$ rpki-client -vvf rpki.apnic.net/member_repository/A91DDCB6/F077598ECC3D11EA8BC45C29C4F9AE02/9CB5878688DD11ECAC36C11FC4F9AE02.roa File: 9CB5878688DD11ECAC36C11FC4F9AE02.roa (raw, json) Hash identifier: AdjuOXYS3zA7izh/H5q+WmUmDKawZvVShn5CM75yFQs= Subject key identifier: BC:C9:F7:C8:43:26:21:C8:65:8D:73:C4:87:32:C9:27:84:51:EF:F3 Certificate issuer: /CN=A91DDCB6/serialNumber=FEA14F23FDB977AC6489D2106E35E023B28968DC Certificate serial: 0807 Authority key identifier: FE:A1:4F:23:FD:B9:77:AC:64:89:D2:10:6E:35:E0:23:B2:89:68:DC Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_qFPI_25d6xkidIQbjXgI7KJaNw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91DDCB6/F077598ECC3D11EA8BC45C29C4F9AE02/9CB5878688DD11ECAC36C11FC4F9AE02.roa Signing time: Tue 08 Oct 2024 20:59:50 +0000 ROA not before: Tue 08 Oct 2024 20:59:50 +0000 ROA not after: Tue 30 Dec 2025 00:00:00 +0000 asID: 132420 IP address blocks: 43.252.88.0/22 maxlen: 24 101.53.128.0/19 maxlen: 24 103.20.212.0/22 maxlen: 24 103.250.244.0/22 maxlen: 24 116.204.172.0/22 maxlen: 24 139.5.188.0/22 maxlen: 24 2001:df0:411::/48 maxlen: 48 2001:df4:3500::/48 maxlen: 48 2406:69c0::/32 maxlen: 36 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91DDCB6/F077598ECC3D11EA8BC45C29C4F9AE02/_qFPI_25d6xkidIQbjXgI7KJaNw.crl rsync://rpki.apnic.net/member_repository/A91DDCB6/F077598ECC3D11EA8BC45C29C4F9AE02/_qFPI_25d6xkidIQbjXgI7KJaNw.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_qFPI_25d6xkidIQbjXgI7KJaNw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 Nov 2024 20:33:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2055 (0x807) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91DDCB6/serialNumber=FEA14F23FDB977AC6489D2106E35E023B28968DC Validity Not Before: Oct 8 20:59:50 2024 GMT Not After : Dec 30 00:00:00 2025 GMT Subject: CN=67059d46-54f0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:a1:0e:98:12:5b:05:20:bc:f6:f1:91:10:b8: 36:02:b5:2e:ea:95:2a:fe:87:ba:8f:9a:11:78:b6: b9:c3:05:98:4b:b6:30:0d:cb:b7:30:1f:08:eb:e8: 54:a3:ef:32:9a:97:b6:ae:7c:a8:ca:0a:a2:9d:3d: 05:67:4d:69:69:54:87:e1:49:74:7b:41:d9:35:a9: 06:fc:10:14:76:26:64:ba:d3:d7:c6:90:ab:bc:72: ed:77:be:a3:4b:27:b0:dd:2c:d6:04:ab:04:92:c0: f6:a0:e7:78:29:4f:c2:08:47:0a:78:4d:01:63:fd: 6a:96:d5:ec:fc:01:23:48:14:8e:96:52:43:e5:3a: e6:c8:b7:4f:78:4c:56:27:21:d7:4a:aa:c2:3a:41: 8f:37:d7:fb:70:51:02:d3:f6:44:1e:a9:e8:da:f3: 24:65:9e:a8:6f:98:e5:b6:dc:ca:d6:a2:84:b1:88: c0:81:e1:ed:6f:35:00:23:b0:7d:48:60:20:c3:86: b8:df:b0:ad:d3:ce:b7:da:94:11:48:8f:05:70:4f: c2:35:6b:45:b5:07:07:75:a0:ff:dd:ee:0e:18:c8: b9:1b:ad:ef:9c:8f:e5:4f:1d:80:a7:5b:6c:78:ee: 42:41:3b:91:2b:53:27:53:03:93:3c:cb:d1:52:72: 77:6d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BC:C9:F7:C8:43:26:21:C8:65:8D:73:C4:87:32:C9:27:84:51:EF:F3 X509v3 Authority Key Identifier: keyid:FE:A1:4F:23:FD:B9:77:AC:64:89:D2:10:6E:35:E0:23:B2:89:68:DC X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91DDCB6/F077598ECC3D11EA8BC45C29C4F9AE02/_qFPI_25d6xkidIQbjXgI7KJaNw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_qFPI_25d6xkidIQbjXgI7KJaNw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DDCB6/F077598ECC3D11EA8BC45C29C4F9AE02/9CB5878688DD11ECAC36C11FC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.252.88.0/22 101.53.128.0/19 103.20.212.0/22 103.250.244.0/22 116.204.172.0/22 139.5.188.0/22 IPv6: 2001:df0:411::/48 2001:df4:3500::/48 2406:69c0::/32 Signature Algorithm: sha256WithRSAEncryption 89:b3:11:88:88:d5:0c:49:67:6a:02:18:6d:e3:54:ab:8e:ef: 51:c9:f7:da:19:68:28:bc:a9:f8:15:d4:c1:98:ba:f8:fb:16: 24:af:94:ed:fd:43:19:9b:a4:95:33:d9:16:48:a7:3c:bb:c6: 97:79:40:11:ce:37:31:e4:a7:74:da:2f:5e:1d:c1:c3:68:a3: 9d:7b:a7:bd:3c:ab:ea:39:ba:ef:2b:61:11:76:c8:d2:4a:7b: 4c:0f:59:77:a9:5a:8f:3c:a1:4d:f8:2d:57:cc:c4:8f:5b:dc: 82:f9:ae:8d:89:5a:4e:95:78:b9:fc:7c:e9:ba:26:2a:63:e3: 05:44:d1:36:19:e7:92:c7:3c:47:a7:98:76:27:1f:92:95:10: 52:bc:bb:9e:73:79:8d:4e:7a:40:a8:f4:d4:af:5b:66:17:50: 78:f2:eb:29:82:d1:44:54:67:d1:a3:3d:d3:76:09:b7:99:36: 2d:7c:74:75:1a:5e:a4:da:2d:17:7c:fd:9d:c3:47:50:74:36: ff:28:ab:af:cf:bc:64:be:ac:06:2c:a9:45:1f:72:e5:5f:c8: d4:30:ff:78:54:d2:12:39:5f:3a:69:f8:22:50:4b:72:fd:18: 9b:ee:2e:27:1a:20:d8:cc:9d:56:51:18:a4:d5:d1:9f:b7:a2: e7:81:23:b3 -----BEGIN CERTIFICATE----- MIIFsDCCBJigAwIBAgICCAcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RERDQjYxMTAvBgNVBAUTKEZFQTE0RjIzRkRCOTc3QUM2NDg5RDIxMDZFMzVFMDIz QjI4OTY4REMwHhcNMjQxMDA4MjA1OTUwWhcNMjUxMjMwMDAwMDAwWjAYMRYwFAYD VQQDEw02NzA1OWQ0Ni01NGYwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAw6EOmBJbBSC89vGRELg2ArUu6pUq/oe6j5oReLa5wwWYS7YwDcu3MB8I6+hU o+8ympe2rnyoygqinT0FZ01paVSH4Ul0e0HZNakG/BAUdiZkutPXxpCrvHLtd76j Syew3SzWBKsEksD2oOd4KU/CCEcKeE0BY/1qltXs/AEjSBSOllJD5TrmyLdPeExW JyHXSqrCOkGPN9f7cFEC0/ZEHqno2vMkZZ6ob5jlttzK1qKEsYjAgeHtbzUAI7B9 SGAgw4a437Ct08632pQRSI8FcE/CNWtFtQcHdaD/3e4OGMi5G63vnI/lTx2Ap1ts eO5CQTuRK1MnUwOTPMvRUnJ3bQIDAQABo4IC1DCCAtAwHQYDVR0OBBYEFLzJ98hD JiHIZY1zxIcyySeEUe/zMB8GA1UdIwQYMBaAFP6hTyP9uXesZInSEG414COyiWjc MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFERENCNi9GMDc3NTk4RUND M0QxMUVBOEJDNDVDMjlDNEY5QUUwMi9fcUZQSV8yNWQ2eGtpZElRYmpYZ0k3S0ph TncuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL19xRlBJXzI1ZDZ4a2lkSVFialhnSTdLSmFOdy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RERDQjYvRjA3NzU5OEVDQzNEMTFFQThCQzQ1QzI5QzRGOUFFMDIvOUNCNTg3ODY4 OEREMTFFQ0FDMzZDMTFGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwXgYIKwYBBQUHAQcBAf8E TzBNMCoEAgABMCQDBAIr/FgDBAVlNYADBAJnFNQDBAJn+vQDBAJ0zKwDBAKLBbww HwQCAAIwGQMHACABDfAEEQMHACABDfQ1AAMFACQGacAwDQYJKoZIhvcNAQELBQAD ggEBAImzEYiI1QxJZ2oCGG3jVKuO71HJ99oZaCi8qfgV1MGYuvj7FiSvlO39Qxmb pJUz2RZIpzy7xpd5QBHONzHkp3TaL14dwcNoo517p708q+o5uu8rYRF2yNJKe0wP WXepWo88oU34LVfMxI9b3IL5ro2JWk6VeLn8fOm6Jipj4wVE0TYZ55LHPEenmHYn H5KVEFK8u55zeY1OekCo9NSvW2YXUHjy6ymC0URUZ9GjPdN2CbeZNi18dHUaXqTa LRd8/Z3DR1B0Nv8oq6/PvGS+rAYsqUUfcuVfyNQw/3hU0hI5Xzpp+CJQS3L9GJvu LicaINjMnVZRGKTV0Z+3oueBI7M= -----END CERTIFICATE-----Generated at Wed Nov 20 23:56:01 2024 by rpki-client on console-ams.rpki-client.org