$ rpki-client -vvf rpki.apnic.net/member_repository/A91FEE70/0910D1A009E811EAA630164FC4F9AE02/33B6385E09E911EAA0C05451C4F9AE02.roa File: 33B6385E09E911EAA0C05451C4F9AE02.roa (raw, json) Hash identifier: 1s/7qjoQVEcC3QQ1Qup7SEEfGC2IOmSmzbw/kmobCm4= Subject key identifier: 83:F6:84:EB:69:3F:D8:9E:F6:84:4B:8D:58:81:88:6A:7A:11:D6:7E Certificate issuer: /CN=A91FEE70/serialNumber=FA94DE39088EC38A52B692279A42C4AFFB5B73B1 Certificate serial: 0B66 Authority key identifier: FA:94:DE:39:08:8E:C3:8A:52:B6:92:27:9A:42:C4:AF:FB:5B:73:B1 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-pTeOQiOw4pStpInmkLEr_tbc7E.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91FEE70/0910D1A009E811EAA630164FC4F9AE02/33B6385E09E911EAA0C05451C4F9AE02.roa Signing time: Thu 18 Apr 2024 19:57:42 +0000 ROA not before: Thu 18 Apr 2024 19:57:42 +0000 ROA not after: Tue 01 Jul 2025 00:00:00 +0000 asID: 133081 IP address blocks: 203.2.168.0/24 maxlen: 24 203.2.169.0/24 maxlen: 24 203.2.170.0/24 maxlen: 24 203.2.171.0/24 maxlen: 24 203.2.172.0/24 maxlen: 24 203.2.173.0/24 maxlen: 24 203.2.174.0/24 maxlen: 24 203.2.175.0/24 maxlen: 24 203.16.128.0/24 maxlen: 24 203.16.129.0/24 maxlen: 24 203.16.130.0/24 maxlen: 24 203.16.131.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91FEE70/0910D1A009E811EAA630164FC4F9AE02/-pTeOQiOw4pStpInmkLEr_tbc7E.crl rsync://rpki.apnic.net/member_repository/A91FEE70/0910D1A009E811EAA630164FC4F9AE02/-pTeOQiOw4pStpInmkLEr_tbc7E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-pTeOQiOw4pStpInmkLEr_tbc7E.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 21 Feb 2025 05:15:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2918 (0xb66) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FEE70 Validity Not Before: Apr 18 19:57:42 2024 GMT Not After : Jul 1 00:00:00 2025 GMT Subject: CN=66217b36-38d9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d9:30:e7:ee:61:af:c6:7a:73:b2:cc:a5:c5:50: 96:2b:8a:be:c1:f8:fc:b7:c7:6e:7e:c3:01:6f:87: 7b:88:14:cb:4d:d4:40:b1:0d:ad:1e:bc:41:1e:f0: 46:ed:fc:66:53:e4:15:63:67:5c:53:4d:64:2b:bf: 9c:3d:a5:6c:2c:c8:40:6d:d6:68:c6:8d:01:18:ee: 64:86:33:b6:93:88:20:88:4b:a5:6a:96:21:09:bb: 91:d3:30:d1:8a:98:fa:69:77:4d:f6:48:d9:93:5a: b0:10:00:23:bc:30:09:69:0f:dd:79:e5:2f:f3:8c: 6f:27:7d:3c:b5:78:98:9c:18:9e:35:43:2d:f3:8b: fc:00:3d:e9:18:6f:66:5d:9a:f8:be:32:b2:cf:a3: bc:87:0b:1b:1d:09:e1:80:34:7a:66:1d:88:d6:c8: 97:8b:38:20:f2:a7:6f:d4:9f:a6:cb:a7:66:07:e7: 37:66:fd:0c:69:22:e6:4a:60:4f:a8:61:f7:bd:bb: 6e:6e:73:90:dc:cd:ad:cc:e1:d9:97:4e:d5:dc:9d: cf:9b:c1:6e:70:0d:d9:e0:15:30:18:7e:de:53:58: 10:3b:25:19:c3:20:fa:46:60:17:f9:9c:31:2b:e0: 15:7b:15:85:38:d4:d4:3e:12:94:64:60:2c:9f:5f: 54:c3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 83:F6:84:EB:69:3F:D8:9E:F6:84:4B:8D:58:81:88:6A:7A:11:D6:7E X509v3 Authority Key Identifier: keyid:FA:94:DE:39:08:8E:C3:8A:52:B6:92:27:9A:42:C4:AF:FB:5B:73:B1 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91FEE70/0910D1A009E811EAA630164FC4F9AE02/-pTeOQiOw4pStpInmkLEr_tbc7E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-pTeOQiOw4pStpInmkLEr_tbc7E.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FEE70/0910D1A009E811EAA630164FC4F9AE02/33B6385E09E911EAA0C05451C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 203.2.168.0/21 203.16.128.0/22 Signature Algorithm: sha256WithRSAEncryption a7:ea:e2:72:da:31:9d:45:74:85:ea:05:28:97:bd:cf:a0:d7: 17:86:5c:cc:6e:26:25:ef:4b:36:19:64:c2:bb:69:d8:f0:36: 80:2f:78:25:d0:6f:26:56:87:0b:da:c6:0a:48:d1:e5:ad:91: 37:a1:a1:af:f0:aa:5c:bc:c9:63:72:38:09:69:72:71:87:48: 48:e6:ed:b7:bc:5f:11:3b:6e:54:65:62:42:5c:30:8a:19:eb: de:b6:ff:2b:50:54:48:7f:f2:46:5f:7f:10:41:46:4c:da:c0: c7:74:a9:cb:1f:6c:d1:c7:61:68:07:d0:3d:14:87:de:04:a8: e5:59:b0:a8:1e:52:fd:f2:06:cd:4c:64:12:c1:33:cb:fb:4a: 4b:a0:52:00:1d:1e:c8:ed:ab:fa:ef:b4:4f:d9:e1:85:c8:7b: cb:16:03:30:03:3a:84:7d:20:35:b8:04:62:bd:cf:30:00:21: 7d:2c:05:bf:70:ad:6f:e3:21:5d:18:8e:5e:42:c0:bb:9d:ca: 56:d4:5a:6c:a1:4b:c8:9b:1b:0a:a1:33:76:d5:a4:f7:c5:25: 03:6b:c5:c8:d3:61:e7:20:08:90:20:b8:a7:41:88:dd:09:e9: 32:2d:da:50:70:7c:89:db:fc:d4:b7:2f:e2:45:1a:0c:df:2d: 87:24:5c:28 -----BEGIN CERTIFICATE----- MIIFdzCCBF+gAwIBAgICC2YwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RkVFNzAxMTAvBgNVBAUTKEZBOTRERTM5MDg4RUMzOEE1MkI2OTIyNzlBNDJDNEFG RkI1QjczQjEwHhcNMjQwNDE4MTk1NzQyWhcNMjUwNzAxMDAwMDAwWjAYMRYwFAYD VQQDEw02NjIxN2IzNi0zOGQ5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA2TDn7mGvxnpzssylxVCWK4q+wfj8t8dufsMBb4d7iBTLTdRAsQ2tHrxBHvBG 7fxmU+QVY2dcU01kK7+cPaVsLMhAbdZoxo0BGO5khjO2k4ggiEulapYhCbuR0zDR ipj6aXdN9kjZk1qwEAAjvDAJaQ/deeUv84xvJ308tXiYnBieNUMt84v8AD3pGG9m XZr4vjKyz6O8hwsbHQnhgDR6Zh2I1siXizgg8qdv1J+my6dmB+c3Zv0MaSLmSmBP qGH3vbtubnOQ3M2tzOHZl07V3J3Pm8FucA3Z4BUwGH7eU1gQOyUZwyD6RmAX+Zwx K+AVexWFONTUPhKUZGAsn19UwwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFIP2hOtp P9ie9oRLjViBiGp6EdZ+MB8GA1UdIwQYMBaAFPqU3jkIjsOKUraSJ5pCxK/7W3Ox MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGRUU3MC8wOTEwRDFBMDA5 RTgxMUVBQTYzMDE2NEZDNEY5QUUwMi8tcFRlT1FpT3c0cFN0cElubWtMRXJfdGJj N0UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLy1wVGVPUWlPdzRwU3RwSW5ta0xFcl90YmM3RS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RkVFNzAvMDkxMEQxQTAwOUU4MTFFQUE2MzAxNjRGQzRGOUFFMDIvMzNCNjM4NUUw OUU5MTFFQUEwQzA1NDUxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E FjAUMBIEAgABMAwDBAPLAqgDBALLEIAwDQYJKoZIhvcNAQELBQADggEBAKfq4nLa MZ1FdIXqBSiXvc+g1xeGXMxuJiXvSzYZZMK7adjwNoAveCXQbyZWhwvaxgpI0eWt kTehoa/wqly8yWNyOAlpcnGHSEjm7be8XxE7blRlYkJcMIoZ6962/ytQVEh/8kZf fxBBRkzawMd0qcsfbNHHYWgH0D0Uh94EqOVZsKgeUv3yBs1MZBLBM8v7SkugUgAd Hsjtq/rvtE/Z4YXIe8sWAzADOoR9IDW4BGK9zzAAIX0sBb9wrW/jIV0Yjl5CwLud ylbUWmyhS8ibGwqhM3bVpPfFJQNrxcjTYecgCJAguKdBiN0J6TIt2lBwfInb/NS3 L+JFGgzfLYckXCg= -----END CERTIFICATE-----Generated at Sun Feb 16 21:40:36 2025 by rpki-client