$ rpki-client -vvf rpki.apnic.net/member_repository/A91ADB98/D93E93DC492111EDABD59C53C4F9AE02/2F4FE7325B7C11EDAAFAB831C4F9AE02.roa File: 2F4FE7325B7C11EDAAFAB831C4F9AE02.roa (raw, json) Hash identifier: 45bdUCPbK7oSCmPfWeHAL17vZIfbPntU2ZfyP6PApsU= Subject key identifier: 1F:3C:7D:69:B3:53:04:0B:F7:A4:94:09:E5:B4:08:EC:05:52:29:36 Certificate issuer: /CN=A91ADB98/serialNumber=661C64E293B87F473AF61D89DE48FC4538570157 Certificate serial: 01BF Authority key identifier: 66:1C:64:E2:93:B8:7F:47:3A:F6:1D:89:DE:48:FC:45:38:57:01:57 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/Zhxk4pO4f0c69h2J3kj8RThXAVc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91ADB98/D93E93DC492111EDABD59C53C4F9AE02/2F4FE7325B7C11EDAAFAB831C4F9AE02.roa Signing time: Tue 01 Oct 2024 03:16:32 +0000 ROA not before: Tue 01 Oct 2024 03:16:32 +0000 ROA not after: Thu 30 Jan 2025 00:00:00 +0000 asID: 65501 IP address blocks: 140.168.244.0/22 maxlen: 22 140.168.244.0/24 maxlen: 24 140.168.245.0/24 maxlen: 24 140.168.246.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91ADB98/D93E93DC492111EDABD59C53C4F9AE02/Zhxk4pO4f0c69h2J3kj8RThXAVc.crl rsync://rpki.apnic.net/member_repository/A91ADB98/D93E93DC492111EDABD59C53C4F9AE02/Zhxk4pO4f0c69h2J3kj8RThXAVc.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/Zhxk4pO4f0c69h2J3kj8RThXAVc.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 Nov 2024 19:45:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 447 (0x1bf) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91ADB98/serialNumber=661C64E293B87F473AF61D89DE48FC4538570157 Validity Not Before: Oct 1 03:16:32 2024 GMT Not After : Jan 30 00:00:00 2025 GMT Subject: CN=66fb6990-fe20 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:82:4e:0f:01:c8:37:b3:06:51:67:0c:17:0d: c3:a6:fe:28:aa:38:49:12:78:b5:b2:05:e1:5c:90: da:7a:2c:a7:22:f9:47:a6:7e:c8:1c:ad:21:a5:52: 52:de:6d:5b:a0:71:c5:e8:d8:f0:ee:3a:50:c9:01: 27:4b:29:02:ab:e5:eb:8d:d4:bb:9b:a8:22:ea:87: fd:a3:ef:9f:1f:d4:ae:7a:f8:c3:a8:6e:14:d1:fa: 4f:19:49:e8:43:ad:8c:6f:a4:b2:7d:b3:e3:2a:2d: d1:41:5e:53:a4:99:d5:93:01:01:18:a5:68:3d:1a: 4a:33:89:35:b8:71:67:c1:40:cf:e6:fd:4d:d3:dc: f4:88:f1:68:f0:95:36:87:11:fa:25:69:71:0c:d8: ed:73:67:77:e2:c3:72:3a:7a:b7:11:b8:ad:81:00: 63:ba:fd:5d:e2:66:84:74:b4:10:45:47:a5:3c:81: 5d:1f:22:0a:89:3f:1c:79:96:f4:77:d7:5c:93:ff: 50:db:b5:e9:46:74:00:f7:69:a6:6f:0d:f5:e3:52: 76:7e:f8:c6:fc:4f:58:be:3e:d7:3e:b4:66:7d:18: 21:f1:b1:7e:6b:72:f7:5b:c6:ef:01:0a:a0:c9:2e: d2:7f:f0:60:60:a8:01:63:60:07:b2:29:b5:69:a3: 78:4b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1F:3C:7D:69:B3:53:04:0B:F7:A4:94:09:E5:B4:08:EC:05:52:29:36 X509v3 Authority Key Identifier: keyid:66:1C:64:E2:93:B8:7F:47:3A:F6:1D:89:DE:48:FC:45:38:57:01:57 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91ADB98/D93E93DC492111EDABD59C53C4F9AE02/Zhxk4pO4f0c69h2J3kj8RThXAVc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/Zhxk4pO4f0c69h2J3kj8RThXAVc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91ADB98/D93E93DC492111EDABD59C53C4F9AE02/2F4FE7325B7C11EDAAFAB831C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 140.168.244.0/22 Signature Algorithm: sha256WithRSAEncryption 95:27:de:e9:eb:20:19:e3:fd:ea:95:1a:bb:ba:b8:22:fb:86: bb:75:1c:82:2d:d2:f9:af:cb:51:56:82:e0:6f:be:4a:be:dd: 9f:0a:92:5a:35:0e:fc:c2:87:66:47:7a:7f:03:7c:49:1d:e2: ae:3a:81:88:eb:cc:ec:d5:f4:5a:48:ab:3c:7b:bb:d9:5d:25: d8:dc:3e:99:65:70:4b:4f:37:e3:99:4f:76:14:a2:2d:90:4f: 57:c1:51:39:c6:ba:70:b0:bd:f8:21:33:5b:ac:3b:ef:57:49: d3:10:63:44:73:ad:3a:aa:89:24:f1:bd:40:b7:f6:95:7f:cd: f7:16:ca:a8:df:f1:60:e7:32:36:8b:c7:f9:c0:f4:de:7f:53: 89:a3:ca:23:a6:e7:6a:31:96:05:78:2a:d0:4f:0b:9c:3d:9e: 93:10:0b:ae:d1:b2:d6:69:d1:f3:88:e5:a0:13:bf:46:8f:ab: 9c:7d:c4:76:a3:fc:40:55:75:c2:f6:8a:94:e4:c4:e3:fb:03: 4d:35:d8:44:f6:3c:eb:cf:bb:8a:54:df:77:c0:76:b9:e1:e3: 28:bf:22:a1:97:dd:c3:28:db:8b:f4:46:ad:59:08:1e:8a:63: 46:04:2b:eb:83:85:df:53:69:0b:7d:7a:20:7b:98:64:69:d5: 37:dc:46:26 -----BEGIN CERTIFICATE----- MIIFcTCCBFmgAwIBAgICAb8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QURCOTgxMTAvBgNVBAUTKDY2MUM2NEUyOTNCODdGNDczQUY2MUQ4OURFNDhGQzQ1 Mzg1NzAxNTcwHhcNMjQxMDAxMDMxNjMyWhcNMjUwMTMwMDAwMDAwWjAYMRYwFAYD VQQDEw02NmZiNjk5MC1mZTIwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAyoJODwHIN7MGUWcMFw3Dpv4oqjhJEni1sgXhXJDaeiynIvlHpn7IHK0hpVJS 3m1boHHF6Njw7jpQyQEnSykCq+XrjdS7m6gi6of9o++fH9SuevjDqG4U0fpPGUno Q62Mb6SyfbPjKi3RQV5TpJnVkwEBGKVoPRpKM4k1uHFnwUDP5v1N09z0iPFo8JU2 hxH6JWlxDNjtc2d34sNyOnq3EbitgQBjuv1d4maEdLQQRUelPIFdHyIKiT8ceZb0 d9dck/9Q27XpRnQA92mmbw3141J2fvjG/E9Yvj7XPrRmfRgh8bF+a3L3W8bvAQqg yS7Sf/BgYKgBY2AHsim1aaN4SwIDAQABo4IClTCCApEwHQYDVR0OBBYEFB88fWmz UwQL96SUCeW0COwFUik2MB8GA1UdIwQYMBaAFGYcZOKTuH9HOvYdid5I/EU4VwFX MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBREI5OC9EOTNFOTNEQzQ5 MjExMUVEQUJENTlDNTNDNEY5QUUwMi9aaHhrNHBPNGYwYzY5aDJKM2tqOFJUaFhB VmMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL1poeGs0cE80ZjBjNjloMkoza2o4UlRoWEFWYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QURCOTgvRDkzRTkzREM0OTIxMTFFREFCRDU5QzUzQzRGOUFFMDIvMkY0RkU3MzI1 QjdDMTFFREFBRkFCODMxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E EDAOMAwEAgABMAYDBAKMqPQwDQYJKoZIhvcNAQELBQADggEBAJUn3unrIBnj/eqV Gru6uCL7hrt1HIIt0vmvy1FWguBvvkq+3Z8Kklo1DvzCh2ZHen8DfEkd4q46gYjr zOzV9FpIqzx7u9ldJdjcPpllcEtPN+OZT3YUoi2QT1fBUTnGunCwvfghM1usO+9X SdMQY0RzrTqqiSTxvUC39pV/zfcWyqjf8WDnMjaLx/nA9N5/U4mjyiOm52oxlgV4 KtBPC5w9npMQC67RstZp0fOI5aATv0aPq5x9xHaj/EBVdcL2ipTkxOP7A0012ET2 POvPu4pU33fAdrnh4yi/IqGX3cMo24v0Rq1ZCB6KY0YEK+uDhd9TaQt9eiB7mGRp 1TfcRiY= -----END CERTIFICATE-----Generated at Thu Nov 21 03:12:03 2024 by rpki-client on console-fra.rpki-client.org