$ rpki-client -vvf rpki.apnic.net/member_repository/A91F277D/78A1D08E8D6B11EB9840E05FC4F9AE02/CEF8E22E711711EDB49CE11AC4F9AE02.roa File: CEF8E22E711711EDB49CE11AC4F9AE02.roa (raw, json) Hash identifier: 65SFk+4TwOufzXDwexjbwGpZy2G0cdUSxHJoxJeEfYo= Subject key identifier: 16:12:DF:10:BA:4C:C8:33:C7:F2:E4:C3:F8:57:36:36:92:34:0B:B1 Certificate issuer: /CN=A91F277D/serialNumber=BBC103561AFD7A93036D1C72DD4C0A7C2A4E29CE Certificate serial: 0549 Authority key identifier: BB:C1:03:56:1A:FD:7A:93:03:6D:1C:72:DD:4C:0A:7C:2A:4E:29:CE Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/u8EDVhr9epMDbRxy3UwKfCpOKc4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F277D/78A1D08E8D6B11EB9840E05FC4F9AE02/CEF8E22E711711EDB49CE11AC4F9AE02.roa Signing time: Thu 14 Dec 2023 23:51:59 +0000 ROA not before: Thu 14 Dec 2023 23:51:59 +0000 ROA not after: Sun 02 Mar 2025 00:00:00 +0000 asID: 135348 IP address blocks: 139.163.131.0/24 maxlen: 24 139.163.138.0/24 maxlen: 24 139.163.247.0/24 maxlen: 24 168.134.136.0/24 maxlen: 24 168.134.137.0/24 maxlen: 24 168.134.139.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F277D/78A1D08E8D6B11EB9840E05FC4F9AE02/u8EDVhr9epMDbRxy3UwKfCpOKc4.crl rsync://rpki.apnic.net/member_repository/A91F277D/78A1D08E8D6B11EB9840E05FC4F9AE02/u8EDVhr9epMDbRxy3UwKfCpOKc4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/u8EDVhr9epMDbRxy3UwKfCpOKc4.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 Nov 2024 19:45:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1353 (0x549) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F277D/serialNumber=BBC103561AFD7A93036D1C72DD4C0A7C2A4E29CE Validity Not Before: Dec 14 23:51:59 2023 GMT Not After : Mar 2 00:00:00 2025 GMT Subject: CN=657b951f-0b78 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:84:62:9a:75:dc:ac:2d:83:c3:88:d7:23:eb: c3:ae:4e:8f:90:f5:27:2d:ea:7f:29:cd:ca:11:f3: 5b:59:17:1b:58:53:ec:61:48:4f:d4:50:48:f2:4e: c0:ee:b1:7a:37:1a:10:2c:2c:13:10:2c:b5:40:8b: 2d:30:4d:39:28:c1:22:4c:37:0b:c5:87:f0:b6:4c: df:b4:76:ec:3f:99:43:2b:63:78:62:15:3e:5a:5b: af:94:45:64:e1:62:80:5c:2c:16:42:cd:66:f4:9d: f7:83:47:b7:46:a7:74:5a:69:4d:48:0b:05:a0:b2: 12:20:a8:11:ad:88:ac:5f:da:ca:de:7f:cc:a9:b5: c8:a7:ad:cf:e4:2f:b6:dc:cf:c7:a1:d7:66:37:ec: 8b:f4:14:9e:48:f6:37:65:7c:1e:b6:40:f3:36:bc: 3b:ec:5d:46:13:27:51:e4:95:3d:89:e3:9d:99:c5: 33:83:d5:b5:d5:63:fe:a2:b3:6b:d1:33:90:32:94: c0:42:2f:20:4d:71:e3:d3:0f:f7:62:b6:c5:60:01: 69:b0:99:2b:18:7d:3d:18:bc:8c:43:76:3b:8b:40: e7:b5:7c:56:73:3a:e4:bf:82:a4:da:be:77:b2:03: 4e:d5:46:5a:ef:21:1d:e1:7d:99:6c:2e:05:91:72: d1:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 16:12:DF:10:BA:4C:C8:33:C7:F2:E4:C3:F8:57:36:36:92:34:0B:B1 X509v3 Authority Key Identifier: keyid:BB:C1:03:56:1A:FD:7A:93:03:6D:1C:72:DD:4C:0A:7C:2A:4E:29:CE X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F277D/78A1D08E8D6B11EB9840E05FC4F9AE02/u8EDVhr9epMDbRxy3UwKfCpOKc4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/u8EDVhr9epMDbRxy3UwKfCpOKc4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F277D/78A1D08E8D6B11EB9840E05FC4F9AE02/CEF8E22E711711EDB49CE11AC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 139.163.131.0/24 139.163.138.0/24 139.163.247.0/24 168.134.136.0/23 168.134.139.0/24 Signature Algorithm: sha256WithRSAEncryption 4d:75:ff:5a:94:5e:25:99:5d:b9:86:9d:6f:4e:77:47:1e:9a: 71:2e:62:1d:e9:24:5a:f1:7a:e4:ad:87:48:76:10:e1:ff:67: 89:33:d8:44:01:15:d8:ed:fb:8e:f8:c0:0c:1a:ea:9a:0a:7a: 3b:af:c9:78:d3:a3:7f:89:df:31:8c:f9:73:02:6d:10:72:5a: 01:3a:3b:da:3f:ee:99:d6:35:99:6d:a7:cf:4c:46:82:4a:eb: 02:dd:fe:19:5f:3d:59:4d:c9:73:ab:b1:c5:8c:2c:0a:e7:08: 01:67:65:64:77:a3:c4:79:e2:82:3e:e4:63:05:f4:61:47:99: ef:63:05:27:78:f8:f6:73:b8:14:da:e4:9e:08:81:90:83:aa: 9d:3a:a0:52:1c:19:8b:32:54:ac:cb:25:69:dd:35:f8:f9:5b: b1:55:9b:34:f4:e3:6c:82:ae:47:87:f4:6a:52:9c:fd:e9:ac: 51:04:f9:df:1e:a9:db:be:77:f7:eb:e1:85:36:c4:0b:fb:5d: 20:27:8b:ec:19:70:15:34:3c:f8:64:da:c3:85:1e:ba:cc:12: 74:f2:f1:f9:b7:d7:4d:34:31:a1:a1:a5:18:9b:89:3e:1e:4d: 28:c6:b2:29:30:d4:af:55:c8:95:5c:80:8c:b2:91:fd:46:0a: 71:2a:b7:42 -----BEGIN CERTIFICATE----- MIIFiTCCBHGgAwIBAgICBUkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjI3N0QxMTAvBgNVBAUTKEJCQzEwMzU2MUFGRDdBOTMwMzZEMUM3MkRENEMwQTdD MkE0RTI5Q0UwHhcNMjMxMjE0MjM1MTU5WhcNMjUwMzAyMDAwMDAwWjAYMRYwFAYD VQQDEw02NTdiOTUxZi0wYjc4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAzoRimnXcrC2Dw4jXI+vDrk6PkPUnLep/Kc3KEfNbWRcbWFPsYUhP1FBI8k7A 7rF6NxoQLCwTECy1QIstME05KMEiTDcLxYfwtkzftHbsP5lDK2N4YhU+WluvlEVk 4WKAXCwWQs1m9J33g0e3Rqd0WmlNSAsFoLISIKgRrYisX9rK3n/MqbXIp63P5C+2 3M/HoddmN+yL9BSeSPY3ZXwetkDzNrw77F1GEydR5JU9ieOdmcUzg9W11WP+orNr 0TOQMpTAQi8gTXHj0w/3YrbFYAFpsJkrGH09GLyMQ3Y7i0DntXxWczrkv4Kk2r53 sgNO1UZa7yEd4X2ZbC4FkXLRFQIDAQABo4ICrTCCAqkwHQYDVR0OBBYEFBYS3xC6 TMgzx/Lkw/hXNjaSNAuxMB8GA1UdIwQYMBaAFLvBA1Ya/XqTA20cct1MCnwqTinO MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGMjc3RC83OEExRDA4RThE NkIxMUVCOTg0MEUwNUZDNEY5QUUwMi91OEVEVmhyOWVwTURiUnh5M1V3S2ZDcE9L YzQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL3U4RURWaHI5ZXBNRGJSeHkzVXdLZkNwT0tjNC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RjI3N0QvNzhBMUQwOEU4RDZCMTFFQjk4NDBFMDVGQzRGOUFFMDIvQ0VGOEUyMkU3 MTE3MTFFREI0OUNFMTFBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNwYIKwYBBQUHAQcBAf8E KDAmMCQEAgABMB4DBACLo4MDBACLo4oDBACLo/cDBAGohogDBACohoswDQYJKoZI hvcNAQELBQADggEBAE11/1qUXiWZXbmGnW9Od0cemnEuYh3pJFrxeuSth0h2EOH/ Z4kz2EQBFdjt+474wAwa6poKejuvyXjTo3+J3zGM+XMCbRByWgE6O9o/7pnWNZlt p89MRoJK6wLd/hlfPVlNyXOrscWMLArnCAFnZWR3o8R54oI+5GMF9GFHme9jBSd4 +PZzuBTa5J4IgZCDqp06oFIcGYsyVKzLJWndNfj5W7FVmzT042yCrkeH9GpSnP3p rFEE+d8eqdu+d/fr4YU2xAv7XSAni+wZcBU0PPhk2sOFHrrMEnTy8fm31000MaGh pRibiT4eTSjGsikw1K9VyJVcgIyykf1GCnEqt0I= -----END CERTIFICATE-----Generated at Wed Nov 20 23:56:02 2024 by rpki-client on console-ams.rpki-client.org