$ rpki-client -vvf rpki.apnic.net/member_repository/A91127B5/0F194EAE890C11EE9DF72C50C4F9AE02/AA02862E890C11EE87862551C4F9AE02.roa File: AA02862E890C11EE87862551C4F9AE02.roa (raw, json) Hash identifier: If7gROK16zr/SZJjbOJJFTa1P8/BQcHi3NBwMSreHp8= Subject key identifier: 08:E5:1E:67:F5:1B:6F:0A:3D:FE:BF:A8:41:5E:0A:F5:6A:86:70:D8 Certificate issuer: /CN=A91127B5/serialNumber=FDE81CA7695E94A90BFDFD83F11A7734630817E8 Certificate serial: 1E Authority key identifier: FD:E8:1C:A7:69:5E:94:A9:0B:FD:FD:83:F1:1A:77:34:63:08:17:E8 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_egcp2lelKkL_f2D8Rp3NGMIF-g.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91127B5/0F194EAE890C11EE9DF72C50C4F9AE02/AA02862E890C11EE87862551C4F9AE02.roa Signing time: Thu 28 Dec 2023 03:29:14 +0000 ROA not before: Thu 28 Dec 2023 03:29:14 +0000 ROA not after: Sun 02 Mar 2025 00:00:00 +0000 asID: 140543 IP address blocks: 115.187.16.0/24 maxlen: 24 115.187.17.0/24 maxlen: 24 2401:4ea0::/48 maxlen: 48 2401:4ea0:1::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91127B5/0F194EAE890C11EE9DF72C50C4F9AE02/_egcp2lelKkL_f2D8Rp3NGMIF-g.crl rsync://rpki.apnic.net/member_repository/A91127B5/0F194EAE890C11EE9DF72C50C4F9AE02/_egcp2lelKkL_f2D8Rp3NGMIF-g.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_egcp2lelKkL_f2D8Rp3NGMIF-g.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 02 Jul 2024 06:21:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 30 (0x1e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91127B5/serialNumber=FDE81CA7695E94A90BFDFD83F11A7734630817E8 Validity Not Before: Dec 28 03:29:14 2023 GMT Not After : Mar 2 00:00:00 2025 GMT Subject: CN=658ceb8a-b294 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:95:14:37:fd:06:20:28:5c:07:c3:aa:ef:da:7b: b2:a1:ca:ac:e7:44:98:c6:a3:e5:93:96:14:9b:cd: 6e:79:e1:ea:9c:6e:b7:84:29:68:89:6e:55:11:30: 6f:97:9b:e4:47:23:01:b1:c4:42:8a:c5:17:18:13: 70:ae:ae:7c:d6:a0:9c:6b:e7:59:aa:d0:6a:e8:82: e1:9b:d6:fd:d6:db:28:70:15:8e:d9:c8:90:e0:6f: a7:3c:d7:68:18:55:c0:f6:54:c6:4a:ce:e9:d1:e5: 60:22:72:d2:be:ab:53:d5:46:36:04:ef:4b:cc:b9: 1f:77:e7:df:79:cf:58:c5:42:31:ae:92:8f:6a:fc: e8:84:fc:38:77:f9:8e:3c:b6:4b:69:57:98:0d:93: 89:eb:2c:64:bc:65:03:c1:d9:4d:68:c3:e5:7e:e4: e3:43:da:89:30:42:64:df:28:97:55:f6:b5:a9:85: d0:75:cd:61:44:83:f4:f9:81:61:39:0c:dd:3c:9f: 70:ca:ce:92:ea:c5:78:63:fb:fb:17:7f:cc:d7:4e: 66:d4:0c:56:cd:74:53:db:95:1c:f3:74:cd:e6:56: 5d:10:46:c3:3f:79:84:ba:5b:b4:15:2e:f4:1d:ab: 3a:a1:d9:13:1b:83:22:fc:6a:3a:7b:b8:cc:21:b7: 8d:9d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 08:E5:1E:67:F5:1B:6F:0A:3D:FE:BF:A8:41:5E:0A:F5:6A:86:70:D8 X509v3 Authority Key Identifier: keyid:FD:E8:1C:A7:69:5E:94:A9:0B:FD:FD:83:F1:1A:77:34:63:08:17:E8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91127B5/0F194EAE890C11EE9DF72C50C4F9AE02/_egcp2lelKkL_f2D8Rp3NGMIF-g.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_egcp2lelKkL_f2D8Rp3NGMIF-g.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91127B5/0F194EAE890C11EE9DF72C50C4F9AE02/AA02862E890C11EE87862551C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 115.187.16.0/23 IPv6: 2401:4ea0::/47 Signature Algorithm: sha256WithRSAEncryption ab:80:f0:6d:4f:f9:24:50:d8:e0:38:5f:32:de:83:71:3a:b3: 0a:f6:33:48:c4:0c:b8:ea:fb:95:6d:03:01:4d:61:9d:a2:16: c5:c1:e6:c8:19:f3:09:3b:ea:f9:cd:49:58:23:91:cf:03:ad: e7:ee:7f:4d:b1:30:28:12:4c:27:c1:2e:92:67:e3:b0:02:83: 74:91:d7:96:7c:03:d7:d4:2e:7a:18:39:09:5b:ff:16:08:8e: 0b:17:38:71:36:db:ba:32:9e:eb:31:4b:1d:1e:87:25:57:89: 68:03:de:53:ce:27:88:13:90:52:82:c2:6a:14:3d:67:58:2b: 90:18:df:cd:d8:55:00:d5:b6:53:eb:45:e0:be:16:8b:ce:62: a8:09:4e:5d:3a:48:ba:4b:99:cf:5e:fb:3a:8e:79:1a:61:be: 7a:4c:8b:b8:12:85:c9:56:40:b5:2b:75:28:7d:48:29:aa:e1: fc:2b:c7:38:00:26:e3:b8:57:4f:c2:40:89:d5:e1:a3:d5:f7: 5c:89:08:06:fb:0f:53:8a:15:5c:e4:a6:9d:95:67:f0:69:a6: 4a:8e:61:6d:06:d1:01:4f:de:89:19:9b:4e:32:db:95:ea:16: b9:af:ef:bc:0a:d3:c9:42:ba:c6:05:2e:f9:ff:c2:55:fd:30: dc:f5:76:f1 -----BEGIN CERTIFICATE----- MIIFgTCCBGmgAwIBAgIBHjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEx MjdCNTExMC8GA1UEBRMoRkRFODFDQTc2OTVFOTRBOTBCRkRGRDgzRjExQTc3MzQ2 MzA4MTdFODAeFw0yMzEyMjgwMzI5MTRaFw0yNTAzMDIwMDAwMDBaMBgxFjAUBgNV BAMTDTY1OGNlYjhhLWIyOTQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCVFDf9BiAoXAfDqu/ae7KhyqznRJjGo+WTlhSbzW554eqcbreEKWiJblURMG+X m+RHIwGxxEKKxRcYE3CurnzWoJxr51mq0GroguGb1v3W2yhwFY7ZyJDgb6c812gY VcD2VMZKzunR5WAictK+q1PVRjYE70vMuR935995z1jFQjGuko9q/OiE/Dh3+Y48 tktpV5gNk4nrLGS8ZQPB2U1ow+V+5OND2okwQmTfKJdV9rWphdB1zWFEg/T5gWE5 DN08n3DKzpLqxXhj+/sXf8zXTmbUDFbNdFPblRzzdM3mVl0QRsM/eYS6W7QVLvQd qzqh2RMbgyL8ajp7uMwht42dAgMBAAGjggKmMIICojAdBgNVHQ4EFgQUCOUeZ/Ub bwo9/r+oQV4K9WqGcNgwHwYDVR0jBBgwFoAU/egcp2lelKkL/f2D8Rp3NGMIF+gw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTEyN0I1LzBGMTk0RUFFODkw QzExRUU5REY3MkM1MEM0RjlBRTAyL19lZ2NwMmxlbEtrTF9mMkQ4UnAzTkdNSUYt Zy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvX2VnY3AybGVsS2tMX2YyRDhScDNOR01JRi1nLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx MjdCNS8wRjE5NEVBRTg5MEMxMUVFOURGNzJDNTBDNEY5QUUwMi9BQTAyODYyRTg5 MEMxMUVFODc4NjI1NTFDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAwBggrBgEFBQcBBwEB/wQh MB8wDAQCAAEwBgMEAXO7EDAPBAIAAjAJAwcBJAFOoAAAMA0GCSqGSIb3DQEBCwUA A4IBAQCrgPBtT/kkUNjgOF8y3oNxOrMK9jNIxAy46vuVbQMBTWGdohbFwebIGfMJ O+r5zUlYI5HPA63n7n9NsTAoEkwnwS6SZ+OwAoN0kdeWfAPX1C56GDkJW/8WCI4L FzhxNtu6Mp7rMUsdHoclV4loA95TzieIE5BSgsJqFD1nWCuQGN/N2FUA1bZT60Xg vhaLzmKoCU5dOki6S5nPXvs6jnkaYb56TIu4EoXJVkC1K3UofUgpquH8K8c4ACbj uFdPwkCJ1eGj1fdciQgG+w9TihVc5KadlWfwaaZKjmFtBtEBT96JGZtOMtuV6ha5 r++8CtPJQrrGBS75/8JV/TDc9Xbx -----END CERTIFICATE-----Generated at Tue Jun 25 07:05:43 2024 by rpki-client on console-fra.rpki-client.org