$ rpki-client -vvf rpki.apnic.net/member_repository/A91C40D6/CA8E7F7EA54411EA94DA3683C4F9AE02/A84D830AA54511EAA942C683C4F9AE02.roa File: A84D830AA54511EAA942C683C4F9AE02.roa (raw, json) Hash identifier: LRUqK0HbwhlophByZnm497LSzITbbBMeAuaK57/ofL0= Subject key identifier: CB:1C:F4:00:60:FC:0C:70:FB:AD:93:4F:4C:9D:F5:88:97:01:B7:59 Certificate issuer: /CN=A91C40D6/serialNumber=8E784349EF2DDF78575FD54CC78ED8C45C976CBF Certificate serial: 08C5 Authority key identifier: 8E:78:43:49:EF:2D:DF:78:57:5F:D5:4C:C7:8E:D8:C4:5C:97:6C:BF Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/jnhDSe8t33hXX9VMx47YxFyXbL8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C40D6/CA8E7F7EA54411EA94DA3683C4F9AE02/A84D830AA54511EAA942C683C4F9AE02.roa Signing time: Wed 06 Nov 2024 20:39:11 +0000 ROA not before: Wed 06 Nov 2024 20:39:11 +0000 ROA not after: Sat 31 Jan 2026 00:00:00 +0000 asID: 139750 IP address blocks: 45.253.248.0/24 maxlen: 24 45.253.249.0/24 maxlen: 24 45.253.250.0/24 maxlen: 24 45.253.251.0/24 maxlen: 24 45.253.252.0/24 maxlen: 24 45.253.253.0/24 maxlen: 24 45.253.254.0/24 maxlen: 24 45.253.255.0/24 maxlen: 24 103.144.140.0/24 maxlen: 24 103.144.141.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C40D6/CA8E7F7EA54411EA94DA3683C4F9AE02/jnhDSe8t33hXX9VMx47YxFyXbL8.crl rsync://rpki.apnic.net/member_repository/A91C40D6/CA8E7F7EA54411EA94DA3683C4F9AE02/jnhDSe8t33hXX9VMx47YxFyXbL8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/jnhDSe8t33hXX9VMx47YxFyXbL8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 Nov 2024 19:45:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2245 (0x8c5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C40D6/serialNumber=8E784349EF2DDF78575FD54CC78ED8C45C976CBF Validity Not Before: Nov 6 20:39:11 2024 GMT Not After : Jan 31 00:00:00 2026 GMT Subject: CN=672bd3ef-431b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:6f:8a:bd:d2:a0:3b:db:05:2a:e1:07:87:9d: 65:6c:3a:71:41:87:11:3b:5e:63:5e:42:03:15:d9: 3e:a3:76:c3:ca:7d:72:cc:e7:2b:5b:be:f1:2e:a2: 2d:d8:80:e9:b6:21:88:af:37:ab:4a:a0:2f:14:4d: 05:04:96:94:90:af:57:06:8f:ac:0f:6f:27:d8:d7: 45:bb:03:5a:68:6b:35:95:57:4f:7b:77:f9:6f:e2: 25:d0:7d:ce:7e:22:ce:cb:97:3b:d7:12:86:1b:b0: b4:4f:65:2e:5d:05:dc:03:10:f7:4d:26:a0:e4:99: 77:1c:79:38:28:e6:bb:32:e4:57:c5:86:23:ce:68: 09:4d:2c:39:dd:d5:2e:c5:58:59:95:75:f4:27:e6: a5:cd:52:e6:58:b7:9f:57:7c:22:5f:96:ee:b5:73: 29:93:bc:d1:a8:c0:e0:1f:b8:a9:4d:f7:b7:a0:d2: 5a:75:2e:9e:da:c4:3b:de:05:67:ae:6e:0a:7b:fb: f0:5e:9e:83:84:af:1d:e6:f6:18:80:f1:e1:b1:c9: 41:52:62:7b:da:2f:00:1d:93:46:42:68:cc:47:c6: 6e:52:85:b0:04:21:76:0a:f5:85:ad:86:83:90:e1: 18:f5:00:79:46:5d:c6:e1:a0:92:de:d6:03:19:da: 63:5d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CB:1C:F4:00:60:FC:0C:70:FB:AD:93:4F:4C:9D:F5:88:97:01:B7:59 X509v3 Authority Key Identifier: keyid:8E:78:43:49:EF:2D:DF:78:57:5F:D5:4C:C7:8E:D8:C4:5C:97:6C:BF X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C40D6/CA8E7F7EA54411EA94DA3683C4F9AE02/jnhDSe8t33hXX9VMx47YxFyXbL8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/jnhDSe8t33hXX9VMx47YxFyXbL8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C40D6/CA8E7F7EA54411EA94DA3683C4F9AE02/A84D830AA54511EAA942C683C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 45.253.248.0/21 103.144.140.0/23 Signature Algorithm: sha256WithRSAEncryption b8:2c:b4:5f:7f:01:1f:40:e8:9b:12:48:6b:6e:26:82:4c:b4: 17:78:c4:58:09:5c:85:f5:62:25:c3:b1:04:f3:52:73:68:8b: 61:d4:6b:39:91:fd:d6:3e:ad:df:e8:b5:26:15:ed:b6:61:f9: fe:f8:0b:55:11:d5:b7:14:a9:67:3a:d1:53:f8:41:51:dc:49: 97:9b:d6:6e:de:17:01:13:c3:a7:5e:76:ae:76:41:16:cc:c9: c2:9c:09:69:28:76:84:75:5f:ce:d2:c2:da:4e:0c:0a:5d:06: 3c:70:6c:5a:5e:da:5c:9a:fc:90:a1:eb:23:09:d0:cf:41:23: d6:c5:b7:b3:3b:5d:16:d4:2c:93:07:3e:ee:5e:81:5d:1b:d6: bc:c0:48:2e:1b:10:8d:88:b3:bc:69:7c:38:d6:1b:79:14:11: 8e:70:98:64:76:3b:3f:fe:58:18:07:b6:d8:d0:f0:98:96:4c: 28:c2:e6:33:9b:ae:8c:04:5e:db:aa:34:6e:00:c1:70:e9:14: a3:99:a0:65:f9:7f:34:9f:64:01:de:a4:93:0f:6f:4c:c0:75: 01:69:e0:86:99:c3:35:48:d8:31:c0:25:29:4f:e6:59:f9:fe: f1:22:2a:ea:03:7c:72:9c:27:3d:d6:48:c6:e4:92:35:71:8a: 2a:7a:d0:19 -----BEGIN CERTIFICATE----- MIIFdzCCBF+gAwIBAgICCMUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QzQwRDYxMTAvBgNVBAUTKDhFNzg0MzQ5RUYyRERGNzg1NzVGRDU0Q0M3OEVEOEM0 NUM5NzZDQkYwHhcNMjQxMTA2MjAzOTExWhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NzJiZDNlZi00MzFiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvG+KvdKgO9sFKuEHh51lbDpxQYcRO15jXkIDFdk+o3bDyn1yzOcrW77xLqIt 2IDptiGIrzerSqAvFE0FBJaUkK9XBo+sD28n2NdFuwNaaGs1lVdPe3f5b+Il0H3O fiLOy5c71xKGG7C0T2UuXQXcAxD3TSag5Jl3HHk4KOa7MuRXxYYjzmgJTSw53dUu xVhZlXX0J+alzVLmWLefV3wiX5butXMpk7zRqMDgH7ipTfe3oNJadS6e2sQ73gVn rm4Ke/vwXp6DhK8d5vYYgPHhsclBUmJ72i8AHZNGQmjMR8ZuUoWwBCF2CvWFrYaD kOEY9QB5Rl3G4aCS3tYDGdpjXQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFMsc9ABg /Axw+62TT0yd9YiXAbdZMB8GA1UdIwQYMBaAFI54Q0nvLd94V1/VTMeO2MRcl2y/ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDNDBENi9DQThFN0Y3RUE1 NDQxMUVBOTREQTM2ODNDNEY5QUUwMi9qbmhEU2U4dDMzaFhYOVZNeDQ3WXhGeVhi TDguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2puaERTZTh0MzNoWFg5Vk14NDdZeEZ5WGJMOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QzQwRDYvQ0E4RTdGN0VBNTQ0MTFFQTk0REEzNjgzQzRGOUFFMDIvQTg0RDgzMEFB NTQ1MTFFQUE5NDJDNjgzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E FjAUMBIEAgABMAwDBAMt/fgDBAFnkIwwDQYJKoZIhvcNAQELBQADggEBALgstF9/ AR9A6JsSSGtuJoJMtBd4xFgJXIX1YiXDsQTzUnNoi2HUazmR/dY+rd/otSYV7bZh +f74C1UR1bcUqWc60VP4QVHcSZeb1m7eFwETw6dedq52QRbMycKcCWkodoR1X87S wtpODApdBjxwbFpe2lya/JCh6yMJ0M9BI9bFt7M7XRbULJMHPu5egV0b1rzASC4b EI2Is7xpfDjWG3kUEY5wmGR2Oz/+WBgHttjQ8JiWTCjC5jObrowEXtuqNG4AwXDp FKOZoGX5fzSfZAHepJMPb0zAdQFp4IaZwzVI2DHAJSlP5ln5/vEiKuoDfHKcJz3W SMbkkjVxiip60Bk= -----END CERTIFICATE-----Generated at Wed Nov 20 21:34:58 2024 by rpki-client on console-ams.rpki-client.org