$ rpki-client -vvf rpki.apnic.net/member_repository/A91CBF47/370CA2C01D8A11E2B79B13E408B02CD2/608C129E33E011ED979ED20EC4F9AE02.roa File: 608C129E33E011ED979ED20EC4F9AE02.roa (raw, json) Hash identifier: njnvlZhJpg+O1H7mK6/K1EfgkaOPGFRep0ckaeGXK3s= Subject key identifier: 75:CE:F3:BA:74:BE:C2:0E:CF:65:5B:52:DF:37:F3:4A:FA:F9:86:59 Certificate issuer: /CN=A91CBF47/serialNumber=326371E399824F8004ED96756819760881B7CD96 Certificate serial: 33A3 Authority key identifier: 32:63:71:E3:99:82:4F:80:04:ED:96:75:68:19:76:08:81:B7:CD:96 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MmNx45mCT4AE7ZZ1aBl2CIG3zZY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CBF47/370CA2C01D8A11E2B79B13E408B02CD2/608C129E33E011ED979ED20EC4F9AE02.roa Signing time: Mon 26 Feb 2024 14:50:32 +0000 ROA not before: Mon 26 Feb 2024 14:50:32 +0000 ROA not after: Thu 01 May 2025 00:00:00 +0000 asID: 9313 IP address blocks: 120.29.0.0/20 maxlen: 20 120.29.16.0/20 maxlen: 20 121.50.192.0/20 maxlen: 20 121.50.208.0/21 maxlen: 21 203.10.89.0/24 maxlen: 24 203.13.68.0/24 maxlen: 24 203.13.70.0/24 maxlen: 24 203.22.124.0/23 maxlen: 23 203.22.126.0/24 maxlen: 24 203.22.127.0/24 maxlen: 24 203.30.137.0/24 maxlen: 24 203.144.4.0/22 maxlen: 22 203.144.5.0/24 maxlen: 24 203.144.8.0/21 maxlen: 21 203.144.16.0/21 maxlen: 21 203.144.23.0/24 maxlen: 24 203.144.24.0/21 maxlen: 21 203.144.31.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CBF47/370CA2C01D8A11E2B79B13E408B02CD2/MmNx45mCT4AE7ZZ1aBl2CIG3zZY.crl rsync://rpki.apnic.net/member_repository/A91CBF47/370CA2C01D8A11E2B79B13E408B02CD2/MmNx45mCT4AE7ZZ1aBl2CIG3zZY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MmNx45mCT4AE7ZZ1aBl2CIG3zZY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Nov 2024 14:31:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13219 (0x33a3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CBF47/serialNumber=326371E399824F8004ED96756819760881B7CD96 Validity Not Before: Feb 26 14:50:32 2024 GMT Not After : May 1 00:00:00 2025 GMT Subject: CN=65dca538-9d1d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e2:e7:6b:b8:48:2d:9e:82:ca:8f:44:4d:62:4f: 60:ad:4b:67:14:e7:ef:a7:5a:ae:39:2f:64:df:ba: 0a:7d:9f:66:7d:af:29:d7:ca:b7:d4:11:6a:2e:d6: fc:70:03:4a:18:cf:ce:89:0a:8d:3a:b1:b0:af:19: b0:03:b8:d1:45:ae:12:36:9e:1a:eb:d6:44:32:fe: 54:c1:e0:15:05:e5:fb:60:bd:1e:a7:1d:94:c8:33: c5:5f:29:22:2a:f5:d2:30:e3:96:ee:87:e2:b2:a5: 1d:7c:bf:80:2f:ff:72:bb:5e:3e:82:0e:fc:48:44: fb:87:47:37:89:3b:33:6a:7f:15:9f:77:55:8c:a0: ea:d9:cf:19:17:21:11:37:bf:ee:29:11:a8:28:e7: c9:8e:35:81:a5:9e:41:61:e0:b3:1c:a6:44:b1:3b: c9:33:f8:1a:32:d1:1e:ae:d2:70:84:a2:45:86:0d: aa:43:62:46:c5:bb:c6:fd:0d:b5:8e:95:c1:9d:16: 27:a3:1a:9a:71:f1:6c:90:cf:2e:c3:22:4d:2a:05: cd:06:bb:68:b0:0a:39:ad:4f:8f:9e:e9:b1:52:4d: 5a:1b:c5:2a:03:3c:b6:f3:b0:f5:89:12:92:35:d4: b9:3c:58:d6:28:1f:0f:d5:bc:e2:af:50:ce:f0:aa: d5:bf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 75:CE:F3:BA:74:BE:C2:0E:CF:65:5B:52:DF:37:F3:4A:FA:F9:86:59 X509v3 Authority Key Identifier: keyid:32:63:71:E3:99:82:4F:80:04:ED:96:75:68:19:76:08:81:B7:CD:96 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CBF47/370CA2C01D8A11E2B79B13E408B02CD2/MmNx45mCT4AE7ZZ1aBl2CIG3zZY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MmNx45mCT4AE7ZZ1aBl2CIG3zZY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CBF47/370CA2C01D8A11E2B79B13E408B02CD2/608C129E33E011ED979ED20EC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 120.29.0.0/19 121.50.192.0-121.50.215.255 203.10.89.0/24 203.13.68.0/24 203.13.70.0/24 203.22.124.0/22 203.30.137.0/24 203.144.4.0-203.144.31.255 Signature Algorithm: sha256WithRSAEncryption a9:87:dc:e7:7c:f0:fc:9c:27:ff:16:15:76:bb:26:71:64:27: 27:03:1f:bc:46:1c:b6:1b:fd:0b:9b:2e:98:10:7f:f9:37:aa: b0:83:01:93:33:e0:7f:9e:60:54:23:3f:25:34:19:18:7f:5c: ab:de:38:1d:a2:99:ff:b3:9d:cd:2f:d0:5c:91:39:26:cb:5a: a8:c0:59:eb:a6:de:6a:1e:2d:d1:13:d5:17:4f:b4:6f:8a:d4: 5c:f7:d4:31:dc:ef:ea:21:71:b3:fc:70:eb:4b:b8:d3:b6:13: f1:01:de:46:bc:4c:20:f4:d2:5d:8b:7e:7b:3b:22:80:b2:43: a9:10:7c:b7:d1:24:f5:44:d2:33:d0:6f:0a:02:f0:ae:cf:4a: b4:46:96:d4:cb:f9:7a:3d:1b:60:0b:1c:00:7b:45:d9:c8:e6: 03:a5:5c:22:3a:82:8f:9d:05:20:09:4a:68:d2:88:15:a3:51: 0a:45:2e:6f:22:b1:c1:11:3a:c7:fe:ba:34:f8:76:ca:b1:45: 60:9e:8a:7b:ce:a6:28:ca:36:89:bd:75:65:aa:61:b2:b2:de: e2:f8:4e:cf:69:41:bb:82:0d:4f:3b:40:4b:9a:90:74:bd:0a: 6e:12:58:a9:d5:05:3c:85:73:90:95:68:0d:8a:3c:aa:64:ef: 71:5f:14:52 -----BEGIN CERTIFICATE----- MIIFqzCCBJOgAwIBAgICM6MwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Q0JGNDcxMTAvBgNVBAUTKDMyNjM3MUUzOTk4MjRGODAwNEVEOTY3NTY4MTk3NjA4 ODFCN0NEOTYwHhcNMjQwMjI2MTQ1MDMyWhcNMjUwNTAxMDAwMDAwWjAYMRYwFAYD VQQDEw02NWRjYTUzOC05ZDFkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA4udruEgtnoLKj0RNYk9grUtnFOfvp1quOS9k37oKfZ9mfa8p18q31BFqLtb8 cANKGM/OiQqNOrGwrxmwA7jRRa4SNp4a69ZEMv5UweAVBeX7YL0epx2UyDPFXyki KvXSMOOW7ofisqUdfL+AL/9yu14+gg78SET7h0c3iTszan8Vn3dVjKDq2c8ZFyER N7/uKRGoKOfJjjWBpZ5BYeCzHKZEsTvJM/gaMtEertJwhKJFhg2qQ2JGxbvG/Q21 jpXBnRYnoxqacfFskM8uwyJNKgXNBrtosAo5rU+PnumxUk1aG8UqAzy287D1iRKS NdS5PFjWKB8P1bzir1DO8KrVvwIDAQABo4ICzzCCAsswHQYDVR0OBBYEFHXO87p0 vsIOz2VbUt8380r6+YZZMB8GA1UdIwQYMBaAFDJjceOZgk+ABO2WdWgZdgiBt82W MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDQkY0Ny8zNzBDQTJDMDFE OEExMUUyQjc5QjEzRTQwOEIwMkNEMi9NbU54NDVtQ1Q0QUU3WloxYUJsMkNJRzN6 WlkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL01tTng0NW1DVDRBRTdaWjFhQmwyQ0lHM3paWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx Q0JGNDcvMzcwQ0EyQzAxRDhBMTFFMkI3OUIxM0U0MDhCMDJDRDIvNjA4QzEyOUUz M0UwMTFFRDk3OUVEMjBFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwWQYIKwYBBQUHAQcBAf8E SjBIMEYEAgABMEADBAV4HQAwDAMEBnkywAMEA3ky0AMEAMsKWQMEAMsNRAMEAMsN RgMEAssWfAMEAMseiTAMAwQCy5AEAwQFy5AAMA0GCSqGSIb3DQEBCwUAA4IBAQCp h9znfPD8nCf/FhV2uyZxZCcnAx+8Rhy2G/0Lmy6YEH/5N6qwgwGTM+B/nmBUIz8l NBkYf1yr3jgdopn/s53NL9BckTkmy1qowFnrpt5qHi3RE9UXT7RvitRc99Qx3O/q IXGz/HDrS7jTthPxAd5GvEwg9NJdi357OyKAskOpEHy30ST1RNIz0G8KAvCuz0q0 RpbUy/l6PRtgCxwAe0XZyOYDpVwiOoKPnQUgCUpo0ogVo1EKRS5vIrHBETrH/ro0 +HbKsUVgnop7zqYoyjaJvXVlqmGyst7i+E7PaUG7gg1PO0BLmpB0vQpuElip1QU8 hXOQlWgNijyqZO9xXxRS -----END CERTIFICATE-----Generated at Fri Nov 22 16:50:04 2024 by rpki-client on console-ams.rpki-client.org