$ rpki-client -vvf rpki.apnic.net/member_repository/A91C9161/70CC24863F8B11E7A9E67244C4F9AE02/95A226D0EF3C11E9A7190355C4F9AE02.roa File: 95A226D0EF3C11E9A7190355C4F9AE02.roa (raw, json) Hash identifier: RisbfuJJzaRwnSTXbblXr9BK361KaCscEIHy8SrD2Ek= Subject key identifier: 90:36:F7:2B:CA:68:3B:33:CC:B5:8F:86:77:96:A9:7B:17:90:FF:27 Certificate issuer: /CN=A91C9161/serialNumber=75F0F171320A78E507026F9F2F54F4B2670C6211 Certificate serial: 194F Authority key identifier: 75:F0:F1:71:32:0A:78:E5:07:02:6F:9F:2F:54:F4:B2:67:0C:62:11 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dfDxcTIKeOUHAm-fL1T0smcMYhE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C9161/70CC24863F8B11E7A9E67244C4F9AE02/95A226D0EF3C11E9A7190355C4F9AE02.roa Signing time: Tue 28 Nov 2023 17:04:08 +0000 ROA not before: Tue 28 Nov 2023 17:04:08 +0000 ROA not after: Fri 31 Jan 2025 00:00:00 +0000 asID: 55862 IP address blocks: 43.252.100.0/24 maxlen: 24 43.252.101.0/24 maxlen: 24 43.252.102.0/24 maxlen: 24 43.252.103.0/24 maxlen: 24 49.128.160.0/24 maxlen: 24 49.128.161.0/24 maxlen: 24 49.128.162.0/24 maxlen: 24 49.128.163.0/24 maxlen: 24 49.128.164.0/24 maxlen: 24 49.128.165.0/24 maxlen: 24 49.128.166.0/24 maxlen: 24 49.128.167.0/24 maxlen: 24 49.128.168.0/24 maxlen: 24 49.128.169.0/24 maxlen: 24 49.128.170.0/24 maxlen: 24 49.128.171.0/24 maxlen: 24 49.128.172.0/24 maxlen: 24 49.128.173.0/24 maxlen: 24 49.128.174.0/24 maxlen: 24 49.128.175.0/24 maxlen: 24 103.29.96.0/24 maxlen: 24 103.29.97.0/24 maxlen: 24 103.29.98.0/24 maxlen: 24 103.29.99.0/24 maxlen: 24 2401:8900::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C9161/70CC24863F8B11E7A9E67244C4F9AE02/dfDxcTIKeOUHAm-fL1T0smcMYhE.crl rsync://rpki.apnic.net/member_repository/A91C9161/70CC24863F8B11E7A9E67244C4F9AE02/dfDxcTIKeOUHAm-fL1T0smcMYhE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dfDxcTIKeOUHAm-fL1T0smcMYhE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Nov 2024 16:21:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6479 (0x194f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C9161/serialNumber=75F0F171320A78E507026F9F2F54F4B2670C6211 Validity Not Before: Nov 28 17:04:08 2023 GMT Not After : Jan 31 00:00:00 2025 GMT Subject: CN=65661d88-ace2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:f3:5a:03:e9:2d:48:df:51:1e:06:d8:f9:a0: b4:07:74:39:a6:a9:5a:a5:ae:32:8a:93:b3:c5:0c: 66:24:8c:47:50:70:25:5f:d4:59:c8:48:ed:a4:9a: 91:d8:87:51:27:b3:1e:98:68:e4:f1:d9:5f:83:54: a0:2f:15:bb:32:b2:69:8b:dc:91:6d:bc:f6:08:68: 95:47:97:e2:0f:23:a5:45:1e:86:85:54:ef:3f:8b: 05:7d:b7:9e:f4:36:fd:4e:e7:91:b0:34:fc:0e:c2: f7:71:c3:58:e6:c4:f5:ae:69:be:04:dd:e6:70:d7: 15:84:dc:f6:fe:a6:f0:06:96:b3:c2:98:c0:52:45: ad:93:e9:bd:08:dd:60:4e:4e:5e:80:5a:bd:91:fe: bf:2a:e2:57:30:d8:84:94:b7:6d:a0:24:fe:43:5b: ee:1f:40:a2:05:9b:51:60:7d:7e:a6:0b:00:13:3d: 01:d6:7d:e1:a1:44:b9:ef:63:2c:34:39:7e:88:b2: 33:87:d2:31:4e:5b:83:88:76:eb:28:22:4d:06:c6: b7:58:57:2d:ec:5a:55:e2:55:fd:b5:3b:85:d7:ef: 86:b7:e3:7c:a0:d0:da:a8:f6:a3:a2:7a:ca:00:60: b7:f8:b6:65:d4:cb:11:bb:3e:5b:f8:24:cf:ae:b8: e9:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 90:36:F7:2B:CA:68:3B:33:CC:B5:8F:86:77:96:A9:7B:17:90:FF:27 X509v3 Authority Key Identifier: keyid:75:F0:F1:71:32:0A:78:E5:07:02:6F:9F:2F:54:F4:B2:67:0C:62:11 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C9161/70CC24863F8B11E7A9E67244C4F9AE02/dfDxcTIKeOUHAm-fL1T0smcMYhE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dfDxcTIKeOUHAm-fL1T0smcMYhE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C9161/70CC24863F8B11E7A9E67244C4F9AE02/95A226D0EF3C11E9A7190355C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.252.100.0/22 49.128.160.0/20 103.29.96.0/22 IPv6: 2401:8900::/32 Signature Algorithm: sha256WithRSAEncryption 1a:7e:9a:c3:c1:42:d5:48:d1:34:5f:f2:ca:ad:1a:96:0f:b6: 6d:58:3d:c4:6d:7e:e9:0d:6e:5c:57:3c:cc:cd:c1:e0:15:36: bc:94:41:3c:94:21:95:b6:db:b3:44:04:07:bf:d1:9a:7b:d4: 5f:a9:fb:1c:d1:1d:79:3d:cc:49:a6:c6:9e:33:66:5d:e4:14: 25:5d:7e:60:86:57:a8:fd:c8:be:10:90:92:39:5e:20:33:e1: ac:62:bb:a1:9c:55:0f:28:23:4b:41:b7:f9:bb:33:23:6f:cc: 4c:1c:17:72:1b:99:28:28:32:78:45:27:f1:8a:20:6b:c7:22: 52:56:a1:c9:c1:5a:b9:21:6f:63:1a:cf:2f:41:56:e4:12:90: e8:cc:a9:3b:1d:04:39:6c:95:82:23:42:e1:0f:b4:cb:30:48: 43:89:eb:78:58:5d:80:81:f9:81:1b:dd:80:91:28:3f:c2:b8: b0:98:bf:ef:69:5e:09:c5:e9:1a:bc:76:4d:e0:e6:01:ba:a0: dc:b5:4d:fb:42:5a:49:f6:8a:6f:25:eb:7a:6d:3d:a6:a2:96: 07:a2:c2:c0:fe:e0:99:d9:12:e0:e5:c3:de:c6:d2:7b:e0:8a: ac:96:76:6d:b7:9b:ab:c8:b3:3f:6a:c8:0d:11:7b:30:c2:e7: 90:87:89:6e -----BEGIN CERTIFICATE----- MIIFjDCCBHSgAwIBAgICGU8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QzkxNjExMTAvBgNVBAUTKDc1RjBGMTcxMzIwQTc4RTUwNzAyNkY5RjJGNTRGNEIy NjcwQzYyMTEwHhcNMjMxMTI4MTcwNDA4WhcNMjUwMTMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NTY2MWQ4OC1hY2UyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAyfNaA+ktSN9RHgbY+aC0B3Q5pqlapa4yipOzxQxmJIxHUHAlX9RZyEjtpJqR 2IdRJ7MemGjk8dlfg1SgLxW7MrJpi9yRbbz2CGiVR5fiDyOlRR6GhVTvP4sFfbee 9Db9TueRsDT8DsL3ccNY5sT1rmm+BN3mcNcVhNz2/qbwBpazwpjAUkWtk+m9CN1g Tk5egFq9kf6/KuJXMNiElLdtoCT+Q1vuH0CiBZtRYH1+pgsAEz0B1n3hoUS572Ms NDl+iLIzh9IxTluDiHbrKCJNBsa3WFct7FpV4lX9tTuF1++Gt+N8oNDaqPajonrK AGC3+LZl1MsRuz5b+CTPrrjpVwIDAQABo4ICsDCCAqwwHQYDVR0OBBYEFJA29yvK aDszzLWPhneWqXsXkP8nMB8GA1UdIwQYMBaAFHXw8XEyCnjlBwJvny9U9LJnDGIR MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDOTE2MS83MENDMjQ4NjNG OEIxMUU3QTlFNjcyNDRDNEY5QUUwMi9kZkR4Y1RJS2VPVUhBbS1mTDFUMHNtY01Z aEUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2RmRHhjVElLZU9VSEFtLWZMMVQwc21jTVloRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QzkxNjEvNzBDQzI0ODYzRjhCMTFFN0E5RTY3MjQ0QzRGOUFFMDIvOTVBMjI2RDBF RjNDMTFFOUE3MTkwMzU1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOgYIKwYBBQUHAQcBAf8E KzApMBgEAgABMBIDBAIr/GQDBAQxgKADBAJnHWAwDQQCAAIwBwMFACQBiQAwDQYJ KoZIhvcNAQELBQADggEBABp+msPBQtVI0TRf8sqtGpYPtm1YPcRtfukNblxXPMzN weAVNryUQTyUIZW227NEBAe/0Zp71F+p+xzRHXk9zEmmxp4zZl3kFCVdfmCGV6j9 yL4QkJI5XiAz4axiu6GcVQ8oI0tBt/m7MyNvzEwcF3IbmSgoMnhFJ/GKIGvHIlJW ocnBWrkhb2Mazy9BVuQSkOjMqTsdBDlslYIjQuEPtMswSEOJ63hYXYCB+YEb3YCR KD/CuLCYv+9pXgnF6Rq8dk3g5gG6oNy1TftCWkn2im8l63ptPaailgeiwsD+4JnZ EuDlw97G0nvgiqyWdm23m6vIsz9qyA0RezDC55CHiW4= -----END CERTIFICATE-----Generated at Fri Nov 22 19:50:17 2024 by rpki-client on console-ams.rpki-client.org