$ rpki-client -vvf rpki.apnic.net/member_repository/A915D03A/1B647710924611E79AAEBE10C4F9AE02/CF2F506C8A0F11EA9DFF7F19C4F9AE02.roa File: CF2F506C8A0F11EA9DFF7F19C4F9AE02.roa (raw, json) Hash identifier: 6gtb6AhPFShF1arylzbncvuRBorrTqZFHHpBmtmstsU= Subject key identifier: 2F:01:E1:59:56:A3:26:79:AE:32:41:6D:CD:89:5D:D8:2E:B5:EB:2E Certificate issuer: /CN=A915D03A/serialNumber=615ED84C44E657F7095E0212AFEA052C542A0D91 Certificate serial: 191E Authority key identifier: 61:5E:D8:4C:44:E6:57:F7:09:5E:02:12:AF:EA:05:2C:54:2A:0D:91 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YV7YTETmV_cJXgISr-oFLFQqDZE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A915D03A/1B647710924611E79AAEBE10C4F9AE02/CF2F506C8A0F11EA9DFF7F19C4F9AE02.roa Signing time: Thu 10 Oct 2024 09:50:25 +0000 ROA not before: Thu 10 Oct 2024 09:50:25 +0000 ROA not after: Sun 02 Mar 2025 00:00:00 +0000 asID: 0 IP address blocks: 43.249.212.0/22 maxlen: 22 114.141.72.0/21 maxlen: 21 124.158.24.0/22 maxlen: 22 202.9.70.0/23 maxlen: 23 202.74.62.0/23 maxlen: 23 2404:4e00:ff::/48 maxlen: 48 2404:4e00:6000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A915D03A/1B647710924611E79AAEBE10C4F9AE02/YV7YTETmV_cJXgISr-oFLFQqDZE.crl rsync://rpki.apnic.net/member_repository/A915D03A/1B647710924611E79AAEBE10C4F9AE02/YV7YTETmV_cJXgISr-oFLFQqDZE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YV7YTETmV_cJXgISr-oFLFQqDZE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 Nov 2024 16:27:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6430 (0x191e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A915D03A/serialNumber=615ED84C44E657F7095E0212AFEA052C542A0D91 Validity Not Before: Oct 10 09:50:25 2024 GMT Not After : Mar 2 00:00:00 2025 GMT Subject: CN=6707a360-2aee Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:00:61:5c:95:b3:e0:b6:a7:7d:98:45:64:01: 00:21:1e:1b:32:b3:ce:8a:36:7d:84:06:a7:cd:c8: 9f:c1:09:8c:7e:bb:44:72:b6:0f:51:d2:4b:6a:47: 59:ca:cd:bc:3b:e9:f1:18:c5:3b:93:ac:0c:d9:81: fd:4f:7a:e2:6d:3a:91:b6:ba:7f:d0:f9:4b:90:67: 09:b1:81:f2:8d:35:33:82:ee:a5:4b:c7:87:35:9d: 63:fc:94:76:e4:ee:75:11:e3:77:be:8a:1d:b0:5f: 8c:3c:6f:72:3c:cf:0c:36:66:49:3a:fa:ab:22:e3: 5a:1d:d5:1d:74:3e:54:3d:85:87:d9:6b:95:84:70: 47:6f:73:75:61:7f:8c:bd:8e:32:4c:c5:df:98:cb: 6f:3b:28:0e:bd:cb:32:3e:be:5d:6c:50:e3:b0:fa: b0:2c:f1:cb:cc:53:c5:02:ee:ca:c3:02:2d:d3:c4: 78:59:76:b4:4c:da:7b:26:26:6c:22:93:8d:b5:1a: 6c:42:75:75:c3:ad:01:0b:7f:36:88:da:36:55:02: 48:1b:3c:75:8b:89:6f:8d:2a:22:22:73:14:d9:88: 56:42:5d:18:5b:9b:cb:ef:a1:fd:7c:6f:66:f6:21: 72:83:57:5d:49:1e:78:b1:52:bd:40:47:dd:ed:4b: ce:bf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2F:01:E1:59:56:A3:26:79:AE:32:41:6D:CD:89:5D:D8:2E:B5:EB:2E X509v3 Authority Key Identifier: keyid:61:5E:D8:4C:44:E6:57:F7:09:5E:02:12:AF:EA:05:2C:54:2A:0D:91 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A915D03A/1B647710924611E79AAEBE10C4F9AE02/YV7YTETmV_cJXgISr-oFLFQqDZE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YV7YTETmV_cJXgISr-oFLFQqDZE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915D03A/1B647710924611E79AAEBE10C4F9AE02/CF2F506C8A0F11EA9DFF7F19C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.249.212.0/22 114.141.72.0/21 124.158.24.0/22 202.9.70.0/23 202.74.62.0/23 IPv6: 2404:4e00:ff::/48 2404:4e00:6000::/40 Signature Algorithm: sha256WithRSAEncryption b6:c7:3e:02:02:65:1d:5d:37:2f:dc:00:72:b6:b4:e1:aa:85: ae:04:8f:c6:c0:08:93:b0:f8:ca:d8:5f:54:13:2d:37:fc:78: f0:11:a8:e1:ee:aa:c4:9f:e2:f5:59:13:60:b3:ab:7a:79:ad: 40:55:90:6e:6b:9e:cf:46:46:52:72:c6:a5:e5:a1:dc:44:86: 28:00:9b:d3:5e:d9:4b:4c:3d:18:3d:7b:2b:a6:b4:f9:ea:86: a3:47:31:7e:58:be:1c:e5:0d:52:8b:67:ec:ca:f5:84:81:19: 99:5a:da:f2:05:c9:50:db:05:fe:1c:52:cc:8c:b5:16:2a:23: ed:8e:a5:c8:ec:19:f1:2c:f1:15:f8:1f:23:b4:67:49:97:6c: a6:a6:ed:64:83:79:b5:9a:3b:75:9e:93:18:6c:76:2c:dc:e4: da:cf:da:b0:b8:50:79:1d:8f:a2:81:b4:b5:54:cb:f3:bb:65: 5c:6f:76:b4:2d:a8:42:bb:e1:80:af:f7:43:57:ba:cd:15:fe: 60:8f:2b:b7:f5:d8:ee:08:17:22:7a:e3:34:c4:0b:11:72:fd: 48:ac:9e:d6:e2:a6:7d:ed:ab:5a:1c:48:3b:8c:66:ec:6e:d3: 63:69:bb:d9:72:bb:05:5a:1c:97:ad:f7:cb:24:75:0c:b2:33: e2:81:52:fd -----BEGIN CERTIFICATE----- MIIFojCCBIqgAwIBAgICGR4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NUQwM0ExMTAvBgNVBAUTKDYxNUVEODRDNDRFNjU3RjcwOTVFMDIxMkFGRUEwNTJD NTQyQTBEOTEwHhcNMjQxMDEwMDk1MDI1WhcNMjUwMzAyMDAwMDAwWjAYMRYwFAYD VQQDEw02NzA3YTM2MC0yYWVlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAsQBhXJWz4LanfZhFZAEAIR4bMrPOijZ9hAanzcifwQmMfrtEcrYPUdJLakdZ ys28O+nxGMU7k6wM2YH9T3ribTqRtrp/0PlLkGcJsYHyjTUzgu6lS8eHNZ1j/JR2 5O51EeN3voodsF+MPG9yPM8MNmZJOvqrIuNaHdUddD5UPYWH2WuVhHBHb3N1YX+M vY4yTMXfmMtvOygOvcsyPr5dbFDjsPqwLPHLzFPFAu7KwwIt08R4WXa0TNp7JiZs IpONtRpsQnV1w60BC382iNo2VQJIGzx1i4lvjSoiInMU2YhWQl0YW5vL76H9fG9m 9iFyg1ddSR54sVK9QEfd7UvOvwIDAQABo4ICxjCCAsIwHQYDVR0OBBYEFC8B4VlW oyZ5rjJBbc2JXdgutesuMB8GA1UdIwQYMBaAFGFe2ExE5lf3CV4CEq/qBSxUKg2R MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1RDAzQS8xQjY0NzcxMDky NDYxMUU3OUFBRUJFMTBDNEY5QUUwMi9ZVjdZVEVUbVZfY0pYZ0lTci1vRkxGUXFE WkUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1lWN1lURVRtVl9jSlhnSVNyLW9GTEZRcURaRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NUQwM0EvMUI2NDc3MTA5MjQ2MTFFNzlBQUVCRTEwQzRGOUFFMDIvQ0YyRjUwNkM4 QTBGMTFFQTlERkY3RjE5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwUAYIKwYBBQUHAQcBAf8E QTA/MCQEAgABMB4DBAIr+dQDBANyjUgDBAJ8nhgDBAHKCUYDBAHKSj4wFwQCAAIw EQMHACQETgAA/wMGACQETgBgMA0GCSqGSIb3DQEBCwUAA4IBAQC2xz4CAmUdXTcv 3ABytrThqoWuBI/GwAiTsPjK2F9UEy03/HjwEajh7qrEn+L1WRNgs6t6ea1AVZBu a57PRkZScsal5aHcRIYoAJvTXtlLTD0YPXsrprT56oajRzF+WL4c5Q1Si2fsyvWE gRmZWtryBclQ2wX+HFLMjLUWKiPtjqXI7BnxLPEV+B8jtGdJl2ympu1kg3m1mjt1 npMYbHYs3OTaz9qwuFB5HY+igbS1VMvzu2Vcb3a0LahCu+GAr/dDV7rNFf5gjyu3 9djuCBcieuM0xAsRcv1IrJ7W4qZ97ataHEg7jGbsbtNjabvZcrsFWhyXrffLJHUM sjPigVL9 -----END CERTIFICATE-----Generated at Wed Nov 20 18:44:56 2024 by rpki-client on console-fra.rpki-client.org