$ rpki-client -vvf rpki.apnic.net/member_repository/A911B5B4/709F7A26B82911E993738A09C4F9AE02/9F8B79C2C78E11EBB4983F5BC4F9AE02.roa File: 9F8B79C2C78E11EBB4983F5BC4F9AE02.roa (raw, json) Hash identifier: tQnBQsTaVMkjPaaCC9AmlwaFsYhC+13rEDRJ04yr2ec= Subject key identifier: AF:2B:8E:25:DC:A5:5E:E3:8C:5B:89:DA:D9:53:74:0F:39:8C:B8:6D Certificate issuer: /CN=A911B5B4/serialNumber=9DF94C33D3F647AE3D91361E1F172C20686F5989 Certificate serial: 0CED Authority key identifier: 9D:F9:4C:33:D3:F6:47:AE:3D:91:36:1E:1F:17:2C:20:68:6F:59:89 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nflMM9P2R649kTYeHxcsIGhvWYk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A911B5B4/709F7A26B82911E993738A09C4F9AE02/9F8B79C2C78E11EBB4983F5BC4F9AE02.roa Signing time: Wed 17 Jan 2024 01:47:23 +0000 ROA not before: Wed 17 Jan 2024 01:47:23 +0000 ROA not after: Thu 31 Oct 2024 00:00:00 +0000 asID: 23855 IP address blocks: 203.30.38.0/23 maxlen: 24 2001:df0:21a::/48 maxlen: 48 2401:c7c0:3::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A911B5B4/709F7A26B82911E993738A09C4F9AE02/nflMM9P2R649kTYeHxcsIGhvWYk.crl rsync://rpki.apnic.net/member_repository/A911B5B4/709F7A26B82911E993738A09C4F9AE02/nflMM9P2R649kTYeHxcsIGhvWYk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nflMM9P2R649kTYeHxcsIGhvWYk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 23 May 2024 18:52:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3309 (0xced) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A911B5B4/serialNumber=9DF94C33D3F647AE3D91361E1F172C20686F5989 Validity Not Before: Jan 17 01:47:23 2024 GMT Not After : Oct 31 00:00:00 2024 GMT Subject: CN=65a731ab-d738 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:59:de:7a:5f:9d:b1:45:72:36:8d:c5:6d:d9: 89:3e:c6:2c:49:19:9b:9f:be:44:86:f7:32:1d:a5: f2:ed:b4:c3:6d:f5:13:e5:46:fa:d6:d9:39:35:7d: a8:97:3b:30:29:47:d4:ce:9e:a7:31:c9:a3:a0:29: 02:bf:8e:d6:bc:2f:ad:2e:06:8e:27:4c:40:c5:a4: 5f:b1:76:a7:5a:d5:c0:b5:76:fa:84:c0:09:d4:01: 98:e6:b3:40:46:d1:68:30:5a:ac:ee:e1:31:d8:92: e1:ac:88:32:3d:7c:28:e9:55:b4:f6:71:c1:a0:cc: 44:3f:7d:13:0e:e5:d1:75:7c:b2:bd:a2:f3:42:a7: d9:60:65:df:37:1e:70:86:f4:3a:1a:51:7d:e5:e7: 33:0f:76:1a:bf:72:51:d7:3d:c2:42:82:af:b8:db: 4d:47:a9:57:19:df:30:ca:79:7d:5c:92:c6:90:93: 69:42:82:c5:06:82:71:4d:01:ef:ed:8e:93:d4:e6: d4:20:b0:51:9e:20:9b:4b:70:89:85:47:00:9f:0b: 90:ab:7d:b4:ec:43:64:cf:6d:e7:0a:a0:b5:c3:b4: 20:51:57:21:50:65:d8:c4:a4:98:81:41:9d:05:02: 01:9a:3d:5d:87:3b:31:3c:f1:d2:85:66:4e:66:0b: 3d:cd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AF:2B:8E:25:DC:A5:5E:E3:8C:5B:89:DA:D9:53:74:0F:39:8C:B8:6D X509v3 Authority Key Identifier: keyid:9D:F9:4C:33:D3:F6:47:AE:3D:91:36:1E:1F:17:2C:20:68:6F:59:89 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A911B5B4/709F7A26B82911E993738A09C4F9AE02/nflMM9P2R649kTYeHxcsIGhvWYk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nflMM9P2R649kTYeHxcsIGhvWYk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911B5B4/709F7A26B82911E993738A09C4F9AE02/9F8B79C2C78E11EBB4983F5BC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 203.30.38.0/23 IPv6: 2001:df0:21a::/48 2401:c7c0:3::/48 Signature Algorithm: sha256WithRSAEncryption 48:e1:ec:36:f1:e8:44:c3:3f:ad:5e:ab:b4:ce:24:81:ca:25: 19:33:8d:53:fb:f8:0c:1d:25:b5:b4:d6:26:ba:d4:65:1b:c4: bb:c7:6e:71:8f:0a:0c:e0:3f:7e:54:0e:cb:37:2e:14:57:62: bd:2d:d7:a0:7a:0a:c5:5d:d7:47:bb:ab:d1:5c:ce:d4:37:ce: 22:d5:76:0e:47:c1:4f:32:73:cf:bf:b8:95:d4:0a:1f:92:53: c2:5b:00:2e:c5:61:78:35:5a:48:d7:76:b7:eb:ef:af:29:6e: 3f:55:96:62:83:b8:0c:26:a0:75:f2:4b:dc:d1:4a:30:de:ff: ee:68:92:21:a4:ff:1c:a3:32:20:ad:2b:74:99:66:30:ed:83: 37:81:c9:e4:6f:05:af:5e:08:8b:bd:62:ec:c9:e2:4d:72:7e: e3:32:ad:bf:39:25:5c:69:9f:45:3d:67:4d:00:43:f9:33:ec: c5:bc:46:16:05:e3:3f:34:d9:dd:8e:2a:1b:c0:38:ce:d7:97: 6c:c5:ea:9d:a2:8e:e8:5a:f2:7d:06:76:b0:24:a8:94:13:00: 71:a1:6f:36:c8:8e:53:2a:4e:ab:cb:60:94:72:16:f7:bc:c4: 02:ca:fa:d9:70:71:4e:dc:c6:87:41:75:06:41:63:34:bd:d7: 3d:ef:88:9a -----BEGIN CERTIFICATE----- MIIFizCCBHOgAwIBAgICDO0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MUI1QjQxMTAvBgNVBAUTKDlERjk0QzMzRDNGNjQ3QUUzRDkxMzYxRTFGMTcyQzIw Njg2RjU5ODkwHhcNMjQwMTE3MDE0NzIzWhcNMjQxMDMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NWE3MzFhYi1kNzM4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAylneel+dsUVyNo3FbdmJPsYsSRmbn75EhvcyHaXy7bTDbfUT5Ub61tk5NX2o lzswKUfUzp6nMcmjoCkCv47WvC+tLgaOJ0xAxaRfsXanWtXAtXb6hMAJ1AGY5rNA RtFoMFqs7uEx2JLhrIgyPXwo6VW09nHBoMxEP30TDuXRdXyyvaLzQqfZYGXfNx5w hvQ6GlF95eczD3Yav3JR1z3CQoKvuNtNR6lXGd8wynl9XJLGkJNpQoLFBoJxTQHv 7Y6T1ObUILBRniCbS3CJhUcAnwuQq3207ENkz23nCqC1w7QgUVchUGXYxKSYgUGd BQIBmj1dhzsxPPHShWZOZgs9zQIDAQABo4ICrzCCAqswHQYDVR0OBBYEFK8rjiXc pV7jjFuJ2tlTdA85jLhtMB8GA1UdIwQYMBaAFJ35TDPT9keuPZE2Hh8XLCBob1mJ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQjVCNC83MDlGN0EyNkI4 MjkxMUU5OTM3MzhBMDlDNEY5QUUwMi9uZmxNTTlQMlI2NDlrVFllSHhjc0lHaHZX WWsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL25mbE1NOVAyUjY0OWtUWWVIeGNzSUdodldZay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MUI1QjQvNzA5RjdBMjZCODI5MTFFOTkzNzM4QTA5QzRGOUFFMDIvOUY4Qjc5QzJD NzhFMTFFQkI0OTgzRjVCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOQYIKwYBBQUHAQcBAf8E KjAoMAwEAgABMAYDBAHLHiYwGAQCAAIwEgMHACABDfACGgMHACQBx8AAAzANBgkq hkiG9w0BAQsFAAOCAQEASOHsNvHoRMM/rV6rtM4kgcolGTONU/v4DB0ltbTWJrrU ZRvEu8ducY8KDOA/flQOyzcuFFdivS3XoHoKxV3XR7ur0VzO1DfOItV2DkfBTzJz z7+4ldQKH5JTwlsALsVheDVaSNd2t+vvryluP1WWYoO4DCagdfJL3NFKMN7/7miS IaT/HKMyIK0rdJlmMO2DN4HJ5G8Fr14Ii71i7MniTXJ+4zKtvzklXGmfRT1nTQBD +TPsxbxGFgXjPzTZ3Y4qG8A4zteXbMXqnaKO6FryfQZ2sCSolBMAcaFvNsiOUypO q8tglHIW97zEAsr62XBxTtzGh0F1BkFjNL3XPe+Img== -----END CERTIFICATE-----Generated at Thu May 16 19:49:58 2024 by rpki-client on console-fra.rpki-client.org