$ rpki-client -vvf rpki.apnic.net/member_repository/A917F247/6D22EAF08F0311ECA5C9FE12C4F9AE02/CA2F11AE8F0511ECB2497B14C4F9AE02.roa File: CA2F11AE8F0511ECB2497B14C4F9AE02.roa (raw, json) Hash identifier: X4rrrwyNxTqsuGYOFQJqdYKkuFCqgMWYgfh9t7Pa35U= Subject key identifier: D0:87:3D:D6:DE:07:3A:60:A7:6A:F7:8B:1F:72:DD:3D:30:71:C7:9F Certificate issuer: /CN=A917F247/serialNumber=904A235CB4747E08600FC1D26B93F51C4674EBAA Certificate serial: 02C1 Authority key identifier: 90:4A:23:5C:B4:74:7E:08:60:0F:C1:D2:6B:93:F5:1C:46:74:EB:AA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kEojXLR0fghgD8HSa5P1HEZ066o.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917F247/6D22EAF08F0311ECA5C9FE12C4F9AE02/CA2F11AE8F0511ECB2497B14C4F9AE02.roa Signing time: Thu 07 Dec 2023 02:54:05 +0000 ROA not before: Thu 07 Dec 2023 02:54:05 +0000 ROA not after: Fri 31 Jan 2025 00:00:00 +0000 asID: 6453 IP address blocks: 14.137.32.0/19 maxlen: 24 103.70.64.0/22 maxlen: 24 103.103.60.0/22 maxlen: 24 182.54.144.0/22 maxlen: 24 182.255.28.0/22 maxlen: 24 202.5.112.0/20 maxlen: 24 203.2.130.0/23 maxlen: 24 203.8.206.0/23 maxlen: 24 203.21.140.0/22 maxlen: 24 203.24.104.0/22 maxlen: 24 203.27.96.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917F247/6D22EAF08F0311ECA5C9FE12C4F9AE02/kEojXLR0fghgD8HSa5P1HEZ066o.crl rsync://rpki.apnic.net/member_repository/A917F247/6D22EAF08F0311ECA5C9FE12C4F9AE02/kEojXLR0fghgD8HSa5P1HEZ066o.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kEojXLR0fghgD8HSa5P1HEZ066o.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 08 Jun 2024 04:09:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 705 (0x2c1) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917F247/serialNumber=904A235CB4747E08600FC1D26B93F51C4674EBAA Validity Not Before: Dec 7 02:54:05 2023 GMT Not After : Jan 31 00:00:00 2025 GMT Subject: CN=657133cd-1825 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:b2:8c:42:c9:d5:12:56:39:5c:95:68:34:2e: 9b:c8:b1:cd:54:7d:98:c6:bc:b5:31:c3:dc:9b:36: 8f:b9:f2:f5:99:b9:d1:5e:3e:31:f8:e3:b0:15:6b: 99:5f:e1:c6:c3:09:96:0b:63:02:26:ed:44:26:82: 7a:48:a7:9d:91:9f:24:ce:ae:45:b3:12:3a:f3:0a: 24:12:87:c4:68:e6:42:c2:a5:e0:25:c0:b3:db:78: 65:71:f3:5d:04:cd:9d:22:76:32:e2:19:01:ad:62: 33:9b:8c:b8:3b:fd:8a:d3:c3:49:19:01:f5:cd:d7: 68:85:b9:3e:87:4c:77:60:e9:0f:23:af:bd:b9:ee: 99:a4:21:88:73:13:dd:1d:9f:0c:13:67:f8:02:19: d3:46:40:87:63:ba:f3:7d:8c:31:ac:b0:28:60:4b: 9a:0a:48:09:73:9a:2d:12:46:83:a4:53:92:dc:28: e9:1d:c3:8f:69:53:02:ca:e4:02:e2:3e:6f:94:90: 1b:cc:2d:97:b5:0a:21:4c:dd:f1:be:b7:1c:34:43: ec:14:05:12:49:bb:1d:a2:58:9e:dc:53:d3:5c:df: 2f:e2:3d:29:c4:06:a7:d7:0b:a5:ea:0f:b7:e3:d3: 5e:f7:43:ef:db:82:77:7f:3c:ae:12:2c:cd:29:2e: 2f:e1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D0:87:3D:D6:DE:07:3A:60:A7:6A:F7:8B:1F:72:DD:3D:30:71:C7:9F X509v3 Authority Key Identifier: keyid:90:4A:23:5C:B4:74:7E:08:60:0F:C1:D2:6B:93:F5:1C:46:74:EB:AA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917F247/6D22EAF08F0311ECA5C9FE12C4F9AE02/kEojXLR0fghgD8HSa5P1HEZ066o.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kEojXLR0fghgD8HSa5P1HEZ066o.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917F247/6D22EAF08F0311ECA5C9FE12C4F9AE02/CA2F11AE8F0511ECB2497B14C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 14.137.32.0/19 103.70.64.0/22 103.103.60.0/22 182.54.144.0/22 182.255.28.0/22 202.5.112.0/20 203.2.130.0/23 203.8.206.0/23 203.21.140.0/22 203.24.104.0/22 203.27.96.0/23 Signature Algorithm: sha256WithRSAEncryption 5d:6c:46:8f:8c:42:e3:34:7d:a2:e2:6a:20:e5:cd:6f:41:03: 80:c0:e7:7d:09:89:d8:8e:2b:03:e0:e9:77:86:1e:b1:7e:73: 5a:96:e2:89:4e:3a:8b:f9:7a:ae:96:b7:4b:82:7e:e9:69:04: d9:4a:10:d3:8e:74:7a:c3:f4:da:ed:a9:26:cb:60:54:12:dd: 6a:9a:85:c9:b4:d7:79:5b:ec:5a:47:6f:bb:9d:0e:10:4d:bd: 81:36:29:7d:bb:04:a2:cb:1e:58:9d:f8:40:39:66:3c:12:ea: aa:df:20:66:d5:61:ef:74:07:77:3d:a0:bb:f1:ef:c5:c9:7e: ea:4d:58:02:04:5c:41:c6:6e:49:6d:9b:ae:cf:03:41:78:b0: e7:d6:db:b3:bb:f3:06:b6:27:b5:3e:db:2d:8b:36:68:8d:6d: 3b:80:cf:f5:1c:fa:56:f0:3c:41:75:d7:e8:bf:49:a6:0e:03: 85:88:e0:51:86:26:6e:a9:e0:4c:18:90:cc:4b:47:f8:a9:9c: bb:79:5c:bc:8a:d5:69:94:47:ee:4d:01:48:b9:8a:d7:ad:43: 7c:fc:2b:37:c1:e3:f7:8a:70:b8:cd:9f:07:18:83:15:8d:dc: ed:ba:10:6e:2f:6d:aa:7d:67:9d:7f:66:de:5c:57:41:e6:d8: ff:75:d9:03 -----BEGIN CERTIFICATE----- MIIFrTCCBJWgAwIBAgICAsEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0YyNDcxMTAvBgNVBAUTKDkwNEEyMzVDQjQ3NDdFMDg2MDBGQzFEMjZCOTNGNTFD NDY3NEVCQUEwHhcNMjMxMjA3MDI1NDA1WhcNMjUwMTMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NTcxMzNjZC0xODI1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAr7KMQsnVElY5XJVoNC6byLHNVH2Yxry1McPcmzaPufL1mbnRXj4x+OOwFWuZ X+HGwwmWC2MCJu1EJoJ6SKedkZ8kzq5FsxI68wokEofEaOZCwqXgJcCz23hlcfNd BM2dInYy4hkBrWIzm4y4O/2K08NJGQH1zddohbk+h0x3YOkPI6+9ue6ZpCGIcxPd HZ8ME2f4AhnTRkCHY7rzfYwxrLAoYEuaCkgJc5otEkaDpFOS3CjpHcOPaVMCyuQC 4j5vlJAbzC2XtQohTN3xvrccNEPsFAUSSbsdolie3FPTXN8v4j0pxAan1wul6g+3 49Ne90Pv24J3fzyuEizNKS4v4QIDAQABo4IC0TCCAs0wHQYDVR0OBBYEFNCHPdbe Bzpgp2r3ix9y3T0wccefMB8GA1UdIwQYMBaAFJBKI1y0dH4IYA/B0muT9RxGdOuq MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3RjI0Ny82RDIyRUFGMDhG MDMxMUVDQTVDOUZFMTJDNEY5QUUwMi9rRW9qWExSMGZnaGdEOEhTYTVQMUhFWjA2 Nm8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2tFb2pYTFIwZmdoZ0Q4SFNhNVAxSEVaMDY2by5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx N0YyNDcvNkQyMkVBRjA4RjAzMTFFQ0E1QzlGRTEyQzRGOUFFMDIvQ0EyRjExQUU4 RjA1MTFFQ0IyNDk3QjE0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwWwYIKwYBBQUHAQcBAf8E TDBKMEgEAgABMEIDBAUOiSADBAJnRkADBAJnZzwDBAK2NpADBAK2/xwDBATKBXAD BAHLAoIDBAHLCM4DBALLFYwDBALLGGgDBAHLG2AwDQYJKoZIhvcNAQELBQADggEB AF1sRo+MQuM0faLiaiDlzW9BA4DA530JidiOKwPg6XeGHrF+c1qW4olOOov5eq6W t0uCfulpBNlKENOOdHrD9NrtqSbLYFQS3Wqahcm013lb7FpHb7udDhBNvYE2KX27 BKLLHlid+EA5ZjwS6qrfIGbVYe90B3c9oLvx78XJfupNWAIEXEHGbkltm67PA0F4 sOfW27O78wa2J7U+2y2LNmiNbTuAz/Uc+lbwPEF11+i/SaYOA4WI4FGGJm6p4EwY kMxLR/ipnLt5XLyK1WmUR+5NAUi5itetQ3z8KzfB4/eKcLjNnwcYgxWN3O26EG4v bap9Z51/Zt5cV0Hm2P912QM= -----END CERTIFICATE-----Generated at Sat Jun 1 04:59:03 2024 by rpki-client on console-fra.rpki-client.org