$ rpki-client -vvf rpki.apnic.net/member_repository/A913621A/282242F01D6D11E2B4C0E6AD08B02CD2/7369CB76E42F11E9B6290B4EC4F9AE02.roa File: 7369CB76E42F11E9B6290B4EC4F9AE02.roa (raw, json) Hash identifier: 02bT8CJits/dRAWQSl3SIwLvUODi5bkhKG1y3uNprTg= Subject key identifier: 72:32:3E:AF:60:85:7D:0F:2B:B5:27:EC:AB:E3:C7:78:D3:CA:1F:43 Certificate issuer: /CN=A913621A/serialNumber=F83730FD391B6F8F76FEF3176EDB9FC6F5541E40 Certificate serial: 340C Authority key identifier: F8:37:30:FD:39:1B:6F:8F:76:FE:F3:17:6E:DB:9F:C6:F5:54:1E:40 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-Dcw_Tkbb492_vMXbtufxvVUHkA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A913621A/282242F01D6D11E2B4C0E6AD08B02CD2/7369CB76E42F11E9B6290B4EC4F9AE02.roa Signing time: Wed 28 Feb 2024 14:20:07 +0000 ROA not before: Wed 28 Feb 2024 14:20:07 +0000 ROA not after: Thu 01 May 2025 00:00:00 +0000 asID: 38901 IP address blocks: 27.96.84.0/22 maxlen: 24 43.245.32.0/22 maxlen: 24 45.115.80.0/22 maxlen: 24 45.115.208.0/22 maxlen: 24 45.118.76.0/22 maxlen: 24 49.156.0.0/22 maxlen: 24 103.9.188.0/22 maxlen: 24 103.30.196.0/22 maxlen: 24 110.74.192.0/19 maxlen: 24 113.130.124.0/22 maxlen: 24 119.82.248.0/21 maxlen: 24 163.47.12.0/22 maxlen: 24 163.47.172.0/22 maxlen: 24 221.120.160.0/22 maxlen: 24 2404:300::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A913621A/282242F01D6D11E2B4C0E6AD08B02CD2/-Dcw_Tkbb492_vMXbtufxvVUHkA.crl rsync://rpki.apnic.net/member_repository/A913621A/282242F01D6D11E2B4C0E6AD08B02CD2/-Dcw_Tkbb492_vMXbtufxvVUHkA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-Dcw_Tkbb492_vMXbtufxvVUHkA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 Nov 2024 14:17:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13324 (0x340c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A913621A/serialNumber=F83730FD391B6F8F76FEF3176EDB9FC6F5541E40 Validity Not Before: Feb 28 14:20:07 2024 GMT Not After : May 1 00:00:00 2025 GMT Subject: CN=65df4117-c7e1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:3a:de:26:62:65:70:ee:f5:df:12:c1:27:85: 25:f9:69:7f:d6:82:33:58:21:59:fc:41:49:f9:b8: 70:64:44:b1:b3:ff:13:e8:17:14:d0:fa:ab:20:d1: 95:e5:18:21:5d:b2:26:e0:0c:e9:34:32:5e:ea:44: 19:22:3f:6e:b7:34:3e:fc:1a:2c:fb:dd:db:3e:c9: 6e:90:d7:7d:ff:8d:c7:33:21:6c:41:81:82:e1:99: 20:0e:33:27:9a:ec:5e:1e:29:f0:fa:8a:e5:f8:dd: 5f:d0:56:93:96:dd:fe:05:41:73:ac:95:cf:e3:ab: 8b:60:d3:7a:b4:c7:8e:e4:70:40:15:04:fa:22:5e: df:c5:55:02:52:59:8a:7d:af:4c:31:20:fe:3a:ae: 3c:46:86:b4:f2:75:06:f6:d3:5d:76:9f:45:68:5d: 58:55:db:f7:81:02:62:05:ef:91:33:24:95:4f:df: 90:48:11:b5:2f:00:58:ae:d8:da:85:9b:4b:f9:6c: d7:dc:95:12:e0:03:0e:c2:aa:d7:fe:75:7f:17:21: 1c:67:04:78:9b:67:b9:6a:34:22:ce:3c:41:30:19: 81:ed:12:80:2d:b3:3b:ad:0b:1b:18:eb:f5:70:1d: be:ea:4a:9e:cf:31:ae:10:e0:53:54:96:14:20:66: b1:f1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 72:32:3E:AF:60:85:7D:0F:2B:B5:27:EC:AB:E3:C7:78:D3:CA:1F:43 X509v3 Authority Key Identifier: keyid:F8:37:30:FD:39:1B:6F:8F:76:FE:F3:17:6E:DB:9F:C6:F5:54:1E:40 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A913621A/282242F01D6D11E2B4C0E6AD08B02CD2/-Dcw_Tkbb492_vMXbtufxvVUHkA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-Dcw_Tkbb492_vMXbtufxvVUHkA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913621A/282242F01D6D11E2B4C0E6AD08B02CD2/7369CB76E42F11E9B6290B4EC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 27.96.84.0/22 43.245.32.0/22 45.115.80.0/22 45.115.208.0/22 45.118.76.0/22 49.156.0.0/22 103.9.188.0/22 103.30.196.0/22 110.74.192.0/19 113.130.124.0/22 119.82.248.0/21 163.47.12.0/22 163.47.172.0/22 221.120.160.0/22 IPv6: 2404:300::/32 Signature Algorithm: sha256WithRSAEncryption 89:c2:e3:19:6d:60:00:6e:44:8f:13:cf:56:9f:04:c7:0a:64: 82:4b:9f:1f:be:c3:de:64:f8:21:50:48:11:48:7a:3e:4f:29: c4:72:aa:2a:3e:bd:b0:d0:6c:27:1d:cf:32:6a:7f:99:9f:5b: 57:43:95:e9:f4:9a:c7:4a:51:ba:0f:56:23:9f:d4:ff:c2:b1: df:72:fe:ca:3c:2d:1e:39:25:75:74:c9:cf:de:23:79:71:ce: 05:af:e4:a9:a0:4c:8b:de:5c:26:68:18:d8:14:28:18:d1:ea: 74:ec:89:04:bf:e4:bf:00:8f:81:0c:4f:a3:5f:01:db:52:9c: c1:03:d2:f0:83:5f:a6:b1:77:2a:66:c2:c5:9d:fa:4b:b9:bf: 6e:74:e8:81:d9:c9:85:ec:70:e8:fd:40:84:76:7f:f5:04:9d: f2:35:e7:c7:0a:98:48:c3:98:b1:04:b7:25:d0:dd:20:d3:c4: 07:d2:1a:cc:89:21:08:7c:2d:87:1f:48:02:ed:1e:f0:48:ca: 73:bb:67:e2:95:1b:eb:bc:9d:af:ff:06:aa:22:49:59:ac:12: 58:57:9f:e7:8b:f9:8c:28:83:16:bc:46:1c:06:df:8a:36:f0: 56:2c:78:c4:2d:9e:d6:03:79:b7:fc:33:30:88:31:57:ed:5c: 8b:9a:5d:53 -----BEGIN CERTIFICATE----- MIIFzjCCBLagAwIBAgICNAwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MzYyMUExMTAvBgNVBAUTKEY4MzczMEZEMzkxQjZGOEY3NkZFRjMxNzZFREI5RkM2 RjU1NDFFNDAwHhcNMjQwMjI4MTQyMDA3WhcNMjUwNTAxMDAwMDAwWjAYMRYwFAYD VQQDEw02NWRmNDExNy1jN2UxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAujreJmJlcO713xLBJ4Ul+Wl/1oIzWCFZ/EFJ+bhwZESxs/8T6BcU0PqrINGV 5RghXbIm4AzpNDJe6kQZIj9utzQ+/Bos+93bPslukNd9/43HMyFsQYGC4ZkgDjMn muxeHinw+orl+N1f0FaTlt3+BUFzrJXP46uLYNN6tMeO5HBAFQT6Il7fxVUCUlmK fa9MMSD+Oq48Roa08nUG9tNddp9FaF1YVdv3gQJiBe+RMySVT9+QSBG1LwBYrtja hZtL+WzX3JUS4AMOwqrX/nV/FyEcZwR4m2e5ajQizjxBMBmB7RKALbM7rQsbGOv1 cB2+6kqezzGuEOBTVJYUIGax8QIDAQABo4IC8jCCAu4wHQYDVR0OBBYEFHIyPq9g hX0PK7Un7Kvjx3jTyh9DMB8GA1UdIwQYMBaAFPg3MP05G2+Pdv7zF27bn8b1VB5A MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzNjIxQS8yODIyNDJGMDFE NkQxMUUyQjRDMEU2QUQwOEIwMkNEMi8tRGN3X1RrYmI0OTJfdk1YYnR1Znh2VlVI a0EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLy1EY3dfVGtiYjQ5Ml92TVhidHVmeHZWVUhrQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MzYyMUEvMjgyMjQyRjAxRDZEMTFFMkI0QzBFNkFEMDhCMDJDRDIvNzM2OUNCNzZF NDJGMTFFOUI2MjkwQjRFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwfAYIKwYBBQUHAQcBAf8E bTBrMFoEAgABMFQDBAIbYFQDBAIr9SADBAItc1ADBAItc9ADBAItdkwDBAIxnAAD BAJnCbwDBAJnHsQDBAVuSsADBAJxgnwDBAN3UvgDBAKjLwwDBAKjL6wDBALdeKAw DQQCAAIwBwMFACQEAwAwDQYJKoZIhvcNAQELBQADggEBAInC4xltYABuRI8Tz1af BMcKZIJLnx++w95k+CFQSBFIej5PKcRyqio+vbDQbCcdzzJqf5mfW1dDlen0msdK UboPViOf1P/Csd9y/so8LR45JXV0yc/eI3lxzgWv5KmgTIveXCZoGNgUKBjR6nTs iQS/5L8Aj4EMT6NfAdtSnMED0vCDX6axdypmwsWd+ku5v2506IHZyYXscOj9QIR2 f/UEnfI158cKmEjDmLEEtyXQ3SDTxAfSGsyJIQh8LYcfSALtHvBIynO7Z+KVG+u8 na//BqoiSVmsElhXn+eL+Ywogxa8RhwG34o28FYseMQtntYDebf8MzCIMVftXIua XVM= -----END CERTIFICATE-----Generated at Wed Nov 20 16:11:23 2024 by rpki-client on console-fra.rpki-client.org