$ rpki-client -vvf rpki.apnic.net/member_repository/A91B5D7E/ECA682341D8711E298322DE008B02CD2/8FF00754732F11EE90078C13C4F9AE02.roa File: 8FF00754732F11EE90078C13C4F9AE02.roa (raw, json) Hash identifier: FvhGoDcJkl/uVyMeuA2e84lQ0fEQXKW9fiAoOj29wy4= Subject key identifier: D1:11:95:C0:2F:9B:A7:8A:4F:3A:76:42:93:E7:A7:63:D2:48:14:91 Certificate issuer: /CN=A91B5D7E/serialNumber=4CAE3AEFB1AC8ABDDB99BCCEE4FA5A916D157B34 Certificate serial: 3597 Authority key identifier: 4C:AE:3A:EF:B1:AC:8A:BD:DB:99:BC:CE:E4:FA:5A:91:6D:15:7B:34 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TK4677Gsir3bmbzO5PpakW0VezQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B5D7E/ECA682341D8711E298322DE008B02CD2/8FF00754732F11EE90078C13C4F9AE02.roa Signing time: Wed 18 Dec 2024 14:40:36 +0000 ROA not before: Wed 18 Dec 2024 14:40:36 +0000 ROA not after: Mon 02 Mar 2026 00:00:00 +0000 asID: 141342 IP address blocks: 116.90.96.0/24 maxlen: 24 116.90.97.0/24 maxlen: 24 116.90.98.0/24 maxlen: 24 116.90.99.0/24 maxlen: 24 116.90.102.0/24 maxlen: 24 116.90.103.0/24 maxlen: 24 116.90.104.0/24 maxlen: 24 116.90.112.0/24 maxlen: 24 116.90.113.0/24 maxlen: 24 116.90.114.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B5D7E/ECA682341D8711E298322DE008B02CD2/TK4677Gsir3bmbzO5PpakW0VezQ.crl rsync://rpki.apnic.net/member_repository/A91B5D7E/ECA682341D8711E298322DE008B02CD2/TK4677Gsir3bmbzO5PpakW0VezQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TK4677Gsir3bmbzO5PpakW0VezQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 14:28:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13719 (0x3597) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B5D7E, serialNumber=4CAE3AEFB1AC8ABDDB99BCCEE4FA5A916D157B34 Validity Not Before: Dec 18 14:40:36 2024 GMT Not After : Mar 2 00:00:00 2026 GMT Subject: CN=6762dee4-82e9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:82:3e:e3:1f:e6:9d:ab:4b:9c:7f:e3:bc:1e: 71:d6:37:b6:ed:c8:12:c7:53:18:f6:97:c7:7b:01: 3b:a5:b5:a3:c7:42:90:a9:48:19:d3:63:2c:6e:83: d9:f1:f8:d7:9b:1f:74:07:3d:2d:c2:5d:3d:b0:32: b2:f8:0f:cd:35:78:45:55:6c:ac:a6:b7:82:44:21: 68:33:0f:59:b0:64:28:c7:8f:ec:f9:4c:38:66:04: 5a:06:7b:af:2d:dd:d1:9c:5a:77:f1:d7:ce:a6:19: 95:f7:99:de:06:2d:19:44:d3:e6:3f:94:5d:00:e3: c4:27:17:24:e8:92:6c:6a:7c:1c:50:0e:e0:46:d3: b1:c9:52:e8:ce:32:7a:4a:17:0f:63:a7:97:83:8c: 5d:84:ce:67:ec:28:21:90:44:f8:15:66:ce:ca:f1: 4d:84:ef:fc:30:4b:a3:5c:9e:9d:c4:43:a8:cf:78: b6:78:ba:15:4b:02:e9:f1:e4:e3:67:00:5b:84:c1: 86:75:6a:50:de:86:01:8f:60:35:b9:1b:27:ee:17: 1e:a3:7b:53:9e:ec:88:3e:12:0f:ff:9e:18:e2:fd: d4:12:dd:c5:6e:9f:77:a4:e6:d8:9c:86:15:10:27: e5:16:20:f3:bd:80:5a:c6:50:92:28:19:62:e8:76: 92:3b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D1:11:95:C0:2F:9B:A7:8A:4F:3A:76:42:93:E7:A7:63:D2:48:14:91 X509v3 Authority Key Identifier: keyid:4C:AE:3A:EF:B1:AC:8A:BD:DB:99:BC:CE:E4:FA:5A:91:6D:15:7B:34 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B5D7E/ECA682341D8711E298322DE008B02CD2/TK4677Gsir3bmbzO5PpakW0VezQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TK4677Gsir3bmbzO5PpakW0VezQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B5D7E/ECA682341D8711E298322DE008B02CD2/8FF00754732F11EE90078C13C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 116.90.96.0/22 116.90.102.0-116.90.104.255 116.90.112.0-116.90.114.255 Signature Algorithm: sha256WithRSAEncryption ac:3e:75:3f:2f:2a:d1:cd:93:9a:cc:e4:82:6b:19:f2:6d:ae: 6e:0b:76:6b:34:d8:69:28:2d:b2:c2:f1:3c:34:b0:9b:68:af: 0e:0b:8c:95:53:42:5b:9d:16:0d:e2:e5:0a:a1:6c:8c:86:4c: e2:0a:b7:40:19:a7:63:8f:c0:c2:ce:5d:85:09:ad:21:c0:34: 35:45:96:72:f3:63:08:ba:e5:12:a1:4e:17:4a:f7:4b:48:9d: 61:50:1d:86:14:50:9f:44:2e:a2:b8:94:26:d2:37:24:d6:63: 7f:12:c1:df:35:45:1b:ae:04:e0:1c:22:65:42:b0:6f:7a:e4: 20:bc:64:b9:15:d6:f2:9a:c5:06:81:05:dd:f6:22:c0:bc:5d: e8:df:af:90:58:db:f6:b8:75:5c:20:04:12:46:ea:68:3f:57: 1b:4e:19:a8:40:14:61:7b:23:b0:42:34:b2:31:01:58:5f:5d: a6:bc:41:45:64:27:56:1e:50:33:b0:d2:f7:d6:31:22:91:73: 14:d2:a6:f1:77:3f:4c:63:fb:c9:ff:75:e5:07:7f:18:8d:d3: 91:ba:23:50:15:51:08:98:8e:e4:82:73:ec:3d:df:df:4e:a0: f0:29:5a:63:41:74:d1:02:aa:e3:e0:f6:fa:f2:e2:08:d2:cf: 87:55:46:fe -----BEGIN CERTIFICATE----- MIIFjTCCBHWgAwIBAgICNZcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjVEN0UxMTAvBgNVBAUTKDRDQUUzQUVGQjFBQzhBQkREQjk5QkNDRUU0RkE1QTkx NkQxNTdCMzQwHhcNMjQxMjE4MTQ0MDM2WhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD VQQDEw02NzYyZGVlNC04MmU5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAqII+4x/mnatLnH/jvB5x1je27cgSx1MY9pfHewE7pbWjx0KQqUgZ02MsboPZ 8fjXmx90Bz0twl09sDKy+A/NNXhFVWyspreCRCFoMw9ZsGQox4/s+Uw4ZgRaBnuv Ld3RnFp38dfOphmV95neBi0ZRNPmP5RdAOPEJxck6JJsanwcUA7gRtOxyVLozjJ6 ShcPY6eXg4xdhM5n7CghkET4FWbOyvFNhO/8MEujXJ6dxEOoz3i2eLoVSwLp8eTj ZwBbhMGGdWpQ3oYBj2A1uRsn7hceo3tTnuyIPhIP/54Y4v3UEt3Fbp93pObYnIYV ECflFiDzvYBaxlCSKBli6HaSOwIDAQABo4ICsTCCAq0wHQYDVR0OBBYEFNERlcAv m6eKTzp2QpPnp2PSSBSRMB8GA1UdIwQYMBaAFEyuOu+xrIq925m8zuT6WpFtFXs0 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNUQ3RS9FQ0E2ODIzNDFE ODcxMUUyOTgzMjJERTAwOEIwMkNEMi9USzQ2NzdHc2lyM2JtYnpPNVBwYWtXMFZl elEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1RLNDY3N0dzaXIzYm1iek81UHBha1cwVmV6US5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QjVEN0UvRUNBNjgyMzQxRDg3MTFFMjk4MzIyREUwMDhCMDJDRDIvOEZGMDA3NTQ3 MzJGMTFFRTkwMDc4QzEzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOwYIKwYBBQUHAQcBAf8E LDAqMCgEAgABMCIDBAJ0WmAwDAMEAXRaZgMEAHRaaDAMAwQEdFpwAwQAdFpyMA0G CSqGSIb3DQEBCwUAA4IBAQCsPnU/LyrRzZOazOSCaxnyba5uC3ZrNNhpKC2ywvE8 NLCbaK8OC4yVU0JbnRYN4uUKoWyMhkziCrdAGadjj8DCzl2FCa0hwDQ1RZZy82MI uuUSoU4XSvdLSJ1hUB2GFFCfRC6iuJQm0jck1mN/EsHfNUUbrgTgHCJlQrBveuQg vGS5FdbymsUGgQXd9iLAvF3o36+QWNv2uHVcIAQSRupoP1cbThmoQBRheyOwQjSy MQFYX12mvEFFZCdWHlAzsNL31jEikXMU0qbxdz9MY/vJ/3XlB38YjdORuiNQFVEI mI7kgnPsPd/fTqDwKVpjQXTRAqrj4Pb68uII0s+HVUb+ -----END CERTIFICATE-----Generated at Sat Apr 26 08:03:12 2025 by rpki-client