$ rpki-client -vvf rpki.apnic.net/member_repository/A91BC847/ACF943529AF311E8AAB4D55DC4F9AE02/C24FF4C8050D11EA8626AD5DC4F9AE02.roa File: C24FF4C8050D11EA8626AD5DC4F9AE02.roa (raw, json) Hash identifier: bxKpA/oFCU6TUM9crxLIgO78TFK6gY7b8jSCF6lkl2Q= Subject key identifier: 75:D1:87:9A:61:67:D0:4D:E2:D2:64:58:B9:DD:AA:0B:0B:E4:37:32 Certificate issuer: /CN=A91BC847/serialNumber=79D66C64A6165A2E4CB37D49700E6C761841C39A Certificate serial: 1362 Authority key identifier: 79:D6:6C:64:A6:16:5A:2E:4C:B3:7D:49:70:0E:6C:76:18:41:C3:9A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/edZsZKYWWi5Ms31JcA5sdhhBw5o.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91BC847/ACF943529AF311E8AAB4D55DC4F9AE02/C24FF4C8050D11EA8626AD5DC4F9AE02.roa Signing time: Tue 10 Sep 2024 17:55:05 +0000 ROA not before: Tue 10 Sep 2024 17:55:05 +0000 ROA not after: Fri 31 Oct 2025 00:00:00 +0000 asID: 45588 IP address blocks: 114.130.128.0/18 maxlen: 24 114.130.224.0/20 maxlen: 24 123.49.0.0/18 maxlen: 24 180.211.128.0/17 maxlen: 24 203.112.192.0/19 maxlen: 24 2407:5000::/32 maxlen: 40 2407:5000:88::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91BC847/ACF943529AF311E8AAB4D55DC4F9AE02/edZsZKYWWi5Ms31JcA5sdhhBw5o.crl rsync://rpki.apnic.net/member_repository/A91BC847/ACF943529AF311E8AAB4D55DC4F9AE02/edZsZKYWWi5Ms31JcA5sdhhBw5o.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/edZsZKYWWi5Ms31JcA5sdhhBw5o.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Nov 2024 17:01:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4962 (0x1362) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91BC847/serialNumber=79D66C64A6165A2E4CB37D49700E6C761841C39A Validity Not Before: Sep 10 17:55:05 2024 GMT Not After : Oct 31 00:00:00 2025 GMT Subject: CN=66e087f9-b405 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:ba:b3:2d:f9:ad:2b:ab:95:9b:73:da:cc:cc: 10:30:c7:d9:4d:ff:f0:27:b9:08:58:d1:d3:de:25: b0:dd:a5:7e:a9:8e:5e:4a:f8:b3:9e:9e:fc:88:e4: f2:07:7b:ba:dd:b6:80:44:21:fd:fa:e6:51:30:6a: bf:a4:c2:63:ca:3c:ca:a0:11:83:09:2f:d2:16:b0: bb:10:eb:d3:8f:11:10:ea:51:f6:6f:4a:6d:79:96: 36:08:66:f3:c6:c1:39:ad:0c:c0:5d:87:cf:59:7e: f2:ea:37:86:5f:b7:de:df:e4:96:ba:3b:86:72:7a: 20:65:1e:41:82:78:f1:ba:71:53:9f:b6:08:83:ca: f6:7b:b9:90:a5:7b:e7:93:eb:d3:f4:6d:cb:5d:7d: e4:64:76:4b:ef:0b:d9:24:0a:91:ee:c9:6d:1c:3f: 7c:db:11:fa:12:a7:ef:b5:df:22:ac:fe:0f:51:eb: e0:83:44:fb:1a:92:d4:4e:4f:9d:73:da:a9:83:ad: 4c:36:b5:44:e2:72:6a:d5:d9:3d:6b:95:c2:7a:d7: 8c:2b:3d:c2:6a:03:77:3f:64:92:2e:ea:97:38:29: e8:e2:a2:f0:46:d2:0b:dc:1b:56:b1:f5:dd:09:e9: 3b:2a:5c:56:59:c7:90:ab:d4:5e:44:cd:54:0d:00: 70:f9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 75:D1:87:9A:61:67:D0:4D:E2:D2:64:58:B9:DD:AA:0B:0B:E4:37:32 X509v3 Authority Key Identifier: keyid:79:D6:6C:64:A6:16:5A:2E:4C:B3:7D:49:70:0E:6C:76:18:41:C3:9A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91BC847/ACF943529AF311E8AAB4D55DC4F9AE02/edZsZKYWWi5Ms31JcA5sdhhBw5o.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/edZsZKYWWi5Ms31JcA5sdhhBw5o.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BC847/ACF943529AF311E8AAB4D55DC4F9AE02/C24FF4C8050D11EA8626AD5DC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 114.130.128.0/18 114.130.224.0/20 123.49.0.0/18 180.211.128.0/17 203.112.192.0/19 IPv6: 2407:5000::/32 Signature Algorithm: sha256WithRSAEncryption af:57:42:bd:d6:80:2c:8a:30:d4:26:69:fe:db:3f:3c:ad:28: 72:7b:74:44:52:c1:00:09:af:dc:95:75:8b:b9:fb:a9:86:63: 9f:63:7c:5b:b2:c5:ff:aa:d4:91:99:36:e7:df:aa:60:c1:07: fb:7b:32:57:50:1c:da:a5:84:58:94:ac:d5:c8:9a:b2:69:54: 27:ec:64:06:fd:db:68:7a:4d:b1:fb:dd:86:8d:61:ce:ab:84: a9:87:70:db:22:f6:d2:35:f0:e3:e2:6a:13:ca:13:56:51:3e: 8c:da:0e:37:ae:b1:1b:26:cf:99:32:91:c6:7b:2b:33:07:16: 20:0a:55:0d:81:f1:66:81:80:58:e1:b9:4e:d0:a1:57:a6:ee: 2f:9b:90:ba:8c:4e:ad:68:87:8b:0a:f0:9e:75:99:6a:20:e4: c8:78:58:01:65:22:21:93:a7:f8:12:5f:47:91:a1:09:c1:4f: bc:70:42:6b:f1:85:83:08:63:82:d7:e4:ba:c0:19:f6:2c:e0: 6c:68:fe:b2:5f:b6:65:67:7b:1e:58:c4:28:9e:e9:c6:c1:04: c7:5a:8d:58:51:b1:fd:56:f4:35:44:80:f4:eb:12:32:89:be: 6a:0c:81:08:d9:c0:cb:6b:e7:10:61:96:6c:f0:ed:0d:c8:7d: ee:9f:b4:93 -----BEGIN CERTIFICATE----- MIIFmDCCBICgAwIBAgICE2IwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QkM4NDcxMTAvBgNVBAUTKDc5RDY2QzY0QTYxNjVBMkU0Q0IzN0Q0OTcwMEU2Qzc2 MTg0MUMzOUEwHhcNMjQwOTEwMTc1NTA1WhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NmUwODdmOS1iNDA1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAybqzLfmtK6uVm3PazMwQMMfZTf/wJ7kIWNHT3iWw3aV+qY5eSviznp78iOTy B3u63baARCH9+uZRMGq/pMJjyjzKoBGDCS/SFrC7EOvTjxEQ6lH2b0pteZY2CGbz xsE5rQzAXYfPWX7y6jeGX7fe3+SWujuGcnogZR5BgnjxunFTn7YIg8r2e7mQpXvn k+vT9G3LXX3kZHZL7wvZJAqR7sltHD982xH6Eqfvtd8irP4PUevgg0T7GpLUTk+d c9qpg61MNrVE4nJq1dk9a5XCeteMKz3CagN3P2SSLuqXOCno4qLwRtIL3BtWsfXd Cek7KlxWWceQq9ReRM1UDQBw+QIDAQABo4ICvDCCArgwHQYDVR0OBBYEFHXRh5ph Z9BN4tJkWLndqgsL5DcyMB8GA1UdIwQYMBaAFHnWbGSmFlouTLN9SXAObHYYQcOa MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCQzg0Ny9BQ0Y5NDM1MjlB RjMxMUU4QUFCNEQ1NURDNEY5QUUwMi9lZFpzWktZV1dpNU1zMzFKY0E1c2RoaEJ3 NW8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2VkWnNaS1lXV2k1TXMzMUpjQTVzZGhoQnc1by5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QkM4NDcvQUNGOTQzNTI5QUYzMTFFOEFBQjRENTVEQzRGOUFFMDIvQzI0RkY0Qzgw NTBEMTFFQTg2MjZBRDVEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwRgYIKwYBBQUHAQcBAf8E NzA1MCQEAgABMB4DBAZygoADBARyguADBAZ7MQADBAe004ADBAXLcMAwDQQCAAIw BwMFACQHUAAwDQYJKoZIhvcNAQELBQADggEBAK9XQr3WgCyKMNQmaf7bPzytKHJ7 dERSwQAJr9yVdYu5+6mGY59jfFuyxf+q1JGZNuffqmDBB/t7MldQHNqlhFiUrNXI mrJpVCfsZAb922h6TbH73YaNYc6rhKmHcNsi9tI18OPiahPKE1ZRPozaDjeusRsm z5kykcZ7KzMHFiAKVQ2B8WaBgFjhuU7QoVem7i+bkLqMTq1oh4sK8J51mWog5Mh4 WAFlIiGTp/gSX0eRoQnBT7xwQmvxhYMIY4LX5LrAGfYs4Gxo/rJftmVnex5YxCie 6cbBBMdajVhRsf1W9DVEgPTrEjKJvmoMgQjZwMtr5xBhlmzw7Q3Ife6ftJM= -----END CERTIFICATE-----Generated at Fri Nov 22 19:50:16 2024 by rpki-client on console-ams.rpki-client.org