$ rpki-client -vvf rpki.apnic.net/member_repository/A91683D2/19C55F6C1D8B11E290C578E508B02CD2/2DD1EECEEC7A11EEBAE5E319C4F9AE02.roa File: 2DD1EECEEC7A11EEBAE5E319C4F9AE02.roa (raw, json) Hash identifier: LYYe0/ugE0YWppDV9+N/oSDl4IKiJUQFEaZM88DJJ/s= Subject key identifier: D2:C7:AC:7C:2C:30:94:D6:35:37:1B:91:2B:46:44:3A:AC:20:A3:3C Certificate issuer: /CN=A91683D2/serialNumber=B1ACFB85149B86A11015D601810E314F6948C1CF Certificate serial: 342D Authority key identifier: B1:AC:FB:85:14:9B:86:A1:10:15:D6:01:81:0E:31:4F:69:48:C1:CF Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/saz7hRSbhqEQFdYBgQ4xT2lIwc8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91683D2/19C55F6C1D8B11E290C578E508B02CD2/2DD1EECEEC7A11EEBAE5E319C4F9AE02.roa Signing time: Wed 06 Nov 2024 15:00:46 +0000 ROA not before: Wed 06 Nov 2024 15:00:46 +0000 ROA not after: Tue 30 Dec 2025 00:00:00 +0000 asID: 4770 IP address blocks: 202.14.100.0/24 maxlen: 24 202.36.36.0/22 maxlen: 22 202.37.140.0/22 maxlen: 22 202.37.144.0/21 maxlen: 21 202.37.200.0/22 maxlen: 22 202.37.224.0/21 maxlen: 21 202.41.136.0/22 maxlen: 22 202.74.224.0/21 maxlen: 21 210.48.0.0/17 maxlen: 17 210.56.32.0/20 maxlen: 20 210.185.0.0/18 maxlen: 18 2405:6000::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91683D2/19C55F6C1D8B11E290C578E508B02CD2/saz7hRSbhqEQFdYBgQ4xT2lIwc8.crl rsync://rpki.apnic.net/member_repository/A91683D2/19C55F6C1D8B11E290C578E508B02CD2/saz7hRSbhqEQFdYBgQ4xT2lIwc8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/saz7hRSbhqEQFdYBgQ4xT2lIwc8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 Nov 2024 14:34:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13357 (0x342d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91683D2/serialNumber=B1ACFB85149B86A11015D601810E314F6948C1CF Validity Not Before: Nov 6 15:00:46 2024 GMT Not After : Dec 30 00:00:00 2025 GMT Subject: CN=672b849e-1913 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:db:69:33:79:8e:54:41:cb:f5:c8:30:0d:65:ea: 0c:dd:b9:a7:fc:db:5b:88:99:59:0a:05:4d:da:0f: 1b:18:af:94:f9:e9:a5:0a:ed:29:c0:2a:9f:a3:71: 7c:d5:e6:38:4a:3b:98:50:b2:21:b1:03:b5:34:1b: 83:34:5b:8d:2b:7a:61:4b:e1:72:7d:35:2f:a6:62: cc:06:e1:d7:0a:c1:e1:29:a6:f3:06:1d:3a:0b:a2: 3b:e8:22:0b:cd:c7:82:4d:0f:7e:28:24:d5:8e:94: 69:ed:dd:24:36:6e:7e:57:1b:d4:e3:8e:d6:0a:c0: d5:d6:17:58:fc:a2:7a:dc:85:9c:6e:9b:5e:c2:e1: 79:dd:9b:ed:d2:00:05:97:88:83:ab:5f:81:6b:7d: ec:e4:2b:1c:da:83:ae:68:9a:73:be:e7:9a:e2:12: 4f:81:16:c2:93:9c:0e:95:2c:26:f2:d8:51:60:48: 66:a9:c0:c3:fd:b5:19:cb:66:b9:69:16:60:4e:37: 13:bc:44:c5:4c:ab:0e:30:43:86:a7:32:f3:20:3c: 30:eb:ee:23:f4:e1:97:22:31:a1:f7:bd:ac:3f:8d: 7f:cb:f0:7b:6e:63:b3:f4:97:13:83:55:ab:de:ee: 9d:63:39:df:c0:09:e2:65:7f:99:12:bb:10:88:a7: be:27 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D2:C7:AC:7C:2C:30:94:D6:35:37:1B:91:2B:46:44:3A:AC:20:A3:3C X509v3 Authority Key Identifier: keyid:B1:AC:FB:85:14:9B:86:A1:10:15:D6:01:81:0E:31:4F:69:48:C1:CF X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91683D2/19C55F6C1D8B11E290C578E508B02CD2/saz7hRSbhqEQFdYBgQ4xT2lIwc8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/saz7hRSbhqEQFdYBgQ4xT2lIwc8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91683D2/19C55F6C1D8B11E290C578E508B02CD2/2DD1EECEEC7A11EEBAE5E319C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 202.14.100.0/24 202.36.36.0/22 202.37.140.0-202.37.151.255 202.37.200.0/22 202.37.224.0/21 202.41.136.0/22 202.74.224.0/21 210.48.0.0/17 210.56.32.0/20 210.185.0.0/18 IPv6: 2405:6000::/32 Signature Algorithm: sha256WithRSAEncryption 19:0d:37:9d:5f:e7:f8:0a:18:9e:3b:04:dd:14:e2:a4:09:c8: f5:66:05:93:b1:ff:03:f9:22:96:46:e8:47:cc:66:69:93:0f: 49:63:be:e9:7f:3a:59:da:28:fa:21:04:0f:7f:79:1f:c4:61: 3c:ea:79:5a:1a:4b:0a:bb:13:97:11:32:b9:52:70:fa:c8:9d: 55:df:de:4a:27:27:9b:79:86:9b:d1:15:ed:e6:44:5c:e3:26: f6:2b:90:fd:85:a0:a1:f6:89:96:66:94:b0:a8:2c:da:b4:5e: ac:d2:b8:e2:c8:08:67:e7:8f:75:72:21:9c:31:c9:bf:7d:bf: f9:9e:b8:7e:8f:99:50:55:e8:ea:97:66:84:d7:5d:ca:4c:e3: c7:0f:d2:c0:76:d4:34:04:17:6e:e0:0a:67:d6:6c:63:80:0d: c3:32:fd:1f:e9:88:24:50:47:96:a8:37:e4:15:cb:7b:91:b6: 1e:00:d7:2b:6d:09:90:26:5a:4c:66:9c:d1:f0:11:83:5a:c4: 63:f1:df:46:fe:fd:a7:23:6e:39:8b:29:d1:6e:14:e9:2f:5c: 70:81:40:03:d4:fd:4c:dd:90:0d:51:7c:06:93:cc:03:80:74: 72:f4:f3:e7:0b:f8:55:cb:81:e7:80:27:80:e2:8b:08:d1:af: 8d:d6:99:27 -----BEGIN CERTIFICATE----- MIIFvjCCBKagAwIBAgICNC0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NjgzRDIxMTAvBgNVBAUTKEIxQUNGQjg1MTQ5Qjg2QTExMDE1RDYwMTgxMEUzMTRG Njk0OEMxQ0YwHhcNMjQxMTA2MTUwMDQ2WhcNMjUxMjMwMDAwMDAwWjAYMRYwFAYD VQQDEw02NzJiODQ5ZS0xOTEzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA22kzeY5UQcv1yDANZeoM3bmn/NtbiJlZCgVN2g8bGK+U+emlCu0pwCqfo3F8 1eY4SjuYULIhsQO1NBuDNFuNK3phS+FyfTUvpmLMBuHXCsHhKabzBh06C6I76CIL zceCTQ9+KCTVjpRp7d0kNm5+VxvU447WCsDV1hdY/KJ63IWcbptewuF53Zvt0gAF l4iDq1+Ba33s5Csc2oOuaJpzvuea4hJPgRbCk5wOlSwm8thRYEhmqcDD/bUZy2a5 aRZgTjcTvETFTKsOMEOGpzLzIDww6+4j9OGXIjGh972sP41/y/B7bmOz9JcTg1Wr 3u6dYznfwAniZX+ZErsQiKe+JwIDAQABo4IC4jCCAt4wHQYDVR0OBBYEFNLHrHws MJTWNTcbkStGRDqsIKM8MB8GA1UdIwQYMBaAFLGs+4UUm4ahEBXWAYEOMU9pSMHP MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2ODNEMi8xOUM1NUY2QzFE OEIxMUUyOTBDNTc4RTUwOEIwMkNEMi9zYXo3aFJTYmhxRVFGZFlCZ1E0eFQybEl3 YzguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3NhejdoUlNiaHFFUUZkWUJnUTR4VDJsSXdjOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NjgzRDIvMTlDNTVGNkMxRDhCMTFFMjkwQzU3OEU1MDhCMDJDRDIvMkREMUVFQ0VF QzdBMTFFRUJBRTVFMzE5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwbAYIKwYBBQUHAQcBAf8E XTBbMEoEAgABMEQDBADKDmQDBALKJCQwDAMEAsoljAMEA8olkAMEAsolyAMEA8ol 4AMEAsopiAMEA8pK4AMEB9IwAAMEBNI4IAMEBtK5ADANBAIAAjAHAwUAJAVgADAN BgkqhkiG9w0BAQsFAAOCAQEAGQ03nV/n+AoYnjsE3RTipAnI9WYFk7H/A/kilkbo R8xmaZMPSWO+6X86Wdoo+iEED395H8RhPOp5WhpLCrsTlxEyuVJw+sidVd/eSicn m3mGm9EV7eZEXOMm9iuQ/YWgofaJlmaUsKgs2rRerNK44sgIZ+ePdXIhnDHJv32/ +Z64fo+ZUFXo6pdmhNddykzjxw/SwHbUNAQXbuAKZ9ZsY4ANwzL9H+mIJFBHlqg3 5BXLe5G2HgDXK20JkCZaTGac0fARg1rEY/HfRv79pyNuOYsp0W4U6S9ccIFAA9T9 TN2QDVF8BpPMA4B0cvTz5wv4VcuB54AngOKLCNGvjdaZJw== -----END CERTIFICATE-----Generated at Wed Nov 20 16:00:09 2024 by rpki-client on console-ams.rpki-client.org