$ rpki-client -vvf rpki.apnic.net/member_repository/A91124CD/B97B7638E02D11EE9A042F5CC4F9AE02/CC6220C0E02E11EEBA9D291AC4F9AE02.roa File: CC6220C0E02E11EEBA9D291AC4F9AE02.roa (raw, json) Hash identifier: CQEL5kj4k2y2pQ/JT3F7+awUDx+X++2oXAreZHP5rt4= Subject key identifier: 53:26:74:9D:21:C5:C1:D1:3F:47:88:C9:A9:BC:4D:36:25:18:2D:99 Certificate issuer: /CN=A91124CD/serialNumber=B02396C1E4976DC24BB9F240F5CE556ED827FA2B Certificate serial: 02 Authority key identifier: B0:23:96:C1:E4:97:6D:C2:4B:B9:F2:40:F5:CE:55:6E:D8:27:FA:2B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sCOWweSXbcJLufJA9c5Vbtgn-is.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91124CD/B97B7638E02D11EE9A042F5CC4F9AE02/CC6220C0E02E11EEBA9D291AC4F9AE02.roa Signing time: Tue 12 Mar 2024 05:10:10 +0000 ROA not before: Tue 12 Mar 2024 05:10:10 +0000 ROA not after: Tue 01 Jul 2025 00:00:00 +0000 asID: 152636 IP address blocks: 202.37.40.0/23 maxlen: 23 202.37.40.0/24 maxlen: 24 202.37.41.0/24 maxlen: 24 2001:df3:89c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91124CD/B97B7638E02D11EE9A042F5CC4F9AE02/sCOWweSXbcJLufJA9c5Vbtgn-is.crl rsync://rpki.apnic.net/member_repository/A91124CD/B97B7638E02D11EE9A042F5CC4F9AE02/sCOWweSXbcJLufJA9c5Vbtgn-is.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sCOWweSXbcJLufJA9c5Vbtgn-is.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 30 Nov 2024 02:50:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2 (0x2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91124CD/serialNumber=B02396C1E4976DC24BB9F240F5CE556ED827FA2B Validity Not Before: Mar 12 05:10:10 2024 GMT Not After : Jul 1 00:00:00 2025 GMT Subject: CN=65efe3b1-f112 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:a2:e8:70:98:14:36:b3:0d:76:a8:b9:40:4f: d4:a6:77:20:83:46:b1:7d:a4:24:5e:fc:ee:f3:eb: fc:0a:25:08:50:b3:b3:83:21:6b:ca:62:3b:a1:2a: a1:96:4f:68:a1:9a:8f:06:60:0d:3b:a7:0f:2a:2a: dd:59:a1:60:25:1f:5f:30:0e:1c:92:7f:5f:25:11: 4c:f1:3f:9f:a9:1b:8a:3b:bc:57:d6:2c:29:4f:58: b7:3a:0a:3c:a1:86:a0:75:16:76:3f:40:20:ec:ef: d0:ce:16:4e:36:cc:a3:f3:86:1d:70:90:40:9c:41: bd:53:4d:99:73:c9:7c:f4:f5:d9:0b:da:46:40:53: f4:c5:54:26:f3:26:94:fc:1b:11:1d:ef:62:87:01: 74:b8:3f:83:c3:7c:e7:bf:3b:69:5f:85:b8:62:f8: 89:32:e8:a4:a4:e9:89:0b:0f:ad:e6:58:46:af:b3: 23:09:cd:ce:9b:74:6d:ad:db:c5:cc:a6:93:52:81: 6c:f7:60:4f:7f:1e:80:4f:22:4e:65:0b:4b:d7:66: ad:85:81:75:13:96:67:af:70:7d:24:92:a5:ba:aa: 03:bc:d4:e4:e2:8a:a4:87:15:85:87:10:54:37:b8: 92:b6:a4:58:14:0e:bb:5d:b1:1d:40:0e:03:aa:6f: 9a:1b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 53:26:74:9D:21:C5:C1:D1:3F:47:88:C9:A9:BC:4D:36:25:18:2D:99 X509v3 Authority Key Identifier: keyid:B0:23:96:C1:E4:97:6D:C2:4B:B9:F2:40:F5:CE:55:6E:D8:27:FA:2B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91124CD/B97B7638E02D11EE9A042F5CC4F9AE02/sCOWweSXbcJLufJA9c5Vbtgn-is.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sCOWweSXbcJLufJA9c5Vbtgn-is.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91124CD/B97B7638E02D11EE9A042F5CC4F9AE02/CC6220C0E02E11EEBA9D291AC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 202.37.40.0/23 IPv6: 2001:df3:89c0::/48 Signature Algorithm: sha256WithRSAEncryption 31:96:be:08:ff:4d:fa:81:aa:d6:4a:45:10:46:11:34:40:1c: 63:d1:43:03:a0:96:5f:e8:f1:d2:81:9e:02:ef:24:e6:7b:ed: 74:aa:0e:15:15:d8:37:15:6e:9f:00:79:8f:9a:f9:9b:9a:78: 00:5a:2b:ab:0c:59:5a:44:a7:ab:b8:24:75:d9:67:f6:45:a6: 17:76:2f:ef:0a:a6:2b:2e:bc:d1:d6:38:e9:42:6b:9f:98:c4: 9b:1c:31:f3:9e:16:2d:e2:af:23:9a:58:22:c7:69:59:1d:df: d4:6b:9a:d0:d8:59:3a:dd:94:e7:ed:33:ce:07:31:ac:b5:ef: dc:e1:d4:1b:55:11:5d:96:a2:7e:ae:f2:a8:e1:58:23:2a:e7: 7c:f6:65:ed:7d:8f:a2:84:4c:88:30:6a:0a:ec:ef:c5:f1:82: 30:01:d0:92:a0:1b:c8:24:1a:6f:0a:f1:f4:c3:ec:f5:c2:c2: 07:36:0b:c5:d8:8f:9e:a4:44:2b:59:d4:61:06:91:78:75:fc: d7:7a:8f:5c:5a:da:59:37:e9:77:5d:88:4b:58:d2:8d:0f:c8: b2:c6:79:2f:e8:50:b0:a5:22:ba:7d:73:49:59:f2:12:9a:33: 56:c6:a1:ca:e3:e5:c5:af:11:be:8a:3f:06:d3:43:d8:dc:d4: 85:24:e0:9b -----BEGIN CERTIFICATE----- MIIFgTCCBGmgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEx MjRDRDExMC8GA1UEBRMoQjAyMzk2QzFFNDk3NkRDMjRCQjlGMjQwRjVDRTU1NkVE ODI3RkEyQjAeFw0yNDAzMTIwNTEwMTBaFw0yNTA3MDEwMDAwMDBaMBgxFjAUBgNV BAMTDTY1ZWZlM2IxLWYxMTIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCqouhwmBQ2sw12qLlAT9SmdyCDRrF9pCRe/O7z6/wKJQhQs7ODIWvKYjuhKqGW T2ihmo8GYA07pw8qKt1ZoWAlH18wDhySf18lEUzxP5+pG4o7vFfWLClPWLc6Cjyh hqB1FnY/QCDs79DOFk42zKPzhh1wkECcQb1TTZlzyXz09dkL2kZAU/TFVCbzJpT8 GxEd72KHAXS4P4PDfOe/O2lfhbhi+Iky6KSk6YkLD63mWEavsyMJzc6bdG2t28XM ppNSgWz3YE9/HoBPIk5lC0vXZq2FgXUTlmevcH0kkqW6qgO81OTiiqSHFYWHEFQ3 uJK2pFgUDrtdsR1ADgOqb5obAgMBAAGjggKmMIICojAdBgNVHQ4EFgQUUyZ0nSHF wdE/R4jJqbxNNiUYLZkwHwYDVR0jBBgwFoAUsCOWweSXbcJLufJA9c5Vbtgn+isw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTEyNENEL0I5N0I3NjM4RTAy RDExRUU5QTA0MkY1Q0M0RjlBRTAyL3NDT1d3ZVNYYmNKTHVmSkE5YzVWYnRnbi1p cy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvc0NPV3dlU1hiY0pMdWZKQTljNVZidGduLWlzLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx MjRDRC9COTdCNzYzOEUwMkQxMUVFOUEwNDJGNUNDNEY5QUUwMi9DQzYyMjBDMEUw MkUxMUVFQkE5RDI5MUFDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAwBggrBgEFBQcBBwEB/wQh MB8wDAQCAAEwBgMEAcolKDAPBAIAAjAJAwcAIAEN84nAMA0GCSqGSIb3DQEBCwUA A4IBAQAxlr4I/036garWSkUQRhE0QBxj0UMDoJZf6PHSgZ4C7yTme+10qg4VFdg3 FW6fAHmPmvmbmngAWiurDFlaRKeruCR12Wf2RaYXdi/vCqYrLrzR1jjpQmufmMSb HDHznhYt4q8jmlgix2lZHd/Ua5rQ2Fk63ZTn7TPOBzGste/c4dQbVRFdlqJ+rvKo 4VgjKud89mXtfY+ihEyIMGoK7O/F8YIwAdCSoBvIJBpvCvH0w+z1wsIHNgvF2I+e pEQrWdRhBpF4dfzXeo9cWtpZN+l3XYhLWNKND8iyxnkv6FCwpSK6fXNJWfISmjNW xqHK4+XFrxG+ij8G00PY3NSFJOCb -----END CERTIFICATE-----Generated at Sat Nov 23 06:21:21 2024 by rpki-client on console-fra.rpki-client.org