$ rpki-client -vvf rpki.apnic.net/member_repository/A91955C8/9CD3E8F6FF5811E2BB4B2E3F5911EA32/E6B6BC0AE02E11EAA16EAA59C4F9AE02.roa File: E6B6BC0AE02E11EAA16EAA59C4F9AE02.roa (raw, json) Hash identifier: PXdJkWNxL0C8ezvM4V8PU0QpElSJqET+Lz8pr56x7DU= Subject key identifier: 17:D2:46:8F:19:8E:5A:32:A1:44:9C:55:5B:DB:65:9C:CB:81:0A:6C Certificate issuer: /CN=A91955C8/serialNumber=C6673D3648F43F4674F5F5EBFCBFA31BB964F64B Certificate serial: 2FCA Authority key identifier: C6:67:3D:36:48:F4:3F:46:74:F5:F5:EB:FC:BF:A3:1B:B9:64:F6:4B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xmc9Nkj0P0Z09fXr_L-jG7lk9ks.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91955C8/9CD3E8F6FF5811E2BB4B2E3F5911EA32/E6B6BC0AE02E11EAA16EAA59C4F9AE02.roa Signing time: Tue 30 Apr 2024 15:52:59 +0000 ROA not before: Tue 30 Apr 2024 15:52:59 +0000 ROA not after: Tue 01 Jul 2025 00:00:00 +0000 asID: 40009 IP address blocks: 120.29.192.0/23 maxlen: 23 120.29.196.0/24 maxlen: 24 120.29.197.0/24 maxlen: 24 120.29.198.0/23 maxlen: 23 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91955C8/9CD3E8F6FF5811E2BB4B2E3F5911EA32/xmc9Nkj0P0Z09fXr_L-jG7lk9ks.crl rsync://rpki.apnic.net/member_repository/A91955C8/9CD3E8F6FF5811E2BB4B2E3F5911EA32/xmc9Nkj0P0Z09fXr_L-jG7lk9ks.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xmc9Nkj0P0Z09fXr_L-jG7lk9ks.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 23 May 2024 15:45:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 12234 (0x2fca) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91955C8/serialNumber=C6673D3648F43F4674F5F5EBFCBFA31BB964F64B Validity Not Before: Apr 30 15:52:59 2024 GMT Not After : Jul 1 00:00:00 2025 GMT Subject: CN=663113db-2f0b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:da:0d:63:37:47:e8:6b:ee:fe:7b:ee:ed:54: 05:a9:7c:76:ac:41:22:c3:9f:da:a9:cd:79:e5:2b: 25:e7:6b:4c:a1:33:85:91:02:34:0b:19:30:66:79: 03:2c:80:96:de:df:ba:35:eb:6f:85:3d:32:24:f6: f4:b1:c4:b2:07:79:a9:37:31:b1:a0:0d:6b:e0:78: 2f:a7:d6:70:40:87:59:f5:92:95:95:6c:8d:01:16: 8f:a8:2f:af:6d:dc:61:00:24:f5:4e:1a:d6:43:0c: fe:96:83:66:8d:fd:2f:df:70:96:d6:cf:4d:ba:50: 5b:ae:18:6d:e7:e1:43:a0:77:f2:29:d8:bf:61:b5: 13:31:e3:1a:60:fc:e8:1d:3c:19:60:d9:c3:49:0f: c2:a7:70:bb:74:62:ed:30:55:21:a5:c7:da:30:c3: ce:05:31:5f:0d:69:b4:0c:47:4b:c6:1c:98:02:2e: 0b:30:16:67:7d:0f:d6:12:02:b7:60:87:f6:a5:46: bc:69:11:39:0d:a3:8c:3f:67:85:d6:34:d8:ac:e3: 22:a4:52:be:03:03:8d:a4:31:66:7e:d6:d0:eb:b7: 70:33:2c:28:99:05:d5:3a:1f:48:15:6d:cf:84:7c: b2:40:09:68:65:23:6d:ae:f6:6a:3a:96:79:be:29: 81:87 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 17:D2:46:8F:19:8E:5A:32:A1:44:9C:55:5B:DB:65:9C:CB:81:0A:6C X509v3 Authority Key Identifier: keyid:C6:67:3D:36:48:F4:3F:46:74:F5:F5:EB:FC:BF:A3:1B:B9:64:F6:4B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91955C8/9CD3E8F6FF5811E2BB4B2E3F5911EA32/xmc9Nkj0P0Z09fXr_L-jG7lk9ks.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xmc9Nkj0P0Z09fXr_L-jG7lk9ks.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91955C8/9CD3E8F6FF5811E2BB4B2E3F5911EA32/E6B6BC0AE02E11EAA16EAA59C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 120.29.192.0/23 120.29.196.0/22 Signature Algorithm: sha256WithRSAEncryption 02:58:0e:3c:e1:14:22:87:4c:9a:d2:5a:ef:45:80:a6:d9:37: a7:7d:70:f4:72:a6:e0:ff:4f:cd:d9:5d:84:9a:89:b7:79:d0: 36:8d:96:68:34:cf:7b:3d:87:00:c2:9d:ae:26:ca:97:c7:aa: 99:f2:fd:e7:fd:52:99:fa:2e:df:81:f0:e9:70:7b:22:c2:be: 2b:31:27:1d:c2:72:92:df:bd:2a:37:df:18:3d:22:1d:e7:f5: 71:85:4c:85:66:3d:6f:06:7b:47:5c:17:89:39:30:18:59:4a: 21:7d:c9:0f:af:8c:95:48:ee:38:01:38:b9:ca:1b:c5:77:4e: 2c:a7:0a:e6:23:df:32:de:86:e0:11:50:de:ba:94:99:46:ec: 2b:1b:fc:75:f1:0a:b6:55:3c:b9:5e:82:e8:ac:4d:96:3c:f8: 97:13:46:7c:7b:37:47:36:0a:a7:f7:97:92:33:cf:c4:bc:eb: 06:94:2e:ab:fa:b8:33:06:f5:ec:91:74:22:08:e9:47:32:77: 9d:84:3d:ed:15:0e:d8:b8:fa:77:af:7c:92:6b:89:e1:8b:43: 05:3c:8f:da:fb:0b:a9:99:ee:ff:e7:e5:6f:ed:07:5a:9e:0d: 2f:06:f6:58:fd:f4:55:98:66:5d:91:2b:44:0d:e8:e4:32:2c: 5f:39:00:70 -----BEGIN CERTIFICATE----- MIIFdzCCBF+gAwIBAgICL8owDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OTU1QzgxMTAvBgNVBAUTKEM2NjczRDM2NDhGNDNGNDY3NEY1RjVFQkZDQkZBMzFC Qjk2NEY2NEIwHhcNMjQwNDMwMTU1MjU5WhcNMjUwNzAxMDAwMDAwWjAYMRYwFAYD VQQDEw02NjMxMTNkYi0yZjBiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAx9oNYzdH6Gvu/nvu7VQFqXx2rEEiw5/aqc155Ssl52tMoTOFkQI0CxkwZnkD LICW3t+6NetvhT0yJPb0scSyB3mpNzGxoA1r4Hgvp9ZwQIdZ9ZKVlWyNARaPqC+v bdxhACT1ThrWQwz+loNmjf0v33CW1s9NulBbrhht5+FDoHfyKdi/YbUTMeMaYPzo HTwZYNnDSQ/Cp3C7dGLtMFUhpcfaMMPOBTFfDWm0DEdLxhyYAi4LMBZnfQ/WEgK3 YIf2pUa8aRE5DaOMP2eF1jTYrOMipFK+AwONpDFmftbQ67dwMywomQXVOh9IFW3P hHyyQAloZSNtrvZqOpZ5vimBhwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFBfSRo8Z jloyoUScVVvbZZzLgQpsMB8GA1UdIwQYMBaAFMZnPTZI9D9GdPX16/y/oxu5ZPZL MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5NTVDOC85Q0QzRThGNkZG NTgxMUUyQkI0QjJFM0Y1OTExRUEzMi94bWM5TmtqMFAwWjA5ZlhyX0wtakc3bGs5 a3MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3htYzlOa2owUDBaMDlmWHJfTC1qRzdsazlrcy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx OTU1QzgvOUNEM0U4RjZGRjU4MTFFMkJCNEIyRTNGNTkxMUVBMzIvRTZCNkJDMEFF MDJFMTFFQUExNkVBQTU5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E FjAUMBIEAgABMAwDBAF4HcADBAJ4HcQwDQYJKoZIhvcNAQELBQADggEBAAJYDjzh FCKHTJrSWu9FgKbZN6d9cPRypuD/T83ZXYSaibd50DaNlmg0z3s9hwDCna4mypfH qpny/ef9Upn6Lt+B8OlweyLCvisxJx3CcpLfvSo33xg9Ih3n9XGFTIVmPW8Ge0dc F4k5MBhZSiF9yQ+vjJVI7jgBOLnKG8V3TiynCuYj3zLehuARUN66lJlG7Csb/HXx CrZVPLleguisTZY8+JcTRnx7N0c2Cqf3l5Izz8S86waULqv6uDMG9eyRdCII6Ucy d52EPe0VDti4+nevfJJrieGLQwU8j9r7C6mZ7v/n5W/tB1qeDS8G9lj99FWYZl2R K0QN6OQyLF85AHA= -----END CERTIFICATE-----Generated at Thu May 16 17:51:49 2024 by rpki-client on console-ams.rpki-client.org