$ rpki-client -vvf rpki.apnic.net/member_repository/A911CA78/BE8846D235D811EAA730EC46C4F9AE02/8AD3E23A17DC11EE959DE671C4F9AE02.roa File: 8AD3E23A17DC11EE959DE671C4F9AE02.roa (raw, json) Hash identifier: PKsDSE++tpiuRbgwrHeHAeh7n6meO++g3hLvB1gQXYI= Subject key identifier: 37:8E:ED:34:E5:C5:D5:FB:6B:4D:EF:44:14:DF:9B:5D:F9:A8:E4:D5 Certificate issuer: /CN=A911CA78/serialNumber=40562C143A29CB19C70FFC9B99B60BBECD1D73B6 Certificate serial: 0AE5 Authority key identifier: 40:56:2C:14:3A:29:CB:19:C7:0F:FC:9B:99:B6:0B:BE:CD:1D:73:B6 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QFYsFDopyxnHD_ybmbYLvs0dc7Y.cer Subject info access: rsync://rpki.apnic.net/member_repository/A911CA78/BE8846D235D811EAA730EC46C4F9AE02/8AD3E23A17DC11EE959DE671C4F9AE02.roa Signing time: Mon 04 Dec 2023 20:08:02 +0000 ROA not before: Mon 04 Dec 2023 20:08:02 +0000 ROA not after: Sun 02 Mar 2025 00:00:00 +0000 asID: 24514 IP address blocks: 1.9.21.0/24 maxlen: 24 1.9.65.0/24 maxlen: 24 203.106.56.0/21 maxlen: 21 203.106.64.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A911CA78/BE8846D235D811EAA730EC46C4F9AE02/QFYsFDopyxnHD_ybmbYLvs0dc7Y.crl rsync://rpki.apnic.net/member_repository/A911CA78/BE8846D235D811EAA730EC46C4F9AE02/QFYsFDopyxnHD_ybmbYLvs0dc7Y.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QFYsFDopyxnHD_ybmbYLvs0dc7Y.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 07 Jun 2024 20:52:01 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2789 (0xae5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A911CA78/serialNumber=40562C143A29CB19C70FFC9B99B60BBECD1D73B6 Validity Not Before: Dec 4 20:08:02 2023 GMT Not After : Mar 2 00:00:00 2025 GMT Subject: CN=656e31a1-fc5f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:33:f0:c1:db:0e:ca:cb:2e:38:07:2e:a7:20: 90:f1:ff:e2:dc:56:53:4a:0c:51:66:86:8d:52:d1: ba:3c:4f:73:13:43:46:d3:19:61:42:85:f2:5b:d3: 40:b0:10:4c:62:e1:2f:28:20:0e:ee:2d:fe:b2:c3: e3:fd:12:63:28:cb:c2:82:ae:62:c9:72:b0:66:4d: 7e:45:92:09:ff:7a:34:8d:db:7d:80:40:ed:b8:ce: ee:b9:c4:d3:ad:49:68:69:54:b8:18:c7:66:34:64: 6a:56:88:47:ad:94:96:7d:47:e6:49:84:63:31:84: ee:1e:d7:a0:18:88:35:7a:98:d4:4f:33:87:c2:2b: 90:62:da:8a:bc:02:4b:26:5d:52:55:ec:62:d4:d4: b1:76:c8:9a:a4:b0:77:de:2a:cb:45:90:9f:37:bf: 16:fe:af:fd:bb:c7:21:ee:fb:99:86:fd:fc:d4:87: 80:a3:68:6d:cf:4d:60:55:3c:75:15:5f:58:73:49: d8:83:37:15:5f:73:6d:f0:cc:69:80:0f:5e:e5:97: 9e:e9:60:f4:04:f7:74:33:5d:36:87:b4:13:4c:71: 83:90:f0:ac:70:83:79:c9:c5:f5:5f:17:db:b7:de: f7:0a:cb:25:bf:c9:9d:c9:d4:7c:d5:7b:fa:d3:35: 25:19 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 37:8E:ED:34:E5:C5:D5:FB:6B:4D:EF:44:14:DF:9B:5D:F9:A8:E4:D5 X509v3 Authority Key Identifier: keyid:40:56:2C:14:3A:29:CB:19:C7:0F:FC:9B:99:B6:0B:BE:CD:1D:73:B6 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A911CA78/BE8846D235D811EAA730EC46C4F9AE02/QFYsFDopyxnHD_ybmbYLvs0dc7Y.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QFYsFDopyxnHD_ybmbYLvs0dc7Y.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911CA78/BE8846D235D811EAA730EC46C4F9AE02/8AD3E23A17DC11EE959DE671C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 1.9.21.0/24 1.9.65.0/24 203.106.56.0-203.106.67.255 Signature Algorithm: sha256WithRSAEncryption 0d:8f:43:fb:f5:da:dc:c8:69:a8:6f:6a:a0:22:c1:90:bc:dc: d8:c0:ef:e7:74:52:7f:08:c7:0d:b0:b5:ad:10:d7:38:d3:e9: 43:ae:6b:f8:ff:7d:ee:28:c5:7a:25:26:f5:3e:19:dc:5d:bc: af:bc:d6:af:49:56:0a:d4:41:f8:b6:9f:34:eb:81:3c:34:cc: da:de:7e:7f:01:0b:4b:a3:e4:37:b1:0b:7b:5d:a9:49:d0:7c: d3:59:35:2a:4b:14:ad:73:49:10:af:43:96:73:52:05:79:f2: 22:db:87:a1:c0:60:24:da:62:d3:08:d1:a7:56:33:db:a0:de: c8:f7:3b:41:d1:77:50:d3:f6:48:17:bd:b8:84:f7:3b:df:c3: a3:4b:05:1d:01:c3:4c:f5:e7:41:00:dc:2a:b2:bd:5f:d2:02: 56:3a:6b:83:e1:60:ce:30:38:d6:70:00:1b:ee:61:2d:5d:bd: a2:39:76:c9:66:9f:da:41:94:22:5e:e9:e5:7f:9d:44:11:02: a1:6e:36:25:39:f7:01:a7:c9:ce:56:4c:56:8a:95:cb:e1:8e: 05:0b:be:30:c7:52:6f:2b:5d:29:1e:2d:1b:b3:70:00:63:d4: 26:6f:54:cc:9b:1b:da:4c:25:b3:0d:0e:5f:80:b5:b0:79:30: d9:df:87:c6 -----BEGIN CERTIFICATE----- MIIFhTCCBG2gAwIBAgICCuUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MUNBNzgxMTAvBgNVBAUTKDQwNTYyQzE0M0EyOUNCMTlDNzBGRkM5Qjk5QjYwQkJF Q0QxRDczQjYwHhcNMjMxMjA0MjAwODAyWhcNMjUwMzAyMDAwMDAwWjAYMRYwFAYD VQQDEw02NTZlMzFhMS1mYzVmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAuTPwwdsOyssuOAcupyCQ8f/i3FZTSgxRZoaNUtG6PE9zE0NG0xlhQoXyW9NA sBBMYuEvKCAO7i3+ssPj/RJjKMvCgq5iyXKwZk1+RZIJ/3o0jdt9gEDtuM7uucTT rUloaVS4GMdmNGRqVohHrZSWfUfmSYRjMYTuHtegGIg1epjUTzOHwiuQYtqKvAJL Jl1SVexi1NSxdsiapLB33irLRZCfN78W/q/9u8ch7vuZhv381IeAo2htz01gVTx1 FV9Yc0nYgzcVX3Nt8MxpgA9e5Zee6WD0BPd0M102h7QTTHGDkPCscIN5ycX1Xxfb t973Csslv8mdydR81Xv60zUlGQIDAQABo4ICqTCCAqUwHQYDVR0OBBYEFDeO7TTl xdX7a03vRBTfm135qOTVMB8GA1UdIwQYMBaAFEBWLBQ6KcsZxw/8m5m2C77NHXO2 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQ0E3OC9CRTg4NDZEMjM1 RDgxMUVBQTczMEVDNDZDNEY5QUUwMi9RRllzRkRvcHl4bkhEX3libWJZTHZzMGRj N1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1FGWXNGRG9weXhuSERfeWJtYllMdnMwZGM3WS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MUNBNzgvQkU4ODQ2RDIzNUQ4MTFFQUE3MzBFQzQ2QzRGOUFFMDIvOEFEM0UyM0Ex N0RDMTFFRTk1OURFNjcxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMwYIKwYBBQUHAQcBAf8E JDAiMCAEAgABMBoDBAABCRUDBAABCUEwDAMEA8tqOAMEAstqQDANBgkqhkiG9w0B AQsFAAOCAQEADY9D+/Xa3MhpqG9qoCLBkLzc2MDv53RSfwjHDbC1rRDXONPpQ65r +P997ijFeiUm9T4Z3F28r7zWr0lWCtRB+LafNOuBPDTM2t5+fwELS6PkN7ELe12p SdB801k1KksUrXNJEK9DlnNSBXnyItuHocBgJNpi0wjRp1Yz26DeyPc7QdF3UNP2 SBe9uIT3O9/Do0sFHQHDTPXnQQDcKrK9X9ICVjprg+FgzjA41nAAG+5hLV29ojl2 yWaf2kGUIl7p5X+dRBECoW42JTn3AafJzlZMVoqVy+GOBQu+MMdSbytdKR4tG7Nw AGPUJm9UzJsb2kwlsw0OX4C1sHkw2d+Hxg== -----END CERTIFICATE-----Generated at Fri May 31 22:13:02 2024 by rpki-client on console-fra.rpki-client.org