$ rpki-client -vvf rpki.apnic.net/member_repository/A91A2265/9A66AADE508511EEBA3EFC11C4F9AE02/FD57EA90508511EEBA4C0E2BC4F9AE02.roa File: FD57EA90508511EEBA4C0E2BC4F9AE02.roa (raw, json) Hash identifier: v32XhgPxoP5LrsTN7ytqd7Ac70YmOOk9w7cVgGhw8iw= Subject key identifier: 0F:D8:EF:E0:B2:37:33:C7:BD:A3:F6:81:2B:DC:A5:B8:8E:30:20:00 Certificate issuer: /CN=A91A2265/serialNumber=BBEC210E7529FD397F1338FFAC1DDD783C0FAA32 Certificate serial: 03 Authority key identifier: BB:EC:21:0E:75:29:FD:39:7F:13:38:FF:AC:1D:DD:78:3C:0F:AA:32 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/u-whDnUp_Tl_Ezj_rB3deDwPqjI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A2265/9A66AADE508511EEBA3EFC11C4F9AE02/FD57EA90508511EEBA4C0E2BC4F9AE02.roa Signing time: Mon 11 Sep 2023 09:31:31 +0000 ROA not before: Mon 11 Sep 2023 09:31:31 +0000 ROA not after: Mon 30 Sep 2024 00:00:00 +0000 asID: 9334 IP address blocks: 203.167.0.0/21 maxlen: 21 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A2265/9A66AADE508511EEBA3EFC11C4F9AE02/u-whDnUp_Tl_Ezj_rB3deDwPqjI.crl rsync://rpki.apnic.net/member_repository/A91A2265/9A66AADE508511EEBA3EFC11C4F9AE02/u-whDnUp_Tl_Ezj_rB3deDwPqjI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/u-whDnUp_Tl_Ezj_rB3deDwPqjI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 08 Jun 2024 07:43:47 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3 (0x3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A2265/serialNumber=BBEC210E7529FD397F1338FFAC1DDD783C0FAA32 Validity Not Before: Sep 11 09:31:31 2023 GMT Not After : Sep 30 00:00:00 2024 GMT Subject: CN=64fede72-43a2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:a8:cc:00:cf:05:38:57:bd:43:bf:d2:e1:79: 9e:fb:91:28:3c:95:06:e1:b6:f4:8f:37:9e:14:fe: 4d:03:11:dd:de:4f:a6:be:ff:63:75:9a:f4:07:d9: cf:93:e4:f9:1b:32:79:c4:bf:76:ef:84:dd:6b:da: 11:3b:ee:67:e6:da:86:59:c3:60:a9:4d:3e:c1:ed: 92:49:3f:72:3b:76:2e:ff:d4:9e:48:de:e2:ea:a5: c5:47:7b:a8:69:40:4a:a1:99:01:1e:78:32:f9:3d: 3f:53:3a:3e:fc:bf:6e:28:d8:f8:b0:92:5c:db:47: c0:47:c4:b4:a3:85:0f:45:a9:17:17:19:f7:fa:61: d0:0d:04:9c:34:88:eb:fe:4a:fb:00:9e:a0:52:0c: e6:29:db:f6:60:cf:9a:c7:97:92:5a:78:ef:36:be: 39:0e:be:b4:8c:1f:9a:4e:a7:55:3f:71:91:99:6e: 56:41:0d:b2:2c:f8:47:94:78:20:c3:36:be:5f:52: 01:14:b0:62:50:a3:e2:96:5d:5f:53:21:46:98:6b: cb:11:45:93:fa:e5:91:76:e0:8e:62:ae:2e:19:02: eb:4d:80:d9:02:fe:3d:de:4f:25:ff:28:74:2f:07: 02:9e:85:be:80:c7:d9:dc:78:7e:43:c5:eb:b1:76: c3:a5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0F:D8:EF:E0:B2:37:33:C7:BD:A3:F6:81:2B:DC:A5:B8:8E:30:20:00 X509v3 Authority Key Identifier: keyid:BB:EC:21:0E:75:29:FD:39:7F:13:38:FF:AC:1D:DD:78:3C:0F:AA:32 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A2265/9A66AADE508511EEBA3EFC11C4F9AE02/u-whDnUp_Tl_Ezj_rB3deDwPqjI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/u-whDnUp_Tl_Ezj_rB3deDwPqjI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A2265/9A66AADE508511EEBA3EFC11C4F9AE02/FD57EA90508511EEBA4C0E2BC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 203.167.0.0/21 Signature Algorithm: sha256WithRSAEncryption 5a:54:09:20:5a:41:9b:e9:3e:47:c9:9f:64:15:70:41:aa:bb: 38:8d:25:af:43:c0:93:7d:f0:2c:ea:dd:23:81:fa:92:71:b6: d4:68:45:66:09:54:b1:5d:f9:06:62:6b:45:15:b5:b2:bc:2d: c1:18:5d:77:de:a7:d8:8a:9d:b4:f3:91:0a:50:01:64:79:49: 3f:10:c0:25:75:0c:b6:4a:af:9e:22:ac:11:01:8d:03:48:b5: ca:7f:8e:22:18:e5:a7:21:31:4d:3d:42:d7:e0:3b:b3:14:d9: 8e:da:b6:57:7c:2e:08:50:cd:aa:4c:58:fe:e6:31:83:4d:d5: bf:61:d2:d3:52:ab:da:17:5a:e7:e8:4e:55:b5:50:c3:dc:2f: 5f:cd:bf:e5:e3:51:26:76:07:65:d3:8e:de:ca:ba:39:46:84: 9a:91:c0:22:5a:59:ad:71:84:a9:e2:43:d7:5e:31:b4:0d:0a: bc:f8:be:c6:e0:6f:39:da:60:51:ef:ac:0a:d0:e1:2b:bd:06: 0b:a6:fc:fc:44:51:0b:a1:a4:78:95:96:90:fb:e7:fb:e3:a8: e9:bb:fa:82:2a:95:58:38:92:ad:55:40:8c:16:b6:f9:74:14: 00:95:95:a6:41:8a:fe:5a:53:83:90:2a:2e:1f:8a:57:f8:d5: ba:9e:98:98 -----BEGIN CERTIFICATE----- MIIFcDCCBFigAwIBAgIBAzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFB MjI2NTExMC8GA1UEBRMoQkJFQzIxMEU3NTI5RkQzOTdGMTMzOEZGQUMxRERENzgz QzBGQUEzMjAeFw0yMzA5MTEwOTMxMzFaFw0yNDA5MzAwMDAwMDBaMBgxFjAUBgNV BAMTDTY0ZmVkZTcyLTQzYTIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDLqMwAzwU4V71Dv9LheZ77kSg8lQbhtvSPN54U/k0DEd3eT6a+/2N1mvQH2c+T 5PkbMnnEv3bvhN1r2hE77mfm2oZZw2CpTT7B7ZJJP3I7di7/1J5I3uLqpcVHe6hp QEqhmQEeeDL5PT9TOj78v24o2PiwklzbR8BHxLSjhQ9FqRcXGff6YdANBJw0iOv+ SvsAnqBSDOYp2/Zgz5rHl5JaeO82vjkOvrSMH5pOp1U/cZGZblZBDbIs+EeUeCDD Nr5fUgEUsGJQo+KWXV9TIUaYa8sRRZP65ZF24I5iri4ZAutNgNkC/j3eTyX/KHQv BwKehb6Ax9nceH5DxeuxdsOlAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUD9jv4LI3 M8e9o/aBK9yluI4wIAAwHwYDVR0jBBgwFoAUu+whDnUp/Tl/Ezj/rB3deDwPqjIw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUEyMjY1LzlBNjZBQURFNTA4 NTExRUVCQTNFRkMxMUM0RjlBRTAyL3Utd2hEblVwX1RsX0V6al9yQjNkZUR3UHFq SS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvdS13aERuVXBfVGxfRXpqX3JCM2RlRHdQcWpJLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB MjI2NS85QTY2QUFERTUwODUxMUVFQkEzRUZDMTFDNEY5QUUwMi9GRDU3RUE5MDUw ODUxMUVFQkE0QzBFMkJDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ MA4wDAQCAAEwBgMEA8unADANBgkqhkiG9w0BAQsFAAOCAQEAWlQJIFpBm+k+R8mf ZBVwQaq7OI0lr0PAk33wLOrdI4H6knG21GhFZglUsV35BmJrRRW1srwtwRhdd96n 2IqdtPORClABZHlJPxDAJXUMtkqvniKsEQGNA0i1yn+OIhjlpyExTT1C1+A7sxTZ jtq2V3wuCFDNqkxY/uYxg03Vv2HS01Kr2hda5+hOVbVQw9wvX82/5eNRJnYHZdOO 3sq6OUaEmpHAIlpZrXGEqeJD114xtA0KvPi+xuBvOdpgUe+sCtDhK70GC6b8/ERR C6GkeJWWkPvn++Oo6bv6giqVWDiSrVVAjBa2+XQUAJWVpkGK/lpTg5AqLh+KV/jV up6YmA== -----END CERTIFICATE-----Generated at Sat Jun 1 09:10:36 2024 by rpki-client on console-fra.rpki-client.org