$ rpki-client -vvf rpki.apnic.net/member_repository/A91B7292/03B88ADAD14A11EE99DE2B52C4F9AE02/870862B2222011EFACCDE81BC4F9AE02.roa File: 870862B2222011EFACCDE81BC4F9AE02.roa (raw, json) Hash identifier: e20Z22va+HbOqDulcfYVM/hjdVrdqB+/rN/35lfx3pU= Subject key identifier: A2:2E:24:B2:D5:12:18:FF:23:46:CB:7D:63:B9:34:8A:24:C1:6A:B7 Certificate issuer: /CN=A91B7292/serialNumber=C2FC6448564EC6526B91B2FE23B4FD58342D20F4 Certificate serial: 3F Authority key identifier: C2:FC:64:48:56:4E:C6:52:6B:91:B2:FE:23:B4:FD:58:34:2D:20:F4 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wvxkSFZOxlJrkbL-I7T9WDQtIPQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B7292/03B88ADAD14A11EE99DE2B52C4F9AE02/870862B2222011EFACCDE81BC4F9AE02.roa Signing time: Tue 04 Jun 2024 03:14:17 +0000 ROA not before: Tue 04 Jun 2024 03:14:17 +0000 ROA not after: Mon 31 Mar 2025 00:00:00 +0000 asID: 208770 IP address blocks: 123.108.112.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B7292/03B88ADAD14A11EE99DE2B52C4F9AE02/wvxkSFZOxlJrkbL-I7T9WDQtIPQ.crl rsync://rpki.apnic.net/member_repository/A91B7292/03B88ADAD14A11EE99DE2B52C4F9AE02/wvxkSFZOxlJrkbL-I7T9WDQtIPQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wvxkSFZOxlJrkbL-I7T9WDQtIPQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 06 Jul 2024 03:21:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 63 (0x3f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B7292/serialNumber=C2FC6448564EC6526B91B2FE23B4FD58342D20F4 Validity Not Before: Jun 4 03:14:17 2024 GMT Not After : Mar 31 00:00:00 2025 GMT Subject: CN=665e8689-2298 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:bc:f9:0c:10:bb:ac:52:88:b3:b9:8d:6f:0c: b6:b4:2d:5c:2f:bc:4b:71:d9:67:0f:4f:98:0c:92: 99:f1:e7:e2:af:d6:a3:59:db:ab:19:b3:a3:de:84: de:51:ef:d5:75:23:b9:67:0b:da:c0:af:1f:15:db: f8:8f:3f:53:5f:b8:73:6a:66:51:b4:22:b3:ff:87: 20:c1:d6:b2:86:fe:04:34:c5:09:fb:0d:8c:3f:94: 58:dd:7b:fa:6a:66:90:fb:21:4f:4a:74:e7:df:27: ba:d0:c4:51:82:73:e6:d4:c8:0b:41:93:1a:5b:39: f7:c7:47:b9:a5:7c:69:34:5f:0c:ad:4d:34:a9:72: 52:a9:ee:57:96:85:bb:cf:87:dd:ac:48:c5:bd:61: f9:64:1e:88:3b:a3:b9:dc:8e:e9:4b:80:66:0b:6d: 2a:42:37:0f:d8:06:f4:ca:4f:23:26:46:ae:1c:dc: 2c:0b:59:a8:4c:63:3d:ed:1b:2b:8e:53:af:cf:a4: 43:09:aa:37:2b:03:83:ce:d7:8d:4a:66:b4:c4:03: 47:42:68:23:f6:3c:12:ac:c2:98:0b:2f:64:4a:f7: 71:7e:b8:6d:c6:71:2e:d6:20:90:0b:5b:27:38:43: c8:42:16:62:71:70:a9:ab:ed:4c:f2:68:d2:24:ef: 75:f9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A2:2E:24:B2:D5:12:18:FF:23:46:CB:7D:63:B9:34:8A:24:C1:6A:B7 X509v3 Authority Key Identifier: keyid:C2:FC:64:48:56:4E:C6:52:6B:91:B2:FE:23:B4:FD:58:34:2D:20:F4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B7292/03B88ADAD14A11EE99DE2B52C4F9AE02/wvxkSFZOxlJrkbL-I7T9WDQtIPQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wvxkSFZOxlJrkbL-I7T9WDQtIPQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B7292/03B88ADAD14A11EE99DE2B52C4F9AE02/870862B2222011EFACCDE81BC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 123.108.112.0/22 Signature Algorithm: sha256WithRSAEncryption af:f4:17:e0:84:93:43:34:0c:24:69:3f:e9:91:1e:c9:97:1f: 9e:26:ad:75:a4:a1:e1:7f:0f:71:b0:e0:53:47:ca:5a:f8:11: e2:b7:10:e7:31:37:2a:1c:2f:2b:b2:0a:80:24:52:83:1a:50: 04:9a:17:e1:38:8d:a7:50:fa:f4:40:dd:34:a6:75:07:01:3c: 8f:12:90:b2:82:3f:ed:eb:dd:3f:fc:ac:f7:5e:14:ef:74:ad: a6:d7:d6:a6:31:75:b6:93:17:02:b3:99:af:7b:61:0e:5c:82: cc:db:f5:f6:7b:d3:a4:42:10:7d:60:83:1a:a2:49:5a:49:45: 89:45:f3:cf:4f:2e:ca:83:7e:c8:c7:32:2d:37:27:33:5c:c5: 5d:80:6a:17:b5:1d:db:14:f1:da:3c:c4:97:4b:85:5b:b1:21: 8c:a1:2f:e9:91:6e:8e:f2:12:6c:a9:3a:a5:89:4f:be:70:dd: 73:bf:91:c8:d6:9b:27:8a:8b:29:86:e7:79:f5:2a:68:64:6e: 5a:53:e1:39:ab:01:e6:04:20:a9:23:c6:91:fe:bf:89:fe:4b: 31:57:97:04:24:9a:b6:d6:c6:c8:a7:ad:92:76:12:1a:aa:e9: a5:1f:65:76:de:d1:2c:2e:e1:ca:66:97:0b:82:a0:c3:1b:ba: 1a:49:e0:b4 -----BEGIN CERTIFICATE----- MIIFcDCCBFigAwIBAgIBPzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFC NzI5MjExMC8GA1UEBRMoQzJGQzY0NDg1NjRFQzY1MjZCOTFCMkZFMjNCNEZENTgz NDJEMjBGNDAeFw0yNDA2MDQwMzE0MTdaFw0yNTAzMzEwMDAwMDBaMBgxFjAUBgNV BAMTDTY2NWU4Njg5LTIyOTgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCyvPkMELusUoizuY1vDLa0LVwvvEtx2WcPT5gMkpnx5+Kv1qNZ26sZs6PehN5R 79V1I7lnC9rArx8V2/iPP1NfuHNqZlG0IrP/hyDB1rKG/gQ0xQn7DYw/lFjde/pq ZpD7IU9KdOffJ7rQxFGCc+bUyAtBkxpbOffHR7mlfGk0XwytTTSpclKp7leWhbvP h92sSMW9YflkHog7o7ncjulLgGYLbSpCNw/YBvTKTyMmRq4c3CwLWahMYz3tGyuO U6/PpEMJqjcrA4PO141KZrTEA0dCaCP2PBKswpgLL2RK93F+uG3GcS7WIJALWyc4 Q8hCFmJxcKmr7UzyaNIk73X5AgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUoi4kstUS GP8jRst9Y7k0iiTBarcwHwYDVR0jBBgwFoAUwvxkSFZOxlJrkbL+I7T9WDQtIPQw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUI3MjkyLzAzQjg4QURBRDE0 QTExRUU5OURFMkI1MkM0RjlBRTAyL3d2eGtTRlpPeGxKcmtiTC1JN1Q5V0RRdElQ US5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvd3Z4a1NGWk94bEpya2JMLUk3VDlXRFF0SVBRLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC NzI5Mi8wM0I4OEFEQUQxNEExMUVFOTlERTJCNTJDNEY5QUUwMi84NzA4NjJCMjIy MjAxMUVGQUNDREU4MUJDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ MA4wDAQCAAEwBgMEAntscDANBgkqhkiG9w0BAQsFAAOCAQEAr/QX4ISTQzQMJGk/ 6ZEeyZcfniatdaSh4X8PcbDgU0fKWvgR4rcQ5zE3KhwvK7IKgCRSgxpQBJoX4TiN p1D69EDdNKZ1BwE8jxKQsoI/7evdP/ys914U73StptfWpjF1tpMXArOZr3thDlyC zNv19nvTpEIQfWCDGqJJWklFiUXzz08uyoN+yMcyLTcnM1zFXYBqF7Ud2xTx2jzE l0uFW7EhjKEv6ZFujvISbKk6pYlPvnDdc7+RyNabJ4qLKYbnefUqaGRuWlPhOasB 5gQgqSPGkf6/if5LMVeXBCSattbGyKetknYSGqrppR9ldt7RLC7hymaXC4Kgwxu6 GkngtA== -----END CERTIFICATE-----Generated at Sat Jun 29 09:55:40 2024 by rpki-client on console-fra.rpki-client.org