$ rpki-client -vvf rpki.apnic.net/member_repository/A9193037/940E46B4AABC11EAB106C176C4F9AE02/D9C523A0B05A11EAA233021EC4F9AE02.roa File: D9C523A0B05A11EAA233021EC4F9AE02.roa (raw, json) Hash identifier: d7eZQhXl7uffo6qAEcA6YYcZjXgyj7hlZJtD1IB1s1s= Subject key identifier: 3A:DD:48:DB:DD:4B:41:AD:D8:57:F1:65:35:3B:E9:AB:8F:6C:B8:58 Certificate issuer: /CN=A9193037/serialNumber=CA955914F98B2FC916A4512DA72AB75A11C52BD0 Certificate serial: 081C Authority key identifier: CA:95:59:14:F9:8B:2F:C9:16:A4:51:2D:A7:2A:B7:5A:11:C5:2B:D0 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ypVZFPmLL8kWpFEtpyq3WhHFK9A.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9193037/940E46B4AABC11EAB106C176C4F9AE02/D9C523A0B05A11EAA233021EC4F9AE02.roa Signing time: Thu 14 Mar 2024 21:40:16 +0000 ROA not before: Thu 14 Mar 2024 21:40:16 +0000 ROA not after: Wed 28 May 2025 00:00:00 +0000 asID: 38473 IP address blocks: 202.20.102.0/24 maxlen: 24 202.20.103.0/24 maxlen: 24 202.20.104.0/24 maxlen: 24 2001:df0:77::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9193037/940E46B4AABC11EAB106C176C4F9AE02/ypVZFPmLL8kWpFEtpyq3WhHFK9A.crl rsync://rpki.apnic.net/member_repository/A9193037/940E46B4AABC11EAB106C176C4F9AE02/ypVZFPmLL8kWpFEtpyq3WhHFK9A.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ypVZFPmLL8kWpFEtpyq3WhHFK9A.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 07 Jun 2024 22:31:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2076 (0x81c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9193037/serialNumber=CA955914F98B2FC916A4512DA72AB75A11C52BD0 Validity Not Before: Mar 14 21:40:16 2024 GMT Not After : May 28 00:00:00 2025 GMT Subject: CN=65f36ec0-a621 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:91:36:bd:72:8a:0f:6d:b2:84:b8:e4:01:4d: ad:1a:27:c9:5b:53:67:8a:29:45:73:00:93:68:8c: d4:13:9a:92:e7:b2:e7:8d:d3:75:eb:0e:48:73:d3: d0:13:2a:4c:6a:26:5b:b1:7f:99:c7:93:60:03:d4: c9:ba:3a:d5:06:f2:a8:1a:a4:c8:71:e3:68:a4:ca: f9:33:ab:6a:8e:ca:79:bc:cb:1e:9b:84:c5:73:d1: c4:c6:90:c6:dd:6b:dc:6f:de:46:1e:bd:63:d3:c8: 05:32:8f:4c:65:48:95:60:c3:a4:18:90:d6:e4:f2: bf:cb:ec:55:f9:34:fd:bb:73:fe:80:d5:08:ce:cc: c7:02:d1:41:cb:d2:bb:f8:a5:7d:86:e2:8c:35:a9: 93:f7:99:8a:a7:be:f8:53:cb:a0:9c:1a:29:b8:4a: dd:93:f9:e4:8b:ab:d3:47:4b:81:ac:96:ae:96:14: 37:0b:b1:f8:58:41:c9:27:e3:fe:99:51:a4:9f:2e: a0:fa:a3:1c:28:fd:50:30:80:56:ba:f2:35:c0:e9: c1:2a:ba:63:d5:31:48:28:c7:ab:0d:e9:05:a1:0e: 31:45:87:73:5a:40:24:34:da:b8:7c:cb:e5:78:53: 13:75:20:04:0e:ad:27:32:5e:bd:08:a3:c6:25:c2: ae:a9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3A:DD:48:DB:DD:4B:41:AD:D8:57:F1:65:35:3B:E9:AB:8F:6C:B8:58 X509v3 Authority Key Identifier: keyid:CA:95:59:14:F9:8B:2F:C9:16:A4:51:2D:A7:2A:B7:5A:11:C5:2B:D0 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9193037/940E46B4AABC11EAB106C176C4F9AE02/ypVZFPmLL8kWpFEtpyq3WhHFK9A.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ypVZFPmLL8kWpFEtpyq3WhHFK9A.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9193037/940E46B4AABC11EAB106C176C4F9AE02/D9C523A0B05A11EAA233021EC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 202.20.102.0-202.20.104.255 IPv6: 2001:df0:77::/48 Signature Algorithm: sha256WithRSAEncryption 7d:43:31:3b:e4:d7:c2:64:19:e6:d9:3e:57:e9:8a:b6:a5:b8: de:d7:5d:30:97:e4:d1:ee:56:9b:15:a1:05:67:38:3e:d3:a8: 5d:c9:eb:c2:b9:e6:dd:7f:60:f7:de:75:4d:ae:b2:df:92:2d: 18:66:df:55:f5:9a:5b:ff:35:ec:92:21:b7:08:e7:9c:c8:e0: a7:35:e8:1b:88:cc:69:68:f8:53:b2:9a:ee:4f:4e:56:d1:60: 11:13:23:d3:de:eb:df:3e:3f:fd:fa:23:76:61:f0:7f:f4:4a: 11:1d:44:98:bd:89:52:94:84:54:f5:fc:76:05:b9:ae:f1:74: f3:80:b8:aa:b0:9c:63:b2:5e:af:68:31:6f:4d:25:28:f4:c1: 78:f8:70:92:69:b7:ad:11:a2:90:17:cc:01:39:20:6e:48:4d: 45:ed:21:c7:45:e7:e3:61:bb:4e:95:2a:22:9a:7d:31:7b:fc: 2f:fb:88:d5:5b:1a:29:7b:cc:65:e9:90:f1:5d:b0:6e:4d:86: 77:61:20:a6:34:79:b6:33:dd:49:9c:9b:7a:ed:df:97:c0:ff: 54:09:13:ec:85:3c:88:40:a6:da:71:4f:40:29:fc:5c:aa:fa: de:a2:10:d4:a8:fa:29:4e:b1:88:5e:a0:a8:0a:22:56:54:ae: b4:37:a8:98 -----BEGIN CERTIFICATE----- MIIFijCCBHKgAwIBAgICCBwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OTMwMzcxMTAvBgNVBAUTKENBOTU1OTE0Rjk4QjJGQzkxNkE0NTEyREE3MkFCNzVB MTFDNTJCRDAwHhcNMjQwMzE0MjE0MDE2WhcNMjUwNTI4MDAwMDAwWjAYMRYwFAYD VQQDEw02NWYzNmVjMC1hNjIxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEApZE2vXKKD22yhLjkAU2tGifJW1NniilFcwCTaIzUE5qS57LnjdN16w5Ic9PQ EypMaiZbsX+Zx5NgA9TJujrVBvKoGqTIceNopMr5M6tqjsp5vMsem4TFc9HExpDG 3Wvcb95GHr1j08gFMo9MZUiVYMOkGJDW5PK/y+xV+TT9u3P+gNUIzszHAtFBy9K7 +KV9huKMNamT95mKp774U8ugnBopuErdk/nki6vTR0uBrJaulhQ3C7H4WEHJJ+P+ mVGkny6g+qMcKP1QMIBWuvI1wOnBKrpj1TFIKMerDekFoQ4xRYdzWkAkNNq4fMvl eFMTdSAEDq0nMl69CKPGJcKuqQIDAQABo4ICrjCCAqowHQYDVR0OBBYEFDrdSNvd S0Gt2FfxZTU76auPbLhYMB8GA1UdIwQYMBaAFMqVWRT5iy/JFqRRLacqt1oRxSvQ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5MzAzNy85NDBFNDZCNEFB QkMxMUVBQjEwNkMxNzZDNEY5QUUwMi95cFZaRlBtTEw4a1dwRkV0cHlxM1doSEZL OUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3lwVlpGUG1MTDhrV3BGRXRweXEzV2hIRks5QS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx OTMwMzcvOTQwRTQ2QjRBQUJDMTFFQUIxMDZDMTc2QzRGOUFFMDIvRDlDNTIzQTBC MDVBMTFFQUEyMzMwMjFFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOAYIKwYBBQUHAQcBAf8E KTAnMBQEAgABMA4wDAMEAcoUZgMEAMoUaDAPBAIAAjAJAwcAIAEN8AB3MA0GCSqG SIb3DQEBCwUAA4IBAQB9QzE75NfCZBnm2T5X6Yq2pbje110wl+TR7labFaEFZzg+ 06hdyevCuebdf2D33nVNrrLfki0YZt9V9Zpb/zXskiG3COecyOCnNegbiMxpaPhT spruT05W0WAREyPT3uvfPj/9+iN2YfB/9EoRHUSYvYlSlIRU9fx2Bbmu8XTzgLiq sJxjsl6vaDFvTSUo9MF4+HCSabetEaKQF8wBOSBuSE1F7SHHRefjYbtOlSoimn0x e/wv+4jVWxope8xl6ZDxXbBuTYZ3YSCmNHm2M91JnJt67d+XwP9UCRPshTyIQKba cU9AKfxcqvreohDUqPopTrGIXqCoCiJWVK60N6iY -----END CERTIFICATE-----Generated at Fri May 31 23:53:07 2024 by rpki-client on console-fra.rpki-client.org