$ rpki-client -vvf rpki.apnic.net/member_repository/A91795CA/63473756980611EBA87E2765C4F9AE02/2B8D76AE9BB711EBBB7BA02BC4F9AE02.roa File: 2B8D76AE9BB711EBBB7BA02BC4F9AE02.roa (raw, json) Hash identifier: GBv0Bwrza6PzeZcBlfUxDT4tM9xuaZtoH+l5x8EcaKE= Subject key identifier: 29:E8:23:3A:11:28:4F:B2:65:43:09:62:E6:97:46:B2:59:C1:D2:52 Certificate issuer: /CN=A91795CA/serialNumber=917915195C971AB441FDDEDE6FF3CD372E754CB5 Certificate serial: 0568 Authority key identifier: 91:79:15:19:5C:97:1A:B4:41:FD:DE:DE:6F:F3:CD:37:2E:75:4C:B5 Authority info access: rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/kXkVGVyXGrRB_d7eb_PNNy51TLU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91795CA/63473756980611EBA87E2765C4F9AE02/2B8D76AE9BB711EBBB7BA02BC4F9AE02.roa Signing time: Wed 01 May 2024 01:03:23 +0000 ROA not before: Wed 01 May 2024 01:03:23 +0000 ROA not after: Tue 01 Jul 2025 00:00:00 +0000 asID: 141995 IP address blocks: 194.233.64.0/22 maxlen: 22 194.233.68.0/22 maxlen: 22 194.233.72.0/22 maxlen: 22 194.233.76.0/22 maxlen: 22 194.233.80.0/22 maxlen: 22 194.233.84.0/22 maxlen: 22 194.233.88.0/22 maxlen: 22 194.233.92.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91795CA/63473756980611EBA87E2765C4F9AE02/kXkVGVyXGrRB_d7eb_PNNy51TLU.crl rsync://rpki.apnic.net/member_repository/A91795CA/63473756980611EBA87E2765C4F9AE02/kXkVGVyXGrRB_d7eb_PNNy51TLU.mft rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/kXkVGVyXGrRB_d7eb_PNNy51TLU.cer rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.crl rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Nov 2024 20:44:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1384 (0x568) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91795CA/serialNumber=917915195C971AB441FDDEDE6FF3CD372E754CB5 Validity Not Before: May 1 01:03:23 2024 GMT Not After : Jul 1 00:00:00 2025 GMT Subject: CN=663194db-89db Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:41:28:28:f1:95:29:75:3d:54:c6:d5:ff:0b: 30:b9:48:4d:95:f9:c7:7b:6d:3f:9c:58:04:45:b0: 09:21:69:e4:14:3e:14:ba:06:36:d8:81:5c:54:e8: e8:be:17:f2:fe:d3:db:d1:19:93:f1:c3:46:60:00: 1c:04:44:f1:ad:26:e6:c9:ed:e4:7a:2e:25:61:60: 17:3c:5c:f5:16:98:66:40:76:e6:8e:61:c4:45:b9: 74:e1:6d:ed:94:73:47:c0:b6:ab:00:d0:5e:7d:46: 8a:85:3b:7a:81:32:37:f0:84:64:4f:d4:14:be:7d: 2d:c7:f3:39:36:8d:9b:c7:9d:3d:13:55:aa:ee:aa: 5d:9f:59:aa:8a:a3:91:bb:f0:9d:07:d3:90:98:30: 3b:f2:4e:26:df:23:58:1d:4a:46:20:9e:4e:c0:fc: 0b:f4:ca:07:9c:0d:9b:bb:44:bd:fb:2a:8e:1c:77: b4:a2:59:15:11:5d:38:86:dd:c9:34:98:1b:d4:a6: 13:7a:1e:2a:e3:5e:2f:45:17:64:86:e9:04:6b:1c: 84:dd:a7:95:f9:4e:0c:d3:2e:71:af:72:a1:9e:cf: c2:38:73:75:cc:3e:82:aa:a8:1b:60:55:a2:9b:f9: 2e:a5:d2:24:44:7c:dd:80:88:56:90:56:5e:27:15: 93:b9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 29:E8:23:3A:11:28:4F:B2:65:43:09:62:E6:97:46:B2:59:C1:D2:52 X509v3 Authority Key Identifier: keyid:91:79:15:19:5C:97:1A:B4:41:FD:DE:DE:6F:F3:CD:37:2E:75:4C:B5 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91795CA/63473756980611EBA87E2765C4F9AE02/kXkVGVyXGrRB_d7eb_PNNy51TLU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/kXkVGVyXGrRB_d7eb_PNNy51TLU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91795CA/63473756980611EBA87E2765C4F9AE02/2B8D76AE9BB711EBBB7BA02BC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 194.233.64.0/19 Signature Algorithm: sha256WithRSAEncryption 53:3d:9c:20:e0:8f:59:c2:44:50:96:37:27:2f:d1:b5:a8:6c: 16:67:0c:1c:48:ca:4e:da:ee:54:f2:50:9b:3e:d4:a8:da:c2: ab:d6:36:ee:16:10:69:01:f5:0d:6f:f1:30:d5:08:f4:7a:d9: b1:c1:3a:87:60:c5:90:27:2d:8d:69:34:18:86:b7:e4:e1:17: 44:98:48:c9:e3:fa:19:d4:84:4c:ea:23:2b:ac:b2:99:7d:0d: fd:51:6f:36:b5:a6:80:d7:de:b7:81:f4:0e:9e:88:b8:c1:c0: 7f:ba:13:54:ba:93:84:6b:99:25:12:2b:17:ba:6c:5d:72:15: 79:2b:b0:64:7c:b3:d5:2b:29:f3:82:f2:8a:c7:43:a8:58:11: fe:b2:f8:01:e8:8e:4d:f0:d9:4b:a7:1d:00:0e:05:a4:8c:b1: 9a:9e:bb:1c:4a:c9:45:c7:d0:49:9f:80:77:77:2f:46:a2:26: ad:42:85:99:d7:81:49:e6:c7:f6:ef:84:22:94:c5:3f:13:d1: b8:d6:08:b4:72:98:24:80:1a:35:3d:28:3f:da:86:07:c5:bd: 98:51:43:49:8b:f2:79:46:ca:36:7a:b9:5e:bb:2f:a8:66:06: 80:da:f1:a6:6b:98:7d:6b:c5:fc:e8:cc:90:dd:95:e0:a0:9b: 91:ea:30:6f -----BEGIN CERTIFICATE----- MIIFcTCCBFmgAwIBAgICBWgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Nzk1Q0ExMTAvBgNVBAUTKDkxNzkxNTE5NUM5NzFBQjQ0MUZEREVERTZGRjNDRDM3 MkU3NTRDQjUwHhcNMjQwNTAxMDEwMzIzWhcNMjUwNzAxMDAwMDAwWjAYMRYwFAYD VQQDEw02NjMxOTRkYi04OWRiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvkEoKPGVKXU9VMbV/wswuUhNlfnHe20/nFgERbAJIWnkFD4UugY22IFcVOjo vhfy/tPb0RmT8cNGYAAcBETxrSbmye3kei4lYWAXPFz1FphmQHbmjmHERbl04W3t lHNHwLarANBefUaKhTt6gTI38IRkT9QUvn0tx/M5No2bx509E1Wq7qpdn1mqiqOR u/CdB9OQmDA78k4m3yNYHUpGIJ5OwPwL9MoHnA2bu0S9+yqOHHe0olkVEV04ht3J NJgb1KYTeh4q414vRRdkhukEaxyE3aeV+U4M0y5xr3Khns/COHN1zD6CqqgbYFWi m/kupdIkRHzdgIhWkFZeJxWTuQIDAQABo4IClTCCApEwHQYDVR0OBBYEFCnoIzoR KE+yZUMJYuaXRrJZwdJSMB8GA1UdIwQYMBaAFJF5FRlclxq0Qf3e3m/zzTcudUy1 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3OTVDQS82MzQ3Mzc1Njk4 MDYxMUVCQTg3RTI3NjVDNEY5QUUwMi9rWGtWR1Z5WEdyUkJfZDdlYl9QTk55NTFU TFUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzMjJBNUY0MUQ2NjExRTJBM0YyN0Y3Qzcy RkQxRkYyL2tYa1ZHVnlYR3JSQl9kN2ViX1BOTnk1MVRMVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx Nzk1Q0EvNjM0NzM3NTY5ODA2MTFFQkE4N0UyNzY1QzRGOUFFMDIvMkI4RDc2QUU5 QkI3MTFFQkJCN0JBMDJCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E EDAOMAwEAgABMAYDBAXC6UAwDQYJKoZIhvcNAQELBQADggEBAFM9nCDgj1nCRFCW Nycv0bWobBZnDBxIyk7a7lTyUJs+1KjawqvWNu4WEGkB9Q1v8TDVCPR62bHBOodg xZAnLY1pNBiGt+ThF0SYSMnj+hnUhEzqIyusspl9Df1Rbza1poDX3reB9A6eiLjB wH+6E1S6k4RrmSUSKxe6bF1yFXkrsGR8s9UrKfOC8orHQ6hYEf6y+AHojk3w2Uun HQAOBaSMsZqeuxxKyUXH0EmfgHd3L0aiJq1ChZnXgUnmx/bvhCKUxT8T0bjWCLRy mCSAGjU9KD/ahgfFvZhRQ0mL8nlGyjZ6uV67L6hmBoDa8aZrmH1rxfzozJDdleCg m5HqMG8= -----END CERTIFICATE-----Generated at Fri Nov 22 23:39:29 2024 by rpki-client on console-fra.rpki-client.org