$ rpki-client -vvf rpki.apnic.net/member_repository/A9137ABC/713D9FB01D7811E282868DC408B02CD2/0E0F41EC382811EE8E967C19C4F9AE02.roa File: 0E0F41EC382811EE8E967C19C4F9AE02.roa (raw, json) Hash identifier: nyFTTVyZ4Nbl0LyXo0zkhIF5vAP8yWcHzxmH1nlb+KY= Subject key identifier: 8C:F0:17:F1:84:B4:BC:5E:5C:D0:64:67:89:A3:43:75:5A:9D:A7:5F Certificate issuer: /CN=A9137ABC/serialNumber=61BF3ED4C3BFBC0916EF9480AAFF222A437AF02C Certificate serial: 3779 Authority key identifier: 61:BF:3E:D4:C3:BF:BC:09:16:EF:94:80:AA:FF:22:2A:43:7A:F0:2C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Yb8-1MO_vAkW75SAqv8iKkN68Cw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9137ABC/713D9FB01D7811E282868DC408B02CD2/0E0F41EC382811EE8E967C19C4F9AE02.roa Signing time: Fri 11 Aug 2023 09:18:38 +0000 ROA not before: Fri 11 Aug 2023 09:18:38 +0000 ROA not after: Mon 30 Sep 2024 00:00:00 +0000 asID: 24128 IP address blocks: 202.71.112.0/22 maxlen: 24 202.71.116.0/24 maxlen: 24 202.71.120.0/24 maxlen: 24 202.71.123.0/24 maxlen: 24 202.71.124.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9137ABC/713D9FB01D7811E282868DC408B02CD2/Yb8-1MO_vAkW75SAqv8iKkN68Cw.crl rsync://rpki.apnic.net/member_repository/A9137ABC/713D9FB01D7811E282868DC408B02CD2/Yb8-1MO_vAkW75SAqv8iKkN68Cw.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Yb8-1MO_vAkW75SAqv8iKkN68Cw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 31 May 2024 14:21:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 14201 (0x3779) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9137ABC/serialNumber=61BF3ED4C3BFBC0916EF9480AAFF222A437AF02C Validity Not Before: Aug 11 09:18:38 2023 GMT Not After : Sep 30 00:00:00 2024 GMT Subject: CN=64d5fcee-60d6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:6e:3e:75:bd:92:d5:12:4d:ad:16:35:ac:a2: 18:c5:5b:74:61:29:c0:e7:4e:e4:e6:2a:b1:47:9b: 5a:b8:f7:94:27:4f:87:e8:10:79:82:aa:67:5f:24: 1d:41:7f:5e:18:e7:92:92:f7:18:5e:84:71:5c:83: 01:13:fb:c5:24:3a:39:f3:d8:e9:02:f0:1d:0a:35: 49:35:0a:54:e6:7d:6a:47:1e:c8:fd:08:0a:0a:bb: 01:11:20:3f:7f:27:f1:45:50:5f:80:9f:e7:75:46: b8:54:07:2a:56:ca:2c:d7:1d:04:e5:3b:a1:ad:ce: c0:6e:63:bb:dc:4a:a1:c6:14:60:31:e4:55:ae:ff: 00:e0:fa:32:e5:c7:6b:15:05:90:34:5d:80:49:70: 2a:82:9e:b2:c7:dd:2c:21:84:ca:7d:94:82:67:08: 64:1d:88:d0:24:f9:cf:ea:9e:d4:9e:27:2f:a7:65: ac:9a:ab:13:60:13:5a:e2:33:6f:3b:5a:76:a7:43: 37:5e:b3:55:93:2e:c7:26:6c:20:44:6f:0d:16:af: 58:45:a7:67:bf:3b:6c:ee:8c:cf:0d:8e:35:db:3a: db:03:c0:3d:03:e9:f6:99:1f:22:d4:1a:7d:cd:67: 12:6a:cd:2a:79:95:f3:af:4d:c6:f0:59:74:78:9f: 29:c3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8C:F0:17:F1:84:B4:BC:5E:5C:D0:64:67:89:A3:43:75:5A:9D:A7:5F X509v3 Authority Key Identifier: keyid:61:BF:3E:D4:C3:BF:BC:09:16:EF:94:80:AA:FF:22:2A:43:7A:F0:2C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9137ABC/713D9FB01D7811E282868DC408B02CD2/Yb8-1MO_vAkW75SAqv8iKkN68Cw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Yb8-1MO_vAkW75SAqv8iKkN68Cw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9137ABC/713D9FB01D7811E282868DC408B02CD2/0E0F41EC382811EE8E967C19C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 202.71.112.0-202.71.116.255 202.71.120.0/24 202.71.123.0-202.71.124.255 Signature Algorithm: sha256WithRSAEncryption 20:84:ed:af:6e:a7:ee:98:d8:9a:6e:e9:ce:aa:b9:b7:bd:2b: 81:c2:4c:22:61:d0:06:22:f0:80:ea:cf:f2:5d:79:7e:b9:fc: b5:27:ce:53:f2:49:b6:15:de:6d:00:a7:0a:d5:6b:fa:10:c6: fc:2c:00:43:e7:c9:9c:7d:c1:e0:88:04:84:23:f2:9c:56:3a: ac:41:5d:4d:4e:db:08:6c:0e:94:de:aa:bf:36:f1:73:95:07: be:4a:62:9b:3b:f3:30:dc:0f:f7:5d:79:1f:6c:5b:98:4c:e7: 21:96:fb:12:32:4e:6b:a5:fa:6b:f0:a4:b6:2a:f8:fb:13:15: f7:a7:d6:62:ff:1c:fa:c2:02:80:be:1d:83:bc:bf:fc:ad:11: 5a:96:0e:45:61:e2:01:3d:ea:6f:88:a0:cb:0d:6d:75:30:44: 07:07:3a:0a:03:85:b6:a8:98:47:20:7d:1f:84:9b:ae:d9:cd: 21:4e:06:ae:d2:af:e5:88:b3:02:58:db:45:86:3d:b9:5b:b7: b1:d9:39:ba:d9:4c:23:7d:bf:58:7d:b2:ca:ca:d8:c0:84:c0: dc:a8:6f:3f:16:c6:c8:5d:1f:eb:a8:87:c5:81:95:1d:4b:54: 21:0a:e9:81:aa:cc:d4:a1:77:0f:40:d4:ec:d9:fe:5d:77:db: da:4b:5b:ea -----BEGIN CERTIFICATE----- MIIFjTCCBHWgAwIBAgICN3kwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MzdBQkMxMTAvBgNVBAUTKDYxQkYzRUQ0QzNCRkJDMDkxNkVGOTQ4MEFBRkYyMjJB NDM3QUYwMkMwHhcNMjMwODExMDkxODM4WhcNMjQwOTMwMDAwMDAwWjAYMRYwFAYD VQQDEw02NGQ1ZmNlZS02MGQ2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAo24+db2S1RJNrRY1rKIYxVt0YSnA507k5iqxR5tauPeUJ0+H6BB5gqpnXyQd QX9eGOeSkvcYXoRxXIMBE/vFJDo589jpAvAdCjVJNQpU5n1qRx7I/QgKCrsBESA/ fyfxRVBfgJ/ndUa4VAcqVsos1x0E5Tuhrc7AbmO73EqhxhRgMeRVrv8A4Poy5cdr FQWQNF2ASXAqgp6yx90sIYTKfZSCZwhkHYjQJPnP6p7Unicvp2WsmqsTYBNa4jNv O1p2p0M3XrNVky7HJmwgRG8NFq9YRadnvzts7ozPDY412zrbA8A9A+n2mR8i1Bp9 zWcSas0qeZXzr03G8Fl0eJ8pwwIDAQABo4ICsTCCAq0wHQYDVR0OBBYEFIzwF/GE tLxeXNBkZ4mjQ3VanadfMB8GA1UdIwQYMBaAFGG/PtTDv7wJFu+UgKr/IipDevAs MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzN0FCQy83MTNEOUZCMDFE NzgxMUUyODI4NjhEQzQwOEIwMkNEMi9ZYjgtMU1PX3ZBa1c3NVNBcXY4aUtrTjY4 Q3cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1liOC0xTU9fdkFrVzc1U0FxdjhpS2tONjhDdy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MzdBQkMvNzEzRDlGQjAxRDc4MTFFMjgyODY4REM0MDhCMDJDRDIvMEUwRjQxRUMz ODI4MTFFRThFOTY3QzE5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOwYIKwYBBQUHAQcBAf8E LDAqMCgEAgABMCIwDAMEBMpHcAMEAMpHdAMEAMpHeDAMAwQAykd7AwQAykd8MA0G CSqGSIb3DQEBCwUAA4IBAQAghO2vbqfumNiabunOqrm3vSuBwkwiYdAGIvCA6s/y XXl+ufy1J85T8km2Fd5tAKcK1Wv6EMb8LABD58mcfcHgiASEI/KcVjqsQV1NTtsI bA6U3qq/NvFzlQe+SmKbO/Mw3A/3XXkfbFuYTOchlvsSMk5rpfpr8KS2Kvj7ExX3 p9Zi/xz6wgKAvh2DvL/8rRFalg5FYeIBPepviKDLDW11MEQHBzoKA4W2qJhHIH0f hJuu2c0hTgau0q/liLMCWNtFhj25W7ex2Tm62Uwjfb9YfbLKytjAhMDcqG8/FsbI XR/rqIfFgZUdS1QhCumBqszUoXcPQNTs2f5dd9vaS1vq -----END CERTIFICATE-----Generated at Fri May 24 15:43:20 2024 by rpki-client on console-fra.rpki-client.org