$ rpki-client -vvf rpki.apnic.net/member_repository/A91DD799/151349981D9511E2BDEBB9F908B02CD2/309BECEE09DA11EBB9839313C4F9AE02.roa File: 309BECEE09DA11EBB9839313C4F9AE02.roa (raw, json) Hash identifier: t/NnMy3xpmssx9DBTqRefxAqemELZw1L5Qwj8l5jaiw= Subject key identifier: 37:35:30:3C:5F:4A:FE:2D:23:1A:5E:7C:42:C3:12:F8:A1:09:A7:FC Certificate issuer: /CN=A91DD799/serialNumber=F672D3B6244CA4C8D3FE200826A8A49FAB2C7612 Certificate serial: 3409 Authority key identifier: F6:72:D3:B6:24:4C:A4:C8:D3:FE:20:08:26:A8:A4:9F:AB:2C:76:12 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9nLTtiRMpMjT_iAIJqikn6ssdhI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91DD799/151349981D9511E2BDEBB9F908B02CD2/309BECEE09DA11EBB9839313C4F9AE02.roa Signing time: Mon 26 Aug 2024 15:01:16 +0000 ROA not before: Mon 26 Aug 2024 15:01:16 +0000 ROA not after: Fri 31 Oct 2025 00:00:00 +0000 asID: 4749 IP address blocks: 180.235.156.0/24 maxlen: 24 180.235.157.0/24 maxlen: 24 180.235.158.0/24 maxlen: 24 180.235.159.0/24 maxlen: 24 203.62.208.0/24 maxlen: 24 203.62.209.0/24 maxlen: 24 203.62.210.0/24 maxlen: 24 203.62.211.0/24 maxlen: 24 203.62.212.0/24 maxlen: 24 203.62.213.0/24 maxlen: 24 203.62.214.0/24 maxlen: 24 203.62.215.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91DD799/151349981D9511E2BDEBB9F908B02CD2/9nLTtiRMpMjT_iAIJqikn6ssdhI.crl rsync://rpki.apnic.net/member_repository/A91DD799/151349981D9511E2BDEBB9F908B02CD2/9nLTtiRMpMjT_iAIJqikn6ssdhI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9nLTtiRMpMjT_iAIJqikn6ssdhI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Nov 2024 14:49:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13321 (0x3409) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91DD799/serialNumber=F672D3B6244CA4C8D3FE200826A8A49FAB2C7612 Validity Not Before: Aug 26 15:01:16 2024 GMT Not After : Oct 31 00:00:00 2025 GMT Subject: CN=66cc98bc-7a6f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:77:c3:9b:54:89:60:12:f1:65:e2:f0:2e:4d: 9f:3d:a4:d7:cf:34:35:8a:c5:ee:48:2a:c8:68:30: 66:ef:3b:26:58:6d:eb:23:45:bd:6a:ea:21:06:94: a0:f3:4d:bc:7c:d3:86:d9:47:43:00:b2:df:40:e0: 6f:3a:f4:70:24:d4:7c:c7:57:af:8f:7f:c7:64:13: b9:76:c0:b0:41:cc:6d:d2:17:1b:93:df:fd:e4:14: 74:c0:a9:f5:36:7e:d1:27:c4:f8:8e:f2:27:96:e0: 08:04:ab:de:c2:5c:34:4d:80:81:15:6c:3c:3e:6f: 64:89:a9:b6:3a:85:44:4e:c3:9a:62:11:26:ad:df: 7c:b9:a2:ef:b6:20:06:07:bb:ea:b3:c7:fb:14:6e: 1f:5d:d7:72:41:4b:d4:a7:1f:3e:4f:54:58:dc:0f: e0:0e:2c:b3:bb:6f:c8:56:2b:e4:25:70:ad:9e:1e: 72:b5:9c:8f:5e:ae:09:9f:f4:dd:01:0e:df:1b:17: 6a:55:a9:b9:b9:4c:7d:8f:89:e5:bf:07:df:83:61: 1d:00:d8:ea:f2:da:60:81:e1:c5:2e:69:f0:e2:c6: 77:8f:e6:de:9b:e3:33:e1:aa:fc:18:6c:6d:45:d0: 03:5c:b3:19:ab:13:1a:c6:44:a8:fe:f6:0f:58:32: 03:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 37:35:30:3C:5F:4A:FE:2D:23:1A:5E:7C:42:C3:12:F8:A1:09:A7:FC X509v3 Authority Key Identifier: keyid:F6:72:D3:B6:24:4C:A4:C8:D3:FE:20:08:26:A8:A4:9F:AB:2C:76:12 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91DD799/151349981D9511E2BDEBB9F908B02CD2/9nLTtiRMpMjT_iAIJqikn6ssdhI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9nLTtiRMpMjT_iAIJqikn6ssdhI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DD799/151349981D9511E2BDEBB9F908B02CD2/309BECEE09DA11EBB9839313C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 180.235.156.0/22 203.62.208.0/21 Signature Algorithm: sha256WithRSAEncryption 7d:8d:4e:4f:23:6a:45:4e:34:fd:b1:8f:11:02:50:f3:a4:e4: ad:e9:d6:41:68:3f:70:ac:39:85:d2:c8:48:b8:b0:4a:70:f6: ff:25:33:30:3d:76:f4:96:ae:80:d1:92:45:70:6c:b5:2b:56: d2:87:ce:87:c2:6f:f0:b2:4c:27:14:0d:12:86:08:1c:4d:25: c1:b6:18:e1:b4:d0:0a:4f:c7:86:4d:c9:6f:3e:c0:22:61:24: ac:51:1b:c6:a7:51:4c:41:62:8e:40:18:c7:13:c0:77:1e:75: 4d:40:e3:f9:e9:86:66:77:0f:60:75:94:57:2a:36:d0:71:9e: a0:e4:20:7a:3a:30:83:41:74:22:8f:14:a3:9c:14:1d:55:26: e3:c9:ea:17:70:2e:ba:6b:8b:9b:2f:32:ad:e4:7c:3f:79:68: e0:c5:3e:a2:a9:d5:53:9f:fb:23:24:05:10:2f:10:33:ce:cb: c1:ec:4e:2a:7c:1e:07:d2:3c:fa:db:2e:90:f0:01:5f:a9:e0: 1c:f4:f1:41:31:c0:96:b4:dc:f0:a0:7b:cd:d3:18:f6:34:19: 36:cd:50:a9:b8:e8:3d:dd:6a:a5:e1:13:1e:5e:a2:7f:a1:5e: d2:63:d6:21:c6:fa:89:a4:23:e3:cf:1c:2b:10:ec:28:a0:44: b7:0e:c1:73 -----BEGIN CERTIFICATE----- MIIFdzCCBF+gAwIBAgICNAkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx REQ3OTkxMTAvBgNVBAUTKEY2NzJEM0I2MjQ0Q0E0QzhEM0ZFMjAwODI2QThBNDlG QUIyQzc2MTIwHhcNMjQwODI2MTUwMTE2WhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NmNjOThiYy03YTZmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAq3fDm1SJYBLxZeLwLk2fPaTXzzQ1isXuSCrIaDBm7zsmWG3rI0W9auohBpSg 8028fNOG2UdDALLfQOBvOvRwJNR8x1evj3/HZBO5dsCwQcxt0hcbk9/95BR0wKn1 Nn7RJ8T4jvInluAIBKvewlw0TYCBFWw8Pm9kiam2OoVETsOaYhEmrd98uaLvtiAG B7vqs8f7FG4fXddyQUvUpx8+T1RY3A/gDiyzu2/IVivkJXCtnh5ytZyPXq4Jn/Td AQ7fGxdqVam5uUx9j4nlvwffg2EdANjq8tpggeHFLmnw4sZ3j+bem+Mz4ar8GGxt RdADXLMZqxMaxkSo/vYPWDIDnwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFDc1MDxf Sv4tIxpefELDEvihCaf8MB8GA1UdIwQYMBaAFPZy07YkTKTI0/4gCCaopJ+rLHYS MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFERDc5OS8xNTEzNDk5ODFE OTUxMUUyQkRFQkI5RjkwOEIwMkNEMi85bkxUdGlSTXBNalRfaUFJSnFpa242c3Nk aEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzluTFR0aVJNcE1qVF9pQUlKcWlrbjZzc2RoSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx REQ3OTkvMTUxMzQ5OTgxRDk1MTFFMkJERUJCOUY5MDhCMDJDRDIvMzA5QkVDRUUw OURBMTFFQkI5ODM5MzEzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E FjAUMBIEAgABMAwDBAK065wDBAPLPtAwDQYJKoZIhvcNAQELBQADggEBAH2NTk8j akVONP2xjxECUPOk5K3p1kFoP3CsOYXSyEi4sEpw9v8lMzA9dvSWroDRkkVwbLUr VtKHzofCb/CyTCcUDRKGCBxNJcG2GOG00ApPx4ZNyW8+wCJhJKxRG8anUUxBYo5A GMcTwHcedU1A4/nphmZ3D2B1lFcqNtBxnqDkIHo6MINBdCKPFKOcFB1VJuPJ6hdw Lrpri5svMq3kfD95aODFPqKp1VOf+yMkBRAvEDPOy8HsTip8HgfSPPrbLpDwAV+p 4Bz08UExwJa03PCge83TGPY0GTbNUKm46D3daqXhEx5eon+hXtJj1iHG+omkI+PP HCsQ7CigRLcOwXM= -----END CERTIFICATE-----Generated at Fri Nov 22 16:50:05 2024 by rpki-client on console-ams.rpki-client.org