$ rpki-client -vvf rpki.apnic.net/member_repository/A91F33A5/11870972D4D811ECA4245F10C4F9AE02/23D7B1B81EDD11ED83B7963BC4F9AE02.roa File: 23D7B1B81EDD11ED83B7963BC4F9AE02.roa (raw, json) Hash identifier: +NKVmmAlTqfQ2iMjaVoJrXMEpqc9NIqiFPPAM8s8GoM= Subject key identifier: AF:C4:43:02:C1:2C:02:EA:35:21:DB:A5:EE:62:AB:89:96:77:01:74 Certificate issuer: /CN=A91F33A5/serialNumber=4FF52847215C4A22E9F1149E6CBFEDF74D61CE8B Certificate serial: 02C5 Authority key identifier: 4F:F5:28:47:21:5C:4A:22:E9:F1:14:9E:6C:BF:ED:F7:4D:61:CE:8B Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/T_UoRyFcSiLp8RSebL_t901hzos.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F33A5/11870972D4D811ECA4245F10C4F9AE02/23D7B1B81EDD11ED83B7963BC4F9AE02.roa Signing time: Thu 05 Sep 2024 02:45:28 +0000 ROA not before: Thu 05 Sep 2024 02:45:28 +0000 ROA not after: Mon 01 Dec 2025 00:00:00 +0000 asID: 134111 IP address blocks: 146.118.0.0/16 maxlen: 24 192.65.130.0/24 maxlen: 24 192.102.250.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F33A5/11870972D4D811ECA4245F10C4F9AE02/T_UoRyFcSiLp8RSebL_t901hzos.crl rsync://rpki.apnic.net/member_repository/A91F33A5/11870972D4D811ECA4245F10C4F9AE02/T_UoRyFcSiLp8RSebL_t901hzos.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/T_UoRyFcSiLp8RSebL_t901hzos.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 Nov 2024 19:45:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 709 (0x2c5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F33A5/serialNumber=4FF52847215C4A22E9F1149E6CBFEDF74D61CE8B Validity Not Before: Sep 5 02:45:28 2024 GMT Not After : Dec 1 00:00:00 2025 GMT Subject: CN=66d91b47-ca50 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:7b:0c:34:99:e4:86:f9:66:40:8d:69:ed:81: f5:61:1f:ba:f9:7c:66:fe:97:66:85:c5:1e:e7:3c: 51:fe:60:68:a1:d7:09:49:23:df:a3:4e:d2:cc:04: 4b:83:99:9e:70:8f:16:7d:8e:94:cf:ab:99:06:e1: b5:56:3b:0a:b2:4a:16:b0:43:ce:e7:fe:86:cb:69: 89:83:c1:1e:6a:05:49:45:72:f0:6f:e1:80:72:0c: 3c:6a:24:bb:47:7d:5a:42:78:e8:6c:c9:88:a8:f4: b4:da:53:9f:f6:bd:c0:8a:9d:ab:38:05:36:3c:a4: 6f:6b:5a:c2:6e:42:26:fb:35:b0:03:ca:bb:1d:eb: f2:07:4c:cb:74:97:b4:90:05:15:48:e1:4f:fe:64: 48:85:64:39:39:0e:12:06:fb:6d:9a:bd:30:75:ff: b9:b7:f3:b0:82:37:f7:c8:76:cf:bc:46:3f:a7:8f: dc:83:de:2f:60:19:72:68:8c:a6:5e:2d:04:3f:ed: f5:fa:39:a8:25:ef:d5:5e:ec:32:6d:bd:20:a2:d5: af:89:2d:ef:d0:34:63:27:22:d2:7d:c3:08:c6:cd: 90:9f:70:3a:ce:ae:99:55:e7:f7:d8:db:54:b1:68: 30:e5:4d:c7:31:a4:65:b8:58:07:67:63:71:ad:8d: ce:b5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AF:C4:43:02:C1:2C:02:EA:35:21:DB:A5:EE:62:AB:89:96:77:01:74 X509v3 Authority Key Identifier: keyid:4F:F5:28:47:21:5C:4A:22:E9:F1:14:9E:6C:BF:ED:F7:4D:61:CE:8B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F33A5/11870972D4D811ECA4245F10C4F9AE02/T_UoRyFcSiLp8RSebL_t901hzos.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/T_UoRyFcSiLp8RSebL_t901hzos.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F33A5/11870972D4D811ECA4245F10C4F9AE02/23D7B1B81EDD11ED83B7963BC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 146.118.0.0/16 192.65.130.0/24 192.102.250.0/23 Signature Algorithm: sha256WithRSAEncryption a6:7e:d3:ba:ed:96:a6:86:84:b0:6b:c3:1f:1e:f3:62:5f:e0: 68:f5:fe:4d:26:63:b3:06:93:9c:19:c2:13:f4:3c:43:8a:47: 8f:b4:16:29:91:07:c7:8f:d6:cb:0b:57:93:45:e2:23:68:45: a9:0c:a9:83:0a:0e:df:f8:25:c6:ac:e1:48:79:c2:3b:d6:9e: 15:4b:11:97:86:cf:03:33:3f:77:55:cf:22:d3:86:05:81:67: 7e:cf:f8:e5:94:cc:0f:4b:ce:65:4c:22:99:a2:b6:dd:4a:81: c1:06:cf:c9:8c:6c:2e:b0:19:6d:97:14:bb:86:d6:e9:b3:4a: ed:94:1a:fa:2c:00:59:b4:1d:81:73:c6:bc:af:3d:e0:29:3b: b0:8e:50:ec:cd:a9:fd:db:55:bd:27:49:4c:fd:e7:d8:42:69: bc:c7:0e:f7:e9:d9:47:3d:da:a1:50:c3:be:d9:a9:db:40:a1: d7:50:39:a7:d6:29:e9:af:bc:de:db:e1:21:cc:a3:a5:64:7c: 53:87:b5:14:d7:0c:41:af:4f:ee:7b:00:3a:f0:7f:c0:0f:f1: 1b:87:8a:74:fb:ba:6b:53:de:a1:4e:4b:14:8a:c1:bf:2a:d3: 87:e1:39:3f:06:fd:56:4e:37:7e:0e:7c:9c:84:ee:7c:d3:3d: 6d:8e:41:82 -----BEGIN CERTIFICATE----- MIIFfDCCBGSgAwIBAgICAsUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjMzQTUxMTAvBgNVBAUTKDRGRjUyODQ3MjE1QzRBMjJFOUYxMTQ5RTZDQkZFREY3 NEQ2MUNFOEIwHhcNMjQwOTA1MDI0NTI4WhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD VQQDEw02NmQ5MWI0Ny1jYTUwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvXsMNJnkhvlmQI1p7YH1YR+6+Xxm/pdmhcUe5zxR/mBoodcJSSPfo07SzARL g5mecI8WfY6Uz6uZBuG1VjsKskoWsEPO5/6Gy2mJg8EeagVJRXLwb+GAcgw8aiS7 R31aQnjobMmIqPS02lOf9r3Aip2rOAU2PKRva1rCbkIm+zWwA8q7HevyB0zLdJe0 kAUVSOFP/mRIhWQ5OQ4SBvttmr0wdf+5t/Owgjf3yHbPvEY/p4/cg94vYBlyaIym Xi0EP+31+jmoJe/VXuwybb0gotWviS3v0DRjJyLSfcMIxs2Qn3A6zq6ZVef32NtU sWgw5U3HMaRluFgHZ2NxrY3OtQIDAQABo4ICoDCCApwwHQYDVR0OBBYEFK/EQwLB LALqNSHbpe5iq4mWdwF0MB8GA1UdIwQYMBaAFE/1KEchXEoi6fEUnmy/7fdNYc6L MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGMzNBNS8xMTg3MDk3MkQ0 RDgxMUVDQTQyNDVGMTBDNEY5QUUwMi9UX1VvUnlGY1NpTHA4UlNlYkxfdDkwMWh6 b3MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL1RfVW9SeUZjU2lMcDhSU2ViTF90OTAxaHpvcy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RjMzQTUvMTE4NzA5NzJENEQ4MTFFQ0E0MjQ1RjEwQzRGOUFFMDIvMjNEN0IxQjgx RUREMTFFRDgzQjc5NjNCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKgYIKwYBBQUHAQcBAf8E GzAZMBcEAgABMBEDAwCSdgMEAMBBggMEAcBm+jANBgkqhkiG9w0BAQsFAAOCAQEA pn7Tuu2WpoaEsGvDHx7zYl/gaPX+TSZjswaTnBnCE/Q8Q4pHj7QWKZEHx4/WywtX k0XiI2hFqQypgwoO3/glxqzhSHnCO9aeFUsRl4bPAzM/d1XPItOGBYFnfs/45ZTM D0vOZUwimaK23UqBwQbPyYxsLrAZbZcUu4bW6bNK7ZQa+iwAWbQdgXPGvK894Ck7 sI5Q7M2p/dtVvSdJTP3n2EJpvMcO9+nZRz3aoVDDvtmp20Ch11A5p9Yp6a+83tvh IcyjpWR8U4e1FNcMQa9P7nsAOvB/wA/xG4eKdPu6a1PeoU5LFIrBvyrTh+E5Pwb9 Vk43fg58nITufNM9bY5Bgg== -----END CERTIFICATE-----Generated at Thu Nov 21 03:21:57 2024 by rpki-client on console-ams.rpki-client.org