$ rpki-client -vvf rpki.apnic.net/member_repository/A91683D2/19C55F6C1D8B11E290C578E508B02CD2/2DD1EECEEC7A11EEBAE5E319C4F9AE02.roa File: 2DD1EECEEC7A11EEBAE5E319C4F9AE02.roa (raw, json) Hash identifier: 3h774Pe1HYN4QG3xrWyvk1D9gE9ttAqrp4hVNxr3C08= Subject key identifier: 75:D7:3D:C4:DB:52:8E:FB:D5:B8:3C:77:98:34:D7:EA:BD:E2:9F:E8 Certificate issuer: /CN=A91683D2/serialNumber=B1ACFB85149B86A11015D601810E314F6948C1CF Certificate serial: 33B8 Authority key identifier: B1:AC:FB:85:14:9B:86:A1:10:15:D6:01:81:0E:31:4F:69:48:C1:CF Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/saz7hRSbhqEQFdYBgQ4xT2lIwc8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91683D2/19C55F6C1D8B11E290C578E508B02CD2/2DD1EECEEC7A11EEBAE5E319C4F9AE02.roa Signing time: Mon 01 Apr 2024 20:59:31 +0000 ROA not before: Mon 01 Apr 2024 20:59:31 +0000 ROA not after: Mon 30 Dec 2024 00:00:00 +0000 asID: 4770 IP address blocks: 202.14.100.0/24 maxlen: 24 202.36.36.0/22 maxlen: 22 202.37.140.0/22 maxlen: 22 202.37.144.0/21 maxlen: 21 202.37.200.0/22 maxlen: 22 202.37.224.0/21 maxlen: 21 202.41.136.0/22 maxlen: 22 202.74.224.0/21 maxlen: 21 210.48.0.0/17 maxlen: 17 210.56.32.0/20 maxlen: 20 210.185.0.0/18 maxlen: 18 2405:6000::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91683D2/19C55F6C1D8B11E290C578E508B02CD2/saz7hRSbhqEQFdYBgQ4xT2lIwc8.crl rsync://rpki.apnic.net/member_repository/A91683D2/19C55F6C1D8B11E290C578E508B02CD2/saz7hRSbhqEQFdYBgQ4xT2lIwc8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/saz7hRSbhqEQFdYBgQ4xT2lIwc8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 25 May 2024 14:38:01 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13240 (0x33b8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91683D2/serialNumber=B1ACFB85149B86A11015D601810E314F6948C1CF Validity Not Before: Apr 1 20:59:31 2024 GMT Not After : Dec 30 00:00:00 2024 GMT Subject: CN=660b2032-6f8a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e1:04:1e:23:e7:cb:40:6e:70:ac:b4:63:14:2f: 74:04:9e:1e:65:2b:b2:c2:6d:62:d0:6b:4b:1c:b3: fc:42:e9:bd:b8:b4:f0:ff:21:f7:ed:7a:7c:39:ca: e0:4e:4a:6e:10:6e:38:58:b1:3b:f9:8a:7a:f6:cf: 46:6f:8b:c4:bc:54:5b:b7:47:16:76:27:15:3e:40: 86:a8:61:29:68:c7:ca:85:d0:1d:e0:1a:cb:c8:2b: 25:f2:b4:96:d4:0c:14:c3:f5:7e:5f:9f:95:bf:a6: cd:31:51:26:87:3f:f8:5a:5e:d4:52:ed:b2:8a:cb: ea:a0:0c:bd:2a:6f:f2:f7:60:d3:27:38:ec:84:fe: 79:61:fb:60:19:f1:69:bc:21:c9:ea:bc:91:de:08: 54:eb:a0:b7:b4:5b:09:c2:5c:c4:0e:7b:42:84:2d: 64:7a:ed:09:0e:46:33:af:68:8e:3e:ea:7f:58:e7: 73:bb:94:f0:88:33:ea:5f:17:ee:7d:8d:cf:1b:4d: 0e:2e:83:b6:3b:fa:8c:9a:92:12:0b:52:ee:23:e8: 4f:0c:7c:46:4b:37:a9:03:b9:fa:18:63:cd:3c:02: 7a:87:f9:94:25:7b:79:f6:bb:27:f7:50:ae:31:8a: 97:b2:b4:76:b7:37:f0:79:94:db:de:b8:57:05:48: 44:49 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 75:D7:3D:C4:DB:52:8E:FB:D5:B8:3C:77:98:34:D7:EA:BD:E2:9F:E8 X509v3 Authority Key Identifier: keyid:B1:AC:FB:85:14:9B:86:A1:10:15:D6:01:81:0E:31:4F:69:48:C1:CF X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91683D2/19C55F6C1D8B11E290C578E508B02CD2/saz7hRSbhqEQFdYBgQ4xT2lIwc8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/saz7hRSbhqEQFdYBgQ4xT2lIwc8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91683D2/19C55F6C1D8B11E290C578E508B02CD2/2DD1EECEEC7A11EEBAE5E319C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 202.14.100.0/24 202.36.36.0/22 202.37.140.0-202.37.151.255 202.37.200.0/22 202.37.224.0/21 202.41.136.0/22 202.74.224.0/21 210.48.0.0/17 210.56.32.0/20 210.185.0.0/18 IPv6: 2405:6000::/32 Signature Algorithm: sha256WithRSAEncryption 4c:e6:5f:9d:3d:d0:65:0f:f2:b0:11:9f:0d:34:ff:21:f1:80: 28:04:ac:36:41:08:62:ad:e2:9c:cb:f6:69:3c:ff:51:47:73: a3:37:3c:e0:43:60:ad:ff:d4:18:c7:77:77:16:72:00:52:0a: 67:a2:8c:8a:4e:b9:f3:6b:f7:15:83:bf:ca:08:29:2b:ef:55: 43:42:24:88:74:aa:bd:ca:3a:39:72:ae:99:0b:d3:03:1f:42: 85:0b:47:1c:bc:9a:2c:97:73:dd:1c:d0:57:8e:12:d5:8b:2e: be:4a:4d:13:69:6d:a8:03:58:0e:ad:fc:08:11:fb:be:cf:97: bb:b6:58:49:57:23:9e:63:60:d0:df:5b:ae:b8:fa:35:91:1a: 1b:4c:36:19:7a:ed:e8:a7:28:d7:56:27:6b:bf:4c:f0:31:59: 3d:d4:d1:7e:b4:61:94:37:8f:73:30:b3:08:3e:ea:82:e7:97: fc:95:5e:e7:10:ef:fc:6c:98:b3:40:b2:4e:be:dd:bc:f0:a0: 33:5c:5c:ef:bf:95:65:c1:66:42:0a:70:d6:c2:32:94:20:27: 14:72:e4:48:c3:0a:bd:55:e8:a9:b3:01:d4:02:d1:aa:50:dd: 1b:96:d9:30:66:f6:54:02:86:45:52:45:25:5a:d9:40:d3:e7: 6b:50:ae:f5 -----BEGIN CERTIFICATE----- MIIFvjCCBKagAwIBAgICM7gwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NjgzRDIxMTAvBgNVBAUTKEIxQUNGQjg1MTQ5Qjg2QTExMDE1RDYwMTgxMEUzMTRG Njk0OEMxQ0YwHhcNMjQwNDAxMjA1OTMxWhcNMjQxMjMwMDAwMDAwWjAYMRYwFAYD VQQDEw02NjBiMjAzMi02ZjhhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA4QQeI+fLQG5wrLRjFC90BJ4eZSuywm1i0GtLHLP8Qum9uLTw/yH37Xp8Ocrg TkpuEG44WLE7+Yp69s9Gb4vEvFRbt0cWdicVPkCGqGEpaMfKhdAd4BrLyCsl8rSW 1AwUw/V+X5+Vv6bNMVEmhz/4Wl7UUu2yisvqoAy9Km/y92DTJzjshP55YftgGfFp vCHJ6ryR3ghU66C3tFsJwlzEDntChC1keu0JDkYzr2iOPup/WOdzu5TwiDPqXxfu fY3PG00OLoO2O/qMmpISC1LuI+hPDHxGSzepA7n6GGPNPAJ6h/mUJXt59rsn91Cu MYqXsrR2tzfweZTb3rhXBUhESQIDAQABo4IC4jCCAt4wHQYDVR0OBBYEFHXXPcTb Uo771bg8d5g01+q94p/oMB8GA1UdIwQYMBaAFLGs+4UUm4ahEBXWAYEOMU9pSMHP MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2ODNEMi8xOUM1NUY2QzFE OEIxMUUyOTBDNTc4RTUwOEIwMkNEMi9zYXo3aFJTYmhxRVFGZFlCZ1E0eFQybEl3 YzguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3NhejdoUlNiaHFFUUZkWUJnUTR4VDJsSXdjOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NjgzRDIvMTlDNTVGNkMxRDhCMTFFMjkwQzU3OEU1MDhCMDJDRDIvMkREMUVFQ0VF QzdBMTFFRUJBRTVFMzE5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwbAYIKwYBBQUHAQcBAf8E XTBbMEoEAgABMEQDBADKDmQDBALKJCQwDAMEAsoljAMEA8olkAMEAsolyAMEA8ol 4AMEAsopiAMEA8pK4AMEB9IwAAMEBNI4IAMEBtK5ADANBAIAAjAHAwUAJAVgADAN BgkqhkiG9w0BAQsFAAOCAQEATOZfnT3QZQ/ysBGfDTT/IfGAKASsNkEIYq3inMv2 aTz/UUdzozc84ENgrf/UGMd3dxZyAFIKZ6KMik6582v3FYO/yggpK+9VQ0IkiHSq vco6OXKumQvTAx9ChQtHHLyaLJdz3RzQV44S1YsuvkpNE2ltqANYDq38CBH7vs+X u7ZYSVcjnmNg0N9brrj6NZEaG0w2GXrt6Kco11Yna79M8DFZPdTRfrRhlDePczCz CD7qgueX/JVe5xDv/GyYs0CyTr7dvPCgM1xc77+VZcFmQgpw1sIylCAnFHLkSMMK vVXoqbMB1ALRqlDdG5bZMGb2VAKGRVJFJVrZQNPna1Cu9Q== -----END CERTIFICATE-----Generated at Sat May 18 15:58:22 2024 by rpki-client on console-ams.rpki-client.org