$ rpki-client -vvf rpki.apnic.net/member_repository/A91E9580/C7CE2E107F8D11EAAD8CD51EC4F9AE02/699CD772C2B911EBBB4C8928C4F9AE02.roa File: 699CD772C2B911EBBB4C8928C4F9AE02.roa (raw, json) Hash identifier: KnSq+tmpd9AdFUTvcAQ7QfdDS17yvztfYvyXET6RzjI= Subject key identifier: 00:7B:E5:90:CF:4E:F5:67:C3:28:A8:39:D8:BC:6F:39:15:FF:C9:CA Certificate issuer: /CN=A91E9580/serialNumber=FE4FDA3967016C113AC807B849340AC6520F0802 Certificate serial: 092F Authority key identifier: FE:4F:DA:39:67:01:6C:11:3A:C8:07:B8:49:34:0A:C6:52:0F:08:02 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_k_aOWcBbBE6yAe4STQKxlIPCAI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E9580/C7CE2E107F8D11EAAD8CD51EC4F9AE02/699CD772C2B911EBBB4C8928C4F9AE02.roa Signing time: Tue 07 May 2024 06:02:32 +0000 ROA not before: Tue 07 May 2024 06:02:32 +0000 ROA not after: Thu 01 May 2025 00:00:00 +0000 asID: 46015 IP address blocks: 42.1.60.0/22 maxlen: 22 43.252.212.0/22 maxlen: 24 103.6.196.0/22 maxlen: 24 110.4.40.0/21 maxlen: 21 110.4.40.0/24 maxlen: 24 110.4.41.0/24 maxlen: 24 110.4.42.0/24 maxlen: 24 110.4.43.0/24 maxlen: 24 110.4.44.0/24 maxlen: 24 110.4.45.0/24 maxlen: 24 110.4.46.0/24 maxlen: 24 110.4.47.0/24 maxlen: 24 117.53.152.0/22 maxlen: 22 123.100.224.0/24 maxlen: 24 203.142.4.0/24 maxlen: 24 2402:6c00::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E9580/C7CE2E107F8D11EAAD8CD51EC4F9AE02/_k_aOWcBbBE6yAe4STQKxlIPCAI.crl rsync://rpki.apnic.net/member_repository/A91E9580/C7CE2E107F8D11EAAD8CD51EC4F9AE02/_k_aOWcBbBE6yAe4STQKxlIPCAI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_k_aOWcBbBE6yAe4STQKxlIPCAI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Nov 2024 19:53:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2351 (0x92f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E9580/serialNumber=FE4FDA3967016C113AC807B849340AC6520F0802 Validity Not Before: May 7 06:02:32 2024 GMT Not After : May 1 00:00:00 2025 GMT Subject: CN=6639c3f7-2dac Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e5:70:78:28:cc:8a:6c:0f:a2:1b:9b:c4:68:78: 46:72:34:6b:ba:49:b6:ed:7a:ee:00:47:75:d7:4d: 35:77:5b:e7:89:b9:da:4a:d6:7d:79:16:ad:58:7c: 94:13:ca:4d:a3:84:a8:20:69:49:a0:57:f0:df:04: d8:bb:e8:bf:ed:fb:71:12:13:bc:41:c7:18:62:e3: 7e:2d:f7:df:dd:35:f5:53:6e:ef:b4:35:d0:a9:cd: 62:d6:d6:34:5d:bd:9a:a3:a4:0b:7a:1e:16:0c:4d: 5a:d5:6a:2a:3b:30:05:ea:7f:ce:c1:11:7a:70:ed: 7f:6a:7a:3d:3c:b0:a0:5b:36:67:14:27:22:38:e2: f9:47:27:01:40:44:4a:ad:64:c4:e9:34:ca:a1:18: 17:9c:10:74:54:d0:b2:d6:fb:41:6b:8f:52:b0:82: 1a:4c:ac:8d:dc:cd:db:a8:37:18:72:79:dc:4b:24: 82:30:15:3b:00:ca:20:98:c5:e4:9e:64:99:2e:7c: 20:92:a6:9e:4c:bc:28:b1:8b:50:1e:a1:92:0c:d2: 00:18:3c:be:43:60:f1:32:ed:fe:e5:88:2b:26:8f: ac:55:11:bd:9c:62:34:eb:24:bc:cd:ec:54:10:2a: 30:5f:43:69:fa:ee:c4:9b:8e:1c:11:be:90:51:34: 19:1f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 00:7B:E5:90:CF:4E:F5:67:C3:28:A8:39:D8:BC:6F:39:15:FF:C9:CA X509v3 Authority Key Identifier: keyid:FE:4F:DA:39:67:01:6C:11:3A:C8:07:B8:49:34:0A:C6:52:0F:08:02 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E9580/C7CE2E107F8D11EAAD8CD51EC4F9AE02/_k_aOWcBbBE6yAe4STQKxlIPCAI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_k_aOWcBbBE6yAe4STQKxlIPCAI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E9580/C7CE2E107F8D11EAAD8CD51EC4F9AE02/699CD772C2B911EBBB4C8928C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 42.1.60.0/22 43.252.212.0/22 103.6.196.0/22 110.4.40.0/21 117.53.152.0/22 123.100.224.0/24 203.142.4.0/24 IPv6: 2402:6c00::/32 Signature Algorithm: sha256WithRSAEncryption 4a:98:c3:4f:a8:5a:8a:d4:58:30:32:aa:b2:81:30:e9:21:dd: b7:eb:f2:bb:7c:c7:12:44:fc:57:1d:89:38:13:15:e3:9a:d0: a8:e6:b2:db:79:9d:79:85:ea:e9:40:ba:e4:5f:66:7d:59:bd: e0:5c:8e:37:85:c9:21:f7:23:e2:89:66:8d:ba:cc:3d:a2:ef: c5:86:b5:ff:bf:ef:65:be:1f:12:96:50:d9:80:d4:41:f3:6d: d5:a3:48:79:2a:b2:bf:c7:45:11:ab:96:13:bf:cc:22:5a:06: 05:6d:1e:72:70:65:11:f6:10:4d:fd:1d:12:f4:64:f4:67:38: 5c:15:f8:3b:a3:a3:8d:07:f5:7b:ed:2f:80:a1:38:0c:07:1b: 65:21:5f:33:b7:89:4a:ab:25:11:90:c8:75:76:09:7a:53:d6: a0:80:38:4c:37:e4:ee:42:5e:41:ae:73:f1:95:b2:46:f3:fe: 1e:f4:0f:76:2b:72:8c:96:f9:93:3f:06:e3:d1:87:31:93:76: a2:25:8f:99:35:aa:28:85:c4:9c:c7:a4:1b:ee:bc:43:69:9c: 7a:83:6e:69:da:a9:bd:57:05:ef:d3:97:e3:75:0d:37:dd:af: be:7a:57:65:d3:c5:75:33:bd:36:0c:fa:25:10:35:62:b1:ae: 70:81:78:3f -----BEGIN CERTIFICATE----- MIIFpDCCBIygAwIBAgICCS8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTk1ODAxMTAvBgNVBAUTKEZFNEZEQTM5NjcwMTZDMTEzQUM4MDdCODQ5MzQwQUM2 NTIwRjA4MDIwHhcNMjQwNTA3MDYwMjMyWhcNMjUwNTAxMDAwMDAwWjAYMRYwFAYD VQQDEw02NjM5YzNmNy0yZGFjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA5XB4KMyKbA+iG5vEaHhGcjRrukm27XruAEd11001d1vnibnaStZ9eRatWHyU E8pNo4SoIGlJoFfw3wTYu+i/7ftxEhO8QccYYuN+Lfff3TX1U27vtDXQqc1i1tY0 Xb2ao6QLeh4WDE1a1WoqOzAF6n/OwRF6cO1/ano9PLCgWzZnFCciOOL5RycBQERK rWTE6TTKoRgXnBB0VNCy1vtBa49SsIIaTKyN3M3bqDcYcnncSySCMBU7AMogmMXk nmSZLnwgkqaeTLwosYtQHqGSDNIAGDy+Q2DxMu3+5YgrJo+sVRG9nGI06yS8zexU ECowX0Np+u7Em44cEb6QUTQZHwIDAQABo4ICyDCCAsQwHQYDVR0OBBYEFAB75ZDP TvVnwyioOdi8bzkV/8nKMB8GA1UdIwQYMBaAFP5P2jlnAWwROsgHuEk0CsZSDwgC MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFOTU4MC9DN0NFMkUxMDdG OEQxMUVBQUQ4Q0Q1MUVDNEY5QUUwMi9fa19hT1djQmJCRTZ5QWU0U1RRS3hsSVBD QUkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL19rX2FPV2NCYkJFNnlBZTRTVFFLeGxJUENBSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RTk1ODAvQzdDRTJFMTA3RjhEMTFFQUFEOENENTFFQzRGOUFFMDIvNjk5Q0Q3NzJD MkI5MTFFQkJCNEM4OTI4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwUgYIKwYBBQUHAQcBAf8E QzBBMDAEAgABMCoDBAIqATwDBAIr/NQDBAJnBsQDBANuBCgDBAJ1NZgDBAB7ZOAD BADLjgQwDQQCAAIwBwMFACQCbAAwDQYJKoZIhvcNAQELBQADggEBAEqYw0+oWorU WDAyqrKBMOkh3bfr8rt8xxJE/FcdiTgTFeOa0Kjmstt5nXmF6ulAuuRfZn1ZveBc jjeFySH3I+KJZo26zD2i78WGtf+/72W+HxKWUNmA1EHzbdWjSHkqsr/HRRGrlhO/ zCJaBgVtHnJwZRH2EE39HRL0ZPRnOFwV+Dujo40H9XvtL4ChOAwHG2UhXzO3iUqr JRGQyHV2CXpT1qCAOEw35O5CXkGuc/GVskbz/h70D3YrcoyW+ZM/BuPRhzGTdqIl j5k1qiiFxJzHpBvuvENpnHqDbmnaqb1XBe/Tl+N1DTfdr756V2XTxXUzvTYM+iUQ NWKxrnCBeD8= -----END CERTIFICATE-----Generated at Fri Nov 22 22:14:49 2024 by rpki-client on console-ams.rpki-client.org