$ rpki-client -vvf rpki.apnic.net/member_repository/A91B8D56/1BC8E1B6630A11ECAAA1414EC4F9AE02/70638510630E11ECB30DB557C4F9AE02.roa File: 70638510630E11ECB30DB557C4F9AE02.roa (raw, json) Hash identifier: mPZNuKlmoik6ecfgLSUJSnNAwqX7KJZV7MydUnK5gbs= Subject key identifier: 37:D0:8D:48:38:C8:0A:D1:96:85:BE:7F:96:4C:CB:E3:E1:80:CE:C9 Certificate issuer: /CN=A91B8D56/serialNumber=CF15AD102EEDDFBCCA68585A6F5C3817FE8A18D5 Certificate serial: 0336 Authority key identifier: CF:15:AD:10:2E:ED:DF:BC:CA:68:58:5A:6F:5C:38:17:FE:8A:18:D5 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zxWtEC7t37zKaFhab1w4F_6KGNU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B8D56/1BC8E1B6630A11ECAAA1414EC4F9AE02/70638510630E11ECB30DB557C4F9AE02.roa Signing time: Fri 19 Jan 2024 02:43:48 +0000 ROA not before: Fri 19 Jan 2024 02:43:48 +0000 ROA not after: Mon 31 Mar 2025 00:00:00 +0000 asID: 134177 IP address blocks: 45.113.64.0/23 maxlen: 23 45.113.64.0/24 maxlen: 24 45.113.65.0/24 maxlen: 24 45.113.66.0/23 maxlen: 23 45.113.66.0/24 maxlen: 24 45.113.67.0/24 maxlen: 24 103.52.208.0/23 maxlen: 23 103.52.208.0/24 maxlen: 24 103.52.209.0/24 maxlen: 24 103.52.210.0/23 maxlen: 23 103.52.210.0/24 maxlen: 24 103.52.211.0/24 maxlen: 24 203.26.234.0/24 maxlen: 24 2402:2480::/48 maxlen: 48 2402:2480:1::/48 maxlen: 48 2402:2480:2::/48 maxlen: 48 2402:2480:3::/48 maxlen: 48 2402:2480:4::/48 maxlen: 48 2402:2480:5::/48 maxlen: 48 2402:2480:6::/48 maxlen: 48 2402:2480:7::/48 maxlen: 48 2402:2480:8::/48 maxlen: 48 2402:2480:9::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B8D56/1BC8E1B6630A11ECAAA1414EC4F9AE02/zxWtEC7t37zKaFhab1w4F_6KGNU.crl rsync://rpki.apnic.net/member_repository/A91B8D56/1BC8E1B6630A11ECAAA1414EC4F9AE02/zxWtEC7t37zKaFhab1w4F_6KGNU.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zxWtEC7t37zKaFhab1w4F_6KGNU.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Nov 2024 20:43:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 822 (0x336) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B8D56/serialNumber=CF15AD102EEDDFBCCA68585A6F5C3817FE8A18D5 Validity Not Before: Jan 19 02:43:48 2024 GMT Not After : Mar 31 00:00:00 2025 GMT Subject: CN=65a9e1e3-430b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:a7:f9:e3:d4:fa:ce:3e:8a:58:ee:bb:14:d2: 69:8a:73:36:52:f1:90:4d:35:f4:80:9d:c9:d0:88: 1b:d5:47:ec:40:17:0b:72:e9:37:42:ea:f5:02:31: b0:47:e7:4c:29:79:59:3a:73:ec:ef:20:2b:bf:f8: 2e:46:c6:e4:42:75:c8:ce:02:2d:37:7c:a7:87:c0: 86:ea:39:5f:a6:e2:28:db:ab:b5:aa:fa:b9:63:24: 65:17:db:d6:79:8d:ec:8c:4e:a0:5a:8f:e9:3e:b8: a9:9d:30:4b:a7:a1:a5:4f:4c:d2:8e:c3:fe:b5:5d: 34:38:75:fc:6a:0d:32:e0:2b:d7:02:43:1e:b7:ed: 9d:a0:c4:e2:8f:e6:53:ae:da:0d:c3:e2:d4:1c:b6: bd:c6:c3:fd:82:fa:87:aa:5b:e4:4a:00:18:e3:f6: 6a:5a:e9:7a:fb:4b:83:02:2a:40:bd:70:c6:24:e3: b3:64:ac:3b:03:99:85:45:6e:1d:87:2c:58:76:c2: d2:ae:37:89:a1:ce:9d:93:36:ed:ec:ae:2c:b3:5e: b4:2b:5e:df:78:f2:55:a6:cf:3f:34:6f:aa:57:de: e4:71:2f:6c:09:63:f2:24:dc:c8:64:4e:47:fd:9f: bf:19:07:4c:c6:b6:df:fa:e4:44:28:1b:c1:75:64: c5:6d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 37:D0:8D:48:38:C8:0A:D1:96:85:BE:7F:96:4C:CB:E3:E1:80:CE:C9 X509v3 Authority Key Identifier: keyid:CF:15:AD:10:2E:ED:DF:BC:CA:68:58:5A:6F:5C:38:17:FE:8A:18:D5 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B8D56/1BC8E1B6630A11ECAAA1414EC4F9AE02/zxWtEC7t37zKaFhab1w4F_6KGNU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zxWtEC7t37zKaFhab1w4F_6KGNU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B8D56/1BC8E1B6630A11ECAAA1414EC4F9AE02/70638510630E11ECB30DB557C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 45.113.64.0/22 103.52.208.0/22 203.26.234.0/24 IPv6: 2402:2480::-2402:2480:9:ffff:ffff:ffff:ffff:ffff Signature Algorithm: sha256WithRSAEncryption 2b:81:4f:7c:55:fd:1f:ea:89:b5:5e:5c:88:aa:7e:c7:c6:37: 2a:a4:e6:2c:78:a7:1d:97:94:c5:0d:69:ac:07:a7:03:29:3a: 9b:a4:ae:a9:84:19:26:b5:b5:a8:cb:ae:38:f2:4a:1a:4f:c1: 6f:24:05:52:ee:26:13:af:95:c9:9a:98:12:b8:e3:11:b7:ea: 02:32:9e:7d:89:43:8a:0e:cd:3b:db:9d:e1:f5:0e:32:08:cd: 0f:79:7f:76:21:d4:ee:36:de:b9:53:dc:da:e3:1d:56:c7:6a: e3:9a:e4:3b:a2:dd:13:c2:df:cc:6d:6c:0f:51:b5:a2:02:7e: fb:26:b7:40:24:87:c5:9e:37:15:2f:3f:66:79:2a:bb:0c:59: 32:b3:74:f1:a8:a9:32:a3:7b:1d:6a:9b:db:28:a3:5f:74:ff: 48:a1:49:90:52:72:9f:d3:ed:be:ff:70:27:4c:a8:5a:12:d3: 77:19:35:cc:ab:0f:96:0d:d5:e7:0d:e6:54:84:43:ce:01:34: 2c:dc:e6:7e:19:93:d8:c3:e2:c4:3b:f0:6f:d6:44:a2:ca:26: 95:21:28:b1:8a:ad:fc:fe:b0:57:b9:d0:3a:ae:20:78:5d:56: 08:30:9d:7e:02:cf:00:88:90:1d:fc:56:63:d0:17:3b:35:f6: 62:57:49:71 -----BEGIN CERTIFICATE----- MIIFlzCCBH+gAwIBAgICAzYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjhENTYxMTAvBgNVBAUTKENGMTVBRDEwMkVFRERGQkNDQTY4NTg1QTZGNUMzODE3 RkU4QTE4RDUwHhcNMjQwMTE5MDI0MzQ4WhcNMjUwMzMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NWE5ZTFlMy00MzBiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAo6f549T6zj6KWO67FNJpinM2UvGQTTX0gJ3J0Igb1UfsQBcLcuk3Qur1AjGw R+dMKXlZOnPs7yArv/guRsbkQnXIzgItN3ynh8CG6jlfpuIo26u1qvq5YyRlF9vW eY3sjE6gWo/pPripnTBLp6GlT0zSjsP+tV00OHX8ag0y4CvXAkMet+2doMTij+ZT rtoNw+LUHLa9xsP9gvqHqlvkSgAY4/ZqWul6+0uDAipAvXDGJOOzZKw7A5mFRW4d hyxYdsLSrjeJoc6dkzbt7K4ss160K17fePJVps8/NG+qV97kcS9sCWPyJNzIZE5H /Z+/GQdMxrbf+uREKBvBdWTFbQIDAQABo4ICuzCCArcwHQYDVR0OBBYEFDfQjUg4 yArRloW+f5ZMy+PhgM7JMB8GA1UdIwQYMBaAFM8VrRAu7d+8ymhYWm9cOBf+ihjV MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCOEQ1Ni8xQkM4RTFCNjYz MEExMUVDQUFBMTQxNEVDNEY5QUUwMi96eFd0RUM3dDM3ekthRmhhYjF3NEZfNktH TlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3p4V3RFQzd0Mzd6S2FGaGFiMXc0Rl82S0dOVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QjhENTYvMUJDOEUxQjY2MzBBMTFFQ0FBQTE0MTRFQzRGOUFFMDIvNzA2Mzg1MTA2 MzBFMTFFQ0IzMERCNTU3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwRQYIKwYBBQUHAQcBAf8E NjA0MBgEAgABMBIDBAItcUADBAJnNNADBADLGuowGAQCAAIwEjAQAwUHJAIkgAMH ASQCJIAACDANBgkqhkiG9w0BAQsFAAOCAQEAK4FPfFX9H+qJtV5ciKp+x8Y3KqTm LHinHZeUxQ1prAenAyk6m6SuqYQZJrW1qMuuOPJKGk/BbyQFUu4mE6+VyZqYErjj EbfqAjKefYlDig7NO9ud4fUOMgjND3l/diHU7jbeuVPc2uMdVsdq45rkO6LdE8Lf zG1sD1G1ogJ++ya3QCSHxZ43FS8/ZnkquwxZMrN08aipMqN7HWqb2yijX3T/SKFJ kFJyn9Ptvv9wJ0yoWhLTdxk1zKsPlg3V5w3mVIRDzgE0LNzmfhmT2MPixDvwb9ZE osomlSEosYqt/P6wV7nQOq4geF1WCDCdfgLPAIiQHfxWY9AXOzX2YldJcQ== -----END CERTIFICATE-----Generated at Sat Nov 23 01:27:27 2024 by rpki-client on console-ams.rpki-client.org