$ rpki-client -vvf rpki.apnic.net/member_repository/A91B85B2/208FF9D2574911EBBB23D509C4F9AE02/E4A690EE5AC211EFAB8E8C16C4F9AE02.roa File: E4A690EE5AC211EFAB8E8C16C4F9AE02.roa (raw, json) Hash identifier: xDkjde8fXVe0/58MBEqY/WqNBmnSLATc80yeKpLKQQc= Subject key identifier: 7B:89:08:88:70:A2:8F:B5:45:7B:1B:8D:56:1C:03:E9:E4:97:85:3A Certificate issuer: /CN=A91B85B2/serialNumber=58408D2C9EF799511A6E5D70F82EC86996F313F4 Certificate serial: 0645 Authority key identifier: 58:40:8D:2C:9E:F7:99:51:1A:6E:5D:70:F8:2E:C8:69:96:F3:13:F4 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WECNLJ73mVEabl1w-C7IaZbzE_Q.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B85B2/208FF9D2574911EBBB23D509C4F9AE02/E4A690EE5AC211EFAB8E8C16C4F9AE02.roa Signing time: Thu 15 Aug 2024 04:57:38 +0000 ROA not before: Thu 15 Aug 2024 04:57:38 +0000 ROA not after: Tue 01 Jul 2025 00:00:00 +0000 asID: 45753 IP address blocks: 203.7.167.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B85B2/208FF9D2574911EBBB23D509C4F9AE02/WECNLJ73mVEabl1w-C7IaZbzE_Q.crl rsync://rpki.apnic.net/member_repository/A91B85B2/208FF9D2574911EBBB23D509C4F9AE02/WECNLJ73mVEabl1w-C7IaZbzE_Q.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WECNLJ73mVEabl1w-C7IaZbzE_Q.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 Nov 2024 20:33:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1605 (0x645) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B85B2/serialNumber=58408D2C9EF799511A6E5D70F82EC86996F313F4 Validity Not Before: Aug 15 04:57:38 2024 GMT Not After : Jul 1 00:00:00 2025 GMT Subject: CN=66bd8ac2-e200 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:cf:6b:f0:2f:5e:74:07:31:80:3f:0b:42:8f: 13:07:50:32:1b:1e:00:d5:8b:19:4d:68:8b:51:ca: ad:c9:f9:d5:67:d9:89:49:1e:a1:08:d3:13:2e:bd: 62:13:bb:9a:e1:95:66:a4:79:83:95:57:7c:ca:c0: b0:15:ff:bb:b3:94:00:23:ef:62:8a:ce:b8:f5:dd: e1:49:87:80:37:e6:0f:a7:4a:83:1a:e1:81:30:8f: 41:11:a0:a2:2a:c7:be:5f:75:4b:55:10:b5:9b:b7: db:cd:9c:16:b2:76:3b:43:35:f7:17:57:24:fc:d0: 5a:29:e5:70:4c:94:c4:ac:0e:30:e1:34:49:1c:f2: af:ef:38:2f:db:6c:81:95:bd:87:dc:37:22:82:7b: b5:8d:a5:3d:63:f6:5a:36:e5:39:e1:bb:62:6f:15: 5a:bb:a7:14:52:f0:b2:83:89:67:60:bf:eb:fb:9f: 8c:dd:af:d1:10:90:ce:18:36:12:11:46:28:c7:cf: 5c:c9:0a:85:a1:08:53:62:42:7a:86:51:66:d6:57: fd:62:bc:ab:07:1a:ce:21:0a:bb:c3:17:4e:85:4e: ad:90:48:72:5c:cf:9c:e6:c0:2b:cb:87:51:86:81: 15:cf:f6:1a:82:5b:c7:eb:7b:6d:b9:5b:7e:2e:49: 9c:91 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7B:89:08:88:70:A2:8F:B5:45:7B:1B:8D:56:1C:03:E9:E4:97:85:3A X509v3 Authority Key Identifier: keyid:58:40:8D:2C:9E:F7:99:51:1A:6E:5D:70:F8:2E:C8:69:96:F3:13:F4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B85B2/208FF9D2574911EBBB23D509C4F9AE02/WECNLJ73mVEabl1w-C7IaZbzE_Q.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WECNLJ73mVEabl1w-C7IaZbzE_Q.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B85B2/208FF9D2574911EBBB23D509C4F9AE02/E4A690EE5AC211EFAB8E8C16C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 203.7.167.0/24 Signature Algorithm: sha256WithRSAEncryption 07:86:27:a2:af:00:0d:87:3b:cf:42:b4:c7:b3:fe:2a:e8:02: a6:bb:a0:11:3f:d5:ec:6c:ad:06:9c:84:22:57:3c:20:36:b4: 02:9b:b9:ba:88:7f:b9:8a:2c:88:c0:62:87:a7:72:86:5f:46: ff:71:36:04:1c:f8:c8:15:82:f6:61:24:a0:2c:6c:30:b0:cb: 0d:15:67:c2:92:c2:26:9b:22:4d:5b:b3:1e:80:fe:a7:1e:21: 3a:a0:db:cf:cd:f6:8a:23:ad:03:f7:34:f4:5d:6b:2f:b1:3d: 23:9a:df:be:f5:74:5f:d5:4b:be:14:54:6a:89:cb:77:94:70: 57:94:df:f3:88:d2:8e:d4:71:d7:3d:f2:0b:cf:3b:9e:2a:b6: ad:17:f2:41:cd:82:40:d2:fd:9c:a5:9a:90:c1:84:8d:ae:e3: dd:3f:fb:0c:b0:79:a0:03:cc:09:13:42:01:39:46:6a:1e:06: ba:d8:8d:52:33:a1:ca:f7:9c:b3:4f:d8:30:7a:2f:17:c7:57: b0:65:02:a4:77:46:be:2d:bc:a0:96:d6:f8:32:6b:5c:33:cd: af:65:fb:73:c4:73:cb:ec:87:0d:d3:31:5b:98:74:37:25:02: 9f:a7:4c:aa:61:3c:72:42:56:4f:5d:9f:8b:e0:22:d6:5b:00: 2f:ea:33:36 -----BEGIN CERTIFICATE----- MIIFcTCCBFmgAwIBAgICBkUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Qjg1QjIxMTAvBgNVBAUTKDU4NDA4RDJDOUVGNzk5NTExQTZFNUQ3MEY4MkVDODY5 OTZGMzEzRjQwHhcNMjQwODE1MDQ1NzM4WhcNMjUwNzAxMDAwMDAwWjAYMRYwFAYD VQQDEw02NmJkOGFjMi1lMjAwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAys9r8C9edAcxgD8LQo8TB1AyGx4A1YsZTWiLUcqtyfnVZ9mJSR6hCNMTLr1i E7ua4ZVmpHmDlVd8ysCwFf+7s5QAI+9iis649d3hSYeAN+YPp0qDGuGBMI9BEaCi Kse+X3VLVRC1m7fbzZwWsnY7QzX3F1ck/NBaKeVwTJTErA4w4TRJHPKv7zgv22yB lb2H3Dcignu1jaU9Y/ZaNuU54btibxVau6cUUvCyg4lnYL/r+5+M3a/REJDOGDYS EUYox89cyQqFoQhTYkJ6hlFm1lf9YryrBxrOIQq7wxdOhU6tkEhyXM+c5sAry4dR hoEVz/YaglvH63ttuVt+LkmckQIDAQABo4IClTCCApEwHQYDVR0OBBYEFHuJCIhw oo+1RXsbjVYcA+nkl4U6MB8GA1UdIwQYMBaAFFhAjSye95lRGm5dcPguyGmW8xP0 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCODVCMi8yMDhGRjlEMjU3 NDkxMUVCQkIyM0Q1MDlDNEY5QUUwMi9XRUNOTEo3M21WRWFibDF3LUM3SWFaYnpF X1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1dFQ05MSjczbVZFYWJsMXctQzdJYVpiekVfUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx Qjg1QjIvMjA4RkY5RDI1NzQ5MTFFQkJCMjNENTA5QzRGOUFFMDIvRTRBNjkwRUU1 QUMyMTFFRkFCOEU4QzE2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E EDAOMAwEAgABMAYDBADLB6cwDQYJKoZIhvcNAQELBQADggEBAAeGJ6KvAA2HO89C tMez/iroAqa7oBE/1exsrQachCJXPCA2tAKbubqIf7mKLIjAYoencoZfRv9xNgQc +MgVgvZhJKAsbDCwyw0VZ8KSwiabIk1bsx6A/qceITqg28/N9oojrQP3NPRday+x PSOa3771dF/VS74UVGqJy3eUcFeU3/OI0o7Ucdc98gvPO54qtq0X8kHNgkDS/Zyl mpDBhI2u490/+wyweaADzAkTQgE5RmoeBrrYjVIzocr3nLNP2DB6LxfHV7BlAqR3 Rr4tvKCW1vgya1wzza9l+3PEc8vshw3TMVuYdDclAp+nTKphPHJCVk9dn4vgItZb AC/qMzY= -----END CERTIFICATE-----Generated at Wed Nov 20 23:55:51 2024 by rpki-client on console-ams.rpki-client.org