$ rpki-client -vvf rpki.apnic.net/member_repository/A91E96D9/80DFDEC0E5DD11EAB2468D65C4F9AE02/C8C64A4AED4D11EA895BC037C4F9AE02.roa File: C8C64A4AED4D11EA895BC037C4F9AE02.roa (raw, json) Hash identifier: nC1WBHIp4+7rOVDK2SGvb6WbxsoSeuXt9b32LImOpZY= Subject key identifier: 3D:62:7B:EC:3C:CE:B2:8D:6D:D0:8B:C5:86:AA:FA:EA:3C:8F:2D:41 Certificate issuer: /CN=A91E96D9/serialNumber=219EA63C6AC966DDB285886BD711C78A14DF512B Certificate serial: 0712 Authority key identifier: 21:9E:A6:3C:6A:C9:66:DD:B2:85:88:6B:D7:11:C7:8A:14:DF:51:2B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IZ6mPGrJZt2yhYhr1xHHihTfUSs.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E96D9/80DFDEC0E5DD11EAB2468D65C4F9AE02/C8C64A4AED4D11EA895BC037C4F9AE02.roa Signing time: Mon 16 Oct 2023 22:09:58 +0000 ROA not before: Mon 16 Oct 2023 22:09:58 +0000 ROA not after: Mon 30 Dec 2024 00:00:00 +0000 asID: 38488 IP address blocks: 116.0.42.0/24 maxlen: 24 202.123.240.0/24 maxlen: 24 202.123.242.0/24 maxlen: 24 202.123.243.0/24 maxlen: 24 202.123.244.0/24 maxlen: 24 202.123.245.0/24 maxlen: 24 202.123.246.0/24 maxlen: 24 2400:a960::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E96D9/80DFDEC0E5DD11EAB2468D65C4F9AE02/IZ6mPGrJZt2yhYhr1xHHihTfUSs.crl rsync://rpki.apnic.net/member_repository/A91E96D9/80DFDEC0E5DD11EAB2468D65C4F9AE02/IZ6mPGrJZt2yhYhr1xHHihTfUSs.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IZ6mPGrJZt2yhYhr1xHHihTfUSs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 07 Jun 2024 22:47:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1810 (0x712) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E96D9/serialNumber=219EA63C6AC966DDB285886BD711C78A14DF512B Validity Not Before: Oct 16 22:09:58 2023 GMT Not After : Dec 30 00:00:00 2024 GMT Subject: CN=652db4b6-20fc Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:20:07:68:30:d9:dd:ee:ac:cb:f5:1d:90:55: bf:10:ca:06:3d:b4:ba:af:dd:22:b8:b3:ef:8b:dd: ba:d8:89:16:ac:be:c2:78:6c:16:d8:eb:64:60:5d: 20:4a:54:7f:3b:56:bf:53:5f:e9:d1:c8:a4:8e:61: eb:a7:5a:3e:a5:ee:84:ab:21:f2:2e:92:f3:2a:ba: 65:9a:4f:f3:9d:a2:b5:5d:dc:80:63:dc:0d:05:dd: e5:e1:f3:5d:03:72:0c:19:e1:92:ae:1a:63:b7:05: a8:07:c0:71:73:83:23:9b:ed:04:5b:fb:d2:36:88: 49:db:cb:f7:e1:fc:02:53:06:4f:1a:f3:a6:db:01: 86:fd:86:70:a7:7b:22:60:5e:25:b2:59:0d:60:58: 2b:15:b0:9f:cc:3d:4e:64:d0:9b:6f:c9:e9:aa:28: df:a8:2b:f5:db:a2:76:70:6b:c3:01:61:14:0b:47: fa:b6:5d:7e:1c:f4:85:6c:c3:5d:4d:7f:fe:b7:00: 40:19:82:fc:cf:17:7d:0b:0d:28:c0:8f:77:66:9b: a6:66:c6:a8:3e:1d:e9:96:9d:d2:29:3b:04:80:96: c6:56:eb:f8:47:f7:e4:08:3d:00:8b:61:eb:da:f9: b9:bf:e8:85:ec:32:a0:c8:44:af:6d:a1:8e:51:5a: 20:2d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3D:62:7B:EC:3C:CE:B2:8D:6D:D0:8B:C5:86:AA:FA:EA:3C:8F:2D:41 X509v3 Authority Key Identifier: keyid:21:9E:A6:3C:6A:C9:66:DD:B2:85:88:6B:D7:11:C7:8A:14:DF:51:2B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E96D9/80DFDEC0E5DD11EAB2468D65C4F9AE02/IZ6mPGrJZt2yhYhr1xHHihTfUSs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IZ6mPGrJZt2yhYhr1xHHihTfUSs.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E96D9/80DFDEC0E5DD11EAB2468D65C4F9AE02/C8C64A4AED4D11EA895BC037C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 116.0.42.0/24 202.123.240.0/24 202.123.242.0-202.123.246.255 IPv6: 2400:a960::/48 Signature Algorithm: sha256WithRSAEncryption a2:9c:25:88:c1:e4:6d:76:99:47:97:32:d6:64:35:1c:f9:8b: 66:3b:a7:c3:f1:1a:eb:02:90:6a:09:57:ae:77:42:50:90:b5: 42:5c:18:fb:84:a9:8a:2a:48:27:42:b3:bf:f3:af:37:16:9d: 2b:41:f1:f4:a8:8f:09:c5:ed:7d:8b:91:b2:17:d7:70:f7:b2: 69:7a:c2:51:2e:63:77:e8:6b:81:20:63:56:b4:c1:a7:47:55: 91:39:4f:ab:a9:02:62:07:5b:be:d0:04:8e:aa:8a:d0:55:b1: 9c:ef:ac:0e:46:06:d9:6c:20:b5:89:d1:79:de:eb:5f:7f:2f: bd:85:6d:23:a1:3c:39:25:23:fb:63:83:bf:c8:b8:3f:dc:f5: 38:8b:4b:ac:ec:79:27:64:d1:3f:58:c9:28:94:55:52:32:6d: cc:fb:72:01:8f:02:37:2e:d7:7e:ef:b6:1f:c6:2e:cd:39:8b: 1d:7e:32:47:fd:ae:6f:97:93:0c:d3:33:07:9a:62:27:52:6b: 5b:d7:d2:30:fc:3c:81:79:4c:d4:2d:f8:12:5c:d1:3a:ee:06: 7c:da:f9:d8:b6:56:d7:13:33:5c:b9:a9:5c:a5:e6:ff:64:32: 25:4d:77:6a:f0:e5:77:b5:21:6e:c5:dc:aa:88:3d:0f:15:d8: 31:36:4a:25 -----BEGIN CERTIFICATE----- MIIFljCCBH6gAwIBAgICBxIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTk2RDkxMTAvBgNVBAUTKDIxOUVBNjNDNkFDOTY2RERCMjg1ODg2QkQ3MTFDNzhB MTRERjUxMkIwHhcNMjMxMDE2MjIwOTU4WhcNMjQxMjMwMDAwMDAwWjAYMRYwFAYD VQQDEw02NTJkYjRiNi0yMGZjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvyAHaDDZ3e6sy/UdkFW/EMoGPbS6r90iuLPvi9262IkWrL7CeGwW2OtkYF0g SlR/O1a/U1/p0cikjmHrp1o+pe6EqyHyLpLzKrplmk/znaK1XdyAY9wNBd3l4fNd A3IMGeGSrhpjtwWoB8Bxc4Mjm+0EW/vSNohJ28v34fwCUwZPGvOm2wGG/YZwp3si YF4lslkNYFgrFbCfzD1OZNCbb8npqijfqCv126J2cGvDAWEUC0f6tl1+HPSFbMNd TX/+twBAGYL8zxd9Cw0owI93ZpumZsaoPh3plp3SKTsEgJbGVuv4R/fkCD0Ai2Hr 2vm5v+iF7DKgyESvbaGOUVogLQIDAQABo4ICujCCArYwHQYDVR0OBBYEFD1ie+w8 zrKNbdCLxYaq+uo8jy1BMB8GA1UdIwQYMBaAFCGepjxqyWbdsoWIa9cRx4oU31Er MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFOTZEOS84MERGREVDMEU1 REQxMUVBQjI0NjhENjVDNEY5QUUwMi9JWjZtUEdySlp0MnloWWhyMXhISGloVGZV U3MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0laNm1QR3JKWnQyeWhZaHIxeEhIaWhUZlVTcy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RTk2RDkvODBERkRFQzBFNUREMTFFQUIyNDY4RDY1QzRGOUFFMDIvQzhDNjRBNEFF RDREMTFFQTg5NUJDMDM3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwRAYIKwYBBQUHAQcBAf8E NTAzMCAEAgABMBoDBAB0ACoDBADKe/AwDAMEAcp78gMEAMp79jAPBAIAAjAJAwcA JACpYAAAMA0GCSqGSIb3DQEBCwUAA4IBAQCinCWIweRtdplHlzLWZDUc+YtmO6fD 8RrrApBqCVeud0JQkLVCXBj7hKmKKkgnQrO/8683Fp0rQfH0qI8Jxe19i5GyF9dw 97JpesJRLmN36GuBIGNWtMGnR1WROU+rqQJiB1u+0ASOqorQVbGc76wORgbZbCC1 idF53utffy+9hW0joTw5JSP7Y4O/yLg/3PU4i0us7HknZNE/WMkolFVSMm3M+3IB jwI3Ltd+77Yfxi7NOYsdfjJH/a5vl5MM0zMHmmInUmtb19Iw/DyBeUzULfgSXNE6 7gZ82vnYtlbXEzNcualcpeb/ZDIlTXdq8OV3tSFuxdyqiD0PFdgxNkol -----END CERTIFICATE-----Generated at Fri May 31 23:53:09 2024 by rpki-client on console-fra.rpki-client.org