$ rpki-client -vvf rpki.apnic.net/member_repository/A912CB2A/E01C7A8490E011EBA105871FC4F9AE02/D4FD4D5237DE11EEA2885B71C4F9AE02.roa File: D4FD4D5237DE11EEA2885B71C4F9AE02.roa (raw, json) Hash identifier: LrWBV4QYdGPDtdI6VNtzsrHnDIjjs6dEu3xrmBEvUZE= Subject key identifier: 94:6E:E0:DA:EF:43:04:C8:8F:2B:33:44:4D:37:E6:51:EB:25:4D:93 Certificate issuer: /CN=A912CB2A/serialNumber=147E9756439D9DB7156134AC78F91C233B9392A7 Certificate serial: 058D Authority key identifier: 14:7E:97:56:43:9D:9D:B7:15:61:34:AC:78:F9:1C:23:3B:93:92:A7 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FH6XVkOdnbcVYTSsePkcIzuTkqc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A912CB2A/E01C7A8490E011EBA105871FC4F9AE02/D4FD4D5237DE11EEA2885B71C4F9AE02.roa Signing time: Fri 15 Mar 2024 00:42:55 +0000 ROA not before: Fri 15 Mar 2024 00:42:54 +0000 ROA not after: Sat 31 Aug 2024 00:00:00 +0000 asID: 9723 IP address blocks: 121.52.192.0/22 maxlen: 22 121.52.196.0/23 maxlen: 23 121.52.198.0/24 maxlen: 24 121.52.199.0/24 maxlen: 24 202.74.64.0/21 maxlen: 21 2403:6900:c000::/36 maxlen: 36 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A912CB2A/E01C7A8490E011EBA105871FC4F9AE02/FH6XVkOdnbcVYTSsePkcIzuTkqc.crl rsync://rpki.apnic.net/member_repository/A912CB2A/E01C7A8490E011EBA105871FC4F9AE02/FH6XVkOdnbcVYTSsePkcIzuTkqc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FH6XVkOdnbcVYTSsePkcIzuTkqc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 25 May 2024 19:51:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1421 (0x58d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A912CB2A/serialNumber=147E9756439D9DB7156134AC78F91C233B9392A7 Validity Not Before: Mar 15 00:42:54 2024 GMT Not After : Aug 31 00:00:00 2024 GMT Subject: CN=65f3998e-0fe6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:9e:3f:3f:23:aa:57:15:4c:d9:fe:98:73:24: c1:4a:41:c7:a7:5e:ec:44:98:dd:db:3b:d8:ef:80: 8b:84:e8:5f:61:b3:fe:81:e0:2e:a1:51:00:2f:ee: 9e:a8:cc:c4:ba:c8:bb:f0:e0:13:d2:1d:fe:38:1c: 9a:9b:e0:2a:f0:3f:d8:c9:20:61:23:e5:41:5b:b7: 91:ad:92:0a:79:b7:da:13:c9:46:5e:4c:81:20:7d: 84:3b:6a:bf:a9:78:75:c7:b3:7f:40:ac:de:92:fb: 2b:c3:8c:8f:c3:1a:0e:7c:e9:7a:ab:18:01:6e:47: 22:a3:35:01:61:c2:25:c8:e9:05:d0:33:01:2d:b6: bc:26:24:90:c1:c2:c2:5b:79:ce:91:ba:16:56:df: 23:0e:4b:f6:b1:36:12:72:e5:97:86:03:e3:0d:b9: bc:d6:3e:05:c0:08:d3:52:ec:27:e7:62:36:6b:e9: ab:28:36:4c:41:3b:f8:c8:ff:cb:ca:cc:e0:d2:c2: 8c:b0:df:72:cb:e4:6d:36:fd:42:45:f9:9d:f5:a4: 00:f8:a6:c3:2d:f9:17:d7:88:0d:53:70:1d:4e:32: 29:17:54:1e:cb:9c:2e:dd:73:15:fe:d1:95:33:23: 0e:a1:e2:50:e8:bf:58:4d:1d:9f:36:ba:46:0e:e7: 6b:8b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 94:6E:E0:DA:EF:43:04:C8:8F:2B:33:44:4D:37:E6:51:EB:25:4D:93 X509v3 Authority Key Identifier: keyid:14:7E:97:56:43:9D:9D:B7:15:61:34:AC:78:F9:1C:23:3B:93:92:A7 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A912CB2A/E01C7A8490E011EBA105871FC4F9AE02/FH6XVkOdnbcVYTSsePkcIzuTkqc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FH6XVkOdnbcVYTSsePkcIzuTkqc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912CB2A/E01C7A8490E011EBA105871FC4F9AE02/D4FD4D5237DE11EEA2885B71C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 121.52.192.0/21 202.74.64.0/21 IPv6: 2403:6900:c000::/36 Signature Algorithm: sha256WithRSAEncryption 0b:28:a2:a4:f8:c6:65:23:aa:10:60:30:3a:7b:8c:6c:f1:a6: c7:3b:53:2d:83:89:f8:95:73:27:e1:84:fa:8a:5a:7c:9b:12: ff:44:8c:4b:12:23:8f:2d:08:fb:11:df:33:10:1f:59:ca:0d: 50:29:6c:a7:b4:84:68:45:17:69:6d:45:0d:73:cc:7d:43:99: 74:e8:a2:4e:20:0d:4b:0e:ec:61:8d:40:74:97:f8:9f:8b:f6: 28:9e:95:60:48:61:5a:d7:43:d2:12:8b:f4:38:73:9c:f5:bf: 62:9b:55:bd:5a:ce:2f:5e:40:f0:89:67:ec:4a:3a:7e:fd:29: be:e4:e1:a3:e2:4e:a6:56:1c:ad:3d:a5:b6:e9:27:d7:2a:c3: 59:e4:d5:25:d0:b0:cb:cf:15:ab:04:98:54:1e:65:94:81:c0: 3f:0c:b8:e7:a9:92:d4:cc:1a:91:78:3d:02:60:e5:ae:66:ea: b6:1c:52:36:82:6a:3f:05:0a:7b:7d:6f:9a:55:a4:08:5f:7f: 53:5f:d4:fb:08:47:d9:d8:92:4b:25:64:fc:8b:3e:89:ca:72: 5c:8f:59:71:5b:ad:bb:d6:37:db:44:d2:af:2a:86:51:81:6d: ff:47:b1:8a:6c:a6:1f:e6:3d:ad:2d:21:02:48:5a:40:6c:e3: 5a:1b:1c:28 -----BEGIN CERTIFICATE----- MIIFhzCCBG+gAwIBAgICBY0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MkNCMkExMTAvBgNVBAUTKDE0N0U5NzU2NDM5RDlEQjcxNTYxMzRBQzc4RjkxQzIz M0I5MzkyQTcwHhcNMjQwMzE1MDA0MjU0WhcNMjQwODMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NWYzOTk4ZS0wZmU2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtp4/PyOqVxVM2f6YcyTBSkHHp17sRJjd2zvY74CLhOhfYbP+geAuoVEAL+6e qMzEusi78OAT0h3+OByam+Aq8D/YySBhI+VBW7eRrZIKebfaE8lGXkyBIH2EO2q/ qXh1x7N/QKzekvsrw4yPwxoOfOl6qxgBbkciozUBYcIlyOkF0DMBLba8JiSQwcLC W3nOkboWVt8jDkv2sTYScuWXhgPjDbm81j4FwAjTUuwn52I2a+mrKDZMQTv4yP/L yszg0sKMsN9yy+RtNv1CRfmd9aQA+KbDLfkX14gNU3AdTjIpF1Qey5wu3XMV/tGV MyMOoeJQ6L9YTR2fNrpGDudriwIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFJRu4Nrv QwTIjyszRE035lHrJU2TMB8GA1UdIwQYMBaAFBR+l1ZDnZ23FWE0rHj5HCM7k5Kn MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyQ0IyQS9FMDFDN0E4NDkw RTAxMUVCQTEwNTg3MUZDNEY5QUUwMi9GSDZYVmtPZG5iY1ZZVFNzZVBrY0l6dVRr cWMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0ZINlhWa09kbmJjVllUU3NlUGtjSXp1VGtxYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MkNCMkEvRTAxQzdBODQ5MEUwMTFFQkExMDU4NzFGQzRGOUFFMDIvRDRGRDRENTIz N0RFMTFFRUEyODg1QjcxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNQYIKwYBBQUHAQcBAf8E JjAkMBIEAgABMAwDBAN5NMADBAPKSkAwDgQCAAIwCAMGBCQDaQDAMA0GCSqGSIb3 DQEBCwUAA4IBAQALKKKk+MZlI6oQYDA6e4xs8abHO1Mtg4n4lXMn4YT6ilp8mxL/ RIxLEiOPLQj7Ed8zEB9Zyg1QKWyntIRoRRdpbUUNc8x9Q5l06KJOIA1LDuxhjUB0 l/ifi/YonpVgSGFa10PSEov0OHOc9b9im1W9Ws4vXkDwiWfsSjp+/Sm+5OGj4k6m VhytPaW26SfXKsNZ5NUl0LDLzxWrBJhUHmWUgcA/DLjnqZLUzBqReD0CYOWuZuq2 HFI2gmo/BQp7fW+aVaQIX39TX9T7CEfZ2JJLJWT8iz6JynJcj1lxW6271jfbRNKv KoZRgW3/R7GKbKYf5j2tLSECSFpAbONaGxwo -----END CERTIFICATE-----Generated at Sun May 19 01:47:12 2024 by rpki-client on console-fra.rpki-client.org