$ rpki-client -vvf rpki.apnic.net/member_repository/A91C0BDE/7E5AC3E0897111EA92402A0AC4F9AE02/4FD095F0045611EEAABA8378C4F9AE02.roa File: 4FD095F0045611EEAABA8378C4F9AE02.roa (raw, json) Hash identifier: NaeTG3N1F7jUyrrIWbEehAgBZQh9A1vBUz3ZwO6KLto= Subject key identifier: 11:9A:87:44:AC:D8:CF:25:EF:B9:3F:20:09:63:28:E9:B3:6B:24:8A Certificate issuer: /CN=A91C0BDE/serialNumber=A4B50BECD8BBA285587128D5919283DBE1690918 Certificate serial: 0855 Authority key identifier: A4:B5:0B:EC:D8:BB:A2:85:58:71:28:D5:91:92:83:DB:E1:69:09:18 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pLUL7Ni7ooVYcSjVkZKD2-FpCRg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C0BDE/7E5AC3E0897111EA92402A0AC4F9AE02/4FD095F0045611EEAABA8378C4F9AE02.roa Signing time: Wed 24 Jul 2024 20:58:49 +0000 ROA not before: Wed 24 Jul 2024 20:58:49 +0000 ROA not after: Tue 01 Jul 2025 00:00:00 +0000 asID: 38138 IP address blocks: 114.129.8.0/21 maxlen: 21 114.129.8.0/24 maxlen: 24 114.129.9.0/24 maxlen: 24 114.129.10.0/24 maxlen: 24 114.129.11.0/24 maxlen: 24 114.129.12.0/24 maxlen: 24 114.129.13.0/24 maxlen: 24 114.129.14.0/24 maxlen: 24 114.129.15.0/24 maxlen: 24 2405:eec0::/32 maxlen: 32 2405:eec0:1::/48 maxlen: 48 2405:eec0:2::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C0BDE/7E5AC3E0897111EA92402A0AC4F9AE02/pLUL7Ni7ooVYcSjVkZKD2-FpCRg.crl rsync://rpki.apnic.net/member_repository/A91C0BDE/7E5AC3E0897111EA92402A0AC4F9AE02/pLUL7Ni7ooVYcSjVkZKD2-FpCRg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pLUL7Ni7ooVYcSjVkZKD2-FpCRg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 08 Aug 2024 06:53:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2133 (0x855) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C0BDE/serialNumber=A4B50BECD8BBA285587128D5919283DBE1690918 Validity Not Before: Jul 24 20:58:49 2024 GMT Not After : Jul 1 00:00:00 2025 GMT Subject: CN=66a16b09-376c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e8:ec:3b:e9:3b:bb:2d:36:4c:b8:b5:a4:58:98: f0:82:6a:9c:d2:aa:ee:c3:ea:63:cb:c1:46:bc:e3: 33:04:09:f2:8c:11:0a:8c:d3:20:52:ea:fb:56:fa: d7:35:f1:65:63:bf:d0:b2:ca:d9:62:b8:28:02:e0: b7:c6:0d:5e:6e:dc:19:3d:0c:0f:6d:1d:31:ce:b1: d1:80:fa:9d:90:6d:28:0c:ad:ce:25:58:ae:26:68: 7e:28:65:ae:90:85:97:90:a3:70:19:35:a6:0b:9a: 33:41:f4:04:fa:5a:7a:02:24:1b:0b:dc:9d:ab:90: 8b:a7:8c:70:db:27:db:ac:93:bc:ac:80:ab:67:63: be:74:9f:ea:9f:96:bd:03:1b:80:75:28:ee:a9:8c: 48:d0:d4:8c:12:3f:b2:e9:81:dd:72:ce:f7:dc:38: f9:d9:5a:2c:6d:22:55:42:ee:ca:68:8d:7f:eb:47: 64:a2:12:c4:f5:e3:d5:2b:d7:a8:25:7a:a3:78:b1: 86:c8:ed:ca:2a:27:94:02:31:c2:77:af:d9:54:f0: 02:23:f8:e7:2b:c5:67:2a:3c:35:df:f1:54:a2:08: 98:62:b4:66:e4:46:b6:f6:3c:65:3d:11:c3:7b:a1: 49:42:a2:45:ed:a4:02:2b:4c:53:7c:c7:ce:79:fc: 6d:79 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 11:9A:87:44:AC:D8:CF:25:EF:B9:3F:20:09:63:28:E9:B3:6B:24:8A X509v3 Authority Key Identifier: keyid:A4:B5:0B:EC:D8:BB:A2:85:58:71:28:D5:91:92:83:DB:E1:69:09:18 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C0BDE/7E5AC3E0897111EA92402A0AC4F9AE02/pLUL7Ni7ooVYcSjVkZKD2-FpCRg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pLUL7Ni7ooVYcSjVkZKD2-FpCRg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C0BDE/7E5AC3E0897111EA92402A0AC4F9AE02/4FD095F0045611EEAABA8378C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 114.129.8.0/21 IPv6: 2405:eec0::/32 Signature Algorithm: sha256WithRSAEncryption b0:e0:05:99:6e:07:59:99:73:c5:30:39:df:29:fc:bd:ed:fc: e0:da:16:92:2a:40:f5:3a:7f:1c:ff:29:98:34:e5:2c:a4:17: 13:a2:a5:e9:aa:0d:27:d6:f0:63:1e:35:7d:32:a1:ae:60:4a: 0e:7d:25:41:e3:24:70:b9:33:a4:f5:c4:29:59:3d:36:b4:1c: 80:12:f1:59:49:48:c2:ee:04:7b:bb:72:dc:6e:d7:1c:bf:2e: b9:e9:31:66:53:4d:af:29:eb:89:34:f9:4f:e9:c4:90:9b:68: 12:5d:72:e3:49:f7:5e:4c:e0:37:6d:2e:5a:66:e1:d1:bf:ea: 34:2b:04:ab:20:d1:d0:d3:b4:fc:b0:55:ca:b3:5e:23:27:c7: db:7c:eb:2e:95:d5:31:ef:66:76:e7:40:ed:a9:1f:42:ed:32: dd:a5:9e:9d:34:19:e9:38:76:e2:87:e6:6f:46:66:32:01:39: 44:18:1b:68:d8:f4:71:6b:57:e2:45:23:b8:df:dd:fc:2b:f8: bc:87:63:41:b6:36:e7:91:7e:89:5c:37:8a:a9:b1:08:13:8b: 45:50:ce:e3:08:89:11:2d:ba:dd:c4:2a:e6:6a:f6:ff:28:7c: ba:83:43:5c:fd:05:7b:b3:ca:59:65:19:7c:67:92:3b:7f:21: 23:72:83:df -----BEGIN CERTIFICATE----- MIIFgDCCBGigAwIBAgICCFUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QzBCREUxMTAvBgNVBAUTKEE0QjUwQkVDRDhCQkEyODU1ODcxMjhENTkxOTI4M0RC RTE2OTA5MTgwHhcNMjQwNzI0MjA1ODQ5WhcNMjUwNzAxMDAwMDAwWjAYMRYwFAYD VQQDEw02NmExNmIwOS0zNzZjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA6Ow76Tu7LTZMuLWkWJjwgmqc0qruw+pjy8FGvOMzBAnyjBEKjNMgUur7VvrX NfFlY7/QssrZYrgoAuC3xg1ebtwZPQwPbR0xzrHRgPqdkG0oDK3OJViuJmh+KGWu kIWXkKNwGTWmC5ozQfQE+lp6AiQbC9ydq5CLp4xw2yfbrJO8rICrZ2O+dJ/qn5a9 AxuAdSjuqYxI0NSMEj+y6YHdcs733Dj52VosbSJVQu7KaI1/60dkohLE9ePVK9eo JXqjeLGGyO3KKieUAjHCd6/ZVPACI/jnK8VnKjw13/FUogiYYrRm5Ea29jxlPRHD e6FJQqJF7aQCK0xTfMfOefxteQIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFBGah0Ss 2M8l77k/IAljKOmzaySKMB8GA1UdIwQYMBaAFKS1C+zYu6KFWHEo1ZGSg9vhaQkY MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDMEJERS83RTVBQzNFMDg5 NzExMUVBOTI0MDJBMEFDNEY5QUUwMi9wTFVMN05pN29vVlljU2pWa1pLRDItRnBD UmcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3BMVUw3Tmk3b29WWWNTalZrWktEMi1GcENSZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QzBCREUvN0U1QUMzRTA4OTcxMTFFQTkyNDAyQTBBQzRGOUFFMDIvNEZEMDk1RjAw NDU2MTFFRUFBQkE4Mzc4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E HzAdMAwEAgABMAYDBANygQgwDQQCAAIwBwMFACQF7sAwDQYJKoZIhvcNAQELBQAD ggEBALDgBZluB1mZc8UwOd8p/L3t/ODaFpIqQPU6fxz/KZg05SykFxOipemqDSfW 8GMeNX0yoa5gSg59JUHjJHC5M6T1xClZPTa0HIAS8VlJSMLuBHu7ctxu1xy/Lrnp MWZTTa8p64k0+U/pxJCbaBJdcuNJ915M4DdtLlpm4dG/6jQrBKsg0dDTtPywVcqz XiMnx9t86y6V1THvZnbnQO2pH0LtMt2lnp00Gek4duKH5m9GZjIBOUQYG2jY9HFr V+JFI7jf3fwr+LyHY0G2NueRfolcN4qpsQgTi0VQzuMIiREtut3EKuZq9v8ofLqD Q1z9BXuzylllGXxnkjt/ISNyg98= -----END CERTIFICATE-----Generated at Thu Aug 1 08:35:33 2024 by rpki-client on console-fra.rpki-client.org