$ rpki-client -vvf rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/CF428AB8A87511EF9905FE0AC4F9AE02.roa File: CF428AB8A87511EF9905FE0AC4F9AE02.roa (raw, json) Hash identifier: 9ytIaXzeUGn+VPCarF5iWESepfAyJrn/NBmlFLzP73M= Subject key identifier: C7:F5:42:0A:16:58:FE:A2:E1:80:E3:3D:F6:8F:12:07:64:92:E8:1B Certificate issuer: /CN=A91A560A/serialNumber=167C3B221775FEC05039468150CE814756AC6F0A Certificate serial: 4850 Authority key identifier: 16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/CF428AB8A87511EF9905FE0AC4F9AE02.roa Signing time: Fri 22 Nov 2024 03:03:57 +0000 ROA not before: Fri 22 Nov 2024 03:03:57 +0000 ROA not after: Fri 31 Oct 2025 00:00:00 +0000 asID: 150820 IP address blocks: 36.50.174.0/23 maxlen: 23 103.70.114.0/23 maxlen: 23 203.175.96.0/23 maxlen: 23 2001:df3:f0c0::/48 maxlen: 48 2001:df3:f140::/48 maxlen: 48 2001:df4:35c0::/48 maxlen: 48 2001:df4:5040::/48 maxlen: 48 2001:df4:8d40::/48 maxlen: 48 2001:df4:9b40::/48 maxlen: 48 2001:df4:a640::/48 maxlen: 48 2401:4e20::/48 maxlen: 48 2401:9be0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.crl rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 02 Dec 2024 11:15:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 18512 (0x4850) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A560A/serialNumber=167C3B221775FEC05039468150CE814756AC6F0A Validity Not Before: Nov 22 03:03:57 2024 GMT Not After : Oct 31 00:00:00 2025 GMT Subject: CN=673ff49d-0c52 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:e7:f6:73:9d:b1:3b:00:8c:f1:c6:1c:94:8f: ef:2d:16:cc:87:f1:3f:af:5c:25:16:35:36:91:1d: 10:41:ef:b7:49:77:db:e7:f0:22:05:1c:c0:7c:28: a3:ab:8c:1f:1b:3a:6b:15:88:45:fe:3f:04:97:60: cc:b1:84:3a:c6:ba:ba:dd:db:31:5f:08:c4:04:e8: 18:27:ac:cd:b6:1c:38:c8:ba:fe:00:c4:a7:44:13: 12:d1:6f:d4:c3:4f:2a:d9:7d:48:00:12:a9:e2:a2: 4a:19:b9:73:6b:88:5d:bd:54:37:4c:6e:55:50:49: 36:55:26:0e:ed:c4:41:3a:ba:07:dc:c5:63:ae:b5: 47:fd:68:38:27:16:a3:53:ce:dc:41:1d:3e:83:4a: 38:4c:9b:81:d9:49:27:a8:8e:5d:4d:07:b5:e5:b6: e8:09:6b:e6:d7:c5:95:99:fe:a1:7c:17:71:61:73: b0:5e:64:78:92:2c:92:13:71:7a:0f:98:47:22:df: b8:cd:18:0f:62:83:7d:49:12:65:43:36:30:f6:84: 76:64:17:af:47:ad:80:8e:ca:47:1f:bd:57:e1:d2: e1:bc:d5:66:ea:72:d4:80:99:e5:5c:a8:54:18:88: 79:3f:9f:ba:e4:1c:1a:2f:7b:45:3e:15:e2:5c:7c: ef:f3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C7:F5:42:0A:16:58:FE:A2:E1:80:E3:3D:F6:8F:12:07:64:92:E8:1B X509v3 Authority Key Identifier: keyid:16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/CF428AB8A87511EF9905FE0AC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 36.50.174.0/23 103.70.114.0/23 203.175.96.0/23 IPv6: 2001:df3:f0c0::/48 2001:df3:f140::/48 2001:df4:35c0::/48 2001:df4:5040::/48 2001:df4:8d40::/48 2001:df4:9b40::/48 2001:df4:a640::/48 2401:4e20::/48 2401:9be0::/48 Signature Algorithm: sha256WithRSAEncryption b9:4b:60:78:2c:b0:d9:2c:93:81:5c:cb:f5:a8:44:ef:0d:c5: c5:3a:95:5c:0d:bc:3c:2d:b7:ba:75:f3:e9:44:ff:0d:ad:9b: 96:6d:8e:e3:5c:84:97:7e:ea:ce:61:b7:1a:7c:50:b2:3c:0d: 53:5e:f5:75:8b:7d:5d:7e:44:6e:e6:91:3d:d2:7b:95:6d:05: dd:88:72:44:de:d6:49:dc:66:9c:41:74:00:0b:b0:35:bb:a6: 92:5b:05:1b:c1:85:f6:9e:e9:c8:d7:08:3a:d0:d7:31:e6:5c: c3:a2:93:0b:f9:a2:f7:74:e0:3f:e6:e3:f5:ba:1c:f9:5d:af: 3c:e6:2a:0e:6e:ae:d4:fd:a9:5c:f6:5e:ea:bc:d2:f6:5d:6b: 06:50:ad:86:0a:a1:50:1d:9d:0a:8f:17:31:69:f1:b2:b3:28: 2f:31:bd:16:d5:0f:39:bb:af:d4:22:71:f4:4a:55:41:47:0a: 5d:ee:77:fd:f9:90:d6:e3:6a:17:57:97:77:b2:f2:5a:c8:66: d8:98:8e:6f:3d:d8:6b:7d:a2:74:dd:43:9e:5c:9c:a0:ac:1f: 4e:77:91:33:19:c7:eb:32:eb:60:95:82:4f:33:01:ce:06:4e: df:3b:dd:ec:6a:a7:8c:80:76:be:a8:c8:7f:72:ab:9e:7c:ec: 09:f7:5f:25 -----BEGIN CERTIFICATE----- MIIF1zCCBL+gAwIBAgICSFAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTU2MEExMTAvBgNVBAUTKDE2N0MzQjIyMTc3NUZFQzA1MDM5NDY4MTUwQ0U4MTQ3 NTZBQzZGMEEwHhcNMjQxMTIyMDMwMzU3WhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NzNmZjQ5ZC0wYzUyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwuf2c52xOwCM8cYclI/vLRbMh/E/r1wlFjU2kR0QQe+3SXfb5/AiBRzAfCij q4wfGzprFYhF/j8El2DMsYQ6xrq63dsxXwjEBOgYJ6zNthw4yLr+AMSnRBMS0W/U w08q2X1IABKp4qJKGblza4hdvVQ3TG5VUEk2VSYO7cRBOroH3MVjrrVH/Wg4Jxaj U87cQR0+g0o4TJuB2UknqI5dTQe15bboCWvm18WVmf6hfBdxYXOwXmR4kiySE3F6 D5hHIt+4zRgPYoN9SRJlQzYw9oR2ZBevR62AjspHH71X4dLhvNVm6nLUgJnlXKhU GIh5P5+65BwaL3tFPhXiXHzv8wIDAQABo4IC+zCCAvcwHQYDVR0OBBYEFMf1QgoW WP6i4YDjPfaPEgdkkugbMB8GA1UdIwQYMBaAFBZ8OyIXdf7AUDlGgVDOgUdWrG8K MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTYwQS9BQUVCMTkxQTFE OEExMUUyQTM4N0QwRTQwOEIwMkNEMi9Gbnc3SWhkMV9zQlFPVWFCVU02QlIxYXNi d28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0ZudzdJaGQxX3NCUU9VYUJVTTZCUjFhc2J3by5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QTU2MEEvQUFFQjE5MUExRDhBMTFFMkEzODdEMEU0MDhCMDJDRDIvQ0Y0MjhBQjhB ODc1MTFFRjk5MDVGRTBBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgYQGCCsGAQUFBwEHAQH/ BHUwczAYBAIAATASAwQBJDKuAwQBZ0ZyAwQBy69gMFcEAgACMFEDBwAgAQ3z8MAD BwAgAQ3z8UADBwAgAQ30NcADBwAgAQ30UEADBwAgAQ30jUADBwAgAQ30m0ADBwAg AQ30pkADBwAkAU4gAAADBwAkAZvgAAAwDQYJKoZIhvcNAQELBQADggEBALlLYHgs sNksk4Fcy/WoRO8NxcU6lVwNvDwtt7p18+lE/w2tm5ZtjuNchJd+6s5htxp8ULI8 DVNe9XWLfV1+RG7mkT3Se5VtBd2IckTe1kncZpxBdAALsDW7ppJbBRvBhfae6cjX CDrQ1zHmXMOikwv5ovd04D/m4/W6HPldrzzmKg5urtT9qVz2Xuq80vZdawZQrYYK oVAdnQqPFzFp8bKzKC8xvRbVDzm7r9QicfRKVUFHCl3ud/35kNbjahdXl3ey8lrI ZtiYjm892Gt9onTdQ55cnKCsH053kTMZx+sy62CVgk8zAc4GTt873exqp4yAdr6o yH9yq5587An3XyU= -----END CERTIFICATE-----Generated at Mon Nov 25 13:17:33 2024 by rpki-client on console-ams.rpki-client.org