$ rpki-client -vvf rpki.apnic.net/member_repository/A9197227/4FCF568E7B0711EB9AF84384C4F9AE02/AE2B714A72E911EEA3EFD34AC4F9AE02.roa File: AE2B714A72E911EEA3EFD34AC4F9AE02.roa (raw, json) Hash identifier: BoGn+23V2+HWaWJely/+yxh6o2gncRPgyL82FJ6K9WE= Subject key identifier: 8E:F9:1E:7B:9B:25:DE:48:1E:35:C2:5C:B7:D9:DB:7B:EA:07:21:F6 Certificate issuer: /CN=A9197227/serialNumber=2659CED1527D2CABD8B2C53075ECCD94ED71FE98 Certificate serial: 0575 Authority key identifier: 26:59:CE:D1:52:7D:2C:AB:D8:B2:C5:30:75:EC:CD:94:ED:71:FE:98 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JlnO0VJ9LKvYssUwdezNlO1x_pg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9197227/4FCF568E7B0711EB9AF84384C4F9AE02/AE2B714A72E911EEA3EFD34AC4F9AE02.roa Signing time: Wed 25 Oct 2023 03:50:47 +0000 ROA not before: Wed 25 Oct 2023 03:50:47 +0000 ROA not after: Sat 31 Aug 2024 00:00:00 +0000 asID: 17635 IP address blocks: 203.14.105.0/24 maxlen: 24 203.57.128.0/20 maxlen: 24 2406:9680::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9197227/4FCF568E7B0711EB9AF84384C4F9AE02/JlnO0VJ9LKvYssUwdezNlO1x_pg.crl rsync://rpki.apnic.net/member_repository/A9197227/4FCF568E7B0711EB9AF84384C4F9AE02/JlnO0VJ9LKvYssUwdezNlO1x_pg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JlnO0VJ9LKvYssUwdezNlO1x_pg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 08 Jun 2024 00:39:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1397 (0x575) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9197227/serialNumber=2659CED1527D2CABD8B2C53075ECCD94ED71FE98 Validity Not Before: Oct 25 03:50:47 2023 GMT Not After : Aug 31 00:00:00 2024 GMT Subject: CN=65389097-2531 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:89:95:94:dd:62:85:88:27:2a:a8:15:39:e8: 6e:01:56:5e:9c:e0:97:da:0b:67:11:21:03:3b:c8: 35:ea:eb:ef:f0:de:a2:81:27:60:06:a5:5d:a4:2e: 1e:7a:f2:99:2e:ea:61:6e:df:16:e9:c3:37:c9:4a: 60:ab:52:f0:d5:cd:c1:66:95:c0:01:f9:b5:56:7e: f3:55:55:cd:d0:df:27:b8:ca:0e:c2:13:b3:00:db: a3:a1:f2:ad:c4:64:34:61:c6:be:16:fa:4c:8b:e5: 22:04:a7:0e:57:94:52:f0:b5:63:f9:32:ff:0e:4d: 9c:be:39:9b:e3:5f:f0:3d:82:c7:b1:f2:1b:bf:f8: 4e:42:9b:8c:d1:e5:67:18:09:e4:00:ac:03:3f:20: 51:5e:a0:35:db:8c:6f:4d:f5:1d:40:65:a3:b3:40: 8e:b7:b9:ce:ff:e5:53:6b:7a:29:e7:e7:b7:22:b2: 53:a6:25:a6:f1:0b:a8:08:35:52:05:94:e4:f5:3f: b9:b3:6d:d8:0b:9f:85:6c:90:53:a4:0a:bc:ac:dd: 95:0b:7e:af:2a:7b:36:65:77:b6:42:ab:d8:3c:7d: c4:43:b1:9f:e2:56:4b:16:21:78:fd:29:3d:8d:ce: 1f:ec:2b:17:89:72:8d:fd:f9:37:fe:d1:d7:25:06: 63:cd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8E:F9:1E:7B:9B:25:DE:48:1E:35:C2:5C:B7:D9:DB:7B:EA:07:21:F6 X509v3 Authority Key Identifier: keyid:26:59:CE:D1:52:7D:2C:AB:D8:B2:C5:30:75:EC:CD:94:ED:71:FE:98 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9197227/4FCF568E7B0711EB9AF84384C4F9AE02/JlnO0VJ9LKvYssUwdezNlO1x_pg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JlnO0VJ9LKvYssUwdezNlO1x_pg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9197227/4FCF568E7B0711EB9AF84384C4F9AE02/AE2B714A72E911EEA3EFD34AC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 203.14.105.0/24 203.57.128.0/20 IPv6: 2406:9680::/32 Signature Algorithm: sha256WithRSAEncryption 6e:a7:8c:45:f1:96:3c:66:22:96:e5:fa:ae:8c:2a:29:05:24: b3:79:c7:ac:39:f8:5e:63:f5:cb:1c:35:35:50:fa:6c:e1:f6: fd:51:98:a0:1c:06:32:b3:43:6d:25:0a:65:67:1c:f8:c3:bf: 70:2d:2b:91:f1:de:45:df:8a:1e:8f:94:82:23:e4:09:66:6d: 1f:fc:8e:17:0b:a9:ce:b4:03:08:30:69:56:c7:9f:3a:35:a3: c8:56:73:2e:4e:ec:fa:8b:25:28:82:f2:0a:eb:ef:06:03:e6: 8f:bf:cb:e3:a9:ac:e6:85:a4:7f:7d:d2:d4:bc:86:32:c5:c6: bf:56:a7:33:e3:5b:f2:5b:c9:55:d7:21:dc:e3:72:50:be:86: 96:0c:fa:1a:69:3f:f5:a2:1c:56:d3:21:56:32:ed:ce:c1:12: 4d:b3:4b:37:e6:1c:59:8f:22:dd:73:c2:98:8d:f0:71:79:83: 18:4e:fd:54:80:8c:55:42:1a:a8:a3:02:65:49:59:2f:48:18: 7f:73:a1:ee:5c:82:94:bf:c6:25:dd:fa:f6:2b:1f:21:53:77: 88:83:50:27:21:49:c6:e5:4f:b6:88:f6:2f:a5:f7:ad:d6:67: ca:29:a4:e9:81:02:2f:98:a6:09:cd:96:fc:47:95:58:2e:fd: d9:86:bd:95 -----BEGIN CERTIFICATE----- MIIFhjCCBG6gAwIBAgICBXUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OTcyMjcxMTAvBgNVBAUTKDI2NTlDRUQxNTI3RDJDQUJEOEIyQzUzMDc1RUNDRDk0 RUQ3MUZFOTgwHhcNMjMxMDI1MDM1MDQ3WhcNMjQwODMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NTM4OTA5Ny0yNTMxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAv4mVlN1ihYgnKqgVOehuAVZenOCX2gtnESEDO8g16uvv8N6igSdgBqVdpC4e evKZLuphbt8W6cM3yUpgq1Lw1c3BZpXAAfm1Vn7zVVXN0N8nuMoOwhOzANujofKt xGQ0Yca+FvpMi+UiBKcOV5RS8LVj+TL/Dk2cvjmb41/wPYLHsfIbv/hOQpuM0eVn GAnkAKwDPyBRXqA124xvTfUdQGWjs0COt7nO/+VTa3op5+e3IrJTpiWm8QuoCDVS BZTk9T+5s23YC5+FbJBTpAq8rN2VC36vKns2ZXe2QqvYPH3EQ7Gf4lZLFiF4/Sk9 jc4f7CsXiXKN/fk3/tHXJQZjzQIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFI75Hnub Jd5IHjXCXLfZ23vqByH2MB8GA1UdIwQYMBaAFCZZztFSfSyr2LLFMHXszZTtcf6Y MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5NzIyNy80RkNGNTY4RTdC MDcxMUVCOUFGODQzODRDNEY5QUUwMi9KbG5PMFZKOUxLdllzc1V3ZGV6TmxPMXhf cGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0psbk8wVko5TEt2WXNzVXdkZXpObE8xeF9wZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx OTcyMjcvNEZDRjU2OEU3QjA3MTFFQjlBRjg0Mzg0QzRGOUFFMDIvQUUyQjcxNEE3 MkU5MTFFRUEzRUZEMzRBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E JTAjMBIEAgABMAwDBADLDmkDBATLOYAwDQQCAAIwBwMFACQGloAwDQYJKoZIhvcN AQELBQADggEBAG6njEXxljxmIpbl+q6MKikFJLN5x6w5+F5j9cscNTVQ+mzh9v1R mKAcBjKzQ20lCmVnHPjDv3AtK5Hx3kXfih6PlIIj5AlmbR/8jhcLqc60AwgwaVbH nzo1o8hWcy5O7PqLJSiC8grr7wYD5o+/y+OprOaFpH990tS8hjLFxr9WpzPjW/Jb yVXXIdzjclC+hpYM+hppP/WiHFbTIVYy7c7BEk2zSzfmHFmPIt1zwpiN8HF5gxhO /VSAjFVCGqijAmVJWS9IGH9zoe5cgpS/xiXd+vYrHyFTd4iDUCchScblT7aI9i+l 963WZ8oppOmBAi+YpgnNlvxHlVgu/dmGvZU= -----END CERTIFICATE-----Generated at Sat Jun 1 01:41:45 2024 by rpki-client on console-fra.rpki-client.org