$ rpki-client -vvf rpki.apnic.net/member_repository/A91AAEB2/3952100E6E8311EFAB726180C4F9AE02/F54A05F8721311EFA9D7CA3AC4F9AE02.roa File: F54A05F8721311EFA9D7CA3AC4F9AE02.roa (raw, json) Hash identifier: ZvEy6JaLLFRQvqVmKwxT6OGZFRmd+kuOzaWGnGN3Iq0= Subject key identifier: 49:56:E9:4D:6D:BA:D4:96:B6:DF:7E:0C:FE:BF:DB:D9:68:1C:0E:91 Certificate issuer: /CN=A91AAEB2/serialNumber=9B98FB7D468983A2C14772733248EFFA3462E126 Certificate serial: 27 Authority key identifier: 9B:98:FB:7D:46:89:83:A2:C1:47:72:73:32:48:EF:FA:34:62:E1:26 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/m5j7fUaJg6LBR3JzMkjv-jRi4SY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91AAEB2/3952100E6E8311EFAB726180C4F9AE02/F54A05F8721311EFA9D7CA3AC4F9AE02.roa Signing time: Fri 13 Sep 2024 21:05:52 +0000 ROA not before: Fri 13 Sep 2024 21:05:52 +0000 ROA not after: Sun 02 Mar 2025 00:00:00 +0000 asID: 9562 IP address blocks: 202.28.32.0/24 maxlen: 24 202.28.33.0/24 maxlen: 24 202.28.34.0/24 maxlen: 24 202.28.35.0/24 maxlen: 24 2001:3c8:a701::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91AAEB2/3952100E6E8311EFAB726180C4F9AE02/m5j7fUaJg6LBR3JzMkjv-jRi4SY.crl rsync://rpki.apnic.net/member_repository/A91AAEB2/3952100E6E8311EFAB726180C4F9AE02/m5j7fUaJg6LBR3JzMkjv-jRi4SY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/m5j7fUaJg6LBR3JzMkjv-jRi4SY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 30 Nov 2024 02:50:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 39 (0x27) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91AAEB2/serialNumber=9B98FB7D468983A2C14772733248EFFA3462E126 Validity Not Before: Sep 13 21:05:52 2024 GMT Not After : Mar 2 00:00:00 2025 GMT Subject: CN=66e4a930-1d60 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:4b:57:c1:51:9f:db:0e:d2:58:8c:a4:ff:7a: d6:e0:b6:0e:7c:60:21:6a:33:ff:04:cb:ec:3c:f2: 62:b5:9e:be:78:29:b5:da:e3:47:64:a0:bd:e6:63: 0d:73:e4:f3:15:18:53:f6:fe:81:e4:ea:aa:33:6d: 1d:2a:1c:03:df:96:31:75:d7:bd:f6:bd:4b:88:59: cd:83:d1:73:6b:10:0d:ce:58:3d:0a:61:5a:a2:b6: 5a:45:c1:9d:1b:90:8d:42:23:aa:b6:d2:2d:bb:10: 17:a5:f5:9c:e6:93:b1:53:c8:31:0f:cc:e9:5d:e9: 57:5b:46:d8:d7:c2:0a:49:b3:c2:22:6a:6c:18:e8: cf:33:34:66:64:3a:bd:5a:aa:33:18:f5:8d:0c:85: b6:e4:c5:b3:59:f1:73:ed:8a:fb:fd:df:a0:10:25: 97:82:9c:1b:3b:c6:7c:43:a6:c1:25:4e:56:12:00: c1:b9:6f:d0:31:43:a7:98:66:3c:43:57:bf:55:90: 21:fe:77:05:bd:f2:f8:31:4d:2c:ee:2c:6f:95:13: 0c:75:60:8c:83:2a:0e:f3:8c:92:94:f0:55:68:40: 75:fe:27:9f:02:60:92:80:48:1b:92:58:36:22:fb: e9:a6:95:25:27:63:50:7c:43:a6:ed:44:06:f0:e4: 5d:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 49:56:E9:4D:6D:BA:D4:96:B6:DF:7E:0C:FE:BF:DB:D9:68:1C:0E:91 X509v3 Authority Key Identifier: keyid:9B:98:FB:7D:46:89:83:A2:C1:47:72:73:32:48:EF:FA:34:62:E1:26 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91AAEB2/3952100E6E8311EFAB726180C4F9AE02/m5j7fUaJg6LBR3JzMkjv-jRi4SY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/m5j7fUaJg6LBR3JzMkjv-jRi4SY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AAEB2/3952100E6E8311EFAB726180C4F9AE02/F54A05F8721311EFA9D7CA3AC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 202.28.32.0/22 IPv6: 2001:3c8:a701::/48 Signature Algorithm: sha256WithRSAEncryption 36:81:65:5b:e6:5f:94:d0:06:9e:c0:a3:5d:fe:7d:50:bf:99: de:c0:94:54:7f:1b:82:a8:5d:f2:5c:e7:c4:43:81:20:55:41: ec:17:e2:61:aa:71:7e:60:66:73:fb:bb:f8:08:05:73:6f:0c: df:de:d9:e3:17:77:1c:cb:51:1e:07:8d:53:b5:80:96:82:e0: 9a:b3:58:09:64:22:51:aa:d1:6f:28:8b:97:d8:91:35:5e:a6: 9b:db:7b:64:d7:56:7c:cd:60:ff:8d:90:38:72:be:52:23:cd: 0d:f4:0d:7b:14:93:eb:63:7c:e9:aa:ff:85:aa:64:ce:f5:5f: ec:51:14:fe:f1:77:f7:c0:d4:11:20:51:9f:5b:e3:dc:29:d1: ec:f2:d3:47:ad:e9:4c:d5:d3:b5:91:9a:d9:02:b9:ec:e6:fd: b4:bd:b2:0c:44:de:45:46:38:be:c1:78:09:66:e1:28:e1:89: 42:48:56:09:86:82:bc:26:3e:31:72:18:46:8f:a6:89:11:1a: 6a:01:d3:fa:35:69:a0:9b:5c:6b:73:56:3c:cc:b6:9e:7a:20: 07:f9:3d:47:96:e9:af:b9:07:e3:12:47:d1:55:c4:40:58:6e: 6f:00:08:9e:d0:62:55:4d:00:0e:e3:64:9b:b9:36:cc:aa:e3: 3a:87:7e:c4 -----BEGIN CERTIFICATE----- MIIFgTCCBGmgAwIBAgIBJzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFB QUVCMjExMC8GA1UEBRMoOUI5OEZCN0Q0Njg5ODNBMkMxNDc3MjczMzI0OEVGRkEz NDYyRTEyNjAeFw0yNDA5MTMyMTA1NTJaFw0yNTAzMDIwMDAwMDBaMBgxFjAUBgNV BAMTDTY2ZTRhOTMwLTFkNjAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDHS1fBUZ/bDtJYjKT/etbgtg58YCFqM/8Ey+w88mK1nr54KbXa40dkoL3mYw1z 5PMVGFP2/oHk6qozbR0qHAPfljF11732vUuIWc2D0XNrEA3OWD0KYVqitlpFwZ0b kI1CI6q20i27EBel9Zzmk7FTyDEPzOld6VdbRtjXwgpJs8IiamwY6M8zNGZkOr1a qjMY9Y0MhbbkxbNZ8XPtivv936AQJZeCnBs7xnxDpsElTlYSAMG5b9AxQ6eYZjxD V79VkCH+dwW98vgxTSzuLG+VEwx1YIyDKg7zjJKU8FVoQHX+J58CYJKASBuSWDYi ++mmlSUnY1B8Q6btRAbw5F1lAgMBAAGjggKmMIICojAdBgNVHQ4EFgQUSVbpTW26 1Ja2334M/r/b2WgcDpEwHwYDVR0jBBgwFoAUm5j7fUaJg6LBR3JzMkjv+jRi4SYw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUFBRUIyLzM5NTIxMDBFNkU4 MzExRUZBQjcyNjE4MEM0RjlBRTAyL201ajdmVWFKZzZMQlIzSnpNa2p2LWpSaTRT WS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvbTVqN2ZVYUpnNkxCUjNKek1ranYtalJpNFNZLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB QUVCMi8zOTUyMTAwRTZFODMxMUVGQUI3MjYxODBDNEY5QUUwMi9GNTRBMDVGODcy MTMxMUVGQTlEN0NBM0FDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAwBggrBgEFBQcBBwEB/wQh MB8wDAQCAAEwBgMEAsocIDAPBAIAAjAJAwcAIAEDyKcBMA0GCSqGSIb3DQEBCwUA A4IBAQA2gWVb5l+U0AaewKNd/n1Qv5newJRUfxuCqF3yXOfEQ4EgVUHsF+JhqnF+ YGZz+7v4CAVzbwzf3tnjF3ccy1EeB41TtYCWguCas1gJZCJRqtFvKIuX2JE1Xqab 23tk11Z8zWD/jZA4cr5SI80N9A17FJPrY3zpqv+FqmTO9V/sURT+8Xf3wNQRIFGf W+PcKdHs8tNHrelM1dO1kZrZArns5v20vbIMRN5FRji+wXgJZuEo4YlCSFYJhoK8 Jj4xchhGj6aJERpqAdP6NWmgm1xrc1Y8zLaeeiAH+T1HlumvuQfjEkfRVcRAWG5v AAie0GJVTQAO42SbuTbMquM6h37E -----END CERTIFICATE-----Generated at Sat Nov 23 07:45:04 2024 by rpki-client on console-ams.rpki-client.org