$ rpki-client -vvf rpki.apnic.net/member_repository/A91E2AE5/8D3E54EAED5911E3B09011925911EA32/2815E7D4BF4211E9A93A3957C4F9AE02.roa File: 2815E7D4BF4211E9A93A3957C4F9AE02.roa (raw, json) Hash identifier: aA6kp8g67VqUy5NvcJyaimLYGa49hstJeJR2YVQCPpY= Subject key identifier: AD:4C:FB:20:B7:07:8D:A0:8E:7A:C4:97:38:7C:5A:15:F0:A9:AE:86 Certificate issuer: /CN=A91E2AE5/serialNumber=B43A5A60D46806A69FFEF7C676219EC4BA8BA36D Certificate serial: 2A9F Authority key identifier: B4:3A:5A:60:D4:68:06:A6:9F:FE:F7:C6:76:21:9E:C4:BA:8B:A3:6D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tDpaYNRoBqaf_vfGdiGexLqLo20.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E2AE5/8D3E54EAED5911E3B09011925911EA32/2815E7D4BF4211E9A93A3957C4F9AE02.roa Signing time: Thu 14 Mar 2024 16:02:36 +0000 ROA not before: Thu 14 Mar 2024 16:02:36 +0000 ROA not after: Wed 28 May 2025 00:00:00 +0000 asID: 9988 IP address blocks: 43.224.40.0/22 maxlen: 24 103.25.12.0/22 maxlen: 22 203.81.64.0/19 maxlen: 19 203.81.64.0/21 maxlen: 22 203.81.72.0/21 maxlen: 22 203.81.80.0/21 maxlen: 22 203.81.88.0/21 maxlen: 22 203.81.93.0/24 maxlen: 24 203.81.95.0/24 maxlen: 24 2401:f200::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E2AE5/8D3E54EAED5911E3B09011925911EA32/tDpaYNRoBqaf_vfGdiGexLqLo20.crl rsync://rpki.apnic.net/member_repository/A91E2AE5/8D3E54EAED5911E3B09011925911EA32/tDpaYNRoBqaf_vfGdiGexLqLo20.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tDpaYNRoBqaf_vfGdiGexLqLo20.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 23 Jun 2024 14:50:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 10911 (0x2a9f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E2AE5/serialNumber=B43A5A60D46806A69FFEF7C676219EC4BA8BA36D Validity Not Before: Mar 14 16:02:36 2024 GMT Not After : May 28 00:00:00 2025 GMT Subject: CN=65f31f9c-4888 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:b3:f5:0b:f2:d1:5b:e3:1f:68:44:5d:85:f4: c6:c5:9d:67:51:e3:d5:92:23:be:8e:d1:09:d4:1f: 40:cb:f8:8e:df:69:b3:9e:00:29:73:d6:f7:e0:e2: df:ef:de:a5:0b:13:85:02:6b:e5:24:a3:b5:92:d8: b4:ed:23:db:27:4e:41:a7:97:67:7d:db:a5:4c:9c: f6:0e:9f:8c:7f:8c:67:33:4f:25:7b:5a:03:25:96: 42:27:13:49:09:6e:08:a3:67:a0:3a:e5:29:18:59: a7:42:b5:b6:12:91:ac:f9:2a:c1:05:2e:9c:5b:45: 58:f0:b6:80:60:7b:9c:82:d2:0c:42:aa:27:a2:eb: f4:f0:d0:ae:18:2d:69:4d:f8:9a:b0:f6:05:21:04: 45:47:c8:82:89:16:3e:22:fb:dc:92:76:86:9e:5e: 1e:20:98:e9:db:95:b8:fe:7f:2f:70:78:7e:19:97: 13:1d:f1:14:cf:f4:d0:44:d7:9d:4a:99:a1:c0:ba: e9:77:31:3e:d7:fc:16:7c:55:2c:ac:a2:52:31:62: b7:7b:b4:0b:c5:af:38:d4:4d:94:c7:21:c0:fa:ab: b9:36:83:d7:ce:0f:f6:d9:18:6a:3d:fe:59:04:a5: 23:4f:fe:c1:79:a5:fe:39:90:a5:4a:06:60:13:4d: b8:4d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AD:4C:FB:20:B7:07:8D:A0:8E:7A:C4:97:38:7C:5A:15:F0:A9:AE:86 X509v3 Authority Key Identifier: keyid:B4:3A:5A:60:D4:68:06:A6:9F:FE:F7:C6:76:21:9E:C4:BA:8B:A3:6D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E2AE5/8D3E54EAED5911E3B09011925911EA32/tDpaYNRoBqaf_vfGdiGexLqLo20.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tDpaYNRoBqaf_vfGdiGexLqLo20.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E2AE5/8D3E54EAED5911E3B09011925911EA32/2815E7D4BF4211E9A93A3957C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.224.40.0/22 103.25.12.0/22 203.81.64.0/19 IPv6: 2401:f200::/32 Signature Algorithm: sha256WithRSAEncryption 11:39:7c:f6:3b:37:3e:7a:4a:00:4f:c8:b1:7b:bf:67:21:c8: 57:64:d1:e1:e1:b7:03:36:0c:85:cf:70:ec:2a:b7:8f:9c:c8: 6e:21:88:fd:52:fc:d7:b4:19:d0:06:3e:52:ee:c4:6d:c3:f8: c2:7c:95:bb:46:f2:32:5d:65:77:0a:3b:65:9b:c8:02:19:5d: 05:1c:50:11:c4:1a:26:11:75:bd:0b:0f:f6:1e:07:38:43:4d: 7e:43:9c:a7:0e:8d:c4:b7:e2:3d:18:40:3b:2f:2f:cb:c5:40: 91:6e:9b:7c:1f:f5:f0:14:53:49:1a:8d:15:cd:c3:a5:f2:7f: 41:6a:c9:13:bc:f3:95:9d:37:85:3d:70:65:44:65:3c:91:80: 42:9d:7c:d1:30:75:b9:52:2b:e5:52:41:bd:05:8c:c2:fa:d5: 56:1a:43:7e:26:95:2f:df:84:58:2f:85:71:a2:0a:15:d1:62: 99:e6:c8:0b:23:1c:ba:13:05:ee:43:cf:97:04:5b:99:bc:8c: e7:3c:a6:c8:c1:66:cd:cd:a1:88:ad:c6:44:f3:b4:d7:5c:cd: ed:71:ae:bc:40:ac:bc:f0:cf:88:e5:d9:26:1b:6c:7d:7e:ad: 74:a2:0d:41:75:bc:7b:f9:ed:ec:99:e9:22:7e:73:a2:d6:e7: 44:c0:23:49 -----BEGIN CERTIFICATE----- MIIFjDCCBHSgAwIBAgICKp8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTJBRTUxMTAvBgNVBAUTKEI0M0E1QTYwRDQ2ODA2QTY5RkZFRjdDNjc2MjE5RUM0 QkE4QkEzNkQwHhcNMjQwMzE0MTYwMjM2WhcNMjUwNTI4MDAwMDAwWjAYMRYwFAYD VQQDEw02NWYzMWY5Yy00ODg4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAqbP1C/LRW+MfaERdhfTGxZ1nUePVkiO+jtEJ1B9Ay/iO32mzngApc9b34OLf 796lCxOFAmvlJKO1kti07SPbJ05Bp5dnfdulTJz2Dp+Mf4xnM08le1oDJZZCJxNJ CW4Io2egOuUpGFmnQrW2EpGs+SrBBS6cW0VY8LaAYHucgtIMQqonouv08NCuGC1p TfiasPYFIQRFR8iCiRY+IvvcknaGnl4eIJjp25W4/n8vcHh+GZcTHfEUz/TQRNed SpmhwLrpdzE+1/wWfFUsrKJSMWK3e7QLxa841E2UxyHA+qu5NoPXzg/22RhqPf5Z BKUjT/7BeaX+OZClSgZgE024TQIDAQABo4ICsDCCAqwwHQYDVR0OBBYEFK1M+yC3 B42gjnrElzh8WhXwqa6GMB8GA1UdIwQYMBaAFLQ6WmDUaAamn/73xnYhnsS6i6Nt MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFMkFFNS84RDNFNTRFQUVE NTkxMUUzQjA5MDExOTI1OTExRUEzMi90RHBhWU5Sb0JxYWZfdmZHZGlHZXhMcUxv MjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3REcGFZTlJvQnFhZl92ZkdkaUdleExxTG8yMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RTJBRTUvOEQzRTU0RUFFRDU5MTFFM0IwOTAxMTkyNTkxMUVBMzIvMjgxNUU3RDRC RjQyMTFFOUE5M0EzOTU3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOgYIKwYBBQUHAQcBAf8E KzApMBgEAgABMBIDBAIr4CgDBAJnGQwDBAXLUUAwDQQCAAIwBwMFACQB8gAwDQYJ KoZIhvcNAQELBQADggEBABE5fPY7Nz56SgBPyLF7v2chyFdk0eHhtwM2DIXPcOwq t4+cyG4hiP1S/Ne0GdAGPlLuxG3D+MJ8lbtG8jJdZXcKO2WbyAIZXQUcUBHEGiYR db0LD/YeBzhDTX5DnKcOjcS34j0YQDsvL8vFQJFum3wf9fAUU0kajRXNw6Xyf0Fq yRO885WdN4U9cGVEZTyRgEKdfNEwdblSK+VSQb0FjML61VYaQ34mlS/fhFgvhXGi ChXRYpnmyAsjHLoTBe5Dz5cEW5m8jOc8psjBZs3NoYitxkTztNdcze1xrrxArLzw z4jl2SYbbH1+rXSiDUF1vHv57eyZ6SJ+c6LW50TAI0k= -----END CERTIFICATE-----Generated at Sun Jun 16 16:38:19 2024 by rpki-client on console-fra.rpki-client.org