$ rpki-client -vvf rpki.apnic.net/member_repository/A911945B/3ACF70C017FD11EF8C083063C4F9AE02/C562775017FD11EF9A320864C4F9AE02.roa File: C562775017FD11EF9A320864C4F9AE02.roa (raw, json) Hash identifier: KzKcuINIseqCKm2mKPVX0jaoPaRQgEtGnab7YqNF1/k= Subject key identifier: AE:36:B1:39:25:BB:9A:03:51:D0:D4:50:94:16:30:54:8C:4A:93:F2 Certificate issuer: /CN=A911945B/serialNumber=EB32DF927434AC6D3A86847DDFBA3D2E81001131 Certificate serial: 05 Authority key identifier: EB:32:DF:92:74:34:AC:6D:3A:86:84:7D:DF:BA:3D:2E:81:00:11:31 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6zLfknQ0rG06hoR937o9LoEAETE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A911945B/3ACF70C017FD11EF8C083063C4F9AE02/C562775017FD11EF9A320864C4F9AE02.roa Signing time: Thu 23 May 2024 11:06:21 +0000 ROA not before: Thu 23 May 2024 11:06:21 +0000 ROA not after: Sun 02 Mar 2025 00:00:00 +0000 asID: 7575 IP address blocks: 203.2.32.0/22 maxlen: 22 203.2.36.0/24 maxlen: 24 203.2.37.0/24 maxlen: 24 203.2.38.0/24 maxlen: 24 203.2.39.0/24 maxlen: 24 203.2.40.0/22 maxlen: 22 203.2.41.0/24 maxlen: 24 203.2.44.0/22 maxlen: 22 203.2.48.0/22 maxlen: 22 203.2.60.0/24 maxlen: 24 203.2.61.0/24 maxlen: 24 203.15.154.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A911945B/3ACF70C017FD11EF8C083063C4F9AE02/6zLfknQ0rG06hoR937o9LoEAETE.crl rsync://rpki.apnic.net/member_repository/A911945B/3ACF70C017FD11EF8C083063C4F9AE02/6zLfknQ0rG06hoR937o9LoEAETE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6zLfknQ0rG06hoR937o9LoEAETE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Oct 2024 05:56:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5 (0x5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A911945B/serialNumber=EB32DF927434AC6D3A86847DDFBA3D2E81001131 Validity Not Before: May 23 11:06:21 2024 GMT Not After : Mar 2 00:00:00 2025 GMT Subject: CN=664f232c-d87a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:e2:83:86:62:e2:53:d8:14:74:c3:89:58:88: 35:1e:e0:30:ba:a3:c0:2d:37:0c:04:64:88:4a:fd: 74:64:55:a9:63:24:d7:db:f3:01:ed:5e:4a:a6:6c: 5c:85:f1:0e:2d:b2:ea:a2:fd:60:99:42:bf:1c:17: c8:a3:0c:cf:c4:bf:16:51:0e:e4:97:87:54:d8:e6: e6:0e:2b:22:2d:57:e6:84:55:6a:24:7a:ae:88:2b: e1:8e:fa:0a:5d:b2:02:ff:72:4e:c5:08:c6:28:88: 57:14:89:86:74:cc:53:6c:4f:e3:b1:c1:b6:42:0e: 16:2b:0a:77:bb:b1:31:bc:e8:75:af:fb:e9:d3:f7: 4a:d4:a9:87:7e:03:14:55:a1:53:23:3e:87:f5:23: be:3c:08:63:57:51:38:c7:6f:28:2f:37:03:56:0d: 8a:30:ab:54:c4:36:bf:8c:5a:f0:d8:d1:67:d0:aa: ce:0e:d0:1e:7b:32:1a:5d:de:6d:4d:04:37:8b:f1: 16:e2:8b:fa:e5:18:f6:05:f8:7b:0f:1a:61:cb:cb: 5d:10:40:fb:ed:ad:04:eb:2d:a7:ef:ec:0e:49:af: f0:46:39:14:22:b4:9d:54:fa:1f:13:19:29:08:f3: f4:4a:0b:60:03:9c:8a:45:3f:70:35:0c:b2:8c:ae: 7b:a9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AE:36:B1:39:25:BB:9A:03:51:D0:D4:50:94:16:30:54:8C:4A:93:F2 X509v3 Authority Key Identifier: keyid:EB:32:DF:92:74:34:AC:6D:3A:86:84:7D:DF:BA:3D:2E:81:00:11:31 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A911945B/3ACF70C017FD11EF8C083063C4F9AE02/6zLfknQ0rG06hoR937o9LoEAETE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6zLfknQ0rG06hoR937o9LoEAETE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911945B/3ACF70C017FD11EF8C083063C4F9AE02/C562775017FD11EF9A320864C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 203.2.32.0-203.2.51.255 203.2.60.0/23 203.15.154.0/24 Signature Algorithm: sha256WithRSAEncryption 25:f6:ab:07:3a:62:00:2e:b7:ac:54:75:ae:1f:e7:fe:be:44: f8:02:fb:20:76:ff:63:79:a4:ab:26:38:a3:2b:63:bc:5f:f9: 0d:e0:bb:08:6d:c1:53:f7:30:6e:11:b1:94:6f:78:15:e9:09: 1d:fe:c4:e5:34:a7:96:07:6b:4a:7b:c6:9a:f6:4d:4e:07:ae: fa:48:d8:a2:64:f4:62:43:65:fa:48:0f:63:fb:f6:76:19:d4: 19:b1:1c:77:68:51:6a:cf:bf:61:92:ea:90:67:4b:0e:a3:75: c9:ef:eb:2e:ea:61:bb:69:1c:90:bc:95:87:5f:49:39:da:e9: d2:2f:1d:88:63:c2:1d:75:c9:3c:18:89:71:2a:5c:6c:22:d0: ba:5e:df:bc:67:54:95:8a:c0:5e:3d:12:f7:5d:d7:e3:24:18: c9:a5:6c:a1:de:36:87:29:e7:c5:f8:7a:85:86:87:c9:fc:ec: 0c:a3:09:50:e2:63:89:cc:42:72:eb:a7:30:a8:cd:bb:1c:50: a5:e2:34:35:b8:9a:0f:c3:6c:35:84:ce:f0:6f:bb:81:2a:f0: 7f:d8:eb:c9:cc:da:57:5e:67:72:8d:c5:85:ea:1c:bb:a4:67: 0c:d8:25:6d:b0:9c:0c:cb:40:62:72:50:a9:e8:b3:b0:84:94: 01:03:d8:98 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgIBBTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEx OTQ1QjExMC8GA1UEBRMoRUIzMkRGOTI3NDM0QUM2RDNBODY4NDdEREZCQTNEMkU4 MTAwMTEzMTAeFw0yNDA1MjMxMTA2MjFaFw0yNTAzMDIwMDAwMDBaMBgxFjAUBgNV BAMTDTY2NGYyMzJjLWQ4N2EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQC64oOGYuJT2BR0w4lYiDUe4DC6o8AtNwwEZIhK/XRkValjJNfb8wHtXkqmbFyF 8Q4tsuqi/WCZQr8cF8ijDM/EvxZRDuSXh1TY5uYOKyItV+aEVWokeq6IK+GO+gpd sgL/ck7FCMYoiFcUiYZ0zFNsT+OxwbZCDhYrCne7sTG86HWv++nT90rUqYd+AxRV oVMjPof1I748CGNXUTjHbygvNwNWDYowq1TENr+MWvDY0WfQqs4O0B57Mhpd3m1N BDeL8Rbii/rlGPYF+HsPGmHLy10QQPvtrQTrLafv7A5Jr/BGORQitJ1U+h8TGSkI 8/RKC2ADnIpFP3A1DLKMrnupAgMBAAGjggKpMIICpTAdBgNVHQ4EFgQUrjaxOSW7 mgNR0NRQlBYwVIxKk/IwHwYDVR0jBBgwFoAU6zLfknQ0rG06hoR937o9LoEAETEw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTE5NDVCLzNBQ0Y3MEMwMTdG RDExRUY4QzA4MzA2M0M0RjlBRTAyLzZ6TGZrblEwckcwNmhvUjkzN285TG9FQUVU RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvNnpMZmtuUTByRzA2aG9SOTM3bzlMb0VBRVRFLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx OTQ1Qi8zQUNGNzBDMDE3RkQxMUVGOEMwODMwNjNDNEY5QUUwMi9DNTYyNzc1MDE3 RkQxMUVGOUEzMjA4NjRDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAzBggrBgEFBQcBBwEB/wQk MCIwIAQCAAEwGjAMAwQFywIgAwQCywIwAwQBywI8AwQAyw+aMA0GCSqGSIb3DQEB CwUAA4IBAQAl9qsHOmIALresVHWuH+f+vkT4Avsgdv9jeaSrJjijK2O8X/kN4LsI bcFT9zBuEbGUb3gV6Qkd/sTlNKeWB2tKe8aa9k1OB676SNiiZPRiQ2X6SA9j+/Z2 GdQZsRx3aFFqz79hkuqQZ0sOo3XJ7+su6mG7aRyQvJWHX0k52unSLx2IY8Iddck8 GIlxKlxsItC6Xt+8Z1SVisBePRL3XdfjJBjJpWyh3jaHKefF+HqFhofJ/OwMowlQ 4mOJzEJy66cwqM27HFCl4jQ1uJoPw2w1hM7wb7uBKvB/2OvJzNpXXmdyjcWF6hy7 pGcM2CVtsJwMy0BiclCp6LOwhJQBA9iY -----END CERTIFICATE-----Generated at Fri Sep 27 08:33:11 2024 by rpki-client on console-ams.rpki-client.org