$ rpki-client -vvf rpki.apnic.net/member_repository/A91ACBB7/5E1FCEBCF3F911E9B8A8310AC4F9AE02/2CC5D50CDEC911EBA828524CC4F9AE02.roa File: 2CC5D50CDEC911EBA828524CC4F9AE02.roa (raw, json) Hash identifier: Xkhnhp/YYrsg/8iOJitqtcK1opPWFPFJhxWePm8Stnk= Subject key identifier: ED:6E:AC:CF:4C:E0:CD:AC:3D:AF:8D:AC:DB:DE:6D:88:D0:22:E2:53 Certificate issuer: /CN=A91ACBB7/serialNumber=746241ADA77DDBDFEA0FE144EFE21391E3FC4FD9 Certificate serial: 0C11 Authority key identifier: 74:62:41:AD:A7:7D:DB:DF:EA:0F:E1:44:EF:E2:13:91:E3:FC:4F:D9 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dGJBrad929_qD-FE7-ITkeP8T9k.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91ACBB7/5E1FCEBCF3F911E9B8A8310AC4F9AE02/2CC5D50CDEC911EBA828524CC4F9AE02.roa Signing time: Fri 07 Jun 2024 12:09:27 +0000 ROA not before: Fri 07 Jun 2024 12:09:27 +0000 ROA not after: Wed 28 May 2025 00:00:00 +0000 asID: 63969 IP address blocks: 45.114.84.0/22 maxlen: 24 103.54.36.0/22 maxlen: 24 2403:41c0::/32 maxlen: 36 2403:41c0:fc00::/48 maxlen: 48 2403:41c0:fc05::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91ACBB7/5E1FCEBCF3F911E9B8A8310AC4F9AE02/dGJBrad929_qD-FE7-ITkeP8T9k.crl rsync://rpki.apnic.net/member_repository/A91ACBB7/5E1FCEBCF3F911E9B8A8310AC4F9AE02/dGJBrad929_qD-FE7-ITkeP8T9k.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dGJBrad929_qD-FE7-ITkeP8T9k.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 Nov 2024 17:13:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3089 (0xc11) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91ACBB7/serialNumber=746241ADA77DDBDFEA0FE144EFE21391E3FC4FD9 Validity Not Before: Jun 7 12:09:27 2024 GMT Not After : May 28 00:00:00 2025 GMT Subject: CN=6662f877-978d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:cb:64:54:45:60:d7:30:a6:7c:08:01:90:a0: a8:d2:0c:9c:b8:ae:7c:2b:9d:ed:09:11:c4:29:e6: da:d3:5b:37:13:1a:e0:ba:5d:97:aa:fd:c7:7d:f8: 21:fb:8d:54:1a:b9:6a:9a:8e:cb:c5:37:4d:37:65: 72:bc:f2:83:96:aa:54:4d:93:ed:90:dc:32:27:1e: 5a:23:a8:a4:c6:47:b1:45:1f:83:ed:37:9b:a8:b9: 87:e8:ee:8f:9e:20:0c:9c:15:43:01:46:e6:2a:8a: 9b:b5:f8:57:be:2f:d3:ae:1f:77:cd:cb:d8:0f:97: 6a:19:5a:08:72:03:67:25:9e:cb:29:ac:41:9a:e0: 9d:f5:7b:76:a2:95:2c:8c:e9:2d:6b:30:08:00:ef: 0d:5a:c9:5d:c2:c2:9c:91:9d:79:ca:57:fa:73:12: 77:5e:e5:93:c1:cc:6c:83:39:18:7d:d7:f1:d1:12: 7d:c9:54:32:74:e7:68:79:64:1f:57:fd:e0:63:ed: 9b:7c:8a:d9:07:69:71:9a:e4:3c:53:60:50:cc:23: 18:37:51:e9:71:77:08:85:76:b8:10:8c:6d:3b:37: a1:b5:1c:48:d6:57:67:76:56:9b:05:db:f1:cd:eb: 0e:c7:3d:7e:03:cc:79:d3:0f:91:2e:9a:06:d1:d2: ce:05 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: ED:6E:AC:CF:4C:E0:CD:AC:3D:AF:8D:AC:DB:DE:6D:88:D0:22:E2:53 X509v3 Authority Key Identifier: keyid:74:62:41:AD:A7:7D:DB:DF:EA:0F:E1:44:EF:E2:13:91:E3:FC:4F:D9 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91ACBB7/5E1FCEBCF3F911E9B8A8310AC4F9AE02/dGJBrad929_qD-FE7-ITkeP8T9k.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dGJBrad929_qD-FE7-ITkeP8T9k.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91ACBB7/5E1FCEBCF3F911E9B8A8310AC4F9AE02/2CC5D50CDEC911EBA828524CC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 45.114.84.0/22 103.54.36.0/22 IPv6: 2403:41c0::/32 Signature Algorithm: sha256WithRSAEncryption 62:30:45:88:c9:dc:64:90:04:0f:eb:82:a9:57:19:b7:9a:df: 79:52:1c:a6:44:84:fc:48:f6:ca:8c:a9:80:8a:fb:c3:2e:a3: 6d:ed:28:a8:3f:8e:b8:01:bb:4b:e0:a5:85:dd:a8:b9:d5:ff: 4a:4e:4a:f6:60:ce:31:21:31:4c:f1:e3:27:d0:de:56:f2:c0: 82:e3:b0:b4:31:37:3c:4c:c4:c4:29:25:e1:88:80:3c:2c:00: ec:89:cf:73:64:d5:b3:8d:f7:7f:a1:a2:29:f7:17:2b:9b:43: 49:56:86:f8:12:98:81:d1:38:7d:b5:df:67:0a:ff:ec:7b:4a: 3d:5a:8e:70:81:37:5c:74:31:21:af:ec:dc:17:cb:28:5d:33: 5e:f0:05:40:58:d4:13:34:4f:ef:0e:1b:73:d4:17:b5:48:17: 55:e5:ad:24:67:26:62:c2:ca:af:b1:39:91:8c:64:5c:ee:a7: df:76:9c:49:8c:5e:28:c3:95:6f:23:1f:33:5a:00:f7:4f:2f: 5d:f6:50:e6:62:85:40:25:57:70:5c:d0:71:5f:3d:86:6d:83: ef:ba:a5:57:e3:9a:3b:8e:5e:28:38:76:fc:bc:ac:ee:a1:71: cb:03:d2:4d:9d:07:f6:74:ed:e0:c8:38:40:1c:9c:d3:2c:9c: 23:01:98:07 -----BEGIN CERTIFICATE----- MIIFhjCCBG6gAwIBAgICDBEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QUNCQjcxMTAvBgNVBAUTKDc0NjI0MUFEQTc3RERCREZFQTBGRTE0NEVGRTIxMzkx RTNGQzRGRDkwHhcNMjQwNjA3MTIwOTI3WhcNMjUwNTI4MDAwMDAwWjAYMRYwFAYD VQQDEw02NjYyZjg3Ny05NzhkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEApstkVEVg1zCmfAgBkKCo0gycuK58K53tCRHEKeba01s3Exrgul2Xqv3Hffgh +41UGrlqmo7LxTdNN2VyvPKDlqpUTZPtkNwyJx5aI6ikxkexRR+D7TebqLmH6O6P niAMnBVDAUbmKoqbtfhXvi/Trh93zcvYD5dqGVoIcgNnJZ7LKaxBmuCd9Xt2opUs jOktazAIAO8NWsldwsKckZ15ylf6cxJ3XuWTwcxsgzkYfdfx0RJ9yVQydOdoeWQf V/3gY+2bfIrZB2lxmuQ8U2BQzCMYN1HpcXcIhXa4EIxtOzehtRxI1ldndlabBdvx zesOxz1+A8x50w+RLpoG0dLOBQIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFO1urM9M 4M2sPa+NrNvebYjQIuJTMB8GA1UdIwQYMBaAFHRiQa2nfdvf6g/hRO/iE5Hj/E/Z MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBQ0JCNy81RTFGQ0VCQ0Yz RjkxMUU5QjhBODMxMEFDNEY5QUUwMi9kR0pCcmFkOTI5X3FELUZFNy1JVGtlUDhU OWsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2RHSkJyYWQ5MjlfcUQtRkU3LUlUa2VQOFQ5ay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QUNCQjcvNUUxRkNFQkNGM0Y5MTFFOUI4QTgzMTBBQzRGOUFFMDIvMkNDNUQ1MENE RUM5MTFFQkE4Mjg1MjRDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E JTAjMBIEAgABMAwDBAItclQDBAJnNiQwDQQCAAIwBwMFACQDQcAwDQYJKoZIhvcN AQELBQADggEBAGIwRYjJ3GSQBA/rgqlXGbea33lSHKZEhPxI9sqMqYCK+8Muo23t KKg/jrgBu0vgpYXdqLnV/0pOSvZgzjEhMUzx4yfQ3lbywILjsLQxNzxMxMQpJeGI gDwsAOyJz3Nk1bON93+hoin3FyubQ0lWhvgSmIHROH2132cK/+x7Sj1ajnCBN1x0 MSGv7NwXyyhdM17wBUBY1BM0T+8OG3PUF7VIF1XlrSRnJmLCyq+xOZGMZFzup992 nEmMXijDlW8jHzNaAPdPL132UOZihUAlV3Bc0HFfPYZtg++6pVfjmjuOXig4dvy8 rO6hccsD0k2dB/Z07eDIOEAcnNMsnCMBmAc= -----END CERTIFICATE-----Generated at Wed Nov 20 19:06:04 2024 by rpki-client on console-ams.rpki-client.org