$ rpki-client -vvf rpki.apnic.net/member_repository/A9132B4D/C199E006B20511EBAEAE9F10C4F9AE02/B4B1A742BE4C11EEB1327A54C4F9AE02.roa File: B4B1A742BE4C11EEB1327A54C4F9AE02.roa (raw, json) Hash identifier: wKLWNuRTWdHZ+FYW6NBJf7517//f9bbqxj5BE5RLIbI= Subject key identifier: 72:78:DB:86:6C:C0:6C:E3:53:C2:15:BD:79:06:61:C6:60:5F:66:05 Certificate issuer: /CN=A9132B4D/serialNumber=23F5D93A82E7D7840679B1C64DA37C37CFFE77EF Certificate serial: 0560 Authority key identifier: 23:F5:D9:3A:82:E7:D7:84:06:79:B1:C6:4D:A3:7C:37:CF:FE:77:EF Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/I_XZOoLn14QGebHGTaN8N8_-d-8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9132B4D/C199E006B20511EBAEAE9F10C4F9AE02/B4B1A742BE4C11EEB1327A54C4F9AE02.roa Signing time: Mon 29 Jan 2024 02:18:35 +0000 ROA not before: Mon 29 Jan 2024 02:18:35 +0000 ROA not after: Tue 30 Jul 2024 00:00:00 +0000 asID: 9231 IP address blocks: 58.82.192.0/19 maxlen: 24 58.82.224.0/19 maxlen: 24 103.15.84.0/22 maxlen: 24 161.81.0.0/16 maxlen: 24 182.239.72.0/21 maxlen: 24 182.239.80.0/20 maxlen: 24 182.239.104.0/21 maxlen: 24 182.239.112.0/20 maxlen: 24 203.142.97.0/24 maxlen: 24 203.142.98.0/24 maxlen: 24 203.142.99.0/24 maxlen: 24 203.142.127.0/24 maxlen: 24 223.122.0.0/18 maxlen: 24 223.122.64.0/18 maxlen: 24 223.122.128.0/17 maxlen: 24 2401:3000::/36 maxlen: 40 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9132B4D/C199E006B20511EBAEAE9F10C4F9AE02/I_XZOoLn14QGebHGTaN8N8_-d-8.crl rsync://rpki.apnic.net/member_repository/A9132B4D/C199E006B20511EBAEAE9F10C4F9AE02/I_XZOoLn14QGebHGTaN8N8_-d-8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/I_XZOoLn14QGebHGTaN8N8_-d-8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 25 May 2024 19:51:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1376 (0x560) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9132B4D/serialNumber=23F5D93A82E7D7840679B1C64DA37C37CFFE77EF Validity Not Before: Jan 29 02:18:35 2024 GMT Not After : Jul 30 00:00:00 2024 GMT Subject: CN=65b70afb-ca66 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:f0:72:07:bf:8e:a1:b3:3b:d5:e7:c2:a4:f1: 19:81:04:05:4f:d7:1a:cb:7d:c2:96:76:03:99:16: 27:5b:ec:c0:ec:5c:4e:92:b2:58:72:0c:33:89:ec: 8c:a4:8d:70:db:76:1e:c0:b4:4b:e2:57:23:22:2d: 95:a2:79:7d:b6:ad:aa:f5:84:60:1c:63:26:c0:3f: 6f:9f:29:2c:f6:bb:f1:49:f4:20:2a:19:dd:33:e0: b5:70:23:32:1c:4d:98:40:f9:7a:eb:62:da:02:f7: 84:e9:fc:53:54:13:c2:ef:07:1f:2c:02:54:f3:01: 9d:be:f7:ad:23:de:fd:f4:e7:2f:dc:dd:8a:61:0e: 9f:9e:04:61:3d:de:16:6b:4c:5b:b2:69:f0:55:2e: ac:d8:f7:75:f3:0b:0c:85:a4:45:a0:40:c3:77:9e: 95:12:09:5a:04:9f:2a:9b:29:c0:4e:07:db:ba:3d: c3:82:0e:ef:81:d6:9d:7e:cc:7e:f2:ce:2d:3b:bc: 63:30:f2:3d:dc:65:4d:d8:05:96:bb:5f:39:48:44: 63:3e:71:8b:57:d4:57:5d:b4:bf:75:67:40:c4:3b: ff:df:2c:b3:2d:08:4c:0f:50:6c:7d:ab:3f:fa:ed: 9f:4e:46:02:b1:3f:24:8d:2e:05:7f:0d:33:1e:48: f7:f9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 72:78:DB:86:6C:C0:6C:E3:53:C2:15:BD:79:06:61:C6:60:5F:66:05 X509v3 Authority Key Identifier: keyid:23:F5:D9:3A:82:E7:D7:84:06:79:B1:C6:4D:A3:7C:37:CF:FE:77:EF X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9132B4D/C199E006B20511EBAEAE9F10C4F9AE02/I_XZOoLn14QGebHGTaN8N8_-d-8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/I_XZOoLn14QGebHGTaN8N8_-d-8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9132B4D/C199E006B20511EBAEAE9F10C4F9AE02/B4B1A742BE4C11EEB1327A54C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 58.82.192.0/18 103.15.84.0/22 161.81.0.0/16 182.239.72.0-182.239.95.255 182.239.104.0-182.239.127.255 203.142.97.0-203.142.99.255 203.142.127.0/24 223.122.0.0/16 IPv6: 2401:3000::/36 Signature Algorithm: sha256WithRSAEncryption 1a:be:c6:51:9b:d9:a4:70:7e:27:4b:44:7a:b2:d9:29:2b:b5: ee:a3:b7:59:b5:43:53:49:5d:92:22:0d:68:55:97:df:fd:0d: a3:0a:5c:95:ad:d9:eb:b2:42:7e:02:51:79:21:34:80:51:b2: 87:63:d0:76:93:95:45:9a:80:a5:df:e7:1c:f1:22:0b:24:ad: 80:52:f7:ee:55:47:5d:a7:92:ec:16:8b:8b:2a:c2:68:9f:54: ff:ae:c0:9d:19:81:01:c8:5b:03:17:5f:d4:02:1c:68:70:ff: 11:6a:0b:15:88:34:41:2e:1d:2e:8f:08:56:5d:e8:52:14:52: 15:b3:bc:13:9f:a2:03:d2:18:27:aa:fb:e1:40:24:a6:28:10: 58:17:39:0e:ab:ff:42:92:c4:2f:9a:5d:e7:c0:c9:81:d8:78: 4b:2d:24:7f:59:13:cb:97:83:1d:e8:d7:e4:66:e9:0b:29:ab: 80:ab:41:24:f4:d9:3f:03:25:bb:fe:ea:94:4e:9c:a7:df:4a: 07:1c:7b:ad:2e:a6:3c:c4:22:94:27:2d:92:98:bf:d3:39:ac: 29:18:36:d8:d9:98:f0:96:0a:51:53:ae:8a:8c:28:59:28:b0: 19:0e:a2:39:4d:ba:c6:07:ae:30:03:c0:ea:56:83:05:83:37: 45:3e:42:0d -----BEGIN CERTIFICATE----- MIIFwTCCBKmgAwIBAgICBWAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MzJCNEQxMTAvBgNVBAUTKDIzRjVEOTNBODJFN0Q3ODQwNjc5QjFDNjREQTM3QzM3 Q0ZGRTc3RUYwHhcNMjQwMTI5MDIxODM1WhcNMjQwNzMwMDAwMDAwWjAYMRYwFAYD VQQDEw02NWI3MGFmYi1jYTY2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAzPByB7+OobM71efCpPEZgQQFT9cay33ClnYDmRYnW+zA7FxOkrJYcgwzieyM pI1w23YewLRL4lcjIi2Vonl9tq2q9YRgHGMmwD9vnyks9rvxSfQgKhndM+C1cCMy HE2YQPl662LaAveE6fxTVBPC7wcfLAJU8wGdvvetI9799Ocv3N2KYQ6fngRhPd4W a0xbsmnwVS6s2Pd18wsMhaRFoEDDd56VEglaBJ8qmynATgfbuj3Dgg7vgdadfsx+ 8s4tO7xjMPI93GVN2AWWu185SERjPnGLV9RXXbS/dWdAxDv/3yyzLQhMD1Bsfas/ +u2fTkYCsT8kjS4Ffw0zHkj3+QIDAQABo4IC5TCCAuEwHQYDVR0OBBYEFHJ424Zs wGzjU8IVvXkGYcZgX2YFMB8GA1UdIwQYMBaAFCP12TqC59eEBnmxxk2jfDfP/nfv MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzMkI0RC9DMTk5RTAwNkIy MDUxMUVCQUVBRTlGMTBDNEY5QUUwMi9JX1haT29MbjE0UUdlYkhHVGFOOE44Xy1k LTguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0lfWFpPb0xuMTRRR2ViSEdUYU44TjhfLWQtOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MzJCNEQvQzE5OUUwMDZCMjA1MTFFQkFFQUU5RjEwQzRGOUFFMDIvQjRCMUE3NDJC RTRDMTFFRUIxMzI3QTU0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwbwYIKwYBBQUHAQcBAf8E YDBeMEwEAgABMEYDBAY6UsADBAJnD1QDAwChUTAMAwQDtu9IAwQFtu9AMAwDBAO2 72gDBAe27wAwDAMEAMuOYQMEAsuOYAMEAMuOfwMDAN96MA4EAgACMAgDBgQkATAA ADANBgkqhkiG9w0BAQsFAAOCAQEAGr7GUZvZpHB+J0tEerLZKSu17qO3WbVDU0ld kiINaFWX3/0Nowpcla3Z67JCfgJReSE0gFGyh2PQdpOVRZqApd/nHPEiCyStgFL3 7lVHXaeS7BaLiyrCaJ9U/67AnRmBAchbAxdf1AIcaHD/EWoLFYg0QS4dLo8IVl3o UhRSFbO8E5+iA9IYJ6r74UAkpigQWBc5Dqv/QpLEL5pd58DJgdh4Sy0kf1kTy5eD HejX5GbpCymrgKtBJPTZPwMlu/7qlE6cp99KBxx7rS6mPMQilCctkpi/0zmsKRg2 2NmY8JYKUVOuiowoWSiwGQ6iOU26xgeuMAPA6laDBYM3RT5CDQ== -----END CERTIFICATE-----Generated at Sun May 19 01:47:12 2024 by rpki-client on console-fra.rpki-client.org