$ rpki-client -vvf rpki.apnic.net/member_repository/A91919EA/6D463CFE04FD11EA82CCCA18C4F9AE02/537DDF3A09B111EAB045B31EC4F9AE02.roa File: 537DDF3A09B111EAB045B31EC4F9AE02.roa (raw, json) Hash identifier: CmuSEfG1UIdzSsh9ec/xg1Tx5rcMA3aH5mzrUytDjcw= Subject key identifier: 12:C8:F5:C1:1E:F0:BC:5D:29:E4:7F:FD:05:AD:4D:56:2C:DD:B5:CB Certificate issuer: /CN=A91919EA/serialNumber=7B01CACC170FE6A61B20304185E868946DF7285A Certificate serial: 0E96 Authority key identifier: 7B:01:CA:CC:17:0F:E6:A6:1B:20:30:41:85:E8:68:94:6D:F7:28:5A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ewHKzBcP5qYbIDBBheholG33KFo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91919EA/6D463CFE04FD11EA82CCCA18C4F9AE02/537DDF3A09B111EAB045B31EC4F9AE02.roa Signing time: Thu 29 Feb 2024 19:38:00 +0000 ROA not before: Thu 29 Feb 2024 19:38:00 +0000 ROA not after: Thu 01 May 2025 00:00:00 +0000 asID: 397217 IP address blocks: 120.29.252.0/24 maxlen: 24 120.29.253.0/24 maxlen: 24 120.29.254.0/24 maxlen: 24 203.17.72.0/24 maxlen: 24 2001:dcd:1::/48 maxlen: 48 2001:dcd:2::/48 maxlen: 48 2001:dcd:3::/48 maxlen: 48 2001:dcd:4::/48 maxlen: 48 2001:dcd:5::/48 maxlen: 48 2001:dcd:7::/48 maxlen: 48 2001:dcd:dd05::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91919EA/6D463CFE04FD11EA82CCCA18C4F9AE02/ewHKzBcP5qYbIDBBheholG33KFo.crl rsync://rpki.apnic.net/member_repository/A91919EA/6D463CFE04FD11EA82CCCA18C4F9AE02/ewHKzBcP5qYbIDBBheholG33KFo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ewHKzBcP5qYbIDBBheholG33KFo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 Nov 2024 18:21:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3734 (0xe96) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91919EA/serialNumber=7B01CACC170FE6A61B20304185E868946DF7285A Validity Not Before: Feb 29 19:38:00 2024 GMT Not After : May 1 00:00:00 2025 GMT Subject: CN=65e0dd18-05fe Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:1d:30:4b:14:01:7d:46:7b:d3:9d:6a:e8:01: 7d:89:eb:bc:fb:28:33:6e:1e:2e:09:88:b8:0c:dd: bc:54:2b:11:fa:a7:0c:75:25:8c:88:d1:05:07:57: fb:75:8c:b8:35:35:71:f2:a4:03:74:9e:4a:10:48: 63:22:54:07:79:9f:bc:88:b3:69:9c:69:21:2f:a1: 9e:8b:e1:d0:8f:2a:88:be:4f:6e:82:a9:63:6c:f1: b9:1b:9f:d9:71:63:df:92:11:01:a2:09:c0:be:7b: 5c:cb:f8:6b:33:d6:52:f0:f6:24:ea:be:9a:15:4e: 58:72:ce:6b:62:0c:83:7e:da:c5:d1:89:95:71:5a: 02:d6:5f:66:d2:44:3c:b7:56:16:0c:86:d9:90:32: 96:02:20:48:b4:ba:6a:75:79:e1:55:09:52:fc:2d: b7:37:da:67:6a:02:11:04:bb:4a:cc:aa:1c:44:ae: 4b:a2:0d:50:06:88:8e:0c:cc:e8:a0:9d:cb:f6:bc: 96:d4:54:6a:9b:32:3c:0f:24:43:6c:d1:fa:5c:ca: 81:d6:da:e7:8f:3c:5f:2e:4b:f2:6c:37:78:ad:17: 16:9f:6d:32:a1:d5:9b:1b:f0:3d:22:05:f1:b7:af: 85:ab:39:62:c4:62:33:7c:39:08:1a:12:fa:30:d9: 55:9d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 12:C8:F5:C1:1E:F0:BC:5D:29:E4:7F:FD:05:AD:4D:56:2C:DD:B5:CB X509v3 Authority Key Identifier: keyid:7B:01:CA:CC:17:0F:E6:A6:1B:20:30:41:85:E8:68:94:6D:F7:28:5A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91919EA/6D463CFE04FD11EA82CCCA18C4F9AE02/ewHKzBcP5qYbIDBBheholG33KFo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ewHKzBcP5qYbIDBBheholG33KFo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91919EA/6D463CFE04FD11EA82CCCA18C4F9AE02/537DDF3A09B111EAB045B31EC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 120.29.252.0-120.29.254.255 203.17.72.0/24 IPv6: 2001:dcd:1::-2001:dcd:5:ffff:ffff:ffff:ffff:ffff 2001:dcd:7::/48 2001:dcd:dd05::/48 Signature Algorithm: sha256WithRSAEncryption 82:d8:4b:51:14:0a:38:69:b4:82:50:09:77:df:0f:4a:ac:36: 97:03:2b:ba:f6:fa:98:57:5c:40:bb:4d:bc:8a:90:0f:33:7a: 0d:0f:32:1e:4a:58:a0:38:7f:a6:c8:52:36:9e:07:21:69:d2: 41:9c:ec:50:76:d6:b9:4a:48:28:4c:9f:cb:0c:1c:ca:98:22: 81:17:c1:6f:43:10:64:56:0d:3d:67:94:0a:c6:41:be:1c:ef: 3d:f1:ad:5b:10:bc:b3:87:7a:cd:59:49:ac:30:6a:1f:d4:7a: cd:e8:a2:f8:81:62:40:60:c0:1e:e9:86:4d:61:ce:e4:38:c2: 4c:5c:d0:6a:ed:cf:38:a1:e3:de:6b:c4:c9:c8:b4:05:92:24: e8:49:2e:33:53:d7:43:d8:5b:97:eb:0b:97:0b:4a:d5:11:fb: 22:d7:5c:7c:4a:61:c6:b8:7c:41:e3:58:d0:5f:3e:4c:08:3d: 32:14:a4:8b:24:3e:c3:6a:b1:61:db:86:d8:da:99:88:7d:56: 62:60:18:07:93:6d:67:ac:c1:17:65:01:83:fe:52:aa:58:2b: 1f:76:a9:7f:29:25:bf:26:39:28:b0:9f:65:d7:e1:2d:3d:a2: c3:7a:43:f9:c6:a8:da:26:a1:9e:53:c0:4d:05:3f:91:51:d1: dc:f2:06:6b -----BEGIN CERTIFICATE----- MIIFrTCCBJWgAwIBAgICDpYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OTE5RUExMTAvBgNVBAUTKDdCMDFDQUNDMTcwRkU2QTYxQjIwMzA0MTg1RTg2ODk0 NkRGNzI4NUEwHhcNMjQwMjI5MTkzODAwWhcNMjUwNTAxMDAwMDAwWjAYMRYwFAYD VQQDEw02NWUwZGQxOC0wNWZlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAsB0wSxQBfUZ7051q6AF9ieu8+ygzbh4uCYi4DN28VCsR+qcMdSWMiNEFB1f7 dYy4NTVx8qQDdJ5KEEhjIlQHeZ+8iLNpnGkhL6Gei+HQjyqIvk9ugqljbPG5G5/Z cWPfkhEBognAvntcy/hrM9ZS8PYk6r6aFU5Ycs5rYgyDftrF0YmVcVoC1l9m0kQ8 t1YWDIbZkDKWAiBItLpqdXnhVQlS/C23N9pnagIRBLtKzKocRK5Log1QBoiODMzo oJ3L9ryW1FRqmzI8DyRDbNH6XMqB1trnjzxfLkvybDd4rRcWn20yodWbG/A9IgXx t6+FqzlixGIzfDkIGhL6MNlVnQIDAQABo4IC0TCCAs0wHQYDVR0OBBYEFBLI9cEe 8LxdKeR//QWtTVYs3bXLMB8GA1UdIwQYMBaAFHsByswXD+amGyAwQYXoaJRt9yha MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5MTlFQS82RDQ2M0NGRTA0 RkQxMUVBODJDQ0NBMThDNEY5QUUwMi9ld0hLekJjUDVxWWJJREJCaGVob2xHMzNL Rm8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2V3SEt6QmNQNXFZYklEQkJoZWhvbEczM0tGby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx OTE5RUEvNkQ0NjNDRkUwNEZEMTFFQTgyQ0NDQTE4QzRGOUFFMDIvNTM3RERGM0Ew OUIxMTFFQUIwNDVCMzFFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwWwYIKwYBBQUHAQcBAf8E TDBKMBoEAgABMBQwDAMEAngd/AMEAHgd/gMEAMsRSDAsBAIAAjAmMBIDBwAgAQ3N AAEDBwEgAQ3NAAQDBwAgAQ3NAAcDBwAgAQ3N3QUwDQYJKoZIhvcNAQELBQADggEB AILYS1EUCjhptIJQCXffD0qsNpcDK7r2+phXXEC7TbyKkA8zeg0PMh5KWKA4f6bI UjaeByFp0kGc7FB21rlKSChMn8sMHMqYIoEXwW9DEGRWDT1nlArGQb4c7z3xrVsQ vLOHes1ZSawwah/Ues3ooviBYkBgwB7phk1hzuQ4wkxc0Grtzzih495rxMnItAWS JOhJLjNT10PYW5frC5cLStUR+yLXXHxKYca4fEHjWNBfPkwIPTIUpIskPsNqsWHb htjamYh9VmJgGAeTbWeswRdlAYP+UqpYKx92qX8pJb8mOSiwn2XX4S09osN6Q/nG qNomoZ5TwE0FP5FR0dzyBms= -----END CERTIFICATE-----Generated at Wed Nov 20 20:07:25 2024 by rpki-client on console-fra.rpki-client.org