$ rpki-client -vvf rpki.apnic.net/member_repository/A91C911D/7B13B3846C0311EB8844784BC4F9AE02/BE497906E5E311EEB87FAA36C4F9AE02.roa File: BE497906E5E311EEB87FAA36C4F9AE02.roa (raw, json) Hash identifier: k1lEv2cHDDWdD60iIseLu7lRMH41febzqKklPn0n+tA= Subject key identifier: 63:1E:CE:21:04:5D:E3:F9:F0:16:03:81:01:65:E0:CF:58:C7:1D:87 Certificate issuer: /CN=A91C911D/serialNumber=475B62A5F233ED05AC72D8781234E109BF3A908C Certificate serial: 0609 Authority key identifier: 47:5B:62:A5:F2:33:ED:05:AC:72:D8:78:12:34:E1:09:BF:3A:90:8C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/R1tipfIz7QWscth4EjThCb86kIw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C911D/7B13B3846C0311EB8844784BC4F9AE02/BE497906E5E311EEB87FAA36C4F9AE02.roa Signing time: Wed 03 Apr 2024 00:33:01 +0000 ROA not before: Wed 03 Apr 2024 00:33:01 +0000 ROA not after: Wed 28 May 2025 00:00:00 +0000 asID: 64098 IP address blocks: 59.153.8.0/22 maxlen: 24 103.55.135.0/24 maxlen: 24 103.61.129.0/24 maxlen: 24 103.79.4.0/22 maxlen: 22 103.79.4.0/24 maxlen: 24 103.197.232.0/22 maxlen: 22 103.197.232.0/24 maxlen: 24 103.197.233.0/24 maxlen: 24 160.202.140.0/22 maxlen: 22 203.189.126.0/24 maxlen: 24 2400:1240::/32 maxlen: 32 2403:780::/32 maxlen: 32 2403:780:f::/48 maxlen: 48 2403:780:e300::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C911D/7B13B3846C0311EB8844784BC4F9AE02/R1tipfIz7QWscth4EjThCb86kIw.crl rsync://rpki.apnic.net/member_repository/A91C911D/7B13B3846C0311EB8844784BC4F9AE02/R1tipfIz7QWscth4EjThCb86kIw.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/R1tipfIz7QWscth4EjThCb86kIw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Nov 2024 20:43:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1545 (0x609) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C911D/serialNumber=475B62A5F233ED05AC72D8781234E109BF3A908C Validity Not Before: Apr 3 00:33:01 2024 GMT Not After : May 28 00:00:00 2025 GMT Subject: CN=660ca3bd-2f38 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:d9:a3:51:08:6c:cc:a8:17:78:f0:9a:17:ec: fb:c3:88:97:9f:84:94:a2:42:66:05:b9:9b:16:d7: 20:6d:31:b2:24:cb:e6:6d:1e:1d:65:9e:3b:f4:83: 56:b6:d5:2e:91:06:7c:1d:03:d4:31:50:4d:13:64: 09:12:05:d3:8f:38:88:e4:a0:a4:2b:7d:4d:ac:52: 17:e4:ac:6a:5e:63:ce:13:c1:a0:19:6d:95:3a:97: 64:d4:c1:84:ee:57:9f:60:01:4f:f1:0e:9f:06:bf: 02:8a:d0:f8:12:f1:a0:4a:0f:2e:49:e6:1d:52:14: 7f:b8:3f:ef:9e:46:1e:bd:62:2e:f6:1b:65:e2:53: 52:66:83:16:6b:cb:80:32:c5:51:7c:25:a3:2b:57: 5a:88:52:a1:a3:13:ed:8f:c1:91:92:28:2b:8a:bf: 9f:e3:7e:fd:cc:cd:18:e6:f7:0c:12:a1:33:50:fa: 31:f6:87:34:0c:e9:8b:23:c7:ab:d0:fa:65:93:72: 5f:f7:ed:72:f2:3e:54:a9:d5:92:c0:4d:ab:7d:c3: 7b:22:7d:37:4c:58:0f:eb:4e:ab:2b:57:52:eb:4e: a7:9c:84:11:54:4c:00:ff:ec:de:b5:57:43:a7:92: ef:27:55:e2:5c:8d:cb:99:73:43:3f:d9:1a:55:5e: 2f:99 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 63:1E:CE:21:04:5D:E3:F9:F0:16:03:81:01:65:E0:CF:58:C7:1D:87 X509v3 Authority Key Identifier: keyid:47:5B:62:A5:F2:33:ED:05:AC:72:D8:78:12:34:E1:09:BF:3A:90:8C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C911D/7B13B3846C0311EB8844784BC4F9AE02/R1tipfIz7QWscth4EjThCb86kIw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/R1tipfIz7QWscth4EjThCb86kIw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C911D/7B13B3846C0311EB8844784BC4F9AE02/BE497906E5E311EEB87FAA36C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 59.153.8.0/22 103.55.135.0/24 103.61.129.0/24 103.79.4.0/22 103.197.232.0/22 160.202.140.0/22 203.189.126.0/24 IPv6: 2400:1240::/32 2403:780::/32 Signature Algorithm: sha256WithRSAEncryption 86:5d:99:32:5c:0f:a8:6b:81:e9:e4:e8:b1:35:a8:a4:50:9f: aa:c4:ee:70:e8:72:b9:f8:d0:8f:2c:e5:a8:c6:d9:4b:10:d6: 43:46:07:0a:f6:ad:fc:6a:b3:1d:36:ce:b3:2d:60:79:08:dc: e4:c7:24:59:60:a4:c7:c5:d7:e7:cd:3f:10:ea:15:64:78:f9: 88:ce:fd:7e:f5:38:26:f1:64:13:57:0f:89:4f:22:63:79:18: 9b:55:99:fe:46:3a:58:24:28:63:78:5f:26:e4:2b:bf:9b:a1: ae:58:ce:10:a5:cb:8a:f5:f6:c8:d9:1c:d2:19:2e:bc:fc:b3: e6:33:14:e7:fb:d4:2f:a1:22:c9:7c:4e:13:47:15:56:df:4e: ca:0c:89:39:5f:a2:85:12:2d:c1:37:4b:17:d5:25:d6:e8:02: 24:37:3d:00:12:71:54:cc:ff:b7:22:95:7f:d5:1b:34:4e:4c: 43:1c:18:f9:c9:77:d0:74:08:f6:3c:11:5a:5b:c9:d9:4b:59: 30:3c:b6:19:ff:be:90:ad:f1:ce:bd:c9:5d:82:7b:1c:d8:3a: 0f:3f:1f:b3:57:cd:d3:5a:69:a9:bd:25:ed:fa:66:b9:be:66: bf:a6:1f:66:18:ec:55:78:d0:09:43:ee:55:43:7d:02:1c:66: 3f:56:b9:97 -----BEGIN CERTIFICATE----- MIIFqzCCBJOgAwIBAgICBgkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QzkxMUQxMTAvBgNVBAUTKDQ3NUI2MkE1RjIzM0VEMDVBQzcyRDg3ODEyMzRFMTA5 QkYzQTkwOEMwHhcNMjQwNDAzMDAzMzAxWhcNMjUwNTI4MDAwMDAwWjAYMRYwFAYD VQQDEw02NjBjYTNiZC0yZjM4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAqdmjUQhszKgXePCaF+z7w4iXn4SUokJmBbmbFtcgbTGyJMvmbR4dZZ479INW ttUukQZ8HQPUMVBNE2QJEgXTjziI5KCkK31NrFIX5KxqXmPOE8GgGW2VOpdk1MGE 7lefYAFP8Q6fBr8CitD4EvGgSg8uSeYdUhR/uD/vnkYevWIu9htl4lNSZoMWa8uA MsVRfCWjK1daiFKhoxPtj8GRkigrir+f4379zM0Y5vcMEqEzUPox9oc0DOmLI8er 0Pplk3Jf9+1y8j5UqdWSwE2rfcN7In03TFgP606rK1dS606nnIQRVEwA/+zetVdD p5LvJ1XiXI3LmXNDP9kaVV4vmQIDAQABo4ICzzCCAsswHQYDVR0OBBYEFGMeziEE XeP58BYDgQFl4M9Yxx2HMB8GA1UdIwQYMBaAFEdbYqXyM+0FrHLYeBI04Qm/OpCM MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDOTExRC83QjEzQjM4NDZD MDMxMUVCODg0NDc4NEJDNEY5QUUwMi9SMXRpcGZJejdRV3NjdGg0RWpUaENiODZr SXcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1IxdGlwZkl6N1FXc2N0aDRFalRoQ2I4NmtJdy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QzkxMUQvN0IxM0IzODQ2QzAzMTFFQjg4NDQ3ODRCQzRGOUFFMDIvQkU0OTc5MDZF NUUzMTFFRUI4N0ZBQTM2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwWQYIKwYBBQUHAQcBAf8E SjBIMDAEAgABMCoDBAI7mQgDBABnN4cDBABnPYEDBAJnTwQDBAJnxegDBAKgyowD BADLvX4wFAQCAAIwDgMFACQAEkADBQAkAweAMA0GCSqGSIb3DQEBCwUAA4IBAQCG XZkyXA+oa4Hp5OixNaikUJ+qxO5w6HK5+NCPLOWoxtlLENZDRgcK9q38arMdNs6z LWB5CNzkxyRZYKTHxdfnzT8Q6hVkePmIzv1+9Tgm8WQTVw+JTyJjeRibVZn+RjpY JChjeF8m5Cu/m6GuWM4QpcuK9fbI2RzSGS68/LPmMxTn+9QvoSLJfE4TRxVW307K DIk5X6KFEi3BN0sX1SXW6AIkNz0AEnFUzP+3IpV/1Rs0TkxDHBj5yXfQdAj2PBFa W8nZS1kwPLYZ/76QrfHOvcldgnsc2DoPPx+zV83TWmmpvSXt+ma5vma/ph9mGOxV eNAJQ+5VQ30CHGY/VrmX -----END CERTIFICATE-----Generated at Fri Nov 22 23:39:34 2024 by rpki-client on console-fra.rpki-client.org