$ rpki-client -vvf rpki.apnic.net/member_repository/A915D03A/1B647710924611E79AAEBE10C4F9AE02/CF2F506C8A0F11EA9DFF7F19C4F9AE02.roa File: CF2F506C8A0F11EA9DFF7F19C4F9AE02.roa (raw, json) Hash identifier: djt5TLaKidNDztcfhxk3d43z8sv//m5Jlr1NozSa0zs= Subject key identifier: FC:F4:D4:33:57:D0:BD:73:13:23:B6:BC:C6:DD:E0:24:0C:A7:51:42 Certificate issuer: /CN=A915D03A/serialNumber=615ED84C44E657F7095E0212AFEA052C542A0D91 Certificate serial: 184C Authority key identifier: 61:5E:D8:4C:44:E6:57:F7:09:5E:02:12:AF:EA:05:2C:54:2A:0D:91 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YV7YTETmV_cJXgISr-oFLFQqDZE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A915D03A/1B647710924611E79AAEBE10C4F9AE02/CF2F506C8A0F11EA9DFF7F19C4F9AE02.roa Signing time: Tue 19 Mar 2024 12:26:30 +0000 ROA not before: Tue 19 Mar 2024 12:26:30 +0000 ROA not after: Sun 02 Mar 2025 00:00:00 +0000 asID: 0 IP address blocks: 43.249.212.0/22 maxlen: 22 114.141.72.0/21 maxlen: 21 202.9.70.0/23 maxlen: 23 202.74.62.0/23 maxlen: 23 2404:4e00:ff::/48 maxlen: 48 2404:4e00:6000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A915D03A/1B647710924611E79AAEBE10C4F9AE02/YV7YTETmV_cJXgISr-oFLFQqDZE.crl rsync://rpki.apnic.net/member_repository/A915D03A/1B647710924611E79AAEBE10C4F9AE02/YV7YTETmV_cJXgISr-oFLFQqDZE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YV7YTETmV_cJXgISr-oFLFQqDZE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 15 May 2024 02:42:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6220 (0x184c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A915D03A/serialNumber=615ED84C44E657F7095E0212AFEA052C542A0D91 Validity Not Before: Mar 19 12:26:30 2024 GMT Not After : Mar 2 00:00:00 2025 GMT Subject: CN=65f98476-faca Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:e1:9b:4c:21:f0:2e:80:b4:c9:35:9e:8f:80: 97:c8:7b:ee:7a:82:91:6f:bf:dc:df:0e:f6:b3:92: 27:98:9b:f8:21:5f:fb:01:cb:df:fd:d6:2a:49:2a: d6:50:33:36:df:d6:be:86:73:16:88:34:14:de:da: b0:c8:ce:1e:9d:9f:30:5e:37:41:36:35:cb:e4:eb: c9:8e:b0:0c:1d:9d:6e:07:fc:64:39:7a:bb:c9:85: 9f:f1:28:0a:11:cb:f7:7b:0f:91:19:4a:2e:7c:ee: 6b:d7:78:c1:07:b6:5a:23:ef:29:fc:cc:36:0a:fa: 4a:dc:c0:98:2c:91:a1:16:97:dd:16:6e:f6:86:a9: b3:b0:c2:80:d2:4b:38:7b:fa:c7:c4:cf:4d:97:ba: 94:3f:93:90:73:98:03:a9:e3:55:b2:47:ed:2c:a0: ca:b5:ce:99:8f:84:68:be:56:6e:e9:9c:b5:f1:a0: 7a:37:1a:47:c9:49:a0:ad:23:9e:46:b6:ed:2b:05: 08:8c:33:30:ca:52:c7:59:c3:14:32:c9:5f:c1:d6: ca:5e:01:51:0d:81:e2:30:8b:e6:f4:da:83:7d:5e: 68:86:3c:9a:1c:39:86:38:02:75:26:8a:3d:bc:dc: 2d:fd:9b:18:f1:6a:dc:f4:18:6b:36:38:1f:08:56: 5e:69 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FC:F4:D4:33:57:D0:BD:73:13:23:B6:BC:C6:DD:E0:24:0C:A7:51:42 X509v3 Authority Key Identifier: keyid:61:5E:D8:4C:44:E6:57:F7:09:5E:02:12:AF:EA:05:2C:54:2A:0D:91 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A915D03A/1B647710924611E79AAEBE10C4F9AE02/YV7YTETmV_cJXgISr-oFLFQqDZE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YV7YTETmV_cJXgISr-oFLFQqDZE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915D03A/1B647710924611E79AAEBE10C4F9AE02/CF2F506C8A0F11EA9DFF7F19C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.249.212.0/22 114.141.72.0/21 202.9.70.0/23 202.74.62.0/23 IPv6: 2404:4e00:ff::/48 2404:4e00:6000::/40 Signature Algorithm: sha256WithRSAEncryption ce:90:eb:0d:ed:c5:03:3b:52:e0:40:e8:35:8b:4c:a2:22:0c: e2:2f:74:a1:e4:6c:b0:24:e6:6b:77:a6:90:bd:61:11:88:d6: 98:be:33:d6:82:55:69:03:89:7d:64:4f:6f:7b:3e:33:34:9e: 39:4d:2c:ca:e6:30:9f:06:1b:88:f4:16:46:2f:6c:45:9e:ae: ab:b8:45:12:90:98:0a:e8:c0:51:75:03:e4:5f:6f:61:c8:70: 08:11:9d:cd:c4:ed:eb:7d:af:e1:18:8a:d7:05:52:7f:9b:87: 4d:7b:8b:e6:03:10:21:b3:bd:51:c9:c9:ab:e2:02:20:b5:2c: 9b:78:ff:26:fb:c8:95:79:c2:9f:b9:d7:2c:71:ce:c5:83:86: c4:f5:26:e5:1d:0d:f3:da:7a:0f:48:9f:a9:84:5d:3d:c3:5f: 44:80:43:07:fd:bb:db:ee:03:bf:8f:80:5e:7f:be:3a:ee:82: 99:68:99:85:00:c6:1f:6b:87:c0:e1:14:bd:0b:85:8d:cc:d7: 51:7b:88:75:55:ab:85:1a:9b:30:73:63:df:e2:98:64:da:4c: 65:7f:bf:79:aa:35:9a:1e:77:b2:9f:de:bf:59:d5:57:08:2d: 7c:dc:70:7b:02:3a:b3:d4:c1:be:8f:de:1d:bb:ce:7d:c6:82: 44:73:3e:06 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgICGEwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NUQwM0ExMTAvBgNVBAUTKDYxNUVEODRDNDRFNjU3RjcwOTVFMDIxMkFGRUEwNTJD NTQyQTBEOTEwHhcNMjQwMzE5MTIyNjMwWhcNMjUwMzAyMDAwMDAwWjAYMRYwFAYD VQQDEw02NWY5ODQ3Ni1mYWNhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEApeGbTCHwLoC0yTWej4CXyHvueoKRb7/c3w72s5InmJv4IV/7Acvf/dYqSSrW UDM239a+hnMWiDQU3tqwyM4enZ8wXjdBNjXL5OvJjrAMHZ1uB/xkOXq7yYWf8SgK Ecv3ew+RGUoufO5r13jBB7ZaI+8p/Mw2CvpK3MCYLJGhFpfdFm72hqmzsMKA0ks4 e/rHxM9Nl7qUP5OQc5gDqeNVskftLKDKtc6Zj4RovlZu6Zy18aB6NxpHyUmgrSOe RrbtKwUIjDMwylLHWcMUMslfwdbKXgFRDYHiMIvm9NqDfV5ohjyaHDmGOAJ1Joo9 vNwt/ZsY8Wrc9BhrNjgfCFZeaQIDAQABo4ICwDCCArwwHQYDVR0OBBYEFPz01DNX 0L1zEyO2vMbd4CQMp1FCMB8GA1UdIwQYMBaAFGFe2ExE5lf3CV4CEq/qBSxUKg2R MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1RDAzQS8xQjY0NzcxMDky NDYxMUU3OUFBRUJFMTBDNEY5QUUwMi9ZVjdZVEVUbVZfY0pYZ0lTci1vRkxGUXFE WkUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1lWN1lURVRtVl9jSlhnSVNyLW9GTEZRcURaRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NUQwM0EvMUI2NDc3MTA5MjQ2MTFFNzlBQUVCRTEwQzRGOUFFMDIvQ0YyRjUwNkM4 QTBGMTFFQTlERkY3RjE5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwSgYIKwYBBQUHAQcBAf8E OzA5MB4EAgABMBgDBAIr+dQDBANyjUgDBAHKCUYDBAHKSj4wFwQCAAIwEQMHACQE TgAA/wMGACQETgBgMA0GCSqGSIb3DQEBCwUAA4IBAQDOkOsN7cUDO1LgQOg1i0yi IgziL3Sh5GywJOZrd6aQvWERiNaYvjPWglVpA4l9ZE9vez4zNJ45TSzK5jCfBhuI 9BZGL2xFnq6ruEUSkJgK6MBRdQPkX29hyHAIEZ3NxO3rfa/hGIrXBVJ/m4dNe4vm AxAhs71Rycmr4gIgtSybeP8m+8iVecKfudcscc7Fg4bE9SblHQ3z2noPSJ+phF09 w19EgEMH/bvb7gO/j4Bef7467oKZaJmFAMYfa4fA4RS9C4WNzNdRe4h1VauFGpsw c2Pf4phk2kxlf795qjWaHneyn96/WdVXCC183HB7Ajqz1MG+j94du859xoJEcz4G -----END CERTIFICATE-----Generated at Wed May 8 18:13:57 2024 by rpki-client on console-fra.rpki-client.org