$ rpki-client -vvf rpki.apnic.net/member_repository/A91E96D9/80DFDEC0E5DD11EAB2468D65C4F9AE02/C8C64A4AED4D11EA895BC037C4F9AE02.roa File: C8C64A4AED4D11EA895BC037C4F9AE02.roa (raw, json) Hash identifier: RgPF5melWGZf5AFZ9hv+NJPKC/EOsjcNRxGMLnUAhvk= Subject key identifier: A2:92:A4:FA:0F:10:7F:08:B8:CC:00:5E:09:8B:68:18:96:12:E7:AC Certificate issuer: /CN=A91E96D9/serialNumber=219EA63C6AC966DDB285886BD711C78A14DF512B Certificate serial: 07E0 Authority key identifier: 21:9E:A6:3C:6A:C9:66:DD:B2:85:88:6B:D7:11:C7:8A:14:DF:51:2B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IZ6mPGrJZt2yhYhr1xHHihTfUSs.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E96D9/80DFDEC0E5DD11EAB2468D65C4F9AE02/C8C64A4AED4D11EA895BC037C4F9AE02.roa Signing time: Wed 16 Oct 2024 21:10:43 +0000 ROA not before: Wed 16 Oct 2024 21:10:43 +0000 ROA not after: Tue 30 Dec 2025 00:00:00 +0000 asID: 38488 IP address blocks: 116.0.42.0/24 maxlen: 24 202.123.240.0/24 maxlen: 24 202.123.242.0/24 maxlen: 24 202.123.243.0/24 maxlen: 24 202.123.244.0/24 maxlen: 24 202.123.245.0/24 maxlen: 24 202.123.246.0/24 maxlen: 24 2400:a960::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E96D9/80DFDEC0E5DD11EAB2468D65C4F9AE02/IZ6mPGrJZt2yhYhr1xHHihTfUSs.crl rsync://rpki.apnic.net/member_repository/A91E96D9/80DFDEC0E5DD11EAB2468D65C4F9AE02/IZ6mPGrJZt2yhYhr1xHHihTfUSs.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IZ6mPGrJZt2yhYhr1xHHihTfUSs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Nov 2024 20:43:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2016 (0x7e0) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E96D9/serialNumber=219EA63C6AC966DDB285886BD711C78A14DF512B Validity Not Before: Oct 16 21:10:43 2024 GMT Not After : Dec 30 00:00:00 2025 GMT Subject: CN=67102bd3-8da5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dc:0d:81:20:88:60:53:00:0e:ae:86:bc:3f:e3: 41:58:c9:bd:e0:ab:7b:d6:e9:25:83:61:6d:57:35: 55:af:fa:01:e2:cc:06:71:13:f5:16:f8:e3:34:7c: 74:53:51:b1:e6:03:d5:0d:d8:49:99:95:92:1d:ef: 39:b9:7f:25:78:76:0a:03:ed:05:06:0b:ad:5c:f2: 93:0a:66:2e:67:c6:55:c3:9e:09:d9:3c:7b:63:c3: 03:d2:34:7a:a3:fe:60:84:31:9b:23:98:78:3c:53: 9b:ca:c5:f0:6e:ef:44:16:44:d4:f3:b0:25:c9:62: 82:c0:5e:c5:2e:47:ba:ab:1f:3a:11:a6:ee:e1:a6: ad:07:65:02:c0:8b:2f:fe:b7:d7:19:0f:59:cf:be: 19:d0:f1:28:71:e5:84:48:95:83:e1:9a:cb:a7:d7: 85:af:fb:0d:3a:ae:c8:cd:4e:d2:95:8a:d9:94:4f: 0f:b3:a0:a4:be:92:1a:aa:0e:35:82:56:f4:49:f3: 7e:24:e9:db:2b:2c:7b:02:f7:ab:d4:94:69:3f:8d: 7c:4f:6a:fb:f7:a7:61:99:e0:6e:0c:ea:f6:1e:29: aa:95:4d:bb:8e:ee:39:a8:4f:e8:f2:01:55:2c:80: f3:4c:42:7b:2d:68:72:3d:31:2f:96:7e:d3:f8:95: b2:ff Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A2:92:A4:FA:0F:10:7F:08:B8:CC:00:5E:09:8B:68:18:96:12:E7:AC X509v3 Authority Key Identifier: keyid:21:9E:A6:3C:6A:C9:66:DD:B2:85:88:6B:D7:11:C7:8A:14:DF:51:2B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E96D9/80DFDEC0E5DD11EAB2468D65C4F9AE02/IZ6mPGrJZt2yhYhr1xHHihTfUSs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IZ6mPGrJZt2yhYhr1xHHihTfUSs.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E96D9/80DFDEC0E5DD11EAB2468D65C4F9AE02/C8C64A4AED4D11EA895BC037C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 116.0.42.0/24 202.123.240.0/24 202.123.242.0-202.123.246.255 IPv6: 2400:a960::/48 Signature Algorithm: sha256WithRSAEncryption a1:00:37:56:31:26:87:63:ea:cf:f7:ca:7a:93:64:ca:41:70: f3:27:41:57:0f:57:83:7d:33:e4:bf:d4:df:23:86:53:03:31: 98:eb:86:26:88:a5:04:e4:f2:2b:6f:73:89:de:4c:89:35:68: 38:d5:f3:e2:74:a0:5d:be:d7:3d:df:d3:1c:26:cc:f7:a8:ce: 0b:22:b4:f2:ad:5c:f6:6a:99:d7:72:b5:47:dc:b4:ce:f3:4e: c8:66:3c:aa:b7:d1:14:1a:ae:54:50:f7:43:0e:6c:4a:4c:d5: 87:63:02:43:66:46:55:3c:bf:cd:99:e5:db:71:f5:04:d3:39: 8e:27:a8:2e:50:ce:51:fb:15:8d:db:6a:d0:d5:3f:a4:4c:ae: c4:fc:29:44:36:73:50:1d:49:d9:9d:f8:47:cf:5d:d6:b0:a0: 92:c0:aa:a3:17:fa:06:2e:cb:d7:27:1c:b4:3d:62:3c:3d:c2: 48:19:8a:f1:db:eb:fe:d0:58:7b:46:5a:bd:cc:cf:a2:e5:59: 69:65:50:35:60:6d:34:f3:e6:01:23:a0:89:0e:61:32:f3:96: 0e:f1:65:eb:90:b8:16:ba:77:98:9c:44:8b:29:09:ca:fc:f2: a5:76:5a:e2:91:78:57:ff:71:fb:08:fa:43:0e:2e:d6:c6:4b: a2:59:28:1c -----BEGIN CERTIFICATE----- MIIFljCCBH6gAwIBAgICB+AwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTk2RDkxMTAvBgNVBAUTKDIxOUVBNjNDNkFDOTY2RERCMjg1ODg2QkQ3MTFDNzhB MTRERjUxMkIwHhcNMjQxMDE2MjExMDQzWhcNMjUxMjMwMDAwMDAwWjAYMRYwFAYD VQQDEw02NzEwMmJkMy04ZGE1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA3A2BIIhgUwAOroa8P+NBWMm94Kt71uklg2FtVzVVr/oB4swGcRP1FvjjNHx0 U1Gx5gPVDdhJmZWSHe85uX8leHYKA+0FBgutXPKTCmYuZ8ZVw54J2Tx7Y8MD0jR6 o/5ghDGbI5h4PFObysXwbu9EFkTU87AlyWKCwF7FLke6qx86Eabu4aatB2UCwIsv /rfXGQ9Zz74Z0PEoceWESJWD4ZrLp9eFr/sNOq7IzU7SlYrZlE8Ps6CkvpIaqg41 glb0SfN+JOnbKyx7Aver1JRpP418T2r796dhmeBuDOr2HimqlU27ju45qE/o8gFV LIDzTEJ7LWhyPTEvln7T+JWy/wIDAQABo4ICujCCArYwHQYDVR0OBBYEFKKSpPoP EH8IuMwAXgmLaBiWEuesMB8GA1UdIwQYMBaAFCGepjxqyWbdsoWIa9cRx4oU31Er MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFOTZEOS84MERGREVDMEU1 REQxMUVBQjI0NjhENjVDNEY5QUUwMi9JWjZtUEdySlp0MnloWWhyMXhISGloVGZV U3MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0laNm1QR3JKWnQyeWhZaHIxeEhIaWhUZlVTcy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RTk2RDkvODBERkRFQzBFNUREMTFFQUIyNDY4RDY1QzRGOUFFMDIvQzhDNjRBNEFF RDREMTFFQTg5NUJDMDM3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwRAYIKwYBBQUHAQcBAf8E NTAzMCAEAgABMBoDBAB0ACoDBADKe/AwDAMEAcp78gMEAMp79jAPBAIAAjAJAwcA JACpYAAAMA0GCSqGSIb3DQEBCwUAA4IBAQChADdWMSaHY+rP98p6k2TKQXDzJ0FX D1eDfTPkv9TfI4ZTAzGY64YmiKUE5PIrb3OJ3kyJNWg41fPidKBdvtc939McJsz3 qM4LIrTyrVz2apnXcrVH3LTO807IZjyqt9EUGq5UUPdDDmxKTNWHYwJDZkZVPL/N meXbcfUE0zmOJ6guUM5R+xWN22rQ1T+kTK7E/ClENnNQHUnZnfhHz13WsKCSwKqj F/oGLsvXJxy0PWI8PcJIGYrx2+v+0Fh7Rlq9zM+i5VlpZVA1YG008+YBI6CJDmEy 85YO8WXrkLgWuneYnESLKQnK/PKldlrikXhX/3H7CPpDDi7WxkuiWSgc -----END CERTIFICATE-----Generated at Fri Nov 22 22:14:49 2024 by rpki-client on console-ams.rpki-client.org