$ rpki-client -vvf rpki.apnic.net/member_repository/A91DCD09/EAC7EEA0112D11EC8D87057DC4F9AE02/CE99A9F2D33811EDAAE97C1BC4F9AE02.roa File: CE99A9F2D33811EDAAE97C1BC4F9AE02.roa (raw, json) Hash identifier: YZwNutRVemyQTlte1eEv/AcDXWm1xtlx4204L/kTObo= Subject key identifier: 72:16:DC:EC:6D:DE:BF:13:9C:D0:E4:C4:BA:48:3F:88:EC:8D:F3:68 Certificate issuer: /CN=A91DCD09/serialNumber=ADB98978FD751F99D9A8EB2AE72D3C0C550453A4 Certificate serial: 049E Authority key identifier: AD:B9:89:78:FD:75:1F:99:D9:A8:EB:2A:E7:2D:3C:0C:55:04:53:A4 Authority info access: rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/rbmJeP11H5nZqOsq5y08DFUEU6Q.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91DCD09/EAC7EEA0112D11EC8D87057DC4F9AE02/CE99A9F2D33811EDAAE97C1BC4F9AE02.roa Signing time: Tue 24 Sep 2024 16:54:18 +0000 ROA not before: Tue 24 Sep 2024 16:54:18 +0000 ROA not after: Mon 01 Dec 2025 00:00:00 +0000 asID: 14618 IP address blocks: 213.170.156.0/24 maxlen: 24 213.170.157.0/24 maxlen: 24 213.170.158.0/24 maxlen: 24 213.170.159.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91DCD09/EAC7EEA0112D11EC8D87057DC4F9AE02/rbmJeP11H5nZqOsq5y08DFUEU6Q.crl rsync://rpki.apnic.net/member_repository/A91DCD09/EAC7EEA0112D11EC8D87057DC4F9AE02/rbmJeP11H5nZqOsq5y08DFUEU6Q.mft rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/rbmJeP11H5nZqOsq5y08DFUEU6Q.cer rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.crl rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 Nov 2024 14:50:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1182 (0x49e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91DCD09/serialNumber=ADB98978FD751F99D9A8EB2AE72D3C0C550453A4 Validity Not Before: Sep 24 16:54:18 2024 GMT Not After : Dec 1 00:00:00 2025 GMT Subject: CN=66f2eeba-942b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:64:cc:1e:e3:76:3b:1d:e9:5c:f1:f6:aa:f9: b2:bb:69:19:dc:37:92:42:17:34:fa:30:58:52:4b: 2d:7a:4a:ee:e3:6a:29:d2:dd:04:c5:f8:e2:66:94: 0f:25:08:ab:ce:c8:33:a4:32:5d:e2:0b:6c:1f:73: ec:ae:e0:89:e2:74:23:5b:c0:f8:a7:0a:a0:0f:f1: e2:a9:6b:ea:e7:49:db:9b:f9:06:24:89:8f:48:cc: 7a:e0:07:f0:9f:c5:7c:45:6c:04:83:42:b3:4a:8f: f5:05:af:b8:91:fb:1f:64:1e:86:64:f1:fe:a7:8d: be:e9:45:4e:45:8c:1b:38:b4:4d:10:a3:23:24:8d: cc:89:db:3c:92:e8:db:06:c0:a2:11:aa:53:59:82: 27:69:6a:2e:1d:6f:ae:1d:0b:01:7d:39:62:8a:ef: 3e:eb:a8:ad:4b:8b:9d:78:41:a3:cd:49:45:2c:10: ad:d6:83:1e:26:f0:df:68:e1:9a:19:7d:da:9c:f6: b5:26:2d:5a:62:e8:08:63:bf:ed:cf:ed:21:d1:14: ed:3a:b9:6d:66:b2:ff:dd:88:a4:28:98:13:52:01: 71:13:2d:e5:70:46:e9:48:3c:3d:73:3f:60:72:7d: 4d:4e:1a:b4:b2:f4:73:1c:de:7d:18:2a:8e:fd:bd: 7b:a5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 72:16:DC:EC:6D:DE:BF:13:9C:D0:E4:C4:BA:48:3F:88:EC:8D:F3:68 X509v3 Authority Key Identifier: keyid:AD:B9:89:78:FD:75:1F:99:D9:A8:EB:2A:E7:2D:3C:0C:55:04:53:A4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91DCD09/EAC7EEA0112D11EC8D87057DC4F9AE02/rbmJeP11H5nZqOsq5y08DFUEU6Q.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/rbmJeP11H5nZqOsq5y08DFUEU6Q.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DCD09/EAC7EEA0112D11EC8D87057DC4F9AE02/CE99A9F2D33811EDAAE97C1BC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 213.170.156.0/22 Signature Algorithm: sha256WithRSAEncryption 75:ae:a4:d5:1e:a6:25:d9:bd:c5:e3:2e:51:98:1e:61:61:45: 29:24:fb:c1:ff:7f:89:2d:b7:10:31:02:83:a2:12:8a:9e:b5: 37:94:b5:e6:01:56:74:00:e1:c8:ff:dc:6e:2c:98:dd:66:45: 38:9d:2c:66:1f:c8:6b:e7:46:24:80:cf:ca:c4:b6:80:3c:69: ed:ae:7f:af:fe:22:8f:b8:23:2f:4d:22:23:c1:42:cf:a3:a3: 2f:70:a3:85:c5:7a:64:fa:6d:96:cf:c7:1d:c3:e7:92:00:3d: 9b:42:13:98:5d:08:1c:f7:14:e6:fb:e9:f4:fc:f2:7f:c1:33: 4d:47:24:35:34:86:9c:97:fd:df:00:a4:0f:35:3a:ff:62:bf: 66:53:6f:8e:71:cc:60:93:9e:d1:16:65:1b:5e:8a:b5:4f:94: b7:e9:fa:df:10:e4:2f:66:05:28:87:bf:49:75:f1:ab:70:15: 8b:dc:d5:83:53:b4:ea:b1:ed:f4:69:ca:41:18:ac:cd:d5:e8: 62:4f:5c:6a:a8:47:e5:d1:b5:6a:4c:8f:75:a6:e5:a5:9e:e3: 07:83:fb:bf:13:48:e7:19:64:06:28:09:41:4a:93:57:bf:3f: f4:8d:10:40:cb:bf:83:13:38:02:e4:47:c6:3e:6a:37:85:3b: f2:f2:00:e8 -----BEGIN CERTIFICATE----- MIIFcTCCBFmgAwIBAgICBJ4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RENEMDkxMTAvBgNVBAUTKEFEQjk4OTc4RkQ3NTFGOTlEOUE4RUIyQUU3MkQzQzBD NTUwNDUzQTQwHhcNMjQwOTI0MTY1NDE4WhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD VQQDEw02NmYyZWViYS05NDJiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA0mTMHuN2Ox3pXPH2qvmyu2kZ3DeSQhc0+jBYUkstekru42op0t0ExfjiZpQP JQirzsgzpDJd4gtsH3PsruCJ4nQjW8D4pwqgD/HiqWvq50nbm/kGJImPSMx64Afw n8V8RWwEg0KzSo/1Ba+4kfsfZB6GZPH+p42+6UVORYwbOLRNEKMjJI3Mids8kujb BsCiEapTWYInaWouHW+uHQsBfTliiu8+66itS4udeEGjzUlFLBCt1oMeJvDfaOGa GX3anPa1Ji1aYugIY7/tz+0h0RTtOrltZrL/3YikKJgTUgFxEy3lcEbpSDw9cz9g cn1NThq0svRzHN59GCqO/b17pQIDAQABo4IClTCCApEwHQYDVR0OBBYEFHIW3Oxt 3r8TnNDkxLpIP4jsjfNoMB8GA1UdIwQYMBaAFK25iXj9dR+Z2ajrKuctPAxVBFOk MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEQ0QwOS9FQUM3RUVBMDEx MkQxMUVDOEQ4NzA1N0RDNEY5QUUwMi9yYm1KZVAxMUg1blpxT3NxNXkwOERGVUVV NlEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzMjJBNUY0MUQ2NjExRTJBM0YyN0Y3Qzcy RkQxRkYyL3JibUplUDExSDVuWnFPc3E1eTA4REZVRVU2US5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RENEMDkvRUFDN0VFQTAxMTJEMTFFQzhEODcwNTdEQzRGOUFFMDIvQ0U5OUE5RjJE MzM4MTFFREFBRTk3QzFCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E EDAOMAwEAgABMAYDBALVqpwwDQYJKoZIhvcNAQELBQADggEBAHWupNUepiXZvcXj LlGYHmFhRSkk+8H/f4kttxAxAoOiEoqetTeUteYBVnQA4cj/3G4smN1mRTidLGYf yGvnRiSAz8rEtoA8ae2uf6/+Io+4Iy9NIiPBQs+joy9wo4XFemT6bZbPxx3D55IA PZtCE5hdCBz3FOb76fT88n/BM01HJDU0hpyX/d8ApA81Ov9iv2ZTb45xzGCTntEW ZRteirVPlLfp+t8Q5C9mBSiHv0l18atwFYvc1YNTtOqx7fRpykEYrM3V6GJPXGqo R+XRtWpMj3Wm5aWe4weD+78TSOcZZAYoCUFKk1e/P/SNEEDLv4MTOALkR8Y+ajeF O/LyAOg= -----END CERTIFICATE-----Generated at Wed Nov 20 18:45:06 2024 by rpki-client on console-fra.rpki-client.org