$ rpki-client -vvf rpki.apnic.net/member_repository/A91E7561/A26E06E0054C11ECBDB4FE46C4F9AE02/4235F184DACE11EE8E67437CC4F9AE02.roa File: 4235F184DACE11EE8E67437CC4F9AE02.roa (raw, json) Hash identifier: vC4UXjrHJ1z922WJWauMC07igQR8ZXrGlrFMLMIIdmQ= Subject key identifier: E9:27:97:E4:15:7E:E4:A8:C0:FC:91:B3:6F:AB:A3:F8:3D:79:30:C7 Certificate issuer: /CN=A91E7561/serialNumber=25BC7D4DE77BD01B3D191587696E5AFDD8CECD04 Certificate serial: 0552 Authority key identifier: 25:BC:7D:4D:E7:7B:D0:1B:3D:19:15:87:69:6E:5A:FD:D8:CE:CD:04 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Jbx9Ted70Bs9GRWHaW5a_djOzQQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E7561/A26E06E0054C11ECBDB4FE46C4F9AE02/4235F184DACE11EE8E67437CC4F9AE02.roa Signing time: Tue 03 Sep 2024 01:15:30 +0000 ROA not before: Tue 03 Sep 2024 01:15:30 +0000 ROA not after: Fri 31 Oct 2025 00:00:00 +0000 asID: 45629 IP address blocks: 14.207.0.0/16 maxlen: 17 27.130.0.0/16 maxlen: 17 43.245.144.0/22 maxlen: 23 49.48.0.0/15 maxlen: 17 103.16.204.0/22 maxlen: 23 110.164.0.0/16 maxlen: 17 110.164.11.0/24 maxlen: 24 110.164.14.0/24 maxlen: 24 110.164.17.0/24 maxlen: 24 110.164.21.0/24 maxlen: 24 110.164.28.0/24 maxlen: 24 171.4.0.0/14 maxlen: 17 180.183.0.0/16 maxlen: 17 183.88.0.0/15 maxlen: 17 223.204.0.0/14 maxlen: 17 2403:6200::/33 maxlen: 33 2403:6200:8000::/33 maxlen: 33 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E7561/A26E06E0054C11ECBDB4FE46C4F9AE02/Jbx9Ted70Bs9GRWHaW5a_djOzQQ.crl rsync://rpki.apnic.net/member_repository/A91E7561/A26E06E0054C11ECBDB4FE46C4F9AE02/Jbx9Ted70Bs9GRWHaW5a_djOzQQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Jbx9Ted70Bs9GRWHaW5a_djOzQQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 Nov 2024 20:33:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1362 (0x552) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E7561/serialNumber=25BC7D4DE77BD01B3D191587696E5AFDD8CECD04 Validity Not Before: Sep 3 01:15:30 2024 GMT Not After : Oct 31 00:00:00 2025 GMT Subject: CN=66d66331-ea6c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:e9:8d:41:8b:9f:74:5c:8b:05:f8:3d:d8:ce: d7:b5:d6:d2:fa:d9:ee:fe:19:9d:6c:a7:e9:07:35: 55:3b:3b:70:e6:7e:e9:b5:72:4d:1a:6b:9d:12:a9: a2:7a:9e:cc:72:7b:cf:1f:ef:6d:07:0f:ab:c5:e3: f4:9c:21:7b:7f:54:1f:31:66:b8:76:e3:39:88:ad: 3b:51:ce:d4:f6:b2:b3:c5:7d:f5:c3:2f:f3:a0:87: 7c:e5:20:c6:68:ac:6a:18:30:53:d2:1d:d4:4d:0c: 52:88:08:30:a9:b4:ca:44:06:cd:74:6c:1b:70:79: 21:37:40:f2:06:75:97:58:84:5f:63:f1:3d:70:f9: 38:74:20:d4:ca:22:19:08:2e:cb:ab:c6:51:1c:b7: 4d:6f:d1:d3:63:24:65:e9:b0:c4:c7:6c:2a:81:70: 42:61:01:fd:e1:22:06:8d:d9:50:31:1e:2a:89:62: 03:18:c9:63:ae:ec:11:99:48:dd:fe:8a:94:e1:0d: 1a:ae:c8:42:df:72:48:6a:c9:d8:5e:11:bc:f1:41: 18:54:82:1b:74:49:95:34:a4:0a:1b:da:08:6f:17: 2c:89:da:1a:f1:c6:9d:71:0e:5f:4e:24:de:0a:fe: d4:c8:33:0a:7b:3b:63:b1:42:c8:98:73:38:11:a7: 91:55 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E9:27:97:E4:15:7E:E4:A8:C0:FC:91:B3:6F:AB:A3:F8:3D:79:30:C7 X509v3 Authority Key Identifier: keyid:25:BC:7D:4D:E7:7B:D0:1B:3D:19:15:87:69:6E:5A:FD:D8:CE:CD:04 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E7561/A26E06E0054C11ECBDB4FE46C4F9AE02/Jbx9Ted70Bs9GRWHaW5a_djOzQQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Jbx9Ted70Bs9GRWHaW5a_djOzQQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E7561/A26E06E0054C11ECBDB4FE46C4F9AE02/4235F184DACE11EE8E67437CC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 14.207.0.0/16 27.130.0.0/16 43.245.144.0/22 49.48.0.0/15 103.16.204.0/22 110.164.0.0/16 171.4.0.0/14 180.183.0.0/16 183.88.0.0/15 223.204.0.0/14 IPv6: 2403:6200::/32 Signature Algorithm: sha256WithRSAEncryption a8:13:36:f5:f6:cd:cc:e9:16:b0:44:ed:5d:63:ab:f1:1f:45: 8b:d2:31:ff:f8:b4:a2:63:bd:ea:42:d8:96:7d:af:d0:50:f7: 5f:06:d0:40:20:30:13:9d:c1:6a:5e:8e:c7:1f:ac:d7:bc:d6: 0e:ff:5b:d7:51:8a:4c:86:d9:2b:f4:fa:33:f6:43:c5:51:05: d2:c7:e3:25:4a:3d:3e:da:ef:51:c4:d4:28:b8:e7:b1:21:2f: fa:48:a9:62:29:9a:ce:e2:b3:cc:c8:cf:a7:85:4c:d2:4c:98: 31:19:e5:4e:3a:6b:47:91:cf:b6:6c:46:80:fb:5e:98:5d:61: 87:50:2e:47:3c:10:1d:69:df:7f:97:ef:1a:5a:d1:54:42:81: 28:08:0c:e2:c3:a5:74:2f:1d:da:06:21:22:fd:ba:b6:e0:45: 79:23:e3:09:76:3a:00:84:28:fc:b3:ab:be:bb:af:5c:1c:35: 3f:b1:c5:1e:8e:c2:66:18:4f:56:99:93:f5:fb:d5:31:a4:d2: 93:50:ef:7e:84:bb:08:c8:cb:31:72:f7:79:b6:59:0d:ee:6f: a7:35:ec:5e:e7:a2:ee:42:95:56:b8:9c:cb:b4:20:cf:25:9b: 61:cf:a4:e7:0e:48:9e:9c:67:44:4c:1a:ef:55:a9:96:98:e8: a2:42:56:33 -----BEGIN CERTIFICATE----- MIIFrjCCBJagAwIBAgICBVIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTc1NjExMTAvBgNVBAUTKDI1QkM3RDRERTc3QkQwMUIzRDE5MTU4NzY5NkU1QUZE RDhDRUNEMDQwHhcNMjQwOTAzMDExNTMwWhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NmQ2NjMzMS1lYTZjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtemNQYufdFyLBfg92M7XtdbS+tnu/hmdbKfpBzVVOztw5n7ptXJNGmudEqmi ep7McnvPH+9tBw+rxeP0nCF7f1QfMWa4duM5iK07Uc7U9rKzxX31wy/zoId85SDG aKxqGDBT0h3UTQxSiAgwqbTKRAbNdGwbcHkhN0DyBnWXWIRfY/E9cPk4dCDUyiIZ CC7Lq8ZRHLdNb9HTYyRl6bDEx2wqgXBCYQH94SIGjdlQMR4qiWIDGMljruwRmUjd /oqU4Q0arshC33JIasnYXhG88UEYVIIbdEmVNKQKG9oIbxcsidoa8cadcQ5fTiTe Cv7UyDMKeztjsULImHM4EaeRVQIDAQABo4IC0jCCAs4wHQYDVR0OBBYEFOknl+QV fuSowPyRs2+ro/g9eTDHMB8GA1UdIwQYMBaAFCW8fU3ne9AbPRkVh2luWv3Yzs0E MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNzU2MS9BMjZFMDZFMDA1 NEMxMUVDQkRCNEZFNDZDNEY5QUUwMi9KYng5VGVkNzBCczlHUldIYVc1YV9kak96 UVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0pieDlUZWQ3MEJzOUdSV0hhVzVhX2RqT3pRUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RTc1NjEvQTI2RTA2RTAwNTRDMTFFQ0JEQjRGRTQ2QzRGOUFFMDIvNDIzNUYxODRE QUNFMTFFRThFNjc0MzdDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwXAYIKwYBBQUHAQcBAf8E TTBLMDoEAgABMDQDAwAOzwMDABuCAwQCK/WQAwMBMTADBAJnEMwDAwBupAMDAqsE AwMAtLcDAwG3WAMDAt/MMA0EAgACMAcDBQAkA2IAMA0GCSqGSIb3DQEBCwUAA4IB AQCoEzb19s3M6RawRO1dY6vxH0WL0jH/+LSiY73qQtiWfa/QUPdfBtBAIDATncFq Xo7HH6zXvNYO/1vXUYpMhtkr9Poz9kPFUQXSx+MlSj0+2u9RxNQouOexIS/6SKli KZrO4rPMyM+nhUzSTJgxGeVOOmtHkc+2bEaA+16YXWGHUC5HPBAdad9/l+8aWtFU QoEoCAziw6V0Lx3aBiEi/bq24EV5I+MJdjoAhCj8s6u+u69cHDU/scUejsJmGE9W mZP1+9UxpNKTUO9+hLsIyMsxcvd5tlkN7m+nNexe56LuQpVWuJzLtCDPJZthz6Tn DkienGdETBrvVamWmOiiQlYz -----END CERTIFICATE-----Generated at Thu Nov 21 00:21:25 2024 by rpki-client on console-fra.rpki-client.org