$ rpki-client -vvf rpki.apnic.net/member_repository/A917E4BA/C952AC9E52DC11EA82601B0FC4F9AE02/66F91334ED4911ED9A90391BC4F9AE02.roa File: 66F91334ED4911ED9A90391BC4F9AE02.roa (raw, json) Hash identifier: 4M2o1uWpD8HZNRKume3UqAzLmAnLuLXQtM8OeJIWFiY= Subject key identifier: 13:36:22:4D:93:1B:E8:86:F5:40:55:E6:F2:94:73:8C:BB:98:E6:24 Certificate issuer: /CN=A917E4BA/serialNumber=3C6EC09B095FA5F513615108A5447CACB71AB1A1 Certificate serial: 0A60 Authority key identifier: 3C:6E:C0:9B:09:5F:A5:F5:13:61:51:08:A5:44:7C:AC:B7:1A:B1:A1 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/PG7AmwlfpfUTYVEIpUR8rLcasaE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917E4BA/C952AC9E52DC11EA82601B0FC4F9AE02/66F91334ED4911ED9A90391BC4F9AE02.roa Signing time: Fri 06 Dec 2024 19:38:39 +0000 ROA not before: Fri 06 Dec 2024 19:38:39 +0000 ROA not after: Sat 31 Jan 2026 00:00:00 +0000 asID: 9650 IP address blocks: 131.242.0.0/16 maxlen: 16 131.242.21.0/24 maxlen: 24 131.242.22.0/24 maxlen: 24 131.242.23.0/24 maxlen: 24 131.242.26.0/24 maxlen: 24 131.242.30.0/24 maxlen: 24 131.242.132.0/24 maxlen: 24 131.242.144.0/22 maxlen: 22 131.242.176.0/20 maxlen: 20 131.242.230.0/24 maxlen: 24 131.242.231.0/24 maxlen: 24 147.132.0.0/16 maxlen: 16 161.143.0.0/16 maxlen: 16 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917E4BA/C952AC9E52DC11EA82601B0FC4F9AE02/PG7AmwlfpfUTYVEIpUR8rLcasaE.crl rsync://rpki.apnic.net/member_repository/A917E4BA/C952AC9E52DC11EA82601B0FC4F9AE02/PG7AmwlfpfUTYVEIpUR8rLcasaE.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/PG7AmwlfpfUTYVEIpUR8rLcasaE.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 19:25:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2656 (0xa60) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917E4BA, serialNumber=3C6EC09B095FA5F513615108A5447CACB71AB1A1 Validity Not Before: Dec 6 19:38:39 2024 GMT Not After : Jan 31 00:00:00 2026 GMT Subject: CN=675352bf-3e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:09:9e:9c:de:0b:e1:f5:eb:ac:0e:28:e1:d6: 3d:73:49:ba:64:97:2b:71:bd:60:d9:c1:45:f6:37: a3:39:5c:0d:b4:d1:0a:a5:04:4d:64:23:da:81:32: 03:e1:48:68:96:16:01:de:9f:97:6f:9c:bf:fd:69: 93:cc:96:d3:e1:8f:9d:86:df:23:05:4d:35:09:60: 40:3e:f3:e9:d4:20:ab:f8:02:77:2c:80:51:68:6d: 8a:03:a0:7a:52:5f:70:dd:ba:29:93:f0:2f:c9:c5: 99:af:24:21:8f:e9:57:44:b2:8f:2f:24:89:5b:40: 0c:62:a9:a1:12:f7:df:b4:b4:eb:d0:8d:38:63:a2: 5c:7c:3b:b2:1e:33:3a:46:cd:c6:9e:d6:56:dd:1e: b0:e0:4c:f0:ff:55:fa:4e:e0:65:6a:f6:37:19:5d: be:26:7d:af:92:5f:02:ca:03:ac:2a:90:01:4e:41: f8:c4:c7:a9:69:8a:93:03:fe:be:61:3f:7a:04:79: 8c:3a:9e:d7:b7:55:66:df:c2:5f:cd:7a:d9:96:ec: 27:a9:b2:be:63:44:04:a0:14:eb:a5:1e:25:94:1f: 9a:5a:10:e0:79:9a:51:2b:44:9d:d6:0c:6c:ce:b7: 1d:ed:d1:2b:51:61:b7:0a:2e:7f:c2:9c:05:a4:1f: 52:43 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 13:36:22:4D:93:1B:E8:86:F5:40:55:E6:F2:94:73:8C:BB:98:E6:24 X509v3 Authority Key Identifier: keyid:3C:6E:C0:9B:09:5F:A5:F5:13:61:51:08:A5:44:7C:AC:B7:1A:B1:A1 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917E4BA/C952AC9E52DC11EA82601B0FC4F9AE02/PG7AmwlfpfUTYVEIpUR8rLcasaE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/PG7AmwlfpfUTYVEIpUR8rLcasaE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917E4BA/C952AC9E52DC11EA82601B0FC4F9AE02/66F91334ED4911ED9A90391BC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 131.242.0.0/16 147.132.0.0/16 161.143.0.0/16 Signature Algorithm: sha256WithRSAEncryption a1:44:8f:11:c1:10:6d:c0:9e:a8:76:08:1d:b0:c6:2c:26:ed: ac:23:55:74:42:76:5b:4d:27:03:7c:9b:65:0f:8d:0a:6e:47: 4f:4d:1a:8c:98:75:3a:75:51:8a:00:c9:a6:8b:38:f3:ee:1f: 8c:ee:1a:69:bb:6a:76:f5:85:d4:a3:98:0d:7f:70:85:3f:e7: b1:bb:73:62:dd:fc:10:84:b5:31:8a:8d:48:dc:99:b6:87:cd: e3:65:8c:a0:5e:86:c0:ef:71:92:a8:aa:7b:2f:d3:16:bf:e1: 3c:0e:de:1b:02:21:12:8a:c6:f0:21:74:57:21:42:be:e9:48: 16:4a:f2:8d:d5:05:31:7c:9c:e9:ee:fe:b0:ce:a6:44:7b:34: 75:b5:e0:d6:7e:51:84:a3:50:c7:30:21:c0:ad:1b:8b:9b:d0: 63:ee:bc:be:5e:dc:02:89:53:76:6f:5a:27:25:60:a0:62:72: 45:d8:ac:6b:db:6e:58:fb:d5:f6:2f:10:08:35:c3:a4:1f:85: 70:7a:ce:d0:80:b4:0c:52:02:4a:cc:57:ea:1b:9b:0f:7f:98: 7f:10:ed:b4:ad:fa:47:f8:29:38:14:b1:03:70:4e:7b:ee:44: 62:91:f5:c6:15:83:0c:c4:19:96:4c:ca:0e:ca:78:8d:0d:73: 6b:0b:70:1e -----BEGIN CERTIFICATE----- MIIFejCCBGKgAwIBAgICCmAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0U0QkExMTAvBgNVBAUTKDNDNkVDMDlCMDk1RkE1RjUxMzYxNTEwOEE1NDQ3Q0FD QjcxQUIxQTEwHhcNMjQxMjA2MTkzODM5WhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NzUzNTJiZi0zZTIyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxgmenN4L4fXrrA4o4dY9c0m6ZJcrcb1g2cFF9jejOVwNtNEKpQRNZCPagTID 4UholhYB3p+Xb5y//WmTzJbT4Y+dht8jBU01CWBAPvPp1CCr+AJ3LIBRaG2KA6B6 Ul9w3bopk/AvycWZryQhj+lXRLKPLySJW0AMYqmhEvfftLTr0I04Y6JcfDuyHjM6 Rs3GntZW3R6w4Ezw/1X6TuBlavY3GV2+Jn2vkl8CygOsKpABTkH4xMepaYqTA/6+ YT96BHmMOp7Xt1Vm38JfzXrZluwnqbK+Y0QEoBTrpR4llB+aWhDgeZpRK0Sd1gxs zrcd7dErUWG3Ci5/wpwFpB9SQwIDAQABo4ICnjCCApowHQYDVR0OBBYEFBM2Ik2T G+iG9UBV5vKUc4y7mOYkMB8GA1UdIwQYMBaAFDxuwJsJX6X1E2FRCKVEfKy3GrGh MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3RTRCQS9DOTUyQUM5RTUy REMxMUVBODI2MDFCMEZDNEY5QUUwMi9QRzdBbXdsZnBmVVRZVkVJcFVSOHJMY2Fz YUUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL1BHN0Ftd2xmcGZVVFlWRUlwVVI4ckxjYXNhRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx N0U0QkEvQzk1MkFDOUU1MkRDMTFFQTgyNjAxQjBGQzRGOUFFMDIvNjZGOTEzMzRF RDQ5MTFFRDlBOTAzOTFCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKAYIKwYBBQUHAQcBAf8E GTAXMBUEAgABMA8DAwCD8gMDAJOEAwMAoY8wDQYJKoZIhvcNAQELBQADggEBAKFE jxHBEG3Anqh2CB2wxiwm7awjVXRCdltNJwN8m2UPjQpuR09NGoyYdTp1UYoAyaaL OPPuH4zuGmm7anb1hdSjmA1/cIU/57G7c2Ld/BCEtTGKjUjcmbaHzeNljKBehsDv cZKoqnsv0xa/4TwO3hsCIRKKxvAhdFchQr7pSBZK8o3VBTF8nOnu/rDOpkR7NHW1 4NZ+UYSjUMcwIcCtG4ub0GPuvL5e3AKJU3ZvWiclYKBickXYrGvbblj71fYvEAg1 w6QfhXB6ztCAtAxSAkrMV+obmw9/mH8Q7bSt+kf4KTgUsQNwTnvuRGKR9cYVgwzE GZZMyg7KeI0Nc2sLcB4= -----END CERTIFICATE-----Generated at Sat Apr 26 16:55:13 2025 by rpki-client