$ rpki-client -vvf rpki.apnic.net/member_repository/A9149F3E/AC52B7481D8211E2BC6417D708B02CD2/862D18003A1011EDB5225E73C4F9AE02.roa File: 862D18003A1011EDB5225E73C4F9AE02.roa (raw, json) Hash identifier: bKNpA+6RQ0GT2A+sq3T0s0Oiepx9w2ya8TScMPEFe9I= Subject key identifier: CE:5C:62:DF:A4:95:76:C1:F9:82:E2:93:1A:03:4A:8F:6A:30:47:7B Certificate issuer: /CN=A9149F3E/serialNumber=EB389FB339B3908D549A65390C92E15F9DF7C54B Certificate serial: 34DE Authority key identifier: EB:38:9F:B3:39:B3:90:8D:54:9A:65:39:0C:92:E1:5F:9D:F7:C5:4B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6zifszmzkI1UmmU5DJLhX533xUs.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9149F3E/AC52B7481D8211E2BC6417D708B02CD2/862D18003A1011EDB5225E73C4F9AE02.roa Signing time: Tue 26 Sep 2023 14:30:23 +0000 ROA not before: Tue 26 Sep 2023 14:30:23 +0000 ROA not after: Sat 31 Aug 2024 00:00:00 +0000 asID: 209242 IP address blocks: 119.59.0.0/20 maxlen: 20 119.59.0.0/24 maxlen: 24 119.59.1.0/24 maxlen: 24 119.59.2.0/24 maxlen: 24 119.59.3.0/24 maxlen: 24 119.59.4.0/24 maxlen: 24 119.59.5.0/24 maxlen: 24 119.59.6.0/24 maxlen: 24 119.59.7.0/24 maxlen: 24 119.59.8.0/24 maxlen: 24 119.59.9.0/24 maxlen: 24 119.59.10.0/24 maxlen: 24 119.59.11.0/24 maxlen: 24 119.59.12.0/24 maxlen: 24 119.59.13.0/24 maxlen: 24 119.59.14.0/24 maxlen: 24 119.59.15.0/24 maxlen: 24 119.59.16.0/24 maxlen: 24 119.59.17.0/24 maxlen: 24 119.59.18.0/24 maxlen: 24 119.59.19.0/24 maxlen: 24 119.59.20.0/24 maxlen: 24 119.59.21.0/24 maxlen: 24 119.59.22.0/24 maxlen: 24 119.59.23.0/24 maxlen: 24 210.126.126.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9149F3E/AC52B7481D8211E2BC6417D708B02CD2/6zifszmzkI1UmmU5DJLhX533xUs.crl rsync://rpki.apnic.net/member_repository/A9149F3E/AC52B7481D8211E2BC6417D708B02CD2/6zifszmzkI1UmmU5DJLhX533xUs.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6zifszmzkI1UmmU5DJLhX533xUs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 13 May 2024 14:23:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13534 (0x34de) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9149F3E/serialNumber=EB389FB339B3908D549A65390C92E15F9DF7C54B Validity Not Before: Sep 26 14:30:23 2023 GMT Not After : Aug 31 00:00:00 2024 GMT Subject: CN=6512eaff-4a8e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:23:6d:60:6e:18:a4:0a:46:e1:b3:57:d9:65: 36:99:ab:10:58:8c:b5:7a:dd:8b:aa:40:42:a8:75: ec:4f:3a:a7:55:5f:9c:0b:5c:6f:2a:20:e6:59:b5: 1b:13:86:7d:35:a6:86:6d:cc:fd:56:96:90:8e:92: 9b:58:da:1d:03:89:da:08:b1:38:1b:b9:35:43:bc: b9:4a:4f:46:0a:87:8e:aa:94:fc:9e:42:ee:18:07: de:74:44:54:3b:69:41:22:b8:45:e9:08:a8:db:ad: ad:ac:14:f2:5d:55:8c:c8:fb:8c:e3:cc:38:cc:76: 37:07:53:a6:30:de:63:12:be:1b:ba:10:37:50:24: aa:3d:e4:ac:49:17:83:0c:11:96:6d:59:89:cb:c0: f9:93:32:67:a1:88:19:27:4f:4b:5b:26:36:9d:9b: 01:3a:13:6e:d8:a6:b2:70:18:50:3f:67:90:0e:23: 61:fb:5f:a9:67:3c:3b:2d:6d:5e:ce:80:11:7e:6b: d2:7e:ba:fc:f7:9d:73:c8:a5:19:97:78:78:63:0a: 8b:7c:3f:17:92:e7:0b:5a:ab:2b:69:bc:31:99:6a: da:39:f2:ff:2a:b6:f3:04:e9:ce:18:c4:a8:a9:bf: 7e:f4:02:32:ed:df:69:e9:b6:ea:2a:7a:d7:7c:b0: ce:83 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CE:5C:62:DF:A4:95:76:C1:F9:82:E2:93:1A:03:4A:8F:6A:30:47:7B X509v3 Authority Key Identifier: keyid:EB:38:9F:B3:39:B3:90:8D:54:9A:65:39:0C:92:E1:5F:9D:F7:C5:4B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9149F3E/AC52B7481D8211E2BC6417D708B02CD2/6zifszmzkI1UmmU5DJLhX533xUs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6zifszmzkI1UmmU5DJLhX533xUs.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9149F3E/AC52B7481D8211E2BC6417D708B02CD2/862D18003A1011EDB5225E73C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 119.59.0.0-119.59.23.255 210.126.126.0/24 Signature Algorithm: sha256WithRSAEncryption 06:c7:1f:2f:1b:72:9e:98:1c:4d:e4:29:76:f0:6a:31:b7:72: 92:f5:ba:b7:e7:dc:b6:8c:76:74:ca:20:a2:49:b2:2b:cb:d5: 78:2b:57:d7:a7:42:7c:70:52:9f:4e:70:1b:f5:f5:dd:43:28: e5:95:f5:81:5e:a6:08:c6:37:c1:fd:09:fe:08:ca:71:db:e0: 29:bb:c8:dd:3a:f3:c3:aa:a3:fc:ac:a7:e2:29:1c:85:c2:12: b6:88:b9:20:ef:39:71:67:dd:ea:2c:de:58:f2:f9:47:db:7f: 34:09:da:82:e2:aa:60:31:fa:d4:91:e1:a4:07:99:9d:ec:df: 82:b4:36:a1:35:8a:0a:6b:1a:ba:77:c2:30:5f:3d:1c:fa:26: ff:9f:01:91:06:79:2d:38:65:dd:59:d4:a1:b1:75:cf:ad:ac: 0d:a5:d4:b2:93:61:61:c6:9b:71:8c:9e:cf:aa:8d:a1:2c:ce: ab:1f:85:3a:c5:ea:d7:74:8e:c7:2d:47:e1:db:63:08:0f:4a: 76:79:c1:e6:c7:67:7c:05:61:62:ff:ed:4b:89:d7:8c:cc:56: da:de:4d:e5:3a:c7:5a:e1:c5:ec:6f:64:27:b7:70:e6:fd:46: 04:1e:0a:5b:f0:7d:74:6a:c1:b1:29:81:59:04:b6:45:42:fe: 0d:a6:ed:f1 -----BEGIN CERTIFICATE----- MIIFfjCCBGagAwIBAgICNN4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDlGM0UxMTAvBgNVBAUTKEVCMzg5RkIzMzlCMzkwOEQ1NDlBNjUzOTBDOTJFMTVG OURGN0M1NEIwHhcNMjMwOTI2MTQzMDIzWhcNMjQwODMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NTEyZWFmZi00YThlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAuiNtYG4YpApG4bNX2WU2masQWIy1et2LqkBCqHXsTzqnVV+cC1xvKiDmWbUb E4Z9NaaGbcz9VpaQjpKbWNodA4naCLE4G7k1Q7y5Sk9GCoeOqpT8nkLuGAfedERU O2lBIrhF6Qio262trBTyXVWMyPuM48w4zHY3B1OmMN5jEr4buhA3UCSqPeSsSReD DBGWbVmJy8D5kzJnoYgZJ09LWyY2nZsBOhNu2KaycBhQP2eQDiNh+1+pZzw7LW1e zoARfmvSfrr8951zyKUZl3h4YwqLfD8XkucLWqsrabwxmWraOfL/KrbzBOnOGMSo qb9+9AIy7d9p6bbqKnrXfLDOgwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFM5cYt+k lXbB+YLikxoDSo9qMEd7MB8GA1UdIwQYMBaAFOs4n7M5s5CNVJplOQyS4V+d98VL MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0OUYzRS9BQzUyQjc0ODFE ODIxMUUyQkM2NDE3RDcwOEIwMkNEMi82emlmc3ptemtJMVVtbVU1REpMaFg1MzN4 VXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzZ6aWZzem16a0kxVW1tVTVESkxoWDUzM3hVcy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NDlGM0UvQUM1MkI3NDgxRDgyMTFFMkJDNjQxN0Q3MDhCMDJDRDIvODYyRDE4MDAz QTEwMTFFREI1MjI1RTczQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLAYIKwYBBQUHAQcBAf8E HTAbMBkEAgABMBMwCwMDAHc7AwQDdzsQAwQA0n5+MA0GCSqGSIb3DQEBCwUAA4IB AQAGxx8vG3KemBxN5Cl28Goxt3KS9bq359y2jHZ0yiCiSbIry9V4K1fXp0J8cFKf TnAb9fXdQyjllfWBXqYIxjfB/Qn+CMpx2+Apu8jdOvPDqqP8rKfiKRyFwhK2iLkg 7zlxZ93qLN5Y8vlH2380CdqC4qpgMfrUkeGkB5md7N+CtDahNYoKaxq6d8IwXz0c +ib/nwGRBnktOGXdWdShsXXPrawNpdSyk2FhxptxjJ7Pqo2hLM6rH4U6xerXdI7H LUfh22MID0p2ecHmx2d8BWFi/+1LideMzFba3k3lOsda4cXsb2Qnt3Dm/UYEHgpb 8H10asGxKYFZBLZFQv4Npu3x -----END CERTIFICATE-----Generated at Mon May 6 17:35:37 2024 by rpki-client on console-fra.rpki-client.org