$ rpki-client -vvf rpki.apnic.net/member_repository/A91ADB98/D93E93DC492111EDABD59C53C4F9AE02/2E926DC45B7C11EDAAFAB831C4F9AE02.roa File: 2E926DC45B7C11EDAAFAB831C4F9AE02.roa (raw, json) Hash identifier: +MQtCQHeCX2iY48UaFSn65H7kDION537WTHbDf8n7ek= Subject key identifier: B3:3F:C8:F0:36:34:84:E4:63:54:EF:2D:D0:DF:FE:9F:5A:6C:0E:1C Certificate issuer: /CN=A91ADB98/serialNumber=661C64E293B87F473AF61D89DE48FC4538570157 Certificate serial: 01D1 Authority key identifier: 66:1C:64:E2:93:B8:7F:47:3A:F6:1D:89:DE:48:FC:45:38:57:01:57 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/Zhxk4pO4f0c69h2J3kj8RThXAVc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91ADB98/D93E93DC492111EDABD59C53C4F9AE02/2E926DC45B7C11EDAAFAB831C4F9AE02.roa Signing time: Tue 29 Oct 2024 02:35:00 +0000 ROA not before: Tue 29 Oct 2024 02:35:00 +0000 ROA not after: Thu 30 Jan 2025 00:00:00 +0000 asID: 45867 IP address blocks: 140.168.64.0/18 maxlen: 19 140.168.66.0/24 maxlen: 24 140.168.78.0/24 maxlen: 24 140.168.79.0/24 maxlen: 24 140.168.80.0/24 maxlen: 24 140.168.81.0/24 maxlen: 24 140.168.87.0/24 maxlen: 24 140.168.128.0/18 maxlen: 19 140.168.135.0/24 maxlen: 24 140.168.138.0/24 maxlen: 24 140.168.139.0/24 maxlen: 24 140.168.166.0/24 maxlen: 24 140.168.236.0/22 maxlen: 24 140.168.250.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91ADB98/D93E93DC492111EDABD59C53C4F9AE02/Zhxk4pO4f0c69h2J3kj8RThXAVc.crl rsync://rpki.apnic.net/member_repository/A91ADB98/D93E93DC492111EDABD59C53C4F9AE02/Zhxk4pO4f0c69h2J3kj8RThXAVc.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/Zhxk4pO4f0c69h2J3kj8RThXAVc.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 Nov 2024 19:45:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 465 (0x1d1) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91ADB98/serialNumber=661C64E293B87F473AF61D89DE48FC4538570157 Validity Not Before: Oct 29 02:35:00 2024 GMT Not After : Jan 30 00:00:00 2025 GMT Subject: CN=672049d4-ce92 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:fe:0a:ba:2a:fe:f9:7d:60:18:f4:d9:65:7b: 38:b5:67:29:a3:00:14:b4:0f:d8:c5:60:68:64:58: d8:e4:2e:7e:1d:8e:5c:00:2a:8d:c0:bc:b2:ea:e7: 43:1b:a1:4c:a4:b7:23:7d:3a:bd:b8:07:52:11:08: e1:79:10:2d:5c:71:e6:d1:b3:ba:67:9c:8b:25:da: 8b:f1:47:78:71:30:93:5e:32:e2:31:33:94:db:ee: c5:8b:18:dd:07:68:3f:4c:01:9f:a4:89:20:77:c7: 60:04:73:49:1a:a5:f2:d8:9b:7b:cf:8e:c0:d1:1e: 4f:01:43:ac:b1:d2:39:1a:fc:17:cb:98:65:6d:98: 21:5b:d1:ce:07:19:df:52:ab:46:05:3f:59:0a:16: 04:3e:90:cc:c7:51:77:3a:32:c2:b2:90:d8:d2:c6: f3:bf:b6:17:32:51:dc:71:a3:86:6e:28:39:8d:34: 3d:84:a9:7b:a2:f8:29:7c:e9:a4:e8:c7:c9:c5:b8: 29:10:89:05:3c:5f:91:63:34:1c:72:08:d8:f1:98: 04:7a:83:49:e6:49:ec:4f:02:57:e4:cd:97:c9:83: 33:63:f9:ed:70:af:71:93:56:28:7c:c1:58:50:c3: 9a:80:3d:9f:e4:aa:e0:95:e0:7b:2c:84:d1:cf:5d: bf:99 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B3:3F:C8:F0:36:34:84:E4:63:54:EF:2D:D0:DF:FE:9F:5A:6C:0E:1C X509v3 Authority Key Identifier: keyid:66:1C:64:E2:93:B8:7F:47:3A:F6:1D:89:DE:48:FC:45:38:57:01:57 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91ADB98/D93E93DC492111EDABD59C53C4F9AE02/Zhxk4pO4f0c69h2J3kj8RThXAVc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/Zhxk4pO4f0c69h2J3kj8RThXAVc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91ADB98/D93E93DC492111EDABD59C53C4F9AE02/2E926DC45B7C11EDAAFAB831C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 140.168.64.0-140.168.191.255 140.168.236.0/22 140.168.250.0/24 Signature Algorithm: sha256WithRSAEncryption 30:87:87:43:43:17:f6:b8:d3:5c:d6:23:d1:49:3f:ea:3c:ee: 54:42:3a:71:dd:e0:15:f1:f3:f0:56:13:a1:37:af:ab:51:a8: 13:81:56:ba:0f:0a:a7:84:5a:db:d2:f7:17:2f:c1:6e:e8:c4: c9:27:3e:55:4b:95:36:f4:4f:8b:c0:84:5e:94:39:0b:2b:ee: 05:50:69:34:c9:ed:06:fd:a0:bc:2a:52:6a:da:bc:df:30:75: 63:88:56:cd:e2:69:6a:44:7f:a2:a6:34:84:f5:29:4e:10:f2: 5e:dc:d2:f2:56:78:19:0b:05:39:86:bc:7f:dd:cc:fd:46:9c: 08:7d:9e:d6:3c:75:b2:b2:20:ab:38:a9:01:63:2b:a5:00:12: 9b:ba:05:00:91:7c:7d:2d:7a:8e:61:8c:96:0b:5c:97:e3:61: 94:c4:ed:39:72:76:89:f3:68:a8:3e:60:c7:ad:e8:42:f8:05: 10:b3:a2:29:a6:8b:f5:07:9b:77:c7:0c:44:ea:48:b4:55:9b: 98:64:f8:95:32:23:1f:0c:52:9b:45:6f:b5:ec:ea:60:31:67: a9:bc:19:08:ad:cf:e9:5f:e8:df:2b:18:cb:70:49:f1:3c:10: 31:82:b0:60:03:b8:b9:97:ff:99:74:eb:2f:ff:26:bb:56:ad: 79:18:ee:77 -----BEGIN CERTIFICATE----- MIIFhTCCBG2gAwIBAgICAdEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QURCOTgxMTAvBgNVBAUTKDY2MUM2NEUyOTNCODdGNDczQUY2MUQ4OURFNDhGQzQ1 Mzg1NzAxNTcwHhcNMjQxMDI5MDIzNTAwWhcNMjUwMTMwMDAwMDAwWjAYMRYwFAYD VQQDEw02NzIwNDlkNC1jZTkyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAr/4Kuir++X1gGPTZZXs4tWcpowAUtA/YxWBoZFjY5C5+HY5cACqNwLyy6udD G6FMpLcjfTq9uAdSEQjheRAtXHHm0bO6Z5yLJdqL8Ud4cTCTXjLiMTOU2+7Fixjd B2g/TAGfpIkgd8dgBHNJGqXy2Jt7z47A0R5PAUOssdI5GvwXy5hlbZghW9HOBxnf UqtGBT9ZChYEPpDMx1F3OjLCspDY0sbzv7YXMlHccaOGbig5jTQ9hKl7ovgpfOmk 6MfJxbgpEIkFPF+RYzQccgjY8ZgEeoNJ5knsTwJX5M2XyYMzY/ntcK9xk1YofMFY UMOagD2f5KrgleB7LITRz12/mQIDAQABo4ICqTCCAqUwHQYDVR0OBBYEFLM/yPA2 NITkY1TvLdDf/p9abA4cMB8GA1UdIwQYMBaAFGYcZOKTuH9HOvYdid5I/EU4VwFX MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBREI5OC9EOTNFOTNEQzQ5 MjExMUVEQUJENTlDNTNDNEY5QUUwMi9aaHhrNHBPNGYwYzY5aDJKM2tqOFJUaFhB VmMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL1poeGs0cE80ZjBjNjloMkoza2o4UlRoWEFWYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QURCOTgvRDkzRTkzREM0OTIxMTFFREFCRDU5QzUzQzRGOUFFMDIvMkU5MjZEQzQ1 QjdDMTFFREFBRkFCODMxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMwYIKwYBBQUHAQcBAf8E JDAiMCAEAgABMBowDAMEBoyoQAMEBoyogAMEAoyo7AMEAIyo+jANBgkqhkiG9w0B AQsFAAOCAQEAMIeHQ0MX9rjTXNYj0Uk/6jzuVEI6cd3gFfHz8FYToTevq1GoE4FW ug8Kp4Ra29L3Fy/BbujEySc+VUuVNvRPi8CEXpQ5CyvuBVBpNMntBv2gvCpSatq8 3zB1Y4hWzeJpakR/oqY0hPUpThDyXtzS8lZ4GQsFOYa8f93M/UacCH2e1jx1srIg qzipAWMrpQASm7oFAJF8fS16jmGMlgtcl+NhlMTtOXJ2ifNoqD5gx63oQvgFELOi KaaL9Qebd8cMROpItFWbmGT4lTIjHwxSm0VvtezqYDFnqbwZCK3P6V/o3ysYy3BJ 8TwQMYKwYAO4uZf/mXTrL/8mu1ateRjudw== -----END CERTIFICATE-----Generated at Thu Nov 21 03:12:03 2024 by rpki-client on console-fra.rpki-client.org