$ rpki-client -vvf rpki.apnic.net/member_repository/A917D7F2/F028903C1D8C11E2B19D5FEA08B02CD2/35FC192C272C11ED9E64C718C4F9AE02.roa File: 35FC192C272C11ED9E64C718C4F9AE02.roa (raw, json) Hash identifier: 9wMD+BTTp63JJ2ve8IGpNkKxbEpqVM4ugh2P4b3ccDo= Subject key identifier: 09:84:E2:96:74:18:D9:B6:04:24:81:67:C8:5A:2C:54:5E:65:93:51 Certificate issuer: /CN=A917D7F2/serialNumber=942D541DFE7982F6E01E6BCC976DC0CB8414E838 Certificate serial: 337B Authority key identifier: 94:2D:54:1D:FE:79:82:F6:E0:1E:6B:CC:97:6D:C0:CB:84:14:E8:38 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lC1UHf55gvbgHmvMl23Ay4QU6Dg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917D7F2/F028903C1D8C11E2B19D5FEA08B02CD2/35FC192C272C11ED9E64C718C4F9AE02.roa Signing time: Thu 30 Nov 2023 15:00:39 +0000 ROA not before: Thu 30 Nov 2023 15:00:39 +0000 ROA not after: Fri 31 Jan 2025 00:00:00 +0000 asID: 18119 IP address blocks: 43.255.24.0/22 maxlen: 22 103.29.246.0/23 maxlen: 23 103.239.8.0/22 maxlen: 22 114.110.32.0/21 maxlen: 21 202.21.136.0/23 maxlen: 23 202.49.249.0/24 maxlen: 24 202.61.2.0/23 maxlen: 23 2001:4428::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917D7F2/F028903C1D8C11E2B19D5FEA08B02CD2/lC1UHf55gvbgHmvMl23Ay4QU6Dg.crl rsync://rpki.apnic.net/member_repository/A917D7F2/F028903C1D8C11E2B19D5FEA08B02CD2/lC1UHf55gvbgHmvMl23Ay4QU6Dg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lC1UHf55gvbgHmvMl23Ay4QU6Dg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 07 Jun 2024 14:41:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13179 (0x337b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917D7F2/serialNumber=942D541DFE7982F6E01E6BCC976DC0CB8414E838 Validity Not Before: Nov 30 15:00:39 2023 GMT Not After : Jan 31 00:00:00 2025 GMT Subject: CN=6568a397-b458 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:a8:fa:90:bb:4f:52:80:ee:39:68:22:03:78: 78:26:38:a4:97:85:c0:a2:ed:97:65:59:ba:55:43: 72:b1:08:ce:de:3a:60:f5:bc:9e:11:10:a5:03:db: f8:83:4c:1d:9a:4d:a8:17:99:4a:be:21:af:09:77: c6:87:56:85:99:82:ba:1b:37:96:28:e5:71:e6:05: 71:33:c7:4a:10:cc:68:81:50:68:a3:e1:8d:00:ff: 6a:b8:2f:26:69:87:12:52:6d:46:db:88:ef:aa:f4: f0:94:b8:8e:d6:b7:f7:d0:97:ec:fd:8f:bb:03:5a: f0:c0:2c:9d:60:75:21:88:9f:b6:d2:b7:c8:ed:8c: 9b:01:d0:be:84:a4:ea:5c:15:99:24:3a:8d:73:c3: 0c:ff:70:82:8b:37:56:11:0d:e8:9a:f6:a4:ff:ed: d0:f5:80:7d:9d:03:da:1e:68:2e:a1:6a:14:da:3e: a2:29:9d:b7:bf:2c:b9:31:cf:9f:c2:cd:85:7c:cf: 4d:d9:34:e1:19:f4:8c:e8:58:87:15:47:e3:90:aa: a7:2a:fd:00:24:1d:7d:65:c4:7d:bb:31:47:84:0e: c4:d0:09:0c:3d:a3:7c:54:8c:27:bb:42:31:74:3f: 4c:ef:8e:16:3c:06:5a:d4:53:ae:f6:59:83:ee:80: b8:35 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 09:84:E2:96:74:18:D9:B6:04:24:81:67:C8:5A:2C:54:5E:65:93:51 X509v3 Authority Key Identifier: keyid:94:2D:54:1D:FE:79:82:F6:E0:1E:6B:CC:97:6D:C0:CB:84:14:E8:38 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917D7F2/F028903C1D8C11E2B19D5FEA08B02CD2/lC1UHf55gvbgHmvMl23Ay4QU6Dg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lC1UHf55gvbgHmvMl23Ay4QU6Dg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917D7F2/F028903C1D8C11E2B19D5FEA08B02CD2/35FC192C272C11ED9E64C718C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.255.24.0/22 103.29.246.0/23 103.239.8.0/22 114.110.32.0/21 202.21.136.0/23 202.49.249.0/24 202.61.2.0/23 IPv6: 2001:4428::/32 Signature Algorithm: sha256WithRSAEncryption 5b:8f:fa:ba:a9:59:e8:01:a8:eb:db:6d:f8:68:c6:61:b6:b3: 70:d8:79:22:72:02:4d:b2:e9:6f:b0:86:74:63:32:21:1b:49: 09:38:21:7d:7c:03:a7:6b:14:28:55:ac:db:c2:ee:df:54:ca: eb:ee:69:cf:db:96:b1:db:7e:a9:5f:aa:dc:b4:d7:4e:91:a5: 34:7a:bb:e7:68:aa:70:5a:2f:e0:28:39:1c:31:bf:b6:8c:0b: a4:85:12:12:42:c0:e8:df:fa:2d:fe:83:9f:76:08:8c:45:8b: 49:bb:58:cf:be:77:00:62:9c:b1:72:0e:89:34:81:68:1e:58: 09:45:8c:fd:a2:2f:ad:39:40:e4:c4:c6:81:69:9d:c4:ce:b4: 54:10:b7:e7:80:8d:f2:b7:2d:aa:e5:d1:fb:8f:4f:02:9f:f7: 44:82:2e:f1:84:a0:e3:4e:dc:6c:bc:42:b1:fc:e8:57:72:2e: 30:08:69:12:d6:ac:f1:29:07:36:2f:31:14:04:21:d0:c4:29: 4f:b1:78:0f:12:86:f8:1c:c5:4d:c5:c7:85:d0:9d:61:b0:15: 03:9e:ba:85:98:71:f8:c2:6f:b9:c9:c8:8d:69:c7:2f:23:6c: a6:a9:e8:8c:bc:c3:a0:9d:e5:2d:0f:dd:a2:fa:21:cb:21:a2: 2e:f8:02:3f -----BEGIN CERTIFICATE----- MIIFpDCCBIygAwIBAgICM3swDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0Q3RjIxMTAvBgNVBAUTKDk0MkQ1NDFERkU3OTgyRjZFMDFFNkJDQzk3NkRDMENC ODQxNEU4MzgwHhcNMjMxMTMwMTUwMDM5WhcNMjUwMTMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NTY4YTM5Ny1iNDU4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxKj6kLtPUoDuOWgiA3h4Jjikl4XAou2XZVm6VUNysQjO3jpg9byeERClA9v4 g0wdmk2oF5lKviGvCXfGh1aFmYK6GzeWKOVx5gVxM8dKEMxogVBoo+GNAP9quC8m aYcSUm1G24jvqvTwlLiO1rf30Jfs/Y+7A1rwwCydYHUhiJ+20rfI7YybAdC+hKTq XBWZJDqNc8MM/3CCizdWEQ3omvak/+3Q9YB9nQPaHmguoWoU2j6iKZ23vyy5Mc+f ws2FfM9N2TThGfSM6FiHFUfjkKqnKv0AJB19ZcR9uzFHhA7E0AkMPaN8VIwnu0Ix dD9M744WPAZa1FOu9lmD7oC4NQIDAQABo4ICyDCCAsQwHQYDVR0OBBYEFAmE4pZ0 GNm2BCSBZ8haLFReZZNRMB8GA1UdIwQYMBaAFJQtVB3+eYL24B5rzJdtwMuEFOg4 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3RDdGMi9GMDI4OTAzQzFE OEMxMUUyQjE5RDVGRUEwOEIwMkNEMi9sQzFVSGY1NWd2YmdIbXZNbDIzQXk0UVU2 RGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2xDMVVIZjU1Z3ZiZ0htdk1sMjNBeTRRVTZEZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx N0Q3RjIvRjAyODkwM0MxRDhDMTFFMkIxOUQ1RkVBMDhCMDJDRDIvMzVGQzE5MkMy NzJDMTFFRDlFNjRDNzE4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwUgYIKwYBBQUHAQcBAf8E QzBBMDAEAgABMCoDBAIr/xgDBAFnHfYDBAJn7wgDBANybiADBAHKFYgDBADKMfkD BAHKPQIwDQQCAAIwBwMFACABRCgwDQYJKoZIhvcNAQELBQADggEBAFuP+rqpWegB qOvbbfhoxmG2s3DYeSJyAk2y6W+whnRjMiEbSQk4IX18A6drFChVrNvC7t9Uyuvu ac/blrHbfqlfqty0106RpTR6u+doqnBaL+AoORwxv7aMC6SFEhJCwOjf+i3+g592 CIxFi0m7WM++dwBinLFyDok0gWgeWAlFjP2iL605QOTExoFpncTOtFQQt+eAjfK3 Larl0fuPTwKf90SCLvGEoONO3Gy8QrH86FdyLjAIaRLWrPEpBzYvMRQEIdDEKU+x eA8ShvgcxU3Fx4XQnWGwFQOeuoWYcfjCb7nJyI1pxy8jbKap6Iy8w6Cd5S0P3aL6 Icshoi74Aj8= -----END CERTIFICATE-----Generated at Fri May 31 17:44:25 2024 by rpki-client on console-fra.rpki-client.org