$ rpki-client -vvf rpki.apnic.net/member_repository/A91B7292/03B88ADAD14A11EE99DE2B52C4F9AE02/998461D4D14E11EEBD6E0D11C4F9AE02.roa File: 998461D4D14E11EEBD6E0D11C4F9AE02.roa (raw, json) Hash identifier: TkMxlHrE0FDAXno5w4Am4I9lFw+C+8vsvPyLVoqbib0= Subject key identifier: 4B:9E:DE:53:2C:CD:7D:09:B1:AC:8B:0B:23:E9:F1:A3:F0:53:8F:0E Certificate issuer: /CN=A91B7292/serialNumber=C2FC6448564EC6526B91B2FE23B4FD58342D20F4 Certificate serial: 09 Authority key identifier: C2:FC:64:48:56:4E:C6:52:6B:91:B2:FE:23:B4:FD:58:34:2D:20:F4 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wvxkSFZOxlJrkbL-I7T9WDQtIPQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B7292/03B88ADAD14A11EE99DE2B52C4F9AE02/998461D4D14E11EEBD6E0D11C4F9AE02.roa Signing time: Thu 22 Feb 2024 06:50:29 +0000 ROA not before: Thu 22 Feb 2024 06:50:29 +0000 ROA not after: Mon 31 Mar 2025 00:00:00 +0000 asID: 38325 IP address blocks: 123.108.120.0/21 maxlen: 21 123.108.120.0/22 maxlen: 22 123.108.121.0/24 maxlen: 24 123.108.122.0/24 maxlen: 24 123.108.123.0/24 maxlen: 24 123.108.124.0/22 maxlen: 22 123.108.124.0/24 maxlen: 24 123.108.125.0/24 maxlen: 24 123.108.126.0/24 maxlen: 24 123.108.127.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B7292/03B88ADAD14A11EE99DE2B52C4F9AE02/wvxkSFZOxlJrkbL-I7T9WDQtIPQ.crl rsync://rpki.apnic.net/member_repository/A91B7292/03B88ADAD14A11EE99DE2B52C4F9AE02/wvxkSFZOxlJrkbL-I7T9WDQtIPQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wvxkSFZOxlJrkbL-I7T9WDQtIPQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 07 Jun 2024 07:27:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 9 (0x9) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B7292/serialNumber=C2FC6448564EC6526B91B2FE23B4FD58342D20F4 Validity Not Before: Feb 22 06:50:29 2024 GMT Not After : Mar 31 00:00:00 2025 GMT Subject: CN=65d6eeb5-6160 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:30:4e:da:c7:a2:af:f9:a9:fc:3d:7c:4b:9c: 02:c9:e1:cb:06:ad:77:f1:84:4f:e6:d2:e4:d9:88: 73:d9:e2:9c:7e:7d:fc:38:8a:c2:c3:ee:75:b6:61: 08:79:ea:fb:f0:92:e0:b6:18:fd:59:e3:a3:a5:b8: c7:35:48:f0:f8:53:af:64:8e:c2:d2:8e:5e:aa:29: 13:19:ba:db:cc:ec:24:dd:81:a6:51:91:47:f9:f8: df:b8:1e:04:5e:1e:bc:9b:31:28:a5:8b:62:f2:26: 22:7a:89:ca:db:15:b7:c4:24:ad:5b:c4:f3:c8:b3: b8:ed:85:3d:73:8e:c8:36:ac:07:16:10:71:0d:67: e2:f5:49:47:5d:76:f2:23:ab:3e:4f:83:22:7f:59: 25:23:39:e1:83:b0:d5:be:eb:b3:0f:a0:fa:00:8c: ac:21:c9:f7:56:3d:94:6d:17:d3:e4:ea:b0:54:d1: 4d:91:18:78:dd:b5:32:ef:6a:ab:d1:10:fd:7c:58: dc:91:29:53:da:e7:b1:37:04:26:57:d8:53:85:c2: a7:bb:fc:ea:94:3c:9d:fb:8e:1e:b2:de:45:1b:a7: 23:e8:70:9a:de:64:c6:ba:f3:76:08:c0:33:08:55: 96:cb:51:0a:78:f3:a6:aa:48:23:f3:12:c6:32:88: 26:c3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4B:9E:DE:53:2C:CD:7D:09:B1:AC:8B:0B:23:E9:F1:A3:F0:53:8F:0E X509v3 Authority Key Identifier: keyid:C2:FC:64:48:56:4E:C6:52:6B:91:B2:FE:23:B4:FD:58:34:2D:20:F4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B7292/03B88ADAD14A11EE99DE2B52C4F9AE02/wvxkSFZOxlJrkbL-I7T9WDQtIPQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wvxkSFZOxlJrkbL-I7T9WDQtIPQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B7292/03B88ADAD14A11EE99DE2B52C4F9AE02/998461D4D14E11EEBD6E0D11C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 123.108.120.0/21 Signature Algorithm: sha256WithRSAEncryption b1:f3:12:1d:1f:e2:9d:93:37:1f:d4:30:ce:11:3f:96:78:12: 86:16:bd:3f:55:91:54:d7:bb:b0:fd:69:3b:3c:1c:b7:b0:18: 4c:34:a3:18:2f:0d:68:ea:bd:0b:ab:cf:ea:f2:f3:db:81:b7: 0e:0f:36:9d:bd:66:60:4c:db:1f:37:29:bf:b2:19:17:62:d3: 1f:7f:3d:21:32:00:f1:0c:b8:07:9c:6e:aa:c1:7e:ae:28:17: 1b:58:22:c0:14:02:ed:3a:73:21:01:99:82:94:a8:64:97:d8: e6:39:eb:fb:57:98:48:98:cc:c7:ec:18:81:08:6f:53:68:75: 39:33:a1:a1:c3:36:c3:66:ed:d9:c8:74:72:1f:6f:9a:75:36: 68:4b:36:45:01:01:b0:99:b4:5d:b3:bb:9e:77:78:f3:f4:73: 95:00:c7:37:7e:6b:fb:aa:15:79:5c:5a:ba:6b:32:83:d0:c0: 90:72:42:87:07:7b:1a:b5:a8:63:59:c6:5a:05:6f:72:a0:d1: 68:2b:55:5d:b3:98:a6:4e:9b:92:9b:ad:3d:5e:41:0e:31:4e: c3:88:8b:b7:8c:e8:a1:69:40:5e:2a:1d:75:18:eb:b1:1a:9f: 0b:24:51:9d:1e:0e:a2:44:bb:a1:4d:51:08:91:77:bb:ba:9b: b1:c0:ca:11 -----BEGIN CERTIFICATE----- MIIFcDCCBFigAwIBAgIBCTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFC NzI5MjExMC8GA1UEBRMoQzJGQzY0NDg1NjRFQzY1MjZCOTFCMkZFMjNCNEZENTgz NDJEMjBGNDAeFw0yNDAyMjIwNjUwMjlaFw0yNTAzMzEwMDAwMDBaMBgxFjAUBgNV BAMTDTY1ZDZlZWI1LTYxNjAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCzME7ax6Kv+an8PXxLnALJ4csGrXfxhE/m0uTZiHPZ4px+ffw4isLD7nW2YQh5 6vvwkuC2GP1Z46OluMc1SPD4U69kjsLSjl6qKRMZutvM7CTdgaZRkUf5+N+4HgRe HrybMSili2LyJiJ6icrbFbfEJK1bxPPIs7jthT1zjsg2rAcWEHENZ+L1SUdddvIj qz5PgyJ/WSUjOeGDsNW+67MPoPoAjKwhyfdWPZRtF9Pk6rBU0U2RGHjdtTLvaqvR EP18WNyRKVPa57E3BCZX2FOFwqe7/OqUPJ37jh6y3kUbpyPocJreZMa683YIwDMI VZbLUQp486aqSCPzEsYyiCbDAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUS57eUyzN fQmxrIsLI+nxo/BTjw4wHwYDVR0jBBgwFoAUwvxkSFZOxlJrkbL+I7T9WDQtIPQw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUI3MjkyLzAzQjg4QURBRDE0 QTExRUU5OURFMkI1MkM0RjlBRTAyL3d2eGtTRlpPeGxKcmtiTC1JN1Q5V0RRdElQ US5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvd3Z4a1NGWk94bEpya2JMLUk3VDlXRFF0SVBRLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC NzI5Mi8wM0I4OEFEQUQxNEExMUVFOTlERTJCNTJDNEY5QUUwMi85OTg0NjFENEQx NEUxMUVFQkQ2RTBEMTFDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ MA4wDAQCAAEwBgMEA3tseDANBgkqhkiG9w0BAQsFAAOCAQEAsfMSHR/inZM3H9Qw zhE/lngShha9P1WRVNe7sP1pOzwct7AYTDSjGC8NaOq9C6vP6vLz24G3Dg82nb1m YEzbHzcpv7IZF2LTH389ITIA8Qy4B5xuqsF+rigXG1giwBQC7TpzIQGZgpSoZJfY 5jnr+1eYSJjMx+wYgQhvU2h1OTOhocM2w2bt2ch0ch9vmnU2aEs2RQEBsJm0XbO7 nnd48/RzlQDHN35r+6oVeVxaumsyg9DAkHJChwd7GrWoY1nGWgVvcqDRaCtVXbOY pk6bkputPV5BDjFOw4iLt4zooWlAXioddRjrsRqfCyRRnR4OokS7oU1RCJF3u7qb scDKEQ== -----END CERTIFICATE-----Generated at Fri May 31 10:42:51 2024 by rpki-client on console-fra.rpki-client.org