$ rpki-client -vvf rpki.apnic.net/member_repository/A91B6F47/B4A86C381D8411E2969FC5DA08B02CD2/D0886954188811EC8E86754FC4F9AE02.roa File: D0886954188811EC8E86754FC4F9AE02.roa (raw, json) Hash identifier: yPv2xJqSMbxdqO3CUxzFvtSmE89AHilhOo/061TH8FU= Subject key identifier: 22:BD:FA:6F:47:B7:34:B5:44:CE:75:66:49:09:90:32:72:7C:6F:09 Certificate issuer: /CN=A91B6F47/serialNumber=538B076E0AADD8FAE2970C9543E849A90FE73752 Certificate serial: 34E5 Authority key identifier: 53:8B:07:6E:0A:AD:D8:FA:E2:97:0C:95:43:E8:49:A9:0F:E7:37:52 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U4sHbgqt2PrilwyVQ-hJqQ_nN1I.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B6F47/B4A86C381D8411E2969FC5DA08B02CD2/D0886954188811EC8E86754FC4F9AE02.roa Signing time: Wed 02 Oct 2024 14:50:35 +0000 ROA not before: Wed 02 Oct 2024 14:50:35 +0000 ROA not after: Mon 01 Dec 2025 00:00:00 +0000 asID: 7532 IP address blocks: 219.69.251.0/24 maxlen: 24 219.69.252.0/22 maxlen: 22 219.69.252.0/23 maxlen: 23 219.69.252.0/24 maxlen: 24 219.69.253.0/24 maxlen: 24 219.69.254.0/23 maxlen: 23 219.69.254.0/24 maxlen: 24 219.69.255.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B6F47/B4A86C381D8411E2969FC5DA08B02CD2/U4sHbgqt2PrilwyVQ-hJqQ_nN1I.crl rsync://rpki.apnic.net/member_repository/A91B6F47/B4A86C381D8411E2969FC5DA08B02CD2/U4sHbgqt2PrilwyVQ-hJqQ_nN1I.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U4sHbgqt2PrilwyVQ-hJqQ_nN1I.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Nov 2024 14:24:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13541 (0x34e5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B6F47/serialNumber=538B076E0AADD8FAE2970C9543E849A90FE73752 Validity Not Before: Oct 2 14:50:35 2024 GMT Not After : Dec 1 00:00:00 2025 GMT Subject: CN=66fd5dbb-d3c2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9f:9a:56:af:01:ef:bd:9c:68:d0:b0:76:17:4a: e8:4f:b5:6b:9e:8e:57:a2:96:c6:68:83:07:47:6b: 40:68:16:43:06:2c:8a:6b:31:66:47:25:09:4d:ef: 40:4f:84:66:7e:75:7c:45:87:37:26:ca:bd:72:dc: 09:aa:2d:94:79:57:9d:b8:4c:6c:48:84:a3:2c:fd: 85:c4:37:b7:f3:fd:30:ff:ce:d3:49:71:35:7c:99: b9:dc:fa:ca:e8:7d:17:67:7d:a5:d1:15:93:a9:75: 92:da:f1:45:a9:51:74:d8:09:98:ce:2f:0f:91:a2: ca:74:e2:22:f6:2c:2b:c5:82:33:65:d6:3c:d8:d9: 2a:a4:3d:0e:30:c4:a3:7e:3d:b1:7f:67:c3:71:cf: 58:0f:a0:51:d8:e6:1d:fd:0f:b2:03:6c:8b:42:fd: 0c:73:4e:b7:67:45:ee:0c:5b:ae:6d:ac:98:0f:1e: 4c:71:28:bd:62:18:83:5e:24:11:4d:c3:5e:0e:f0: c3:4b:1c:75:e2:ff:bb:d1:7e:03:aa:83:03:34:45: 4d:7f:5e:d7:1b:3c:07:c0:45:a8:b8:1a:5c:66:31: 3c:50:3f:a2:26:75:c6:7a:ef:39:a0:ef:10:bb:a4: e7:80:5d:94:e0:78:73:e8:a4:8f:4f:9a:18:b4:e5: 2a:e3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 22:BD:FA:6F:47:B7:34:B5:44:CE:75:66:49:09:90:32:72:7C:6F:09 X509v3 Authority Key Identifier: keyid:53:8B:07:6E:0A:AD:D8:FA:E2:97:0C:95:43:E8:49:A9:0F:E7:37:52 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B6F47/B4A86C381D8411E2969FC5DA08B02CD2/U4sHbgqt2PrilwyVQ-hJqQ_nN1I.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U4sHbgqt2PrilwyVQ-hJqQ_nN1I.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B6F47/B4A86C381D8411E2969FC5DA08B02CD2/D0886954188811EC8E86754FC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 219.69.251.0-219.69.255.255 Signature Algorithm: sha256WithRSAEncryption 69:bf:a1:91:f8:25:74:d7:7c:80:00:20:52:55:25:88:eb:d8: f4:c2:13:df:14:15:ba:38:27:0a:d3:30:d7:82:66:de:21:52: c0:d4:3a:43:6c:2d:11:04:15:e1:c4:09:c8:5f:35:51:6e:0e: 4c:89:08:20:77:9f:80:bf:d9:6b:bc:12:07:0e:77:be:7c:af: fc:cf:69:56:38:2d:c7:07:19:82:b7:d2:59:d0:d3:35:17:d0: db:9b:fb:0e:a0:fa:c6:65:b3:8d:57:cd:da:21:99:1c:b2:16: a9:fd:b6:e3:6c:b6:7a:fe:cb:bd:5d:56:82:43:cf:17:e6:b2: 1d:74:1b:70:95:22:68:df:30:8f:3c:6d:ec:21:30:33:5c:f8: 72:eb:8a:a2:f3:94:a8:5c:41:cb:99:c2:7d:28:97:c6:ce:84: 01:df:76:70:0a:b3:55:6e:2d:c9:16:fb:9c:37:ac:86:b2:1d: fc:57:f3:7a:ce:aa:03:b8:ca:40:3a:22:04:26:b0:48:11:44: c4:a0:c7:88:c9:8c:31:cc:09:dc:b2:b4:35:2a:2c:1d:b3:c2: a2:7e:6b:95:af:58:80:2d:58:4e:aa:bd:dc:a5:87:f1:73:7e: 53:1e:89:aa:54:59:55:2f:5f:02:ef:2b:65:38:52:a9:f9:83: e8:6e:3e:b8 -----BEGIN CERTIFICATE----- MIIFeDCCBGCgAwIBAgICNOUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjZGNDcxMTAvBgNVBAUTKDUzOEIwNzZFMEFBREQ4RkFFMjk3MEM5NTQzRTg0OUE5 MEZFNzM3NTIwHhcNMjQxMDAyMTQ1MDM1WhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD VQQDEw02NmZkNWRiYi1kM2MyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAn5pWrwHvvZxo0LB2F0roT7Vrno5XopbGaIMHR2tAaBZDBiyKazFmRyUJTe9A T4RmfnV8RYc3Jsq9ctwJqi2UeVeduExsSISjLP2FxDe38/0w/87TSXE1fJm53PrK 6H0XZ32l0RWTqXWS2vFFqVF02AmYzi8PkaLKdOIi9iwrxYIzZdY82NkqpD0OMMSj fj2xf2fDcc9YD6BR2OYd/Q+yA2yLQv0Mc063Z0XuDFuubayYDx5McSi9YhiDXiQR TcNeDvDDSxx14v+70X4DqoMDNEVNf17XGzwHwEWouBpcZjE8UD+iJnXGeu85oO8Q u6TngF2U4Hhz6KSPT5oYtOUq4wIDAQABo4ICnDCCApgwHQYDVR0OBBYEFCK9+m9H tzS1RM51ZkkJkDJyfG8JMB8GA1UdIwQYMBaAFFOLB24Krdj64pcMlUPoSakP5zdS MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNkY0Ny9CNEE4NkMzODFE ODQxMUUyOTY5RkM1REEwOEIwMkNEMi9VNHNIYmdxdDJQcmlsd3lWUS1oSnFRX25O MUkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1U0c0hiZ3F0MlByaWx3eVZRLWhKcVFfbk4xSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QjZGNDcvQjRBODZDMzgxRDg0MTFFMjk2OUZDNURBMDhCMDJDRDIvRDA4ODY5NTQx ODg4MTFFQzhFODY3NTRGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJgYIKwYBBQUHAQcBAf8E FzAVMBMEAgABMA0wCwMEANtF+wMDAdtEMA0GCSqGSIb3DQEBCwUAA4IBAQBpv6GR +CV013yAACBSVSWI69j0whPfFBW6OCcK0zDXgmbeIVLA1DpDbC0RBBXhxAnIXzVR bg5MiQggd5+Av9lrvBIHDne+fK/8z2lWOC3HBxmCt9JZ0NM1F9Dbm/sOoPrGZbON V83aIZkcshap/bbjbLZ6/su9XVaCQ88X5rIddBtwlSJo3zCPPG3sITAzXPhy64qi 85SoXEHLmcJ9KJfGzoQB33ZwCrNVbi3JFvucN6yGsh38V/N6zqoDuMpAOiIEJrBI EUTEoMeIyYwxzAncsrQ1Kiwds8KifmuVr1iALVhOqr3cpYfxc35THomqVFlVL18C 7ytlOFKp+YPobj64 -----END CERTIFICATE-----Generated at Fri Nov 22 16:50:03 2024 by rpki-client on console-ams.rpki-client.org