$ rpki-client -vvf rpki.apnic.net/member_repository/A91862F7/5EAC61448FA611EA9ACB7E7FC4F9AE02/0619825C2F2A11ED9F62040DC4F9AE02.roa File: 0619825C2F2A11ED9F62040DC4F9AE02.roa (raw, json) Hash identifier: j+wUvNcuy3csiur4dRLemXlTJXxWi+VX69xHSYTTU1E= Subject key identifier: 36:EB:C2:DF:E3:FC:F7:F7:18:D1:FA:82:09:C5:AE:64:B2:96:D1:9C Certificate issuer: /CN=A91862F7/serialNumber=058421DE70780730473E5CC545BA0AE5DB9B4C0A Certificate serial: 08FA Authority key identifier: 05:84:21:DE:70:78:07:30:47:3E:5C:C5:45:BA:0A:E5:DB:9B:4C:0A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BYQh3nB4BzBHPlzFRboK5dubTAo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91862F7/5EAC61448FA611EA9ACB7E7FC4F9AE02/0619825C2F2A11ED9F62040DC4F9AE02.roa Signing time: Tue 13 Aug 2024 03:27:43 +0000 ROA not before: Tue 13 Aug 2024 03:27:43 +0000 ROA not after: Mon 31 Mar 2025 00:00:00 +0000 asID: 137470 IP address blocks: 202.3.0.0/24 maxlen: 24 202.3.1.0/24 maxlen: 24 202.3.2.0/24 maxlen: 24 202.3.3.0/24 maxlen: 24 202.3.4.0/24 maxlen: 24 202.3.5.0/24 maxlen: 24 203.13.216.0/24 maxlen: 24 203.13.217.0/24 maxlen: 24 203.13.218.0/24 maxlen: 24 203.13.219.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91862F7/5EAC61448FA611EA9ACB7E7FC4F9AE02/BYQh3nB4BzBHPlzFRboK5dubTAo.crl rsync://rpki.apnic.net/member_repository/A91862F7/5EAC61448FA611EA9ACB7E7FC4F9AE02/BYQh3nB4BzBHPlzFRboK5dubTAo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BYQh3nB4BzBHPlzFRboK5dubTAo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Nov 2024 17:22:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2298 (0x8fa) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862F7/serialNumber=058421DE70780730473E5CC545BA0AE5DB9B4C0A Validity Not Before: Aug 13 03:27:43 2024 GMT Not After : Mar 31 00:00:00 2025 GMT Subject: CN=66bad2af-175b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:90:bf:66:7e:b4:14:5b:23:3b:58:45:f2:bd: 94:c8:61:8f:86:91:d0:22:9e:17:bc:5b:d7:63:7f: d6:c2:65:94:b8:36:bd:35:cf:93:98:a8:9e:fa:67: 7e:02:ef:85:0b:10:b4:8a:90:db:1c:f4:df:84:5d: b9:21:77:d8:ec:6e:68:7d:0c:cd:91:06:ae:cd:9f: 83:48:76:23:9c:63:d7:19:cb:04:f3:22:22:c6:3e: a6:01:25:2b:9f:6c:8f:80:c4:e7:5f:eb:77:99:7a: da:ae:f3:39:b7:b8:53:e0:71:03:7c:3b:79:a2:98: 9f:fa:de:20:10:4d:d4:24:62:18:c1:80:2b:4c:3d: eb:2c:bc:87:40:8a:d5:ef:58:69:4f:64:ac:97:56: 38:75:e9:dd:70:53:b1:71:d7:b2:bd:48:45:13:3f: b1:15:6f:4f:74:c7:49:e2:e9:35:f7:12:aa:26:d8: 7b:4a:1f:71:8e:ff:10:fc:1a:73:cc:1d:6e:af:0d: bd:a8:95:bc:d3:f2:c1:3d:04:1c:20:ba:8b:16:09: 48:3e:a1:37:07:bd:5c:6f:0d:fe:e7:7c:20:c9:fe: 97:05:09:4e:bc:8e:f7:07:31:2e:ed:d3:46:43:42: 03:14:26:be:07:16:6a:d1:1a:02:71:f4:45:af:47: 29:c3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 36:EB:C2:DF:E3:FC:F7:F7:18:D1:FA:82:09:C5:AE:64:B2:96:D1:9C X509v3 Authority Key Identifier: keyid:05:84:21:DE:70:78:07:30:47:3E:5C:C5:45:BA:0A:E5:DB:9B:4C:0A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91862F7/5EAC61448FA611EA9ACB7E7FC4F9AE02/BYQh3nB4BzBHPlzFRboK5dubTAo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BYQh3nB4BzBHPlzFRboK5dubTAo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91862F7/5EAC61448FA611EA9ACB7E7FC4F9AE02/0619825C2F2A11ED9F62040DC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 202.3.0.0-202.3.5.255 203.13.216.0/22 Signature Algorithm: sha256WithRSAEncryption 09:7a:a7:46:2d:59:7e:40:fd:f9:dd:2b:e1:2b:19:3d:62:ec: f6:39:11:cd:c6:d9:c2:43:cc:b4:92:a7:cf:59:40:4c:32:0f: 37:54:e8:ff:d3:4e:c2:6c:53:da:1c:49:dd:11:8b:ae:48:ef: d9:b6:98:c2:49:e6:74:2d:0e:c8:64:f6:74:fd:57:1b:16:38: ab:7f:72:74:65:46:bb:75:11:6d:c4:30:9a:89:ae:46:18:05: 49:fa:4b:19:80:b2:8d:9a:67:7e:7b:7d:38:8c:63:6f:df:b4: 6c:97:8f:7b:bd:55:6b:11:65:ab:47:99:de:dd:78:73:72:6f: c5:47:75:fc:71:e9:4c:72:3d:9c:3f:63:40:30:7b:7e:53:c4: b7:22:10:1d:c0:e9:53:a3:87:61:ca:f3:d5:dd:a0:14:79:7c: c5:65:b6:b7:3a:89:2d:51:83:cb:89:7c:f9:be:56:06:da:60: bf:71:bb:cf:bb:6e:f6:6c:77:cc:12:d7:56:b0:1e:ff:66:d6: 8a:cb:13:1a:81:42:4a:6f:9a:1b:99:dc:06:30:e7:37:52:bf: 6a:8f:cb:6d:33:bb:09:24:14:97:9a:f2:3e:e7:87:df:b5:8f: 17:7b:c7:cb:5d:f4:01:e9:62:14:c8:a6:b5:e8:13:87:e9:73: 45:e7:fe:fb -----BEGIN CERTIFICATE----- MIIFfjCCBGagAwIBAgICCPowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx ODYyRjcxMTAvBgNVBAUTKDA1ODQyMURFNzA3ODA3MzA0NzNFNUNDNTQ1QkEwQUU1 REI5QjRDMEEwHhcNMjQwODEzMDMyNzQzWhcNMjUwMzMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NmJhZDJhZi0xNzViMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA15C/Zn60FFsjO1hF8r2UyGGPhpHQIp4XvFvXY3/WwmWUuDa9Nc+TmKie+md+ Au+FCxC0ipDbHPTfhF25IXfY7G5ofQzNkQauzZ+DSHYjnGPXGcsE8yIixj6mASUr n2yPgMTnX+t3mXrarvM5t7hT4HEDfDt5opif+t4gEE3UJGIYwYArTD3rLLyHQIrV 71hpT2Ssl1Y4dendcFOxcdeyvUhFEz+xFW9PdMdJ4uk19xKqJth7Sh9xjv8Q/Bpz zB1urw29qJW80/LBPQQcILqLFglIPqE3B71cbw3+53wgyf6XBQlOvI73BzEu7dNG Q0IDFCa+BxZq0RoCcfRFr0cpwwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFDbrwt/j /Pf3GNH6ggnFrmSyltGcMB8GA1UdIwQYMBaAFAWEId5weAcwRz5cxUW6CuXbm0wK MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4NjJGNy81RUFDNjE0NDhG QTYxMUVBOUFDQjdFN0ZDNEY5QUUwMi9CWVFoM25CNEJ6QkhQbHpGUmJvSzVkdWJU QW8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0JZUWgzbkI0QnpCSFBsekZSYm9LNWR1YlRBby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx ODYyRjcvNUVBQzYxNDQ4RkE2MTFFQTlBQ0I3RTdGQzRGOUFFMDIvMDYxOTgyNUMy RjJBMTFFRDlGNjIwNDBEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLAYIKwYBBQUHAQcBAf8E HTAbMBkEAgABMBMwCwMDAMoDAwQBygMEAwQCyw3YMA0GCSqGSIb3DQEBCwUAA4IB AQAJeqdGLVl+QP353SvhKxk9Yuz2ORHNxtnCQ8y0kqfPWUBMMg83VOj/007CbFPa HEndEYuuSO/ZtpjCSeZ0LQ7IZPZ0/VcbFjirf3J0ZUa7dRFtxDCaia5GGAVJ+ksZ gLKNmmd+e304jGNv37Rsl497vVVrEWWrR5ne3Xhzcm/FR3X8celMcj2cP2NAMHt+ U8S3IhAdwOlTo4dhyvPV3aAUeXzFZba3OoktUYPLiXz5vlYG2mC/cbvPu272bHfM EtdWsB7/ZtaKyxMagUJKb5obmdwGMOc3Ur9qj8ttM7sJJBSXmvI+54fftY8Xe8fL XfQB6WIUyKa16BOH6XNF5/77 -----END CERTIFICATE-----Generated at Fri Nov 22 19:45:00 2024 by rpki-client on console-fra.rpki-client.org