$ rpki-client -vvf rpki.apnic.net/member_repository/A91FECDA/9BA971A26F9C11E9A5074B2FC4F9AE02/36588F22A2A411EF91C88414C4F9AE02.roa File: 36588F22A2A411EF91C88414C4F9AE02.roa (raw, json) Hash identifier: lMzasziHNCrDLjTRZs7Xkeyw9MoX7yftFyebSxoNdtQ= Subject key identifier: D4:9E:DC:80:C6:D6:B9:5C:E1:C7:70:06:4B:2C:B6:14:FF:01:F3:DD Certificate issuer: /CN=A91FECDA/serialNumber=CCCE54EEAFBF93213CD992BCA1E5267D5052B3C7 Certificate serial: 0EE9 Authority key identifier: CC:CE:54:EE:AF:BF:93:21:3C:D9:92:BC:A1:E5:26:7D:50:52:B3:C7 Authority info access: rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/zM5U7q-_kyE82ZK8oeUmfVBSs8c.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91FECDA/9BA971A26F9C11E9A5074B2FC4F9AE02/36588F22A2A411EF91C88414C4F9AE02.roa Signing time: Thu 14 Nov 2024 16:19:24 +0000 ROA not before: Thu 14 Nov 2024 16:19:24 +0000 ROA not after: Tue 30 Dec 2025 00:00:00 +0000 asID: 132899 IP address blocks: 193.119.2.0/24 maxlen: 24 193.119.3.0/24 maxlen: 24 193.119.4.0/24 maxlen: 24 193.119.5.0/24 maxlen: 24 193.119.6.0/24 maxlen: 24 193.119.7.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91FECDA/9BA971A26F9C11E9A5074B2FC4F9AE02/zM5U7q-_kyE82ZK8oeUmfVBSs8c.crl rsync://rpki.apnic.net/member_repository/A91FECDA/9BA971A26F9C11E9A5074B2FC4F9AE02/zM5U7q-_kyE82ZK8oeUmfVBSs8c.mft rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/zM5U7q-_kyE82ZK8oeUmfVBSs8c.cer rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.crl rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Nov 2024 14:50:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3817 (0xee9) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FECDA/serialNumber=CCCE54EEAFBF93213CD992BCA1E5267D5052B3C7 Validity Not Before: Nov 14 16:19:24 2024 GMT Not After : Dec 30 00:00:00 2025 GMT Subject: CN=6736230c-5001 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e0:67:98:61:3c:6e:6f:7a:3c:db:7a:39:60:aa: 2f:0e:ca:a5:05:fb:f8:01:ab:08:d8:db:f5:30:3a: 5f:fa:07:c7:30:e9:a2:19:28:41:b8:08:21:9e:02: c0:fe:1f:cf:9d:97:5a:e6:49:0b:bd:63:af:ea:d0: e1:dc:9a:b8:09:49:6f:c0:1d:bd:86:7b:22:30:a7: e4:e9:01:c7:94:e2:17:5f:14:35:33:96:e7:86:fd: 8f:3c:9e:82:4e:dd:1e:4e:f7:46:57:2b:2a:38:cf: 13:bf:f0:15:ac:14:f5:51:28:bb:77:a4:10:cb:03: 8a:6f:7e:58:58:00:ea:17:a3:14:2b:70:87:f2:0f: 43:24:53:26:94:87:e2:99:9a:b6:47:46:a7:43:5c: dc:1f:eb:6d:10:f1:aa:c6:c5:04:a2:a7:32:7e:e7: a8:0e:c9:8e:a0:85:4f:d8:f7:4b:b9:ba:7c:07:11: ef:dc:c5:27:e5:64:95:d7:9a:f4:1a:09:89:57:2a: 1c:af:e8:fc:69:c4:81:00:cc:c0:ac:5f:ea:74:1b: c4:63:d5:c0:c7:b0:3b:92:6f:50:6d:a3:9f:64:e1: f0:78:10:d9:f8:7f:da:03:8f:67:87:a5:17:64:e7: 99:a0:dc:cf:3d:49:6d:d1:d5:b7:43:29:5c:e8:b4: 1f:21 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D4:9E:DC:80:C6:D6:B9:5C:E1:C7:70:06:4B:2C:B6:14:FF:01:F3:DD X509v3 Authority Key Identifier: keyid:CC:CE:54:EE:AF:BF:93:21:3C:D9:92:BC:A1:E5:26:7D:50:52:B3:C7 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91FECDA/9BA971A26F9C11E9A5074B2FC4F9AE02/zM5U7q-_kyE82ZK8oeUmfVBSs8c.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/zM5U7q-_kyE82ZK8oeUmfVBSs8c.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FECDA/9BA971A26F9C11E9A5074B2FC4F9AE02/36588F22A2A411EF91C88414C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 193.119.2.0-193.119.7.255 Signature Algorithm: sha256WithRSAEncryption 10:0b:61:7b:2d:fd:57:cb:9f:11:b1:af:c0:39:62:bd:eb:0c: 14:db:fc:1c:4a:d8:4d:d2:ed:99:0f:91:1c:71:c1:92:c8:08: 91:95:f3:d9:39:be:7a:b8:b4:ed:d2:94:2e:f1:24:91:ac:62: 3d:83:85:f4:c1:51:2a:93:66:fb:66:9f:c2:88:df:76:4b:77: 3a:69:b2:56:22:0f:68:f3:5f:39:10:56:9c:84:0c:f8:27:4c: 72:54:7b:5b:31:ff:c2:40:d3:1e:3e:3a:53:b6:da:58:3c:47: 2d:e0:b1:d5:aa:24:ec:23:f9:b4:bc:11:56:4b:19:17:47:f7: 04:ac:e1:c1:31:04:0f:36:db:5e:ed:04:96:b7:29:4b:44:0a: 21:bf:11:f2:cc:f4:10:e6:6b:a7:b2:56:1b:8b:bb:51:c6:6e: a9:bf:56:15:69:57:ec:36:fc:d8:49:42:5a:8d:ba:35:d2:19: 91:bf:15:6f:69:44:48:66:e1:95:f8:8b:dc:89:95:09:03:f3: 2f:df:6f:ef:88:71:2c:eb:d6:59:d9:90:7c:ab:fc:d9:38:e1: 12:a3:ff:b0:c6:ea:12:a6:06:f9:c6:38:85:59:99:47:3b:0c: e5:d2:ac:00:f4:96:93:dc:11:6c:05:19:4f:7c:52:48:af:36: 42:81:01:72 -----BEGIN CERTIFICATE----- MIIFeTCCBGGgAwIBAgICDukwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RkVDREExMTAvBgNVBAUTKENDQ0U1NEVFQUZCRjkzMjEzQ0Q5OTJCQ0ExRTUyNjdE NTA1MkIzQzcwHhcNMjQxMTE0MTYxOTI0WhcNMjUxMjMwMDAwMDAwWjAYMRYwFAYD VQQDEw02NzM2MjMwYy01MDAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA4GeYYTxub3o823o5YKovDsqlBfv4AasI2Nv1MDpf+gfHMOmiGShBuAghngLA /h/PnZda5kkLvWOv6tDh3Jq4CUlvwB29hnsiMKfk6QHHlOIXXxQ1M5bnhv2PPJ6C Tt0eTvdGVysqOM8Tv/AVrBT1USi7d6QQywOKb35YWADqF6MUK3CH8g9DJFMmlIfi mZq2R0anQ1zcH+ttEPGqxsUEoqcyfueoDsmOoIVP2PdLubp8BxHv3MUn5WSV15r0 GgmJVyocr+j8acSBAMzArF/qdBvEY9XAx7A7km9QbaOfZOHweBDZ+H/aA49nh6UX ZOeZoNzPPUlt0dW3Qylc6LQfIQIDAQABo4ICnTCCApkwHQYDVR0OBBYEFNSe3IDG 1rlc4cdwBkssthT/AfPdMB8GA1UdIwQYMBaAFMzOVO6vv5MhPNmSvKHlJn1QUrPH MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGRUNEQS85QkE5NzFBMjZG OUMxMUU5QTUwNzRCMkZDNEY5QUUwMi96TTVVN3EtX2t5RTgyWks4b2VVbWZWQlNz OGMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzMjJBNUY0MUQ2NjExRTJBM0YyN0Y3Qzcy RkQxRkYyL3pNNVU3cS1fa3lFODJaSzhvZVVtZlZCU3M4Yy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RkVDREEvOUJBOTcxQTI2RjlDMTFFOUE1MDc0QjJGQzRGOUFFMDIvMzY1ODhGMjJB MkE0MTFFRjkxQzg4NDE0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJwYIKwYBBQUHAQcBAf8E GDAWMBQEAgABMA4wDAMEAcF3AgMEA8F3ADANBgkqhkiG9w0BAQsFAAOCAQEAEAth ey39V8ufEbGvwDlivesMFNv8HErYTdLtmQ+RHHHBksgIkZXz2Tm+eri07dKULvEk kaxiPYOF9MFRKpNm+2afwojfdkt3OmmyViIPaPNfORBWnIQM+CdMclR7WzH/wkDT Hj46U7baWDxHLeCx1aok7CP5tLwRVksZF0f3BKzhwTEEDzbbXu0ElrcpS0QKIb8R 8sz0EOZrp7JWG4u7UcZuqb9WFWlX7Db82ElCWo26NdIZkb8Vb2lESGbhlfiL3ImV CQPzL99v74hxLOvWWdmQfKv82TjhEqP/sMbqEqYG+cY4hVmZRzsM5dKsAPSWk9wR bAUZT3xSSK82QoEBcg== -----END CERTIFICATE-----Generated at Fri Nov 22 19:50:23 2024 by rpki-client on console-ams.rpki-client.org