$ rpki-client -vvf rpki.apnic.net/member_repository/A91919EA/6D463CFE04FD11EA82CCCA18C4F9AE02/48366FBA072D11EAAE8E1D56C4F9AE02.roa File: 48366FBA072D11EAAE8E1D56C4F9AE02.roa (raw, json) Hash identifier: 6VcgZkUFaRXSrU6uuGyZ8vIpQ8pVo6uQn+n+Mfvx2z0= Subject key identifier: 43:A7:2D:FB:A3:2C:15:B7:FF:68:4D:B3:32:4E:A2:AD:2B:47:09:F6 Certificate issuer: /CN=A91919EA/serialNumber=7B01CACC170FE6A61B20304185E868946DF7285A Certificate serial: 0E9F Authority key identifier: 7B:01:CA:CC:17:0F:E6:A6:1B:20:30:41:85:E8:68:94:6D:F7:28:5A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ewHKzBcP5qYbIDBBheholG33KFo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91919EA/6D463CFE04FD11EA82CCCA18C4F9AE02/48366FBA072D11EAAE8E1D56C4F9AE02.roa Signing time: Thu 29 Feb 2024 19:38:09 +0000 ROA not before: Thu 29 Feb 2024 19:38:09 +0000 ROA not after: Thu 01 May 2025 00:00:00 +0000 asID: 397226 IP address blocks: 120.29.252.0/24 maxlen: 24 120.29.253.0/24 maxlen: 24 120.29.254.0/24 maxlen: 24 203.17.72.0/24 maxlen: 24 2001:dcd:1::/48 maxlen: 48 2001:dcd:2::/48 maxlen: 48 2001:dcd:3::/48 maxlen: 48 2001:dcd:4::/48 maxlen: 48 2001:dcd:5::/48 maxlen: 48 2001:dcd:6::/48 maxlen: 48 2001:dcd:7::/48 maxlen: 48 2001:dcd:dd05::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91919EA/6D463CFE04FD11EA82CCCA18C4F9AE02/ewHKzBcP5qYbIDBBheholG33KFo.crl rsync://rpki.apnic.net/member_repository/A91919EA/6D463CFE04FD11EA82CCCA18C4F9AE02/ewHKzBcP5qYbIDBBheholG33KFo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ewHKzBcP5qYbIDBBheholG33KFo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 Nov 2024 18:21:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3743 (0xe9f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91919EA/serialNumber=7B01CACC170FE6A61B20304185E868946DF7285A Validity Not Before: Feb 29 19:38:09 2024 GMT Not After : May 1 00:00:00 2025 GMT Subject: CN=65e0dd20-fa90 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:0c:b7:4a:77:e7:32:e9:df:ce:94:b3:67:9d: 82:85:43:24:b6:cc:c1:fd:83:f9:cb:27:45:a4:59: 66:e3:67:31:8e:64:4c:d0:1d:67:ef:ba:c9:de:39: 4c:08:4d:52:ec:36:36:20:85:7e:79:8e:92:e4:31: a0:da:72:ce:28:5c:5c:f7:89:22:eb:7a:87:78:39: e1:fd:f5:bf:30:66:d6:09:77:fc:55:be:20:5c:88: 01:0a:42:d0:34:0b:ba:7b:61:89:d7:ab:85:97:78: e6:c2:a7:98:90:bf:b0:c2:82:15:45:81:eb:b5:c5: f9:a6:24:13:bd:8c:5b:bc:7c:aa:36:26:c3:9b:28: ed:2c:7e:35:8d:d8:0b:36:9d:b4:1d:6a:80:32:ec: 25:3d:2b:b9:ee:94:85:b9:eb:3e:e9:32:6d:ee:7f: 8a:95:37:10:55:12:4f:0a:da:66:46:ac:e4:ba:3c: 00:4a:0f:f2:5d:0e:f4:7b:9d:09:fa:c3:ee:85:f0: b7:ab:ef:4c:8f:b9:9d:3b:19:5b:9a:d7:93:97:8a: 73:2b:2b:46:fc:fe:e3:b8:0c:01:6c:34:64:02:28: 28:95:4b:1f:9e:17:9b:09:70:29:3c:94:08:9c:63: f3:32:9b:18:15:13:dc:f8:2a:fb:4a:65:23:5a:55: 7e:d7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 43:A7:2D:FB:A3:2C:15:B7:FF:68:4D:B3:32:4E:A2:AD:2B:47:09:F6 X509v3 Authority Key Identifier: keyid:7B:01:CA:CC:17:0F:E6:A6:1B:20:30:41:85:E8:68:94:6D:F7:28:5A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91919EA/6D463CFE04FD11EA82CCCA18C4F9AE02/ewHKzBcP5qYbIDBBheholG33KFo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ewHKzBcP5qYbIDBBheholG33KFo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91919EA/6D463CFE04FD11EA82CCCA18C4F9AE02/48366FBA072D11EAAE8E1D56C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 120.29.252.0-120.29.254.255 203.17.72.0/24 IPv6: 2001:dcd:1::-2001:dcd:7:ffff:ffff:ffff:ffff:ffff 2001:dcd:dd05::/48 Signature Algorithm: sha256WithRSAEncryption 91:68:e4:04:b4:ab:84:61:d3:75:33:b6:cb:93:f4:df:01:fe: 74:aa:d0:11:7f:d8:1d:fa:f0:ad:8c:d8:fd:72:7c:24:cf:b9: 30:8e:4f:ff:0d:fd:34:72:ec:7e:59:85:ed:58:4b:e8:80:2c: fc:1e:75:ac:85:fe:56:4f:bc:5a:43:36:ad:ec:0b:b0:f8:59: d4:0d:2a:0a:9e:05:b2:eb:f2:36:fc:ab:e4:fd:d1:55:67:51: 0e:0f:6d:9e:0c:6a:f7:60:cc:01:b3:e1:cd:45:0c:2c:aa:a6: de:e5:56:b6:a3:25:12:84:65:d4:47:3d:9a:5c:05:e7:f0:57: 7f:84:9a:04:86:e0:a9:77:fa:7c:ef:2c:6b:32:8f:a9:f9:ce: d0:ef:a9:08:74:61:9f:75:0a:54:f9:d8:c0:3c:00:00:7b:f0: 4a:a8:73:c8:00:be:87:48:3a:bb:67:4e:94:94:71:83:f0:c6: 66:bb:9b:17:5a:0e:bf:1c:87:fc:39:75:d9:86:17:16:34:52: 61:75:53:5b:3d:17:7e:7b:cc:eb:64:29:bd:6c:a5:f3:cc:0d: b4:0f:75:c2:b0:85:ed:bb:e3:4f:45:5d:63:a5:ba:b3:dc:36: 11:35:f7:5d:e7:70:12:87:6a:53:2d:1d:4a:45:a7:26:7b:a0: d2:b8:c0:e6 -----BEGIN CERTIFICATE----- MIIFpDCCBIygAwIBAgICDp8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OTE5RUExMTAvBgNVBAUTKDdCMDFDQUNDMTcwRkU2QTYxQjIwMzA0MTg1RTg2ODk0 NkRGNzI4NUEwHhcNMjQwMjI5MTkzODA5WhcNMjUwNTAxMDAwMDAwWjAYMRYwFAYD VQQDEw02NWUwZGQyMC1mYTkwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvwy3SnfnMunfzpSzZ52ChUMktszB/YP5yydFpFlm42cxjmRM0B1n77rJ3jlM CE1S7DY2IIV+eY6S5DGg2nLOKFxc94ki63qHeDnh/fW/MGbWCXf8Vb4gXIgBCkLQ NAu6e2GJ16uFl3jmwqeYkL+wwoIVRYHrtcX5piQTvYxbvHyqNibDmyjtLH41jdgL Np20HWqAMuwlPSu57pSFues+6TJt7n+KlTcQVRJPCtpmRqzkujwASg/yXQ70e50J +sPuhfC3q+9Mj7mdOxlbmteTl4pzKytG/P7juAwBbDRkAigolUsfnhebCXApPJQI nGPzMpsYFRPc+Cr7SmUjWlV+1wIDAQABo4ICyDCCAsQwHQYDVR0OBBYEFEOnLfuj LBW3/2hNszJOoq0rRwn2MB8GA1UdIwQYMBaAFHsByswXD+amGyAwQYXoaJRt9yha MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5MTlFQS82RDQ2M0NGRTA0 RkQxMUVBODJDQ0NBMThDNEY5QUUwMi9ld0hLekJjUDVxWWJJREJCaGVob2xHMzNL Rm8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2V3SEt6QmNQNXFZYklEQkJoZWhvbEczM0tGby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx OTE5RUEvNkQ0NjNDRkUwNEZEMTFFQTgyQ0NDQTE4QzRGOUFFMDIvNDgzNjZGQkEw NzJEMTFFQUFFOEUxRDU2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwUgYIKwYBBQUHAQcBAf8E QzBBMBoEAgABMBQwDAMEAngd/AMEAHgd/gMEAMsRSDAjBAIAAjAdMBIDBwAgAQ3N AAEDBwMgAQ3NAAADBwAgAQ3N3QUwDQYJKoZIhvcNAQELBQADggEBAJFo5AS0q4Rh 03UztsuT9N8B/nSq0BF/2B368K2M2P1yfCTPuTCOT/8N/TRy7H5Zhe1YS+iALPwe dayF/lZPvFpDNq3sC7D4WdQNKgqeBbLr8jb8q+T90VVnUQ4PbZ4MavdgzAGz4c1F DCyqpt7lVrajJRKEZdRHPZpcBefwV3+EmgSG4Kl3+nzvLGsyj6n5ztDvqQh0YZ91 ClT52MA8AAB78Eqoc8gAvodIOrtnTpSUcYPwxma7mxdaDr8ch/w5ddmGFxY0UmF1 U1s9F357zOtkKb1spfPMDbQPdcKwhe27409FXWOlurPcNhE1913ncBKHalMtHUpF pyZ7oNK4wOY= -----END CERTIFICATE-----Generated at Wed Nov 20 20:07:25 2024 by rpki-client on console-fra.rpki-client.org