$ rpki-client -vvf rpki.apnic.net/member_repository/A91DDCB6/E883DFD6CC3D11EA8BC45C29C4F9AE02/A7034AFA7F8411EC9036F64CC4F9AE02.roa File: A7034AFA7F8411EC9036F64CC4F9AE02.roa (raw, json) Hash identifier: f9tQPToB76p1pPXGROGF6QphrQQvfLBw4Gw3PGjwt1Y= Subject key identifier: 41:D7:E4:9E:A3:50:12:AC:FE:2B:77:40:94:49:31:2D:51:9E:0B:10 Certificate issuer: /CN=A91DDCB6/serialNumber=65DFF2EE3F9BB2EB24551E1D18F1D63DEC0A6E17 Certificate serial: 07E7 Authority key identifier: 65:DF:F2:EE:3F:9B:B2:EB:24:55:1E:1D:18:F1:D6:3D:EC:0A:6E:17 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/Zd_y7j-bsuskVR4dGPHWPewKbhc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91DDCB6/E883DFD6CC3D11EA8BC45C29C4F9AE02/A7034AFA7F8411EC9036F64CC4F9AE02.roa Signing time: Tue 08 Oct 2024 20:59:48 +0000 ROA not before: Tue 08 Oct 2024 20:59:48 +0000 ROA not after: Tue 30 Dec 2025 00:00:00 +0000 asID: 132420 IP address blocks: 146.88.24.0/22 maxlen: 24 164.52.192.0/19 maxlen: 24 205.147.96.0/21 maxlen: 24 205.147.108.0/22 maxlen: 24 216.48.176.0/20 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91DDCB6/E883DFD6CC3D11EA8BC45C29C4F9AE02/Zd_y7j-bsuskVR4dGPHWPewKbhc.crl rsync://rpki.apnic.net/member_repository/A91DDCB6/E883DFD6CC3D11EA8BC45C29C4F9AE02/Zd_y7j-bsuskVR4dGPHWPewKbhc.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/Zd_y7j-bsuskVR4dGPHWPewKbhc.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 Nov 2024 19:45:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2023 (0x7e7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91DDCB6/serialNumber=65DFF2EE3F9BB2EB24551E1D18F1D63DEC0A6E17 Validity Not Before: Oct 8 20:59:48 2024 GMT Not After : Dec 30 00:00:00 2025 GMT Subject: CN=67059d43-d9f5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:b0:c2:e9:35:5c:d8:30:5b:cd:f9:52:92:2f: 75:d1:7f:28:81:b8:5e:c0:a7:b5:70:bb:c3:4c:ab: 59:d0:5b:eb:10:38:f3:18:0f:42:c9:18:f7:58:0e: 81:d1:fe:ee:e1:9d:1b:d1:28:0d:02:bb:65:5e:62: 59:5b:81:4e:53:23:c4:d6:20:28:a7:b2:3f:81:91: af:cb:d5:70:80:c1:7e:f0:67:4b:a6:6a:b0:69:43: 98:b6:32:c1:48:cb:b9:19:59:a2:72:27:b3:f6:bf: 30:99:cd:eb:81:52:12:bb:84:55:c2:33:99:e8:fd: a6:9b:20:6b:70:19:8d:a7:ed:e9:82:3c:44:f5:c3: 5d:ef:f8:ab:bd:3b:2b:ff:2d:6c:19:22:8e:ce:a7: bb:c4:a4:83:38:02:1a:ec:69:6b:d5:1e:20:42:ad: 61:d0:4b:60:b9:f3:d0:d1:a0:6c:0f:15:d7:cf:0c: 2e:8d:9f:7c:fe:f7:51:c2:53:be:38:cb:70:f7:af: 25:0f:5d:cd:ba:29:c9:85:42:73:6e:7d:89:5b:73: f4:c7:c1:77:48:35:38:ec:d7:3d:e5:5f:84:8d:b2: ad:07:50:a9:28:4d:19:50:4b:1e:6d:c2:43:ea:b8: 97:1c:50:89:71:d9:d0:f3:28:3d:2c:4d:20:c1:20: 07:ff Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 41:D7:E4:9E:A3:50:12:AC:FE:2B:77:40:94:49:31:2D:51:9E:0B:10 X509v3 Authority Key Identifier: keyid:65:DF:F2:EE:3F:9B:B2:EB:24:55:1E:1D:18:F1:D6:3D:EC:0A:6E:17 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91DDCB6/E883DFD6CC3D11EA8BC45C29C4F9AE02/Zd_y7j-bsuskVR4dGPHWPewKbhc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/Zd_y7j-bsuskVR4dGPHWPewKbhc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DDCB6/E883DFD6CC3D11EA8BC45C29C4F9AE02/A7034AFA7F8411EC9036F64CC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 146.88.24.0/22 164.52.192.0/19 205.147.96.0/21 205.147.108.0/22 216.48.176.0/20 Signature Algorithm: sha256WithRSAEncryption 28:51:41:dc:1f:fe:74:80:88:02:91:75:7b:a3:7a:a6:b2:8e: d6:3c:34:f5:da:80:85:82:62:05:2b:06:38:5c:0f:0b:ad:b4: c5:09:c6:1d:92:97:29:f9:ec:bc:65:e4:16:bc:b8:e8:6d:1a: 39:a6:ed:68:4b:61:96:10:b5:8e:a1:d0:2e:00:84:65:21:ee: 97:65:bc:8e:aa:16:07:8e:c5:c1:8b:93:1b:e0:c3:54:0b:16: 6b:92:a9:5a:86:3d:03:68:fe:2e:2b:d3:2b:f6:46:be:3a:90: eb:bc:07:99:5e:38:d3:3d:10:ee:01:fc:c3:04:e5:d2:36:66: 0e:c4:c8:26:f9:fa:26:28:75:34:a0:c2:41:f0:83:64:59:01: 5b:d8:da:15:b8:c4:e7:a1:12:1e:7f:2b:50:de:a8:37:e4:89: 3f:25:55:50:81:3f:37:8a:9b:04:4b:0e:af:f0:ae:0c:25:d0: 64:6d:9b:2a:01:a4:c9:11:a3:e2:0b:22:9a:14:38:59:bd:1b: d6:d3:93:f8:76:9b:14:04:1a:15:70:f4:cb:c1:cf:59:db:77: c6:d7:ff:9e:e5:9f:61:97:26:49:92:48:86:b9:a7:1b:2d:a5: 5a:67:4d:15:95:12:c2:d8:43:05:a6:58:03:03:26:55:37:32: ab:72:e1:c1 -----BEGIN CERTIFICATE----- MIIFiTCCBHGgAwIBAgICB+cwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RERDQjYxMTAvBgNVBAUTKDY1REZGMkVFM0Y5QkIyRUIyNDU1MUUxRDE4RjFENjNE RUMwQTZFMTcwHhcNMjQxMDA4MjA1OTQ4WhcNMjUxMjMwMDAwMDAwWjAYMRYwFAYD VQQDEw02NzA1OWQ0My1kOWY1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEApbDC6TVc2DBbzflSki910X8ogbhewKe1cLvDTKtZ0FvrEDjzGA9CyRj3WA6B 0f7u4Z0b0SgNArtlXmJZW4FOUyPE1iAop7I/gZGvy9VwgMF+8GdLpmqwaUOYtjLB SMu5GVmiciez9r8wmc3rgVISu4RVwjOZ6P2mmyBrcBmNp+3pgjxE9cNd7/irvTsr /y1sGSKOzqe7xKSDOAIa7Glr1R4gQq1h0EtgufPQ0aBsDxXXzwwujZ98/vdRwlO+ OMtw968lD13NuinJhUJzbn2JW3P0x8F3SDU47Nc95V+EjbKtB1CpKE0ZUEsebcJD 6riXHFCJcdnQ8yg9LE0gwSAH/wIDAQABo4ICrTCCAqkwHQYDVR0OBBYEFEHX5J6j UBKs/it3QJRJMS1RngsQMB8GA1UdIwQYMBaAFGXf8u4/m7LrJFUeHRjx1j3sCm4X MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFERENCNi9FODgzREZENkND M0QxMUVBOEJDNDVDMjlDNEY5QUUwMi9aZF95N2otYnN1c2tWUjRkR1BIV1Bld0ti aGMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL1pkX3k3ai1ic3Vza1ZSNGRHUEhXUGV3S2JoYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RERDQjYvRTg4M0RGRDZDQzNEMTFFQThCQzQ1QzI5QzRGOUFFMDIvQTcwMzRBRkE3 Rjg0MTFFQzkwMzZGNjRDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNwYIKwYBBQUHAQcBAf8E KDAmMCQEAgABMB4DBAKSWBgDBAWkNMADBAPNk2ADBALNk2wDBATYMLAwDQYJKoZI hvcNAQELBQADggEBAChRQdwf/nSAiAKRdXujeqayjtY8NPXagIWCYgUrBjhcDwut tMUJxh2Slyn57Lxl5Ba8uOhtGjmm7WhLYZYQtY6h0C4AhGUh7pdlvI6qFgeOxcGL kxvgw1QLFmuSqVqGPQNo/i4r0yv2Rr46kOu8B5leONM9EO4B/MME5dI2Zg7EyCb5 +iYodTSgwkHwg2RZAVvY2hW4xOehEh5/K1DeqDfkiT8lVVCBPzeKmwRLDq/wrgwl 0GRtmyoBpMkRo+ILIpoUOFm9G9bTk/h2mxQEGhVw9MvBz1nbd8bX/57ln2GXJkmS SIa5pxstpVpnTRWVEsLYQwWmWAMDJlU3Mqty4cE= -----END CERTIFICATE-----Generated at Wed Nov 20 23:56:01 2024 by rpki-client on console-ams.rpki-client.org