6c:b9:39:de:a1:79:ba:bb:53:d6:cb: 77:48:27:e3:9d:fd:62:2b:e1:1e:14:e2:8f:85:d4: 4e:32:ad:7f:cb:db:69:e5:f4:42:b6:ba:bb:f5:0a: 0d:0a:e6:fc:bb:32:8f:14:34:0b:f4:03:77:c0:78: a0:21:06:8a:98:c0:d5:c7:c0:88:99:70:3b:5e:7d: 58:e8:d4:b6:a9:55:70:c3:4b:e2:a9:f9:3d:ef:83: da:48:6a:57:38:f8:7f:98:28:b3:74:13:7b:e6:a5: 8b:60:75:a6:72:4c:90:8c:ea:ea:5f:df:22:51:a4: 4a:d9:f6:6c:8d:71:c9:5c:30:6a:77:d7:7e:01:f2: 5a:63:ae:8c:d8:a9:5d:84:58:53:d9:ac:5b:63:64: aa:af Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FD:6A:2E:9F:8A:66:DC:E4:51:5E:FF:64:F5:03:F7:1A:52:22:B6:F8 X509v3 Authority Key Identifier: keyid:25:09:90:46:EB:59:D6:45:D4:19:A4:28:FC:70:1A:57:35:3F:BF:2C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A919EAAD/77D950F209D511EAB76C7317C4F9AE02/JQmQRutZ1kXUGaQo_HAaVzU_vyw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JQmQRutZ1kXUGaQo_HAaVzU_vyw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919EAAD/77D950F209D511EAB76C7317C4F9AE02/956DEFE80CDB11EAB14B9162C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 45.120.84.0/22 103.255.172.0/22 IPv6: 2400:8480:1000::/48 2400:8480:1100::/48 2400:8480:3010::-2400:8480:302f:ffff:ffff:ffff:ffff:ffff 2400:8480:5000::/36 Signature Algorithm: sha256WithRSAEncryption 93:38:5d:67:eb:c4:89:e5:e6:96:ce:7d:b8:d6:b8:77:d1:fe: 9c:94:8a:2f:c3:81:3f:0a:80:7f:79:ea:a8:37:33:c1:6f:10: 70:d5:c8:cb:7a:70:1a:75:c9:da:3b:71:b1:28:15:dc:4b:81: 56:a1:ae:02:8e:0c:8d:aa:6c:17:d8:ad:80:29:ae:d2:8c:ed: b3:08:5e:b8:6a:b3:40:85:a2:c7:39:69:95:58:b1:a4:82:a6: 9e:ef:dc:3f:d4:d1:69:af:3d:6b:c6:2d:bd:0d:db:ab:18:73: 3c:43:4c:a3:a6:24:96:ab:ee:8d:ec:ad:60:1d:c7:65:50:b1: c6:10:3d:16:1f:bb:2b:06:55:ec:1a:2e:37:60:89:03:c9:1d: 2e:70:08:60:88:52:79:43:c8:8e:06:54:46:ad:08:21:3e:e1: 23:3e:97:8d:f5:dc:f4:cc:94:b4:67:fa:1b:cb:a3:66:c9:ce: 1f:b5:a9:79:66:63:69:f2:7a:44:e5:bd:4f:53:5c:c4:ef:12: fd:bf:4a:24:00:3e:ec:eb:5c:63:bc:86:c3:98:f1:42:7c:a4: aa:51:8c:1e:20:57:77:2b:58:ed:3e:71:22:f1:6c:51:68:d9: d4:2e:07:81:0e:83:38:70:16:d8:c2:e4:73:63:36:54:0c:21: d2:8c:ec:81 -----BEGIN CERTIFICATE----- MIIFrTCCBJWgAwIBAgICC0cwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OUVBQUQxMTAvBgNVBAUTKDI1MDk5MDQ2RUI1OUQ2NDVENDE5QTQyOEZDNzAxQTU3 MzUzRkJGMkMwHhcNMjQwMjA2MTkzNzQxWhcNMjUwMzMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NWMyOGE4NS1lNjBhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA5ionIIKp3BOsN5XTta8E60O8odWriaaAd85c+zlWcEIxP+yiaEA57tRz2SCu N8gDK+6NbYnfcBbqfTLzA7M677sSEiKYmq2iHKkkIFfUek3mDzbleOa49vO/tNZP uI7AF6C6N3sVdhVZ5s5nbLk53qF5urtT1st3SCfjnf1iK+EeFOKPhdROMq1/y9tp 5fRCtrq79QoNCub8uzKPFDQL9AN3wHigIQaKmMDVx8CImXA7Xn1Y6NS2qVVww0vi qfk974PaSGpXOPh/mCizdBN75qWLYHWmckyQjOrqX98iUaRK2fZsjXHJXDBqd9d+ AfJaY66M2KldhFhT2axbY2SqrwIDAQABo4IC0TCCAs0wHQYDVR0OBBYEFP1qLp+K ZtzkUV7/ZPUD9xpSIrb4MB8GA1UdIwQYMBaAFCUJkEbrWdZF1BmkKPxwGlc1P78s MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5RUFBRC83N0Q5NTBGMjA5 RDUxMUVBQjc2QzczMTdDNEY5QUUwMi9KUW1RUnV0WjFrWFVHYVFvX0hBYVZ6VV92 eXcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0pRbVFSdXRaMWtYVUdhUW9fSEFhVnpVX3Z5dy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx OUVBQUQvNzdEOTUwRjIwOUQ1MTFFQUI3NkM3MzE3QzRGOUFFMDIvOTU2REVGRTgw Q0RCMTFFQUIxNEI5MTYyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwWwYIKwYBBQUHAQcBAf8E TDBKMBIEAgABMAwDBAIteFQDBAJn/6wwNAQCAAIwLgMHACQAhIAQAAMHACQAhIAR ADASAwcEJACEgDAQAwcEJACEgDAgAwYEJACEgFAwDQYJKoZIhvcNAQELBQADggEB AJM4XWfrxInl5pbOfbjWuHfR/pyUii/DgT8KgH956qg3M8FvEHDVyMt6cBp1ydo7 cbEoFdxLgVahrgKODI2qbBfYrYAprtKM7bMIXrhqs0CFosc5aZVYsaSCpp7v3D/U 0WmvPWvGLb0N26sYczxDTKOmJJar7o3srWAdx2VQscYQPRYfuysGVewaLjdgiQPJ HS5wCGCIUnlDyI4GVEatCCE+4SM+l4313PTMlLRn+hvLo2bJzh+1qXlmY2nyekTl vU9TXMTvEv2/SiQAPuzrXGO8hsOY8UJ8pKpRjB4gV3crWO0+cSLxbFFo2dQuB4EO gzhwFtjC5HNjNlQMIdKM7IE= -----END CERTIFICATE-----Generated at Sat May 18 20:16:01 2024 by rpki-client on console-ams.rpki-client.org