$ rpki-client -vvf rpki.apnic.net/member_repository/A912AC3E/0F50E03633BA11EA95828581C4F9AE02/736F8DBA819311EB8964C17EC4F9AE02.roa File: 736F8DBA819311EB8964C17EC4F9AE02.roa (raw, json) Hash identifier: C+9JkgScW7YNIa0zmH8mrWKmMmFGd8WtktY/cxMNpUs= Subject key identifier: 45:FF:E4:FA:77:AE:CD:C6:FE:EE:C4:40:A5:D5:D5:6E:47:71:B3:E5 Certificate issuer: /CN=A912AC3E/serialNumber=C869E0A53875FC1259786B527E6784CBF1F89B40 Certificate serial: 0A6B Authority key identifier: C8:69:E0:A5:38:75:FC:12:59:78:6B:52:7E:67:84:CB:F1:F8:9B:40 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yGngpTh1_BJZeGtSfmeEy_H4m0A.cer Subject info access: rsync://rpki.apnic.net/member_repository/A912AC3E/0F50E03633BA11EA95828581C4F9AE02/736F8DBA819311EB8964C17EC4F9AE02.roa Signing time: Thu 28 Dec 2023 19:57:46 +0000 ROA not before: Thu 28 Dec 2023 19:57:46 +0000 ROA not after: Sun 02 Mar 2025 00:00:00 +0000 asID: 5580 IP address blocks: 59.191.240.0/20 maxlen: 20 103.47.76.0/23 maxlen: 23 103.53.152.0/23 maxlen: 23 103.207.156.0/23 maxlen: 23 103.230.248.0/22 maxlen: 22 103.230.249.0/24 maxlen: 24 103.232.34.0/23 maxlen: 23 203.95.212.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A912AC3E/0F50E03633BA11EA95828581C4F9AE02/yGngpTh1_BJZeGtSfmeEy_H4m0A.crl rsync://rpki.apnic.net/member_repository/A912AC3E/0F50E03633BA11EA95828581C4F9AE02/yGngpTh1_BJZeGtSfmeEy_H4m0A.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yGngpTh1_BJZeGtSfmeEy_H4m0A.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 27 May 2024 19:01:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2667 (0xa6b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A912AC3E/serialNumber=C869E0A53875FC1259786B527E6784CBF1F89B40 Validity Not Before: Dec 28 19:57:46 2023 GMT Not After : Mar 2 00:00:00 2025 GMT Subject: CN=658dd339-db87 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:0f:28:9e:69:b5:c6:de:c8:e2:76:c4:f2:52: fd:cf:46:d8:35:30:a7:fd:31:f1:ba:21:fc:0b:fa: bd:21:b4:ac:69:48:e6:c4:b5:a4:2d:fe:3c:fd:de: 2d:ca:9a:4e:d5:f7:f7:e9:f4:54:b3:e3:3f:7d:cc: bf:19:cb:74:d2:14:5a:a2:3a:53:2f:fc:f2:5f:37: 52:c3:ee:1f:e1:79:95:85:5f:6b:cb:c5:3b:1b:44: 39:f3:c6:f1:41:3d:4d:c6:cd:5a:af:a1:b3:b1:f8: 9b:6e:39:08:e3:60:85:42:86:be:a5:d3:cb:35:4a: cf:5a:3c:f6:9b:26:9a:dd:6c:25:39:db:a0:55:a7: 94:9d:c2:50:09:43:96:78:ea:ab:61:15:cb:20:df: 34:83:8b:73:ea:fe:e4:04:4f:ea:20:ef:d7:a2:fd: b9:d6:c1:9e:db:3b:f3:83:e6:f8:be:1b:0d:31:2d: dc:58:3d:e0:c5:c9:46:ac:e1:46:e8:5c:df:f1:77: 0c:1f:81:61:89:19:38:99:08:a3:8e:52:c2:dd:ae: f7:3d:86:31:f1:d2:cb:74:8f:80:de:d1:cc:20:4a: ef:7a:c1:2a:5b:d8:11:9b:50:94:3a:0a:7c:0e:a2: 62:3b:23:d6:d5:60:90:20:17:43:3c:04:08:0c:8a: 1c:cb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 45:FF:E4:FA:77:AE:CD:C6:FE:EE:C4:40:A5:D5:D5:6E:47:71:B3:E5 X509v3 Authority Key Identifier: keyid:C8:69:E0:A5:38:75:FC:12:59:78:6B:52:7E:67:84:CB:F1:F8:9B:40 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A912AC3E/0F50E03633BA11EA95828581C4F9AE02/yGngpTh1_BJZeGtSfmeEy_H4m0A.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yGngpTh1_BJZeGtSfmeEy_H4m0A.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912AC3E/0F50E03633BA11EA95828581C4F9AE02/736F8DBA819311EB8964C17EC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 59.191.240.0/20 103.47.76.0/23 103.53.152.0/23 103.207.156.0/23 103.230.248.0/22 103.232.34.0/23 203.95.212.0/22 Signature Algorithm: sha256WithRSAEncryption 94:7d:61:d0:31:45:1d:6a:9d:1b:04:58:a4:de:f2:6a:31:a7: ae:47:78:64:1b:48:12:ab:d3:83:16:a0:f1:ba:f0:1c:7b:47: ac:8b:20:45:60:5c:b3:f9:61:16:a7:c6:94:e0:e6:06:7d:64: b4:85:e6:8b:ca:d0:03:74:e6:8a:3e:42:6c:7d:a2:b0:b1:17: c4:35:55:bc:12:8d:57:dd:b2:4f:99:19:8a:29:90:ab:4e:ff: 6d:1b:2e:04:ff:4b:de:03:b3:a9:26:f7:de:2f:ac:bf:0c:72: c5:6d:bb:99:91:e2:b8:7a:79:5e:7d:83:1d:d1:79:0d:6f:c7: 22:3d:de:f2:74:6b:a1:8d:ab:df:56:52:7d:2c:b7:01:f4:c4: 91:0b:a0:3a:c6:0d:51:7d:e8:60:90:41:4e:01:6e:f4:cd:c0: 1e:28:f3:33:94:0f:9d:ba:92:c3:e7:d9:02:b0:b1:2d:58:f3: d6:38:2d:44:77:72:23:3d:fb:47:de:a1:e9:14:49:cd:4b:0f: f1:00:63:b7:37:53:4e:19:6d:09:11:d1:4d:01:0d:ff:06:fa: 38:70:70:c4:97:de:d1:c8:2b:04:3e:01:15:e6:ef:83:0d:f5: 26:a0:21:0e:51:0b:d1:38:87:f5:d8:0e:29:71:ab:ed:65:55: 90:ba:9b:d3 -----BEGIN CERTIFICATE----- MIIFlTCCBH2gAwIBAgICCmswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MkFDM0UxMTAvBgNVBAUTKEM4NjlFMEE1Mzg3NUZDMTI1OTc4NkI1MjdFNjc4NENC RjFGODlCNDAwHhcNMjMxMjI4MTk1NzQ2WhcNMjUwMzAyMDAwMDAwWjAYMRYwFAYD VQQDEw02NThkZDMzOS1kYjg3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAog8onmm1xt7I4nbE8lL9z0bYNTCn/THxuiH8C/q9IbSsaUjmxLWkLf48/d4t yppO1ff36fRUs+M/fcy/Gct00hRaojpTL/zyXzdSw+4f4XmVhV9ry8U7G0Q588bx QT1Nxs1ar6GzsfibbjkI42CFQoa+pdPLNUrPWjz2myaa3WwlOdugVaeUncJQCUOW eOqrYRXLIN80g4tz6v7kBE/qIO/Xov251sGe2zvzg+b4vhsNMS3cWD3gxclGrOFG 6Fzf8XcMH4FhiRk4mQijjlLC3a73PYYx8dLLdI+A3tHMIErvesEqW9gRm1CUOgp8 DqJiOyPW1WCQIBdDPAQIDIocywIDAQABo4ICuTCCArUwHQYDVR0OBBYEFEX/5Pp3 rs3G/u7EQKXV1W5HcbPlMB8GA1UdIwQYMBaAFMhp4KU4dfwSWXhrUn5nhMvx+JtA MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyQUMzRS8wRjUwRTAzNjMz QkExMUVBOTU4Mjg1ODFDNEY5QUUwMi95R25ncFRoMV9CSlplR3RTZm1lRXlfSDRt MEEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3lHbmdwVGgxX0JKWmVHdFNmbWVFeV9ING0wQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MkFDM0UvMEY1MEUwMzYzM0JBMTFFQTk1ODI4NTgxQzRGOUFFMDIvNzM2RjhEQkE4 MTkzMTFFQjg5NjRDMTdFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQwYIKwYBBQUHAQcBAf8E NDAyMDAEAgABMCoDBAQ7v/ADBAFnL0wDBAFnNZgDBAFnz5wDBAJn5vgDBAFn6CID BALLX9QwDQYJKoZIhvcNAQELBQADggEBAJR9YdAxRR1qnRsEWKTe8moxp65HeGQb SBKr04MWoPG68Bx7R6yLIEVgXLP5YRanxpTg5gZ9ZLSF5ovK0AN05oo+Qmx9orCx F8Q1VbwSjVfdsk+ZGYopkKtO/20bLgT/S94Ds6km994vrL8McsVtu5mR4rh6eV59 gx3ReQ1vxyI93vJ0a6GNq99WUn0stwH0xJELoDrGDVF96GCQQU4BbvTNwB4o8zOU D526ksPn2QKwsS1Y89Y4LUR3ciM9+0feoekUSc1LD/EAY7c3U04ZbQkR0U0BDf8G +jhwcMSX3tHIKwQ+ARXm74MN9SagIQ5RC9E4h/XYDilxq+1lVZC6m9M= -----END CERTIFICATE-----Generated at Mon May 20 20:44:19 2024 by rpki-client on console-fra.rpki-client.org