$ rpki-client -vvf rpki.apnic.net/member_repository/A9117E4D/EA1B1D6A1D8511E2979FE7DC08B02CD2/2FA57B9A97B611EDAE9D4381C4F9AE02.roa File: 2FA57B9A97B611EDAE9D4381C4F9AE02.roa (raw, json) Hash identifier: 3o2hy0qLO+z1FC2owvMkW8Mf5B3y4yK7LA6PPJMaRDI= Subject key identifier: 35:B9:DF:D6:4E:1F:2D:5E:03:58:97:B5:8A:F7:DC:0B:7C:95:4F:6B Certificate issuer: /CN=A9117E4D/serialNumber=AE107F3C2977717A1CD3571D183748FD07D9FC5F Certificate serial: 3434 Authority key identifier: AE:10:7F:3C:29:77:71:7A:1C:D3:57:1D:18:37:48:FD:07:D9:FC:5F Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rhB_PCl3cXoc01cdGDdI_QfZ_F8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9117E4D/EA1B1D6A1D8511E2979FE7DC08B02CD2/2FA57B9A97B611EDAE9D4381C4F9AE02.roa Signing time: Sat 02 Nov 2024 14:50:28 +0000 ROA not before: Sat 02 Nov 2024 14:50:28 +0000 ROA not after: Tue 30 Dec 2025 00:00:00 +0000 asID: 7545 IP address blocks: 14.202.192.0/24 maxlen: 24 60.241.61.0/24 maxlen: 24 203.219.48.0/22 maxlen: 22 220.240.122.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9117E4D/EA1B1D6A1D8511E2979FE7DC08B02CD2/rhB_PCl3cXoc01cdGDdI_QfZ_F8.crl rsync://rpki.apnic.net/member_repository/A9117E4D/EA1B1D6A1D8511E2979FE7DC08B02CD2/rhB_PCl3cXoc01cdGDdI_QfZ_F8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rhB_PCl3cXoc01cdGDdI_QfZ_F8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Nov 2024 14:25:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13364 (0x3434) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9117E4D/serialNumber=AE107F3C2977717A1CD3571D183748FD07D9FC5F Validity Not Before: Nov 2 14:50:28 2024 GMT Not After : Dec 30 00:00:00 2025 GMT Subject: CN=67263c34-5395 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:62:b7:72:b8:48:39:df:bb:d0:2a:b3:29:ad: f5:1f:62:91:a6:77:fe:f2:39:41:e6:b1:81:f7:be: 02:4d:00:5f:59:e7:b9:e4:96:09:7f:4e:66:d4:6c: 64:bf:43:bb:9e:97:b4:a1:bd:75:76:e7:43:a0:d9: d9:47:76:b4:7c:48:78:ee:0a:b1:6a:d0:c5:8d:a7: 2d:bb:dc:8f:00:86:c7:dc:1c:ff:9a:79:f6:f5:8a: 54:99:35:ca:f0:d0:34:6f:09:e2:1c:2a:1e:f7:56: ca:75:65:8c:bf:67:01:a7:86:99:08:b9:b2:a6:c2: b3:90:d2:af:3c:08:07:86:30:84:9f:ab:3c:89:fb: 6d:04:c6:4d:31:8f:f5:c5:04:09:3c:5e:90:c4:16: 9d:35:0e:92:37:6d:8a:00:a3:fb:a5:14:39:92:32: f2:54:12:ff:66:4b:f2:ea:3f:35:c6:c0:94:e7:60: 75:e9:9d:24:57:8d:59:a7:99:08:c6:21:7d:17:93: 02:81:eb:ca:02:3a:05:16:b3:e5:01:b6:d2:54:59: 90:cf:14:f5:25:e4:81:5b:49:69:8f:01:77:72:42: ec:21:70:7e:9a:21:5e:22:d4:f9:5c:c7:0f:e6:87: 3e:53:6d:87:a0:c1:12:bd:33:2e:9e:1a:57:01:d5: ab:bd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 35:B9:DF:D6:4E:1F:2D:5E:03:58:97:B5:8A:F7:DC:0B:7C:95:4F:6B X509v3 Authority Key Identifier: keyid:AE:10:7F:3C:29:77:71:7A:1C:D3:57:1D:18:37:48:FD:07:D9:FC:5F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9117E4D/EA1B1D6A1D8511E2979FE7DC08B02CD2/rhB_PCl3cXoc01cdGDdI_QfZ_F8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rhB_PCl3cXoc01cdGDdI_QfZ_F8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9117E4D/EA1B1D6A1D8511E2979FE7DC08B02CD2/2FA57B9A97B611EDAE9D4381C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 14.202.192.0/24 60.241.61.0/24 203.219.48.0/22 220.240.122.0/24 Signature Algorithm: sha256WithRSAEncryption a0:d1:90:31:b8:bf:8c:4f:62:71:8e:15:60:9d:41:bf:bf:13: da:94:10:27:92:99:1d:32:35:7a:e5:c6:76:50:ce:32:cf:be: 33:6d:f6:f7:b3:bb:14:a1:87:98:4b:89:c7:e6:80:0d:9e:de: dc:3b:b1:3a:46:38:50:62:d5:c9:d9:0f:b6:45:71:43:65:15: 2a:b2:de:be:7b:30:63:a5:2d:e1:d4:09:17:25:26:c4:c1:26: 92:eb:3e:84:3b:f5:3a:b7:6b:f0:1f:a9:15:2f:78:95:d7:7e: 5d:9e:56:17:17:b2:36:3b:48:62:6f:e9:53:e2:a5:5b:2c:23: a4:f5:e6:58:2b:be:5c:ba:81:e6:a3:e9:50:c5:d7:df:a2:71: 28:08:1f:a9:41:29:14:52:db:30:b8:51:dc:97:09:61:68:c6: ac:8a:ca:3d:22:f9:dc:03:29:3c:49:1e:6b:c6:ce:45:53:bf: 37:09:5e:78:8b:2b:c4:95:15:ea:8d:6d:d4:7b:65:d7:91:0a: 77:b1:26:00:b3:1c:e8:36:97:ef:33:3c:dd:45:12:2f:73:6f: 73:41:8b:ae:cf:a0:12:36:f7:3f:6f:6c:6b:85:d9:fb:d8:7f: 0a:94:bb:43:50:ef:98:e9:13:08:7c:90:78:8c:c7:ea:70:91: ec:cb:b3:e5 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgICNDQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MTdFNEQxMTAvBgNVBAUTKEFFMTA3RjNDMjk3NzcxN0ExQ0QzNTcxRDE4Mzc0OEZE MDdEOUZDNUYwHhcNMjQxMTAyMTQ1MDI4WhcNMjUxMjMwMDAwMDAwWjAYMRYwFAYD VQQDEw02NzI2M2MzNC01Mzk1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAuWK3crhIOd+70CqzKa31H2KRpnf+8jlB5rGB974CTQBfWee55JYJf05m1Gxk v0O7npe0ob11dudDoNnZR3a0fEh47gqxatDFjactu9yPAIbH3Bz/mnn29YpUmTXK 8NA0bwniHCoe91bKdWWMv2cBp4aZCLmypsKzkNKvPAgHhjCEn6s8ifttBMZNMY/1 xQQJPF6QxBadNQ6SN22KAKP7pRQ5kjLyVBL/Zkvy6j81xsCU52B16Z0kV41Zp5kI xiF9F5MCgevKAjoFFrPlAbbSVFmQzxT1JeSBW0lpjwF3ckLsIXB+miFeItT5XMcP 5oc+U22HoMESvTMunhpXAdWrvQIDAQABo4ICpzCCAqMwHQYDVR0OBBYEFDW539ZO Hy1eA1iXtYr33At8lU9rMB8GA1UdIwQYMBaAFK4Qfzwpd3F6HNNXHRg3SP0H2fxf MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExN0U0RC9FQTFCMUQ2QTFE ODUxMUUyOTc5RkU3REMwOEIwMkNEMi9yaEJfUENsM2NYb2MwMWNkR0RkSV9RZlpf RjguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3JoQl9QQ2wzY1hvYzAxY2RHRGRJX1FmWl9GOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MTdFNEQvRUExQjFENkExRDg1MTFFMjk3OUZFN0RDMDhCMDJDRDIvMkZBNTdCOUE5 N0I2MTFFREFFOUQ0MzgxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMQYIKwYBBQUHAQcBAf8E IjAgMB4EAgABMBgDBAAOysADBAA88T0DBALL2zADBADc8HowDQYJKoZIhvcNAQEL BQADggEBAKDRkDG4v4xPYnGOFWCdQb+/E9qUECeSmR0yNXrlxnZQzjLPvjNt9vez uxShh5hLicfmgA2e3tw7sTpGOFBi1cnZD7ZFcUNlFSqy3r57MGOlLeHUCRclJsTB JpLrPoQ79Tq3a/AfqRUveJXXfl2eVhcXsjY7SGJv6VPipVssI6T15lgrvly6geaj 6VDF19+icSgIH6lBKRRS2zC4UdyXCWFoxqyKyj0i+dwDKTxJHmvGzkVTvzcJXniL K8SVFeqNbdR7ZdeRCnexJgCzHOg2l+8zPN1FEi9zb3NBi67PoBI29z9vbGuF2fvY fwqUu0NQ75jpEwh8kHiMx+pwkezLs+U= -----END CERTIFICATE-----Generated at Fri Nov 22 15:25:34 2024 by rpki-client on console-fra.rpki-client.org