$ rpki-client -vvf rpki.apnic.net/member_repository/A917C422/A2C738681D8511E287036ADC08B02CD2/D69F6688CD8511EBB5252063C4F9AE02.roa File: D69F6688CD8511EBB5252063C4F9AE02.roa (raw, json) Hash identifier: 1ODdrQTl4q6/w7rtOls+USY+PM8yOp3Wfi9ftx6zA0o= Subject key identifier: 05:E8:65:74:7A:3C:BE:C5:A3:D8:9C:CA:0A:3C:48:36:C7:F9:2F:BB Certificate issuer: /CN=A917C422/serialNumber=3E0CA33D76A75BA64F0DD6B06A442BE69586441A Certificate serial: 3410 Authority key identifier: 3E:0C:A3:3D:76:A7:5B:A6:4F:0D:D6:B0:6A:44:2B:E6:95:86:44:1A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PgyjPXanW6ZPDdawakQr5pWGRBo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917C422/A2C738681D8511E287036ADC08B02CD2/D69F6688CD8511EBB5252063C4F9AE02.roa Signing time: Mon 26 Aug 2024 14:40:30 +0000 ROA not before: Mon 26 Aug 2024 14:40:30 +0000 ROA not after: Fri 31 Oct 2025 00:00:00 +0000 asID: 9584 IP address blocks: 114.142.144.0/20 maxlen: 24 202.65.192.0/19 maxlen: 24 202.66.128.0/19 maxlen: 24 202.134.64.0/18 maxlen: 24 219.90.112.0/20 maxlen: 24 2001:eb0::/32 maxlen: 64 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917C422/A2C738681D8511E287036ADC08B02CD2/PgyjPXanW6ZPDdawakQr5pWGRBo.crl rsync://rpki.apnic.net/member_repository/A917C422/A2C738681D8511E287036ADC08B02CD2/PgyjPXanW6ZPDdawakQr5pWGRBo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PgyjPXanW6ZPDdawakQr5pWGRBo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Nov 2024 14:25:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13328 (0x3410) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917C422/serialNumber=3E0CA33D76A75BA64F0DD6B06A442BE69586441A Validity Not Before: Aug 26 14:40:30 2024 GMT Not After : Oct 31 00:00:00 2025 GMT Subject: CN=66cc93dd-6912 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:85:5c:4d:25:c0:15:f4:0d:70:6d:c5:43:fb: 8e:87:6e:94:92:64:78:8f:ad:25:3a:92:0f:2c:03: db:ec:15:dd:b2:60:c0:80:40:6a:c5:a9:85:1a:b8: b9:22:4f:81:51:b7:ee:4f:bd:f3:14:88:eb:6e:20: 9e:34:64:0c:2e:b0:db:d7:b5:22:eb:54:bc:f6:03: 66:77:6f:0d:de:d7:0b:98:94:cf:4b:fb:dc:19:9a: f5:69:f4:a6:80:e7:0e:a3:7d:b9:2d:4c:45:cd:e5: ce:8f:99:99:a2:3e:e0:67:d7:f5:0a:1e:80:5b:86: 83:ba:37:9e:73:6b:14:27:44:f1:e5:c7:31:29:ec: 81:a1:ea:9b:74:29:cd:4d:7c:5a:f7:25:e6:af:03: f5:59:33:cc:a1:c2:5b:e9:4c:8d:da:76:87:94:82: 7e:3d:5c:ba:90:e8:71:cb:15:8a:62:fa:47:1b:bd: 7b:c8:ff:9f:2d:ed:31:76:c8:b5:64:58:98:6a:99: 88:30:f7:64:00:37:d0:1d:be:e0:f2:cf:18:3a:b1: f8:88:f6:54:5d:e0:74:19:6c:8f:6c:75:de:0a:cd: bc:8b:bc:9d:af:bd:ff:92:5a:47:4f:7a:ec:58:a9: fb:50:e0:a7:08:a2:5d:a3:44:9a:6c:1f:57:f2:47: 57:7f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 05:E8:65:74:7A:3C:BE:C5:A3:D8:9C:CA:0A:3C:48:36:C7:F9:2F:BB X509v3 Authority Key Identifier: keyid:3E:0C:A3:3D:76:A7:5B:A6:4F:0D:D6:B0:6A:44:2B:E6:95:86:44:1A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917C422/A2C738681D8511E287036ADC08B02CD2/PgyjPXanW6ZPDdawakQr5pWGRBo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PgyjPXanW6ZPDdawakQr5pWGRBo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917C422/A2C738681D8511E287036ADC08B02CD2/D69F6688CD8511EBB5252063C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 114.142.144.0/20 202.65.192.0/19 202.66.128.0/19 202.134.64.0/18 219.90.112.0/20 IPv6: 2001:eb0::/32 Signature Algorithm: sha256WithRSAEncryption 80:96:89:a0:75:7d:f5:0b:03:3e:24:3d:b2:50:8d:d3:58:2f: 93:20:a8:01:b6:02:b3:ea:c4:10:66:c9:30:61:ff:e1:97:32: d2:7f:d3:a4:b6:09:0f:1a:88:36:e0:2e:fd:b3:e0:fb:11:18: 7e:b0:77:60:6d:f1:8e:be:60:53:c3:df:82:61:63:9c:d0:8d: 8b:65:7e:a3:08:ee:39:d5:1b:36:99:ef:06:cd:07:a8:82:8b: 1d:ea:25:fd:b8:e9:1e:7f:b3:9e:71:90:60:c1:3a:73:d5:8f: a6:3f:1f:3c:40:e6:51:10:63:db:28:56:f0:d0:21:cb:e0:36: d5:16:13:4c:a2:fd:65:cc:73:6d:1b:dd:f5:bb:6c:51:8f:80: 7f:33:eb:ed:31:e8:e8:51:e8:08:18:aa:b0:87:2d:4d:c2:be: 2c:dc:2f:c7:c1:d4:e2:1b:2a:40:58:be:58:c8:26:a6:96:0e: f4:44:42:a4:da:c1:2f:50:55:0b:c4:fc:09:55:00:37:80:4a: 0f:24:f5:5f:80:a0:f1:90:0c:84:5c:aa:4f:52:92:2c:b2:71: 37:c6:73:c3:2e:96:3d:70:06:24:d5:ae:05:69:8b:71:b4:35: ae:0f:d9:97:f1:49:64:65:45:93:27:6a:06:6a:4e:8f:90:93: ef:7a:2a:31 -----BEGIN CERTIFICATE----- MIIFmDCCBICgAwIBAgICNBAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0M0MjIxMTAvBgNVBAUTKDNFMENBMzNENzZBNzVCQTY0RjBERDZCMDZBNDQyQkU2 OTU4NjQ0MUEwHhcNMjQwODI2MTQ0MDMwWhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NmNjOTNkZC02OTEyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA2IVcTSXAFfQNcG3FQ/uOh26UkmR4j60lOpIPLAPb7BXdsmDAgEBqxamFGri5 Ik+BUbfuT73zFIjrbiCeNGQMLrDb17Ui61S89gNmd28N3tcLmJTPS/vcGZr1afSm gOcOo325LUxFzeXOj5mZoj7gZ9f1Ch6AW4aDujeec2sUJ0Tx5ccxKeyBoeqbdCnN TXxa9yXmrwP1WTPMocJb6UyN2naHlIJ+PVy6kOhxyxWKYvpHG717yP+fLe0xdsi1 ZFiYapmIMPdkADfQHb7g8s8YOrH4iPZUXeB0GWyPbHXeCs28i7ydr73/klpHT3rs WKn7UOCnCKJdo0SabB9X8kdXfwIDAQABo4ICvDCCArgwHQYDVR0OBBYEFAXoZXR6 PL7Fo9icygo8SDbH+S+7MB8GA1UdIwQYMBaAFD4Moz12p1umTw3WsGpEK+aVhkQa MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3QzQyMi9BMkM3Mzg2ODFE ODUxMUUyODcwMzZBREMwOEIwMkNEMi9QZ3lqUFhhblc2WlBEZGF3YWtRcjVwV0dS Qm8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1BneWpQWGFuVzZaUERkYXdha1FyNXBXR1JCby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx N0M0MjIvQTJDNzM4NjgxRDg1MTFFMjg3MDM2QURDMDhCMDJDRDIvRDY5RjY2ODhD RDg1MTFFQkI1MjUyMDYzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwRgYIKwYBBQUHAQcBAf8E NzA1MCQEAgABMB4DBARyjpADBAXKQcADBAXKQoADBAbKhkADBATbWnAwDQQCAAIw BwMFACABDrAwDQYJKoZIhvcNAQELBQADggEBAICWiaB1ffULAz4kPbJQjdNYL5Mg qAG2ArPqxBBmyTBh/+GXMtJ/06S2CQ8aiDbgLv2z4PsRGH6wd2Bt8Y6+YFPD34Jh Y5zQjYtlfqMI7jnVGzaZ7wbNB6iCix3qJf246R5/s55xkGDBOnPVj6Y/HzxA5lEQ Y9soVvDQIcvgNtUWE0yi/WXMc20b3fW7bFGPgH8z6+0x6OhR6AgYqrCHLU3Cvizc L8fB1OIbKkBYvljIJqaWDvREQqTawS9QVQvE/AlVADeASg8k9V+AoPGQDIRcqk9S kiyycTfGc8Mulj1wBiTVrgVpi3G0Na4P2ZfxSWRlRZMnagZqTo+Qk+96KjE= -----END CERTIFICATE-----Generated at Fri Nov 22 15:25:38 2024 by rpki-client on console-fra.rpki-client.org