$ rpki-client -vvf rpki.apnic.net/member_repository/A91E96D9/80DFDEC0E5DD11EAB2468D65C4F9AE02/4A06FF10FF2711EAB7D5F235C4F9AE02.roa File: 4A06FF10FF2711EAB7D5F235C4F9AE02.roa (raw, json) Hash identifier: IR0gL9HuGQPasCSDeDXOONGQSnX5FqddD0h9jerJFTk= Subject key identifier: 4B:25:0C:10:6F:C3:1F:D3:85:CF:3F:08:DF:28:D1:FF:DD:86:2B:B7 Certificate issuer: /CN=A91E96D9/serialNumber=219EA63C6AC966DDB285886BD711C78A14DF512B Certificate serial: 07E1 Authority key identifier: 21:9E:A6:3C:6A:C9:66:DD:B2:85:88:6B:D7:11:C7:8A:14:DF:51:2B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IZ6mPGrJZt2yhYhr1xHHihTfUSs.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E96D9/80DFDEC0E5DD11EAB2468D65C4F9AE02/4A06FF10FF2711EAB7D5F235C4F9AE02.roa Signing time: Wed 16 Oct 2024 21:10:44 +0000 ROA not before: Wed 16 Oct 2024 21:10:44 +0000 ROA not after: Tue 30 Dec 2025 00:00:00 +0000 asID: 55340 IP address blocks: 116.0.33.0/24 maxlen: 24 116.0.34.0/24 maxlen: 24 116.0.40.0/24 maxlen: 24 116.0.41.0/24 maxlen: 24 116.0.43.0/24 maxlen: 24 116.0.44.0/24 maxlen: 24 116.0.46.0/24 maxlen: 24 116.0.55.0/24 maxlen: 24 116.0.56.0/24 maxlen: 24 116.0.57.0/24 maxlen: 24 116.0.58.0/24 maxlen: 24 116.0.59.0/24 maxlen: 24 116.0.61.0/24 maxlen: 24 116.0.62.0/24 maxlen: 24 116.0.63.0/24 maxlen: 24 2400:a960:6::/48 maxlen: 48 2400:a960:8::/48 maxlen: 48 2400:a960:9::/48 maxlen: 48 2400:a960:a::/48 maxlen: 48 2400:a960:b::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E96D9/80DFDEC0E5DD11EAB2468D65C4F9AE02/IZ6mPGrJZt2yhYhr1xHHihTfUSs.crl rsync://rpki.apnic.net/member_repository/A91E96D9/80DFDEC0E5DD11EAB2468D65C4F9AE02/IZ6mPGrJZt2yhYhr1xHHihTfUSs.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IZ6mPGrJZt2yhYhr1xHHihTfUSs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Nov 2024 20:43:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2017 (0x7e1) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E96D9/serialNumber=219EA63C6AC966DDB285886BD711C78A14DF512B Validity Not Before: Oct 16 21:10:44 2024 GMT Not After : Dec 30 00:00:00 2025 GMT Subject: CN=67102bd4-d028 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:64:bf:be:1c:c0:e8:41:4e:57:ac:0e:43:67: 1b:ad:06:ee:eb:eb:47:27:e6:ac:b3:4d:8b:ae:cc: 29:94:08:13:a5:26:c0:aa:76:03:53:d9:e4:85:e2: 0a:45:bd:34:bd:10:e4:fd:dd:69:5c:1b:34:5a:31: 1a:26:cf:d4:17:cb:b5:6c:59:06:e1:e0:6d:38:03: 17:28:66:88:92:ec:b4:9c:ac:9e:5e:73:fa:5c:f6: 04:c0:25:4a:ae:0e:af:68:fc:6e:ac:2d:31:12:e3: 48:39:51:c8:4a:8a:57:32:c5:f2:67:f3:0a:72:ac: a9:fb:51:2a:47:91:74:aa:02:cc:25:28:72:5b:0c: 1a:57:ef:b6:5f:e0:e5:eb:f6:ed:e4:2c:7a:bc:25: ea:b2:6d:70:f0:cc:8d:b8:a0:8e:00:c4:d9:dd:34: c1:76:e4:0f:07:4f:42:8b:5e:af:6b:11:35:2c:c3: 7e:25:f6:f6:e5:b3:7b:94:6f:9a:d7:9f:3c:be:bb: 82:7a:d1:52:0f:bb:2e:42:3a:05:dd:f3:bd:e3:18: ca:84:3c:fe:7c:cb:c6:cc:68:7e:e5:69:a6:39:43: ea:0a:b8:e6:dc:3b:ad:c9:86:d8:05:77:a2:9b:b7: 74:e7:83:75:2c:bf:39:f5:e5:52:52:2d:9b:16:59: 19:cf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4B:25:0C:10:6F:C3:1F:D3:85:CF:3F:08:DF:28:D1:FF:DD:86:2B:B7 X509v3 Authority Key Identifier: keyid:21:9E:A6:3C:6A:C9:66:DD:B2:85:88:6B:D7:11:C7:8A:14:DF:51:2B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E96D9/80DFDEC0E5DD11EAB2468D65C4F9AE02/IZ6mPGrJZt2yhYhr1xHHihTfUSs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IZ6mPGrJZt2yhYhr1xHHihTfUSs.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E96D9/80DFDEC0E5DD11EAB2468D65C4F9AE02/4A06FF10FF2711EAB7D5F235C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 116.0.33.0-116.0.34.255 116.0.40.0/23 116.0.43.0-116.0.44.255 116.0.46.0/24 116.0.55.0-116.0.59.255 116.0.61.0-116.0.63.255 IPv6: 2400:a960:6::/48 2400:a960:8::/46 Signature Algorithm: sha256WithRSAEncryption 81:7c:12:96:c7:17:3a:ab:ee:e9:7d:54:0a:d0:9f:20:d6:b0: db:95:db:78:6d:f9:2c:b3:e1:cd:78:2c:22:19:74:bd:2d:df: 67:70:31:e1:ef:76:1f:fd:9e:0c:0d:97:03:94:d3:e0:f6:8c: 00:95:2b:c6:d7:fc:2a:a1:a3:c7:6e:66:a3:b2:c3:71:b9:0d: 6b:7a:ba:03:96:5c:75:73:83:b3:ae:ae:6c:01:42:14:d6:73: 4e:01:50:e5:ac:e4:e8:71:0e:69:87:21:05:a2:e4:23:99:b5: 7a:ff:f3:6e:5f:34:8f:36:dc:f6:0b:89:fe:04:7c:af:b3:68: a6:28:5b:fa:03:1a:c7:36:d8:81:e4:e7:1a:e3:3c:d2:94:0a: 79:46:e5:7f:df:3a:24:41:ca:2d:ca:58:16:38:19:76:51:c5: ef:5f:e5:c7:d6:2e:70:b9:48:a0:8f:26:ea:a6:d4:91:5c:ef: a9:3f:3b:32:58:ce:84:8a:18:f5:84:97:85:47:4b:67:96:07: dd:24:c7:34:79:3d:e2:47:e5:f1:92:44:e7:40:c7:33:13:96: 1d:ce:fc:f3:76:a2:84:eb:36:0a:ad:ee:aa:f4:f9:77:b0:4d: 3c:42:b6:20:16:c9:c3:ee:0a:2d:95:2f:4f:c3:d0:3d:b6:07: 56:ce:e2:38 -----BEGIN CERTIFICATE----- MIIFyTCCBLGgAwIBAgICB+EwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTk2RDkxMTAvBgNVBAUTKDIxOUVBNjNDNkFDOTY2RERCMjg1ODg2QkQ3MTFDNzhB MTRERjUxMkIwHhcNMjQxMDE2MjExMDQ0WhcNMjUxMjMwMDAwMDAwWjAYMRYwFAYD VQQDEw02NzEwMmJkNC1kMDI4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAy2S/vhzA6EFOV6wOQ2cbrQbu6+tHJ+ass02LrswplAgTpSbAqnYDU9nkheIK Rb00vRDk/d1pXBs0WjEaJs/UF8u1bFkG4eBtOAMXKGaIkuy0nKyeXnP6XPYEwCVK rg6vaPxurC0xEuNIOVHISopXMsXyZ/MKcqyp+1EqR5F0qgLMJShyWwwaV++2X+Dl 6/bt5Cx6vCXqsm1w8MyNuKCOAMTZ3TTBduQPB09Ci16vaxE1LMN+Jfb25bN7lG+a 1588vruCetFSD7suQjoF3fO94xjKhDz+fMvGzGh+5WmmOUPqCrjm3DutyYbYBXei m7d054N1LL859eVSUi2bFlkZzwIDAQABo4IC7TCCAukwHQYDVR0OBBYEFEslDBBv wx/Thc8/CN8o0f/dhiu3MB8GA1UdIwQYMBaAFCGepjxqyWbdsoWIa9cRx4oU31Er MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFOTZEOS84MERGREVDMEU1 REQxMUVBQjI0NjhENjVDNEY5QUUwMi9JWjZtUEdySlp0MnloWWhyMXhISGloVGZV U3MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0laNm1QR3JKWnQyeWhZaHIxeEhIaWhUZlVTcy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RTk2RDkvODBERkRFQzBFNUREMTFFQUIyNDY4RDY1QzRGOUFFMDIvNEEwNkZGMTBG RjI3MTFFQUI3RDVGMjM1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwdwYIKwYBBQUHAQcBAf8E aDBmMEoEAgABMEQwDAMEAHQAIQMEAHQAIgMEAXQAKDAMAwQAdAArAwQAdAAsAwQA dAAuMAwDBAB0ADcDBAJ0ADgwDAMEAHQAPQMEBnQAADAYBAIAAjASAwcAJACpYAAG AwcCJACpYAAIMA0GCSqGSIb3DQEBCwUAA4IBAQCBfBKWxxc6q+7pfVQK0J8g1rDb ldt4bfkss+HNeCwiGXS9Ld9ncDHh73Yf/Z4MDZcDlNPg9owAlSvG1/wqoaPHbmaj ssNxuQ1reroDllx1c4Ozrq5sAUIU1nNOAVDlrOTocQ5phyEFouQjmbV6//NuXzSP Ntz2C4n+BHyvs2imKFv6AxrHNtiB5Oca4zzSlAp5RuV/3zokQcotylgWOBl2UcXv X+XH1i5wuUigjybqptSRXO+pPzsyWM6Eihj1hJeFR0tnlgfdJMc0eT3iR+XxkkTn QMczE5YdzvzzdqKE6zYKre6q9Pl3sE08QrYgFsnD7gotlS9Pw9A9tgdWzuI4 -----END CERTIFICATE-----Generated at Fri Nov 22 22:14:49 2024 by rpki-client on console-ams.rpki-client.org