$ rpki-client -vvf rpki.apnic.net/member_repository/A91B885C/5C19F842F26711E987C7131FC4F9AE02/8BFEF29C3AEA11EC84E6634EC4F9AE02.roa File: 8BFEF29C3AEA11EC84E6634EC4F9AE02.roa (raw, json) Hash identifier: 6AuQCNi7iK15RtzvfV//IUBY8nRAT2OpYlqzTxVMIs4= Subject key identifier: 20:28:28:6C:1B:D5:E6:F5:3B:02:70:7B:65:E0:BD:69:A8:2B:C0:4A Certificate issuer: /CN=A91B885C/serialNumber=5374C6E75F186052455A2D8DA5292FEF009CC9AF Certificate serial: 0CC4 Authority key identifier: 53:74:C6:E7:5F:18:60:52:45:5A:2D:8D:A5:29:2F:EF:00:9C:C9:AF Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U3TG518YYFJFWi2NpSkv7wCcya8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B885C/5C19F842F26711E987C7131FC4F9AE02/8BFEF29C3AEA11EC84E6634EC4F9AE02.roa Signing time: Thu 31 Oct 2024 18:36:42 +0000 ROA not before: Thu 31 Oct 2024 18:36:42 +0000 ROA not after: Sat 01 Mar 2025 00:00:00 +0000 asID: 134520 IP address blocks: 27.122.56.0/24 maxlen: 24 27.122.57.0/24 maxlen: 24 43.239.156.0/22 maxlen: 24 43.251.157.0/24 maxlen: 24 43.251.158.0/24 maxlen: 24 43.251.159.0/24 maxlen: 24 103.1.152.0/24 maxlen: 24 103.1.153.0/24 maxlen: 24 103.1.154.0/24 maxlen: 24 103.10.196.0/24 maxlen: 24 103.10.198.0/24 maxlen: 24 103.35.72.0/22 maxlen: 22 103.35.72.0/24 maxlen: 24 103.35.73.0/24 maxlen: 24 103.35.74.0/24 maxlen: 24 103.35.75.0/24 maxlen: 24 2402:c480:8000::/48 maxlen: 48 2402:c480:9000::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B885C/5C19F842F26711E987C7131FC4F9AE02/U3TG518YYFJFWi2NpSkv7wCcya8.crl rsync://rpki.apnic.net/member_repository/A91B885C/5C19F842F26711E987C7131FC4F9AE02/U3TG518YYFJFWi2NpSkv7wCcya8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U3TG518YYFJFWi2NpSkv7wCcya8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Nov 2024 18:10:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3268 (0xcc4) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B885C/serialNumber=5374C6E75F186052455A2D8DA5292FEF009CC9AF Validity Not Before: Oct 31 18:36:42 2024 GMT Not After : Mar 1 00:00:00 2025 GMT Subject: CN=6723ce3a-1bc9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:0e:77:e7:a5:52:62:47:0c:38:e3:0e:bb:4d: 63:46:2f:cf:d2:4f:92:32:bf:62:0f:0c:ac:73:b7: 1f:c4:49:82:a8:43:0a:fe:b9:ff:62:77:4f:bc:6b: cd:e0:62:fc:b0:c4:00:8c:bb:6f:3c:fd:6a:5a:f0: e2:72:68:05:85:79:75:74:3f:e4:19:28:a2:f2:e0: 07:bf:fd:77:b9:05:7d:a4:ed:32:35:42:d9:32:4b: 3c:ad:96:b8:4f:ce:cf:c7:ca:25:1d:4a:82:19:6d: 90:65:af:27:6d:77:0c:34:1c:74:7c:06:82:10:38: b3:7d:f5:a5:18:33:dc:b5:22:66:83:da:33:ec:d0: bb:b6:01:96:b3:d1:d5:45:b8:95:ae:d3:00:1f:07: c2:99:5e:ec:11:7a:b8:a5:68:56:a4:ec:3b:86:4a: 92:04:38:6a:e5:15:bd:d9:23:ed:cc:19:bc:af:ea: f4:0b:73:85:1e:0d:08:8a:b6:7f:4e:0e:4e:9f:24: e9:88:1d:9b:52:f7:26:f6:8c:af:57:fc:7e:11:84: 15:57:55:50:e1:33:09:e9:0b:bc:81:1f:5b:18:3b: 1d:f7:07:c9:8d:be:7c:50:93:ec:31:b6:a1:df:52: cd:13:55:74:77:0f:c9:c8:d3:f1:2b:54:5d:82:96: e3:73 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 20:28:28:6C:1B:D5:E6:F5:3B:02:70:7B:65:E0:BD:69:A8:2B:C0:4A X509v3 Authority Key Identifier: keyid:53:74:C6:E7:5F:18:60:52:45:5A:2D:8D:A5:29:2F:EF:00:9C:C9:AF X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B885C/5C19F842F26711E987C7131FC4F9AE02/U3TG518YYFJFWi2NpSkv7wCcya8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U3TG518YYFJFWi2NpSkv7wCcya8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B885C/5C19F842F26711E987C7131FC4F9AE02/8BFEF29C3AEA11EC84E6634EC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 27.122.56.0/23 43.239.156.0/22 43.251.157.0-43.251.159.255 103.1.152.0-103.1.154.255 103.10.196.0/24 103.10.198.0/24 103.35.72.0/22 IPv6: 2402:c480:8000::/48 2402:c480:9000::/48 Signature Algorithm: sha256WithRSAEncryption 6d:18:69:fe:07:15:92:23:13:66:29:8d:bf:27:77:20:3d:63: 22:5f:ab:1c:82:cc:2d:63:27:fc:2d:4b:03:d0:e9:77:2a:6b: 17:3c:1b:f2:51:53:69:60:b4:68:d9:5e:7c:e2:3d:7e:a6:3a: cc:68:bd:1b:61:ac:f7:15:de:30:28:5e:c4:2d:e2:15:a5:4b: f7:d3:09:6f:af:ca:7a:b6:4e:1a:1f:88:14:f4:1f:22:6d:7d: 38:23:35:f8:73:56:80:e6:27:94:a6:cd:f7:47:33:f1:e7:0d: aa:cc:0d:71:08:b2:d5:52:59:1c:ab:98:5c:ea:39:ad:34:d7: a5:c1:e8:d6:74:e2:7b:a9:4d:4e:3f:34:94:db:76:40:ad:8c: cb:6a:3d:bf:3d:f1:5d:15:00:f7:17:1f:e8:01:c2:f5:5a:c1: ec:34:72:a8:ed:60:b4:f0:7f:86:aa:b3:93:3e:5f:1f:e9:9e: 76:99:83:ec:33:dd:09:46:73:b0:48:b3:e3:e0:78:d2:1f:56: 54:24:4b:8e:4e:e5:39:8b:6e:f2:b6:d0:34:ea:b2:83:a0:97: c8:be:d0:16:e0:c5:d8:1d:61:f4:09:5a:c4:da:b5:e4:90:96: 47:21:75:11:ba:f8:32:21:c3:98:63:eb:89:f5:aa:40:b5:0b: 51:f6:47:ad -----BEGIN CERTIFICATE----- MIIFvzCCBKegAwIBAgICDMQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Qjg4NUMxMTAvBgNVBAUTKDUzNzRDNkU3NUYxODYwNTI0NTVBMkQ4REE1MjkyRkVG MDA5Q0M5QUYwHhcNMjQxMDMxMTgzNjQyWhcNMjUwMzAxMDAwMDAwWjAYMRYwFAYD VQQDEw02NzIzY2UzYS0xYmM5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA1Q5356VSYkcMOOMOu01jRi/P0k+SMr9iDwysc7cfxEmCqEMK/rn/YndPvGvN 4GL8sMQAjLtvPP1qWvDicmgFhXl1dD/kGSii8uAHv/13uQV9pO0yNULZMks8rZa4 T87Px8olHUqCGW2QZa8nbXcMNBx0fAaCEDizffWlGDPctSJmg9oz7NC7tgGWs9HV RbiVrtMAHwfCmV7sEXq4pWhWpOw7hkqSBDhq5RW92SPtzBm8r+r0C3OFHg0IirZ/ Tg5OnyTpiB2bUvcm9oyvV/x+EYQVV1VQ4TMJ6Qu8gR9bGDsd9wfJjb58UJPsMbah 31LNE1V0dw/JyNPxK1RdgpbjcwIDAQABo4IC4zCCAt8wHQYDVR0OBBYEFCAoKGwb 1eb1OwJwe2XgvWmoK8BKMB8GA1UdIwQYMBaAFFN0xudfGGBSRVotjaUpL+8AnMmv MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCODg1Qy81QzE5Rjg0MkYy NjcxMUU5ODdDNzEzMUZDNEY5QUUwMi9VM1RHNTE4WVlGSkZXaTJOcFNrdjd3Q2N5 YTguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1UzVEc1MThZWUZKRldpMk5wU2t2N3dDY3lhOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx Qjg4NUMvNUMxOUY4NDJGMjY3MTFFOTg3QzcxMzFGQzRGOUFFMDIvOEJGRUYyOUMz QUVBMTFFQzg0RTY2MzRFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwbQYIKwYBBQUHAQcBAf8E XjBcMEAEAgABMDoDBAEbejgDBAIr75wwDAMEACv7nQMEBSv7gDAMAwQDZwGYAwQA ZwGaAwQAZwrEAwQAZwrGAwQCZyNIMBgEAgACMBIDBwAkAsSAgAADBwAkAsSAkAAw DQYJKoZIhvcNAQELBQADggEBAG0Yaf4HFZIjE2Ypjb8ndyA9YyJfqxyCzC1jJ/wt SwPQ6Xcqaxc8G/JRU2lgtGjZXnziPX6mOsxovRthrPcV3jAoXsQt4hWlS/fTCW+v ynq2ThofiBT0HyJtfTgjNfhzVoDmJ5SmzfdHM/HnDarMDXEIstVSWRyrmFzqOa00 16XB6NZ04nupTU4/NJTbdkCtjMtqPb898V0VAPcXH+gBwvVawew0cqjtYLTwf4aq s5M+Xx/pnnaZg+wz3QlGc7BIs+PgeNIfVlQkS45O5TmLbvK20DTqsoOgl8i+0Bbg xdgdYfQJWsTateSQlkchdRG6+DIhw5hj64n1qkC1C1H2R60= -----END CERTIFICATE-----Generated at Fri Nov 22 19:45:02 2024 by rpki-client on console-fra.rpki-client.org