$ rpki-client -vvf rpki.apnic.net/member_repository/A91AAEB2/3952100E6E8311EFAB726180C4F9AE02/7D23CBEC721B11EF81654E68C4F9AE02.roa File: 7D23CBEC721B11EF81654E68C4F9AE02.roa (raw, json) Hash identifier: dG1frYnVZbSWD6nf4UzUOAx7sTEmjVL2X2uKRuCx4wI= Subject key identifier: 5A:A0:41:30:B2:F3:63:C7:FE:0E:FC:0C:1C:C2:54:A4:BD:1E:B4:0E Certificate issuer: /CN=A91AAEB2/serialNumber=9B98FB7D468983A2C14772733248EFFA3462E126 Certificate serial: 4A Authority key identifier: 9B:98:FB:7D:46:89:83:A2:C1:47:72:73:32:48:EF:FA:34:62:E1:26 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/m5j7fUaJg6LBR3JzMkjv-jRi4SY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91AAEB2/3952100E6E8311EFAB726180C4F9AE02/7D23CBEC721B11EF81654E68C4F9AE02.roa Signing time: Fri 13 Sep 2024 21:59:46 +0000 ROA not before: Fri 13 Sep 2024 21:59:46 +0000 ROA not after: Sun 02 Mar 2025 00:00:00 +0000 asID: 133042 IP address blocks: 202.29.66.0/24 maxlen: 24 202.29.172.0/22 maxlen: 22 202.29.176.0/22 maxlen: 22 203.159.160.0/24 maxlen: 24 203.159.164.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91AAEB2/3952100E6E8311EFAB726180C4F9AE02/m5j7fUaJg6LBR3JzMkjv-jRi4SY.crl rsync://rpki.apnic.net/member_repository/A91AAEB2/3952100E6E8311EFAB726180C4F9AE02/m5j7fUaJg6LBR3JzMkjv-jRi4SY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/m5j7fUaJg6LBR3JzMkjv-jRi4SY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 30 Nov 2024 02:50:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 74 (0x4a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91AAEB2/serialNumber=9B98FB7D468983A2C14772733248EFFA3462E126 Validity Not Before: Sep 13 21:59:46 2024 GMT Not After : Mar 2 00:00:00 2025 GMT Subject: CN=66e4b5d2-3d49 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:30:07:47:20:aa:37:d9:7e:7d:c9:26:89:db: 1c:24:38:8a:3c:8c:91:4f:f0:f5:8c:5f:8a:7b:8a: c5:bc:8f:03:5e:9e:70:2b:5d:9f:40:47:d1:1b:1e: 68:a6:94:74:17:02:cc:d9:d4:29:08:e6:24:18:5e: e9:f4:c5:86:3b:c6:e5:ec:9e:18:bf:e5:1c:fe:00: a9:13:96:08:d4:cb:e9:c8:dd:e5:72:49:11:38:a9: e9:e3:bc:8e:94:9e:16:c3:86:b6:f7:e8:b5:3d:28: 29:99:90:d2:41:77:56:52:08:7c:29:89:8c:c9:db: 09:ed:e1:6e:c3:00:74:00:b3:38:09:d0:f0:b7:d1: ec:56:50:49:b9:36:2d:9e:ef:af:e1:ff:9c:e4:ce: 2b:13:f5:ec:8d:38:84:3c:dd:da:9d:be:0c:c0:af: ef:cb:82:86:74:8c:7c:0d:34:37:9c:fe:0a:5d:14: 16:59:8b:71:06:3e:6e:ea:84:d1:b2:c5:00:76:5b: 4c:90:26:6a:56:10:94:0a:16:f6:c4:43:03:d0:75: 91:db:40:73:1d:40:9d:11:03:16:f8:e6:e4:80:ba: 44:92:14:e1:53:eb:ca:92:a2:68:96:d3:08:29:52: 58:be:6a:7d:93:8f:63:e6:19:1c:ec:45:bd:40:71: e5:3b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5A:A0:41:30:B2:F3:63:C7:FE:0E:FC:0C:1C:C2:54:A4:BD:1E:B4:0E X509v3 Authority Key Identifier: keyid:9B:98:FB:7D:46:89:83:A2:C1:47:72:73:32:48:EF:FA:34:62:E1:26 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91AAEB2/3952100E6E8311EFAB726180C4F9AE02/m5j7fUaJg6LBR3JzMkjv-jRi4SY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/m5j7fUaJg6LBR3JzMkjv-jRi4SY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AAEB2/3952100E6E8311EFAB726180C4F9AE02/7D23CBEC721B11EF81654E68C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 202.29.66.0/24 202.29.172.0-202.29.179.255 203.159.160.0/24 203.159.164.0/24 Signature Algorithm: sha256WithRSAEncryption ad:1c:da:11:66:43:17:fd:90:34:8b:c3:9a:8d:ad:c7:90:67: fc:95:36:ca:53:8f:13:fc:bc:bc:47:5c:bb:27:b2:cd:fb:10: bd:6f:79:63:ce:12:bd:91:04:41:7c:41:38:ec:36:79:15:4e: f8:8a:06:50:f9:b0:03:01:e6:a8:87:6b:95:89:a4:37:eb:df: 21:04:97:7e:80:3f:b9:8a:50:22:82:2f:a8:f2:70:de:90:a5: 65:ab:4b:a2:17:50:2d:17:73:5b:ab:39:7a:a9:e0:15:ad:6b: 1d:6a:ff:4b:3f:ff:69:60:db:9c:84:ff:09:9b:54:1c:ca:25: 92:7f:a2:48:6b:9c:de:13:00:f2:f2:f2:88:01:8e:c6:f4:54: 37:15:39:56:43:fb:04:3e:94:30:7f:a9:88:48:48:dd:c7:88: 23:df:15:c6:00:b7:ae:ba:79:30:2f:79:6a:eb:a9:de:0a:ce: e4:7a:90:a6:75:af:dc:3a:91:35:55:7e:85:7b:4b:c0:57:ff: e4:56:9a:6c:38:e5:c5:b8:9a:44:f6:84:9a:27:09:7c:46:a4: 99:5d:a5:b3:98:f3:a1:35:9a:b6:45:b7:64:f2:ae:25:d1:c2: b8:09:a4:7e:f4:56:09:8c:64:2e:fb:31:18:7f:f7:b7:19:c2: 81:2b:6b:97 -----BEGIN CERTIFICATE----- MIIFijCCBHKgAwIBAgIBSjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFB QUVCMjExMC8GA1UEBRMoOUI5OEZCN0Q0Njg5ODNBMkMxNDc3MjczMzI0OEVGRkEz NDYyRTEyNjAeFw0yNDA5MTMyMTU5NDZaFw0yNTAzMDIwMDAwMDBaMBgxFjAUBgNV BAMTDTY2ZTRiNWQyLTNkNDkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCkMAdHIKo32X59ySaJ2xwkOIo8jJFP8PWMX4p7isW8jwNennArXZ9AR9EbHmim lHQXAszZ1CkI5iQYXun0xYY7xuXsnhi/5Rz+AKkTlgjUy+nI3eVySRE4qenjvI6U nhbDhrb36LU9KCmZkNJBd1ZSCHwpiYzJ2wnt4W7DAHQAszgJ0PC30exWUEm5Ni2e 76/h/5zkzisT9eyNOIQ83dqdvgzAr+/LgoZ0jHwNNDec/gpdFBZZi3EGPm7qhNGy xQB2W0yQJmpWEJQKFvbEQwPQdZHbQHMdQJ0RAxb45uSAukSSFOFT68qSomiW0wgp Uli+an2Tj2PmGRzsRb1AceU7AgMBAAGjggKvMIICqzAdBgNVHQ4EFgQUWqBBMLLz Y8f+DvwMHMJUpL0etA4wHwYDVR0jBBgwFoAUm5j7fUaJg6LBR3JzMkjv+jRi4SYw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUFBRUIyLzM5NTIxMDBFNkU4 MzExRUZBQjcyNjE4MEM0RjlBRTAyL201ajdmVWFKZzZMQlIzSnpNa2p2LWpSaTRT WS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvbTVqN2ZVYUpnNkxCUjNKek1ranYtalJpNFNZLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB QUVCMi8zOTUyMTAwRTZFODMxMUVGQUI3MjYxODBDNEY5QUUwMi83RDIzQ0JFQzcy MUIxMUVGODE2NTRFNjhDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDA5BggrBgEFBQcBBwEB/wQq MCgwJgQCAAEwIAMEAModQjAMAwQCyh2sAwQCyh2wAwQAy5+gAwQAy5+kMA0GCSqG SIb3DQEBCwUAA4IBAQCtHNoRZkMX/ZA0i8Oaja3HkGf8lTbKU48T/Ly8R1y7J7LN +xC9b3ljzhK9kQRBfEE47DZ5FU74igZQ+bADAeaoh2uViaQ3698hBJd+gD+5ilAi gi+o8nDekKVlq0uiF1AtF3Nbqzl6qeAVrWsdav9LP/9pYNuchP8Jm1QcyiWSf6JI a5zeEwDy8vKIAY7G9FQ3FTlWQ/sEPpQwf6mISEjdx4gj3xXGALeuunkwL3lq66ne Cs7kepCmda/cOpE1VX6Fe0vAV//kVppsOOXFuJpE9oSaJwl8RqSZXaWzmPOhNZq2 Rbdk8q4l0cK4CaR+9FYJjGQu+zEYf/e3GcKBK2uX -----END CERTIFICATE-----Generated at Sat Nov 23 07:45:04 2024 by rpki-client on console-ams.rpki-client.org