$ rpki-client -vvf rpki.apnic.net/member_repository/A9158E3F/C24322BA544611EA8C05651DC4F9AE02/36036734FD5B11EEAC213C56C4F9AE02.roa File: 36036734FD5B11EEAC213C56C4F9AE02.roa (raw, json) Hash identifier: WXKgBz2Hy08Zv2taRhWDGc3vU76I53pHWZxuWxtnLbQ= Subject key identifier: 2E:EE:45:3C:01:9B:06:A3:7E:DC:C7:8A:9D:45:28:08:C7:C7:58:90 Certificate issuer: /CN=A9158E3F/serialNumber=7E313AB7FF26E783E03C07851612751881AE4918 Certificate serial: 0A81 Authority key identifier: 7E:31:3A:B7:FF:26:E7:83:E0:3C:07:85:16:12:75:18:81:AE:49:18 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fjE6t_8m54PgPAeFFhJ1GIGuSRg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9158E3F/C24322BA544611EA8C05651DC4F9AE02/36036734FD5B11EEAC213C56C4F9AE02.roa Signing time: Mon 29 Apr 2024 06:15:27 +0000 ROA not before: Mon 29 Apr 2024 06:15:27 +0000 ROA not after: Thu 31 Oct 2024 00:00:00 +0000 asID: 15830 IP address blocks: 27.111.128.0/22 maxlen: 22 103.8.176.0/22 maxlen: 22 103.8.180.0/22 maxlen: 22 180.189.56.0/21 maxlen: 21 202.167.232.0/24 maxlen: 24 202.167.234.0/23 maxlen: 23 202.167.248.0/23 maxlen: 23 202.167.255.0/24 maxlen: 24 202.177.192.0/24 maxlen: 24 202.177.199.0/24 maxlen: 24 202.177.200.0/23 maxlen: 23 202.177.201.0/24 maxlen: 24 202.177.204.0/23 maxlen: 23 2407:b000::/32 maxlen: 32 2407:b001::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9158E3F/C24322BA544611EA8C05651DC4F9AE02/fjE6t_8m54PgPAeFFhJ1GIGuSRg.crl rsync://rpki.apnic.net/member_repository/A9158E3F/C24322BA544611EA8C05651DC4F9AE02/fjE6t_8m54PgPAeFFhJ1GIGuSRg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fjE6t_8m54PgPAeFFhJ1GIGuSRg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 11 May 2024 19:44:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2689 (0xa81) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9158E3F/serialNumber=7E313AB7FF26E783E03C07851612751881AE4918 Validity Not Before: Apr 29 06:15:27 2024 GMT Not After : Oct 31 00:00:00 2024 GMT Subject: CN=662f3aff-88b0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:b1:ee:3c:bd:37:6c:c4:3b:7b:03:12:28:54: f8:38:dd:07:11:16:b3:19:75:65:ef:76:cc:f9:24: 49:07:31:6f:6c:db:d1:54:7a:9d:da:a5:4c:1d:c9: e1:b3:13:3f:18:f7:54:9c:ae:d2:be:0d:47:31:4e: df:37:9d:67:3a:05:a8:50:35:2c:bf:b0:ef:47:27: 36:76:f4:24:14:68:98:b9:78:5c:7e:3b:bd:98:e5: d9:e9:33:bf:9b:d6:da:52:1e:42:38:a5:10:61:35: 1d:23:42:b8:93:f2:f8:3b:1d:eb:71:ae:f2:35:02: b9:55:b1:06:bd:95:66:38:a5:bc:a4:8c:7e:9b:a3: b1:b1:6d:c3:28:cf:5f:27:1a:e5:8a:5a:63:89:51: f0:88:8d:30:a8:c8:17:16:06:fb:81:6e:a4:99:62: c7:99:7d:c1:c4:fd:8c:b4:cb:ca:c4:0f:34:88:00: 61:1a:ad:c1:b5:67:49:e9:db:8e:bf:bb:52:39:81: 2f:43:42:60:89:df:78:9e:73:be:81:1a:d9:b4:0d: 1f:4a:c4:65:09:17:74:0e:e6:84:c0:68:1e:14:ec: 2e:fb:3e:8e:f1:29:ca:ff:62:92:32:de:2d:99:90: 9c:4e:dc:bd:4f:9d:6a:bc:42:db:89:3b:c6:71:e9: 46:91 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2E:EE:45:3C:01:9B:06:A3:7E:DC:C7:8A:9D:45:28:08:C7:C7:58:90 X509v3 Authority Key Identifier: keyid:7E:31:3A:B7:FF:26:E7:83:E0:3C:07:85:16:12:75:18:81:AE:49:18 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9158E3F/C24322BA544611EA8C05651DC4F9AE02/fjE6t_8m54PgPAeFFhJ1GIGuSRg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fjE6t_8m54PgPAeFFhJ1GIGuSRg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9158E3F/C24322BA544611EA8C05651DC4F9AE02/36036734FD5B11EEAC213C56C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 27.111.128.0/22 103.8.176.0/21 180.189.56.0/21 202.167.232.0/24 202.167.234.0/23 202.167.248.0/23 202.167.255.0/24 202.177.192.0/24 202.177.199.0-202.177.201.255 202.177.204.0/23 IPv6: 2407:b000::/31 Signature Algorithm: sha256WithRSAEncryption 11:68:15:a7:d8:e6:eb:96:b6:48:2b:72:f5:07:e5:b7:7f:1c: d6:a3:27:ca:40:f4:a0:32:3b:36:23:18:8a:6c:05:2c:04:13: da:1b:6f:eb:48:6e:4e:d0:21:ec:2a:28:7a:e3:94:81:e5:cc: c6:87:5c:88:c9:a6:0d:46:21:34:b5:ae:37:21:46:23:d3:a6: 96:c7:48:0f:b9:04:8f:2b:42:31:40:da:a6:c7:b6:49:58:b9: 58:3f:9f:53:a3:12:85:69:53:f3:5d:f3:27:fe:e5:85:90:10: cd:e6:2d:12:0c:de:86:19:e6:b3:e7:9d:03:64:81:a0:50:f9: c3:36:c4:65:13:0b:98:32:fb:7e:3b:5d:2b:be:c6:d1:06:33: 0d:8d:de:5a:84:ae:d5:52:32:0c:5d:e3:5a:97:b9:8f:4e:5a: fe:6b:94:ad:95:a1:5d:87:35:5a:19:ea:a6:04:8a:06:ea:c5: 85:1b:d4:e4:19:51:87:f5:94:62:c0:16:51:19:c2:d5:7f:73: 28:57:1f:02:ad:41:f5:3a:ab:68:78:ff:a3:75:96:2c:f4:2b: 58:f5:3e:ad:c6:72:a4:6b:3a:16:d9:79:39:ca:e0:b6:eb:d7: 2e:88:f6:0c:b2:e7:c4:84:25:4c:9e:c0:cd:3a:00:e2:07:99: 29:f4:ee:e6 -----BEGIN CERTIFICATE----- MIIFvjCCBKagAwIBAgICCoEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NThFM0YxMTAvBgNVBAUTKDdFMzEzQUI3RkYyNkU3ODNFMDNDMDc4NTE2MTI3NTE4 ODFBRTQ5MTgwHhcNMjQwNDI5MDYxNTI3WhcNMjQxMDMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NjJmM2FmZi04OGIwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvrHuPL03bMQ7ewMSKFT4ON0HERazGXVl73bM+SRJBzFvbNvRVHqd2qVMHcnh sxM/GPdUnK7Svg1HMU7fN51nOgWoUDUsv7DvRyc2dvQkFGiYuXhcfju9mOXZ6TO/ m9baUh5COKUQYTUdI0K4k/L4Ox3rca7yNQK5VbEGvZVmOKW8pIx+m6OxsW3DKM9f JxrlilpjiVHwiI0wqMgXFgb7gW6kmWLHmX3BxP2MtMvKxA80iABhGq3BtWdJ6duO v7tSOYEvQ0Jgid94nnO+gRrZtA0fSsRlCRd0DuaEwGgeFOwu+z6O8SnK/2KSMt4t mZCcTty9T51qvELbiTvGcelGkQIDAQABo4IC4jCCAt4wHQYDVR0OBBYEFC7uRTwB mwajftzHip1FKAjHx1iQMB8GA1UdIwQYMBaAFH4xOrf/JueD4DwHhRYSdRiBrkkY MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1OEUzRi9DMjQzMjJCQTU0 NDYxMUVBOEMwNTY1MURDNEY5QUUwMi9makU2dF84bTU0UGdQQWVGRmhKMUdJR3VT UmcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2ZqRTZ0XzhtNTRQZ1BBZUZGaEoxR0lHdVNSZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NThFM0YvQzI0MzIyQkE1NDQ2MTFFQThDMDU2NTFEQzRGOUFFMDIvMzYwMzY3MzRG RDVCMTFFRUFDMjEzQzU2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwbAYIKwYBBQUHAQcBAf8E XTBbMEoEAgABMEQDBAIbb4ADBANnCLADBAO0vTgDBADKp+gDBAHKp+oDBAHKp/gD BADKp/8DBADKscAwDAMEAMqxxwMEAcqxyAMEAcqxzDANBAIAAjAHAwUBJAewADAN BgkqhkiG9w0BAQsFAAOCAQEAEWgVp9jm65a2SCty9Qflt38c1qMnykD0oDI7NiMY imwFLAQT2htv60huTtAh7CooeuOUgeXMxodciMmmDUYhNLWuNyFGI9OmlsdID7kE jytCMUDapse2SVi5WD+fU6MShWlT813zJ/7lhZAQzeYtEgzehhnms+edA2SBoFD5 wzbEZRMLmDL7fjtdK77G0QYzDY3eWoSu1VIyDF3jWpe5j05a/muUrZWhXYc1Whnq pgSKBurFhRvU5BlRh/WUYsAWURnC1X9zKFcfAq1B9TqraHj/o3WWLPQrWPU+rcZy pGs6Ftl5OcrgtuvXLoj2DLLnxIQlTJ7AzToA4geZKfTu5g== -----END CERTIFICATE-----Generated at Sat May 4 21:32:58 2024 by rpki-client on console-fra.rpki-client.org