$ rpki-client -vvf rpki.apnic.net/member_repository/A917B1B1/A0F0ADF0B25211E78B50FF60C4F9AE02/C1C12662CFC811EB9A5C5879C4F9AE02.roa File: C1C12662CFC811EB9A5C5879C4F9AE02.roa (raw, json) Hash identifier: NtyIg/qsbxBW29uVmnc48ijTWNNWD33eAJJJQi88bGk= Subject key identifier: 68:09:39:3A:08:BE:23:4F:85:D6:6C:6B:93:EF:E8:D2:44:3D:3C:B7 Certificate issuer: /CN=A917B1B1/serialNumber=62CFB610E9650FE3C8002BC617B705724D2A02DD Certificate serial: 16E3 Authority key identifier: 62:CF:B6:10:E9:65:0F:E3:C8:00:2B:C6:17:B7:05:72:4D:2A:02:DD Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ys-2EOllD-PIACvGF7cFck0qAt0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917B1B1/A0F0ADF0B25211E78B50FF60C4F9AE02/C1C12662CFC811EB9A5C5879C4F9AE02.roa Signing time: Thu 14 Sep 2023 16:54:13 +0000 ROA not before: Thu 14 Sep 2023 16:54:13 +0000 ROA not after: Thu 31 Oct 2024 00:00:00 +0000 asID: 55792 IP address blocks: 27.122.16.0/20 maxlen: 24 103.3.168.0/22 maxlen: 24 202.95.192.0/20 maxlen: 24 2400:9300::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917B1B1/A0F0ADF0B25211E78B50FF60C4F9AE02/Ys-2EOllD-PIACvGF7cFck0qAt0.crl rsync://rpki.apnic.net/member_repository/A917B1B1/A0F0ADF0B25211E78B50FF60C4F9AE02/Ys-2EOllD-PIACvGF7cFck0qAt0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ys-2EOllD-PIACvGF7cFck0qAt0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 15 May 2024 02:42:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5859 (0x16e3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917B1B1/serialNumber=62CFB610E9650FE3C8002BC617B705724D2A02DD Validity Not Before: Sep 14 16:54:13 2023 GMT Not After : Oct 31 00:00:00 2024 GMT Subject: CN=65033ab5-7ea3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:56:70:8a:96:f8:a4:b4:d5:59:89:16:f6:66: 6c:cb:46:b1:17:fc:d3:67:d2:4b:7a:95:dd:e4:f7: 51:d7:8a:1c:ef:81:ab:bc:a9:cc:f5:2c:ab:e5:1e: 5a:28:6e:a2:aa:bf:60:9d:08:23:50:b8:4c:76:f1: 59:08:67:02:0c:e0:d6:79:33:ca:23:6e:75:67:20: 47:13:5d:00:dd:28:b5:62:26:80:1c:99:65:0c:fc: 17:b9:e7:d4:53:56:f9:90:af:ee:06:8d:ee:0a:83: c9:de:88:a9:86:16:d1:84:3a:d9:99:3b:74:4d:4d: cb:50:8f:33:3c:be:0d:34:41:cf:ec:c7:cc:4e:67: d4:ae:57:88:b5:1b:62:c5:52:d1:f2:ec:a9:d4:18: 98:a4:46:00:dc:63:3b:99:72:1f:0f:c9:80:90:c1: cf:d8:6d:c3:11:59:d8:ea:09:a8:d5:4c:fc:ef:20: 3a:d0:c6:e3:06:f6:d4:4d:4a:f8:99:d4:cf:91:db: 0d:d1:1c:5b:70:aa:fe:83:a1:ae:f9:a1:1a:ca:69: d3:d8:2b:aa:ba:d6:7b:0c:75:9f:a1:81:cc:80:56: 32:23:6c:c6:6f:5b:26:b7:fe:23:53:4d:69:00:0c: 98:fb:19:c7:60:12:4a:6a:90:2f:f3:73:5f:92:fe: 05:c7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 68:09:39:3A:08:BE:23:4F:85:D6:6C:6B:93:EF:E8:D2:44:3D:3C:B7 X509v3 Authority Key Identifier: keyid:62:CF:B6:10:E9:65:0F:E3:C8:00:2B:C6:17:B7:05:72:4D:2A:02:DD X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917B1B1/A0F0ADF0B25211E78B50FF60C4F9AE02/Ys-2EOllD-PIACvGF7cFck0qAt0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ys-2EOllD-PIACvGF7cFck0qAt0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917B1B1/A0F0ADF0B25211E78B50FF60C4F9AE02/C1C12662CFC811EB9A5C5879C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 27.122.16.0/20 103.3.168.0/22 202.95.192.0/20 IPv6: 2400:9300::/32 Signature Algorithm: sha256WithRSAEncryption 5b:80:da:1b:39:b3:b6:0c:6b:9f:50:63:2e:39:16:c1:d2:de: a5:ed:29:5b:21:37:16:08:53:aa:05:07:07:86:b4:b1:9e:98: 2b:40:72:aa:0c:38:40:4f:0b:93:4b:d6:43:bc:b3:26:8e:0d: c2:15:73:8e:87:47:45:81:cf:a6:3b:0e:8b:88:c5:31:f0:ad: a9:fe:ae:90:97:a8:9b:4a:74:cb:5d:ae:c9:06:bb:c2:b2:66: 8d:90:3d:f8:fa:2b:a0:c5:44:99:7e:1d:21:56:45:bf:4a:90: 22:db:52:b1:72:2c:b5:26:e0:f6:1f:5f:7b:24:16:38:db:52: 5d:32:af:bd:4b:02:77:01:aa:44:9b:f9:fb:05:36:b3:39:0b: 8c:15:83:b7:fb:d9:7e:00:79:8f:67:a0:b8:c4:d0:4d:74:f0: 36:08:88:28:c9:c1:5c:87:d8:bc:7d:42:87:17:27:c8:ab:56: 91:7e:d9:2f:34:5a:52:3e:99:72:af:4e:4c:ed:3b:5a:47:25: ab:53:cf:74:27:f7:88:ea:c7:99:5e:79:2d:f6:0f:3c:48:50: e4:9f:a0:1e:cd:e1:bc:07:d8:80:83:23:c2:da:b6:58:b7:5c: db:89:da:03:f2:13:2e:cd:2a:03:b0:ec:d8:d3:e5:2d:34:09: 47:3e:bc:e8 -----BEGIN CERTIFICATE----- MIIFjDCCBHSgAwIBAgICFuMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0IxQjExMTAvBgNVBAUTKDYyQ0ZCNjEwRTk2NTBGRTNDODAwMkJDNjE3QjcwNTcy NEQyQTAyREQwHhcNMjMwOTE0MTY1NDEzWhcNMjQxMDMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NTAzM2FiNS03ZWEzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAu1Zwipb4pLTVWYkW9mZsy0axF/zTZ9JLepXd5PdR14oc74GrvKnM9Syr5R5a KG6iqr9gnQgjULhMdvFZCGcCDODWeTPKI251ZyBHE10A3Si1YiaAHJllDPwXuefU U1b5kK/uBo3uCoPJ3oiphhbRhDrZmTt0TU3LUI8zPL4NNEHP7MfMTmfUrleItRti xVLR8uyp1BiYpEYA3GM7mXIfD8mAkMHP2G3DEVnY6gmo1Uz87yA60MbjBvbUTUr4 mdTPkdsN0RxbcKr+g6Gu+aEaymnT2CuqutZ7DHWfoYHMgFYyI2zGb1smt/4jU01p AAyY+xnHYBJKapAv83Nfkv4FxwIDAQABo4ICsDCCAqwwHQYDVR0OBBYEFGgJOToI viNPhdZsa5Pv6NJEPTy3MB8GA1UdIwQYMBaAFGLPthDpZQ/jyAArxhe3BXJNKgLd MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3QjFCMS9BMEYwQURGMEIy NTIxMUU3OEI1MEZGNjBDNEY5QUUwMi9Zcy0yRU9sbEQtUElBQ3ZHRjdjRmNrMHFB dDAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1lzLTJFT2xsRC1QSUFDdkdGN2NGY2swcUF0MC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx N0IxQjEvQTBGMEFERjBCMjUyMTFFNzhCNTBGRjYwQzRGOUFFMDIvQzFDMTI2NjJD RkM4MTFFQjlBNUM1ODc5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOgYIKwYBBQUHAQcBAf8E KzApMBgEAgABMBIDBAQbehADBAJnA6gDBATKX8AwDQQCAAIwBwMFACQAkwAwDQYJ KoZIhvcNAQELBQADggEBAFuA2hs5s7YMa59QYy45FsHS3qXtKVshNxYIU6oFBweG tLGemCtAcqoMOEBPC5NL1kO8syaODcIVc46HR0WBz6Y7DouIxTHwran+rpCXqJtK dMtdrskGu8KyZo2QPfj6K6DFRJl+HSFWRb9KkCLbUrFyLLUm4PYfX3skFjjbUl0y r71LAncBqkSb+fsFNrM5C4wVg7f72X4AeY9noLjE0E108DYIiCjJwVyH2Lx9QocX J8irVpF+2S80WlI+mXKvTkztO1pHJatTz3Qn94jqx5leeS32DzxIUOSfoB7N4bwH 2ICDI8Latli3XNuJ2gPyEy7NKgOw7NjT5S00CUc+vOg= -----END CERTIFICATE-----Generated at Fri May 10 20:05:28 2024 by rpki-client on console-fra.rpki-client.org