$ rpki-client -vvf rpki.apnic.net/member_repository/A91D894F/0AF45E36012A11EFA5FD916FC4F9AE02/61A59876012A11EFB75C350FC4F9AE02.roa File: 61A59876012A11EFB75C350FC4F9AE02.roa (raw, json) Hash identifier: GzRO+E0+GJMiiWcX4BrxzFBGrkot7SxAYETbRbNAYaw= Subject key identifier: 4D:93:9A:9F:C0:F2:85:B7:B6:62:A8:2E:92:BA:C3:49:63:86:DC:E7 Certificate issuer: /CN=A91D894F/serialNumber=85B14A890B9BD4980D97E41BB391FCC9850FCB78 Certificate serial: 45 Authority key identifier: 85:B1:4A:89:0B:9B:D4:98:0D:97:E4:1B:B3:91:FC:C9:85:0F:CB:78 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hbFKiQub1JgNl-Qbs5H8yYUPy3g.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D894F/0AF45E36012A11EFA5FD916FC4F9AE02/61A59876012A11EFB75C350FC4F9AE02.roa Signing time: Mon 19 Aug 2024 07:09:13 +0000 ROA not before: Mon 19 Aug 2024 07:09:13 +0000 ROA not after: Fri 31 Oct 2025 00:00:00 +0000 asID: 16509 IP address blocks: 117.74.104.0/24 maxlen: 24 117.74.105.0/24 maxlen: 24 117.74.106.0/24 maxlen: 24 117.74.107.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D894F/0AF45E36012A11EFA5FD916FC4F9AE02/hbFKiQub1JgNl-Qbs5H8yYUPy3g.crl rsync://rpki.apnic.net/member_repository/A91D894F/0AF45E36012A11EFA5FD916FC4F9AE02/hbFKiQub1JgNl-Qbs5H8yYUPy3g.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hbFKiQub1JgNl-Qbs5H8yYUPy3g.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 14 Sep 2024 03:20:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 69 (0x45) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D894F/serialNumber=85B14A890B9BD4980D97E41BB391FCC9850FCB78 Validity Not Before: Aug 19 07:09:13 2024 GMT Not After : Oct 31 00:00:00 2025 GMT Subject: CN=66c2ef99-74c9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:e0:f3:73:63:84:31:07:b3:4d:7c:c1:d0:bc: ca:41:29:57:2b:ae:26:ff:5e:c6:76:c1:a6:1c:04: 05:77:6c:c1:be:b6:1e:53:ca:17:a4:1b:ec:e4:10: 65:4e:c1:bf:06:bf:c7:29:3f:fd:ee:8a:d8:40:0a: a1:ae:16:75:28:c3:de:ac:fa:04:44:d6:8b:1b:2b: 11:82:e7:13:b2:00:bb:14:c6:4e:41:20:04:33:28: ef:c3:5d:05:a9:5a:07:85:12:f6:84:2b:f8:92:4c: 28:4b:41:7e:a9:72:c7:6c:72:c4:15:cc:43:b4:a9: 5b:1a:02:f2:02:3b:f4:0c:4d:0b:79:e8:92:fe:67: 8a:c6:fe:50:10:de:c6:ff:b5:d8:d2:a7:06:13:8e: 35:da:67:d3:10:e0:aa:ba:e7:f3:42:22:bd:5c:66: c7:6d:40:bf:6b:28:83:3c:9c:45:08:1b:1a:75:c8: 9a:a8:5e:57:f3:b2:65:c6:a5:1b:ba:b5:cd:7c:a6: d4:e3:39:ef:e1:a0:c5:7a:37:e1:93:47:9d:40:14: aa:f4:d2:23:b7:e5:2b:29:a4:ae:c8:c2:f9:7c:b0: ef:10:86:2b:a4:c3:18:5f:d8:76:c9:b5:bd:a7:af: 91:50:3f:98:1d:de:4c:7b:24:fd:0e:c9:98:a6:15: c1:af Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4D:93:9A:9F:C0:F2:85:B7:B6:62:A8:2E:92:BA:C3:49:63:86:DC:E7 X509v3 Authority Key Identifier: keyid:85:B1:4A:89:0B:9B:D4:98:0D:97:E4:1B:B3:91:FC:C9:85:0F:CB:78 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D894F/0AF45E36012A11EFA5FD916FC4F9AE02/hbFKiQub1JgNl-Qbs5H8yYUPy3g.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hbFKiQub1JgNl-Qbs5H8yYUPy3g.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D894F/0AF45E36012A11EFA5FD916FC4F9AE02/61A59876012A11EFB75C350FC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 117.74.104.0/22 Signature Algorithm: sha256WithRSAEncryption 11:1c:a1:fa:82:2c:03:f9:5a:6c:a3:f5:7a:d4:c8:ed:7f:43: b9:80:59:ff:c9:b6:f4:c2:cd:07:09:d2:db:5a:f5:e4:3d:46: 8d:26:d8:5c:82:c1:00:14:c4:86:3f:80:62:ba:de:a3:2c:f8: 4c:d8:f8:37:89:80:a3:e5:07:98:42:b1:df:b9:7a:d9:44:e6: 7d:d7:51:27:bd:f5:ac:75:ac:d0:75:12:07:72:07:3b:84:46: 58:0c:16:92:ea:d7:2e:f5:be:d4:34:24:f2:1e:a3:f2:9d:8d: 59:45:79:bb:ea:12:27:93:26:e6:3b:22:e2:52:dc:dc:f6:b7: dd:31:ed:37:48:63:f8:4d:8b:8c:30:68:2d:e2:35:e9:34:18: 03:5f:1a:fd:36:20:07:03:4a:58:ea:52:bd:ea:97:cc:0e:b2: e1:dd:1c:97:20:32:01:89:df:54:5d:ad:a5:1e:02:00:e2:9c: 09:39:8d:b0:42:a5:d2:44:18:c8:59:46:f8:d1:e3:92:a3:4e: 31:1d:7d:be:f1:b8:74:71:82:b2:8e:ba:6f:de:91:ef:ed:75: 2a:3d:5c:6b:b9:10:70:cf:1e:4a:67:dd:74:bc:6a:d5:84:aa: 92:0b:24:a1:01:3e:79:67:13:43:cf:22:22:f3:99:cd:61:3f: a0:a7:a1:25 -----BEGIN CERTIFICATE----- MIIFcDCCBFigAwIBAgIBRTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFE ODk0RjExMC8GA1UEBRMoODVCMTRBODkwQjlCRDQ5ODBEOTdFNDFCQjM5MUZDQzk4 NTBGQ0I3ODAeFw0yNDA4MTkwNzA5MTNaFw0yNTEwMzEwMDAwMDBaMBgxFjAUBgNV BAMTDTY2YzJlZjk5LTc0YzkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQC74PNzY4QxB7NNfMHQvMpBKVcrrib/XsZ2waYcBAV3bMG+th5TyhekG+zkEGVO wb8Gv8cpP/3uithACqGuFnUow96s+gRE1osbKxGC5xOyALsUxk5BIAQzKO/DXQWp WgeFEvaEK/iSTChLQX6pcsdscsQVzEO0qVsaAvICO/QMTQt56JL+Z4rG/lAQ3sb/ tdjSpwYTjjXaZ9MQ4Kq65/NCIr1cZsdtQL9rKIM8nEUIGxp1yJqoXlfzsmXGpRu6 tc18ptTjOe/hoMV6N+GTR51AFKr00iO35SsppK7Iwvl8sO8Qhiukwxhf2HbJtb2n r5FQP5gd3kx7JP0OyZimFcGvAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUTZOan8Dy hbe2YqgukrrDSWOG3OcwHwYDVR0jBBgwFoAUhbFKiQub1JgNl+Qbs5H8yYUPy3gw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUQ4OTRGLzBBRjQ1RTM2MDEy QTExRUZBNUZEOTE2RkM0RjlBRTAyL2hiRktpUXViMUpnTmwtUWJzNUg4eVlVUHkz Zy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvaGJGS2lRdWIxSmdObC1RYnM1SDh5WVVQeTNnLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE ODk0Ri8wQUY0NUUzNjAxMkExMUVGQTVGRDkxNkZDNEY5QUUwMi82MUE1OTg3NjAx MkExMUVGQjc1QzM1MEZDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ MA4wDAQCAAEwBgMEAnVKaDANBgkqhkiG9w0BAQsFAAOCAQEAERyh+oIsA/labKP1 etTI7X9DuYBZ/8m29MLNBwnS21r15D1GjSbYXILBABTEhj+AYrreoyz4TNj4N4mA o+UHmEKx37l62UTmfddRJ731rHWs0HUSB3IHO4RGWAwWkurXLvW+1DQk8h6j8p2N WUV5u+oSJ5Mm5jsi4lLc3Pa33THtN0hj+E2LjDBoLeI16TQYA18a/TYgBwNKWOpS veqXzA6y4d0clyAyAYnfVF2tpR4CAOKcCTmNsEKl0kQYyFlG+NHjkqNOMR19vvG4 dHGCso66b96R7+11Kj1ca7kQcM8eSmfddLxq1YSqkgskoQE+eWcTQ88iIvOZzWE/ oKehJQ== -----END CERTIFICATE-----Generated at Sat Sep 7 08:40:29 2024 by rpki-client on console-fra.rpki-client.org