$ rpki-client -vvf rpki.apnic.net/member_repository/A9194E03/3F48F2241DA611E29A075D9D08B02CD2/AAF9A7AC41AC11EA9BD8CB25C4F9AE02.roa File: AAF9A7AC41AC11EA9BD8CB25C4F9AE02.roa (raw, json) Hash identifier: wZnaCk/gJYbevnAK1yVFsEKeXrhTNDea/rw+miTZiyc= Subject key identifier: 1F:7B:52:DF:AA:5C:56:BC:46:81:B3:3D:45:8E:CF:41:71:72:B0:29 Certificate issuer: /CN=A9194E03/serialNumber=E39AB1D07B50DBB9ABE2CB51CD9B1E3A5A854521 Certificate serial: 3422 Authority key identifier: E3:9A:B1:D0:7B:50:DB:B9:AB:E2:CB:51:CD:9B:1E:3A:5A:85:45:21 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/45qx0HtQ27mr4stRzZseOlqFRSE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9194E03/3F48F2241DA611E29A075D9D08B02CD2/AAF9A7AC41AC11EA9BD8CB25C4F9AE02.roa Signing time: Wed 02 Oct 2024 15:21:20 +0000 ROA not before: Wed 02 Oct 2024 15:21:20 +0000 ROA not after: Tue 30 Dec 2025 00:00:00 +0000 asID: 132827 IP address blocks: 27.123.208.0/22 maxlen: 22 101.0.8.0/24 maxlen: 24 101.0.9.0/24 maxlen: 24 101.0.10.0/24 maxlen: 24 101.0.11.0/24 maxlen: 24 101.0.20.0/22 maxlen: 22 101.0.24.0/24 maxlen: 24 101.0.25.0/24 maxlen: 24 101.0.26.0/23 maxlen: 23 103.3.16.0/24 maxlen: 24 103.3.17.0/24 maxlen: 24 103.3.19.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9194E03/3F48F2241DA611E29A075D9D08B02CD2/45qx0HtQ27mr4stRzZseOlqFRSE.crl rsync://rpki.apnic.net/member_repository/A9194E03/3F48F2241DA611E29A075D9D08B02CD2/45qx0HtQ27mr4stRzZseOlqFRSE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/45qx0HtQ27mr4stRzZseOlqFRSE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 15:11:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13346 (0x3422) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9194E03, serialNumber=E39AB1D07B50DBB9ABE2CB51CD9B1E3A5A854521 Validity Not Before: Oct 2 15:21:20 2024 GMT Not After : Dec 30 00:00:00 2025 GMT Subject: CN=66fd64f0-3773 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:47:39:88:5a:9a:72:25:90:6a:c9:7a:65:e5: 84:0a:a0:0c:39:22:81:bd:12:71:11:71:6e:6a:5b: fa:89:86:07:f0:ba:77:8e:25:e6:08:14:4f:e4:99: c8:5a:a7:b9:68:28:66:a6:32:6f:17:73:48:01:2e: 11:31:f6:14:e1:c0:28:18:48:39:0a:ab:b9:32:72: 4c:16:be:2d:ea:6c:c5:d5:33:20:29:5c:f7:01:47: d5:6c:95:08:97:bc:80:60:b2:ca:dc:fa:e7:3b:5d: 6b:7e:e3:fc:ca:9b:0e:0a:aa:83:19:6f:9d:8d:ea: 73:d1:ec:1d:db:2d:95:b4:3a:39:f4:74:f3:47:88: cd:8f:02:32:cf:0f:cb:41:e5:ca:f9:b2:3c:16:cc: fd:23:f6:08:cb:9e:5d:29:5d:f0:d6:c3:29:60:f7: 49:4f:cc:3e:c9:22:06:be:04:b0:e1:2f:a3:4e:b3: 66:b3:2c:e3:75:ec:c0:4c:d7:39:6e:77:fb:42:ad: e5:ff:f6:0d:09:7e:31:61:6c:57:f5:8b:18:80:af: 50:78:8a:7a:5f:2a:24:7d:62:dd:e6:ef:9a:f4:c9: c9:79:d7:a4:19:6c:e5:b4:b0:ef:23:ea:64:eb:bc: 2c:e0:48:37:5f:c9:e4:48:11:1d:a7:34:42:f6:b2: ba:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1F:7B:52:DF:AA:5C:56:BC:46:81:B3:3D:45:8E:CF:41:71:72:B0:29 X509v3 Authority Key Identifier: keyid:E3:9A:B1:D0:7B:50:DB:B9:AB:E2:CB:51:CD:9B:1E:3A:5A:85:45:21 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9194E03/3F48F2241DA611E29A075D9D08B02CD2/45qx0HtQ27mr4stRzZseOlqFRSE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/45qx0HtQ27mr4stRzZseOlqFRSE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9194E03/3F48F2241DA611E29A075D9D08B02CD2/AAF9A7AC41AC11EA9BD8CB25C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 27.123.208.0/22 101.0.8.0/22 101.0.20.0-101.0.27.255 103.3.16.0/23 103.3.19.0/24 Signature Algorithm: sha256WithRSAEncryption 02:ba:01:01:d9:2d:4f:2d:0b:0e:39:73:25:67:37:03:2c:c1: fe:83:6f:b2:4b:24:71:6b:a5:00:e2:16:73:4f:40:42:bd:6e: 5a:f0:1a:e7:ac:6b:82:db:2f:39:94:2e:df:b0:ed:ef:78:f0: 96:73:4c:3b:e2:7b:48:ba:2b:b2:5a:16:5a:c7:cd:df:49:39: 76:4f:52:a5:6b:87:2a:3b:0d:f6:c2:06:bb:17:df:5b:29:a5: 00:12:a5:b0:98:e8:b5:9a:cc:3f:6c:cd:73:e9:f3:e7:6e:68: 61:f7:be:4b:6d:fd:68:b8:fc:c1:d7:a1:d9:75:02:7a:98:33: 27:02:cd:70:f7:9c:54:4e:d1:55:02:7c:51:f0:5b:be:a3:77: 39:28:9d:31:56:0c:e7:9d:1f:46:b9:fa:90:bb:44:cd:f6:0a: 73:a3:ce:15:9c:81:86:5e:8d:f6:ac:36:ad:f3:95:9c:13:7f: 3e:55:20:52:b9:29:3f:64:c1:5e:bc:b4:2c:1a:35:5e:12:6e: db:15:0c:58:ac:f1:46:62:04:05:cd:b7:2b:71:e0:14:61:c3: 21:fd:8d:5f:28:dd:75:46:8f:9e:e2:13:31:ab:cb:02:ff:e9: 60:e4:33:c0:aa:c7:0a:3b:b6:4c:69:69:74:f2:45:9a:44:75: a4:56:db:e7 -----BEGIN CERTIFICATE----- MIIFkTCCBHmgAwIBAgICNCIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OTRFMDMxMTAvBgNVBAUTKEUzOUFCMUQwN0I1MERCQjlBQkUyQ0I1MUNEOUIxRTNB NUE4NTQ1MjEwHhcNMjQxMDAyMTUyMTIwWhcNMjUxMjMwMDAwMDAwWjAYMRYwFAYD VQQDEw02NmZkNjRmMC0zNzczMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAuUc5iFqaciWQasl6ZeWECqAMOSKBvRJxEXFualv6iYYH8Lp3jiXmCBRP5JnI Wqe5aChmpjJvF3NIAS4RMfYU4cAoGEg5Cqu5MnJMFr4t6mzF1TMgKVz3AUfVbJUI l7yAYLLK3PrnO11rfuP8ypsOCqqDGW+djepz0ewd2y2VtDo59HTzR4jNjwIyzw/L QeXK+bI8Fsz9I/YIy55dKV3w1sMpYPdJT8w+ySIGvgSw4S+jTrNmsyzjdezATNc5 bnf7Qq3l//YNCX4xYWxX9YsYgK9QeIp6XyokfWLd5u+a9MnJedekGWzltLDvI+pk 67ws4Eg3X8nkSBEdpzRC9rK6nwIDAQABo4ICtTCCArEwHQYDVR0OBBYEFB97Ut+q XFa8RoGzPUWOz0FxcrApMB8GA1UdIwQYMBaAFOOasdB7UNu5q+LLUc2bHjpahUUh MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5NEUwMy8zRjQ4RjIyNDFE QTYxMUUyOUEwNzVEOUQwOEIwMkNEMi80NXF4MEh0UTI3bXI0c3RSelpzZU9scUZS U0UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzQ1cXgwSHRRMjdtcjRzdFJ6WnNlT2xxRlJTRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx OTRFMDMvM0Y0OEYyMjQxREE2MTFFMjlBMDc1RDlEMDhCMDJDRDIvQUFGOUE3QUM0 MUFDMTFFQTlCRDhDQjI1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwPwYIKwYBBQUHAQcBAf8E MDAuMCwEAgABMCYDBAIbe9ADBAJlAAgwDAMEAmUAFAMEAmUAGAMEAWcDEAMEAGcD EzANBgkqhkiG9w0BAQsFAAOCAQEAAroBAdktTy0LDjlzJWc3AyzB/oNvskskcWul AOIWc09AQr1uWvAa56xrgtsvOZQu37Dt73jwlnNMO+J7SLorsloWWsfN30k5dk9S pWuHKjsN9sIGuxffWymlABKlsJjotZrMP2zNc+nz525oYfe+S239aLj8wdeh2XUC epgzJwLNcPecVE7RVQJ8UfBbvqN3OSidMVYM550fRrn6kLtEzfYKc6POFZyBhl6N 9qw2rfOVnBN/PlUgUrkpP2TBXry0LBo1XhJu2xUMWKzxRmIEBc23K3HgFGHDIf2N XyjddUaPnuITMavLAv/pYOQzwKrHCju2TGlpdPJFmkR1pFbb5w== -----END CERTIFICATE-----Generated at Sat Apr 26 14:21:34 2025 by rpki-client