$ rpki-client -vvf rpki.apnic.net/member_repository/A91919EA/6D463CFE04FD11EA82CCCA18C4F9AE02/F1D9CD5E099A11EAB5891D5BC4F9AE02.roa File: F1D9CD5E099A11EAB5891D5BC4F9AE02.roa (raw, json) Hash identifier: 4WX0ehLqUuik7rDt9ycis+y5a+d/nd5z3lRe8qLsMRA= Subject key identifier: 36:9C:E8:45:89:58:7E:DC:DB:94:3E:1F:92:61:94:B5:BD:55:6E:06 Certificate issuer: /CN=A91919EA/serialNumber=7B01CACC170FE6A61B20304185E868946DF7285A Certificate serial: 0E9E Authority key identifier: 7B:01:CA:CC:17:0F:E6:A6:1B:20:30:41:85:E8:68:94:6D:F7:28:5A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ewHKzBcP5qYbIDBBheholG33KFo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91919EA/6D463CFE04FD11EA82CCCA18C4F9AE02/F1D9CD5E099A11EAB5891D5BC4F9AE02.roa Signing time: Thu 29 Feb 2024 19:38:08 +0000 ROA not before: Thu 29 Feb 2024 19:38:08 +0000 ROA not after: Thu 01 May 2025 00:00:00 +0000 asID: 397225 IP address blocks: 120.29.252.0/24 maxlen: 24 120.29.253.0/24 maxlen: 24 120.29.254.0/24 maxlen: 24 203.17.72.0/24 maxlen: 24 2001:dcd:1::/48 maxlen: 48 2001:dcd:2::/48 maxlen: 48 2001:dcd:3::/48 maxlen: 48 2001:dcd:4::/48 maxlen: 48 2001:dcd:5::/48 maxlen: 48 2001:dcd:6::/48 maxlen: 48 2001:dcd:7::/48 maxlen: 48 2001:dcd:dd05::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91919EA/6D463CFE04FD11EA82CCCA18C4F9AE02/ewHKzBcP5qYbIDBBheholG33KFo.crl rsync://rpki.apnic.net/member_repository/A91919EA/6D463CFE04FD11EA82CCCA18C4F9AE02/ewHKzBcP5qYbIDBBheholG33KFo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ewHKzBcP5qYbIDBBheholG33KFo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 Nov 2024 18:21:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3742 (0xe9e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91919EA/serialNumber=7B01CACC170FE6A61B20304185E868946DF7285A Validity Not Before: Feb 29 19:38:08 2024 GMT Not After : May 1 00:00:00 2025 GMT Subject: CN=65e0dd1f-9c5b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:4a:ed:2c:3a:2e:3d:77:18:dc:ca:76:fe:56: 1a:a5:f8:3d:ec:59:36:28:b2:38:47:1d:af:db:75: 1a:1d:aa:48:48:ca:c5:6f:3b:08:08:71:e3:0a:72: 32:bb:e8:47:cf:f7:78:db:35:b8:0c:13:6b:cd:c3: b2:f1:14:2c:a0:1d:46:1f:4a:c1:61:da:66:ef:73: 4d:99:b7:45:0e:66:38:03:45:3d:c0:2d:13:c7:80: e7:6c:39:93:fb:ad:c6:30:0e:25:88:57:60:d7:5c: ec:53:be:b7:56:02:11:7d:74:bf:06:e3:02:10:1f: ee:25:80:61:ae:d1:e2:7a:c4:23:71:22:48:a4:17: 2c:ca:63:3f:43:ad:a5:25:b9:af:6d:32:27:b6:c0: d2:1f:69:74:b3:03:07:c8:23:51:81:7e:c7:a1:ca: c0:84:1d:b8:49:e0:b6:0a:63:9e:98:78:52:12:61: f7:00:e3:59:87:04:68:88:6d:83:bc:1f:35:23:50: d5:d0:9c:69:8e:8d:9f:84:9c:00:d9:6c:89:83:65: c5:aa:26:51:86:90:a9:21:73:92:e1:4e:f2:bb:79: 14:7c:87:29:e5:1f:78:d3:bd:95:23:ba:cf:61:03: 81:6b:53:08:96:a9:7d:3a:0d:bd:79:f8:9f:5d:b5: b3:51 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 36:9C:E8:45:89:58:7E:DC:DB:94:3E:1F:92:61:94:B5:BD:55:6E:06 X509v3 Authority Key Identifier: keyid:7B:01:CA:CC:17:0F:E6:A6:1B:20:30:41:85:E8:68:94:6D:F7:28:5A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91919EA/6D463CFE04FD11EA82CCCA18C4F9AE02/ewHKzBcP5qYbIDBBheholG33KFo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ewHKzBcP5qYbIDBBheholG33KFo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91919EA/6D463CFE04FD11EA82CCCA18C4F9AE02/F1D9CD5E099A11EAB5891D5BC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 120.29.252.0-120.29.254.255 203.17.72.0/24 IPv6: 2001:dcd:1::-2001:dcd:7:ffff:ffff:ffff:ffff:ffff 2001:dcd:dd05::/48 Signature Algorithm: sha256WithRSAEncryption 0d:77:cb:5c:be:a9:fa:48:1a:39:73:21:b3:85:24:8d:8c:a8: 43:5c:3d:ac:31:c3:a2:d8:97:1b:ba:b5:a8:8d:1d:5b:11:24: f2:db:1c:2d:88:eb:1f:b5:4c:7b:e5:05:6c:89:06:eb:2a:51: 8b:19:cf:1e:7e:75:84:07:bc:ac:2f:d0:51:d1:c6:af:65:65: 3f:3e:10:98:b0:57:47:d8:5f:57:46:b6:30:e1:bb:bc:c8:0a: f5:52:df:4d:b6:a5:47:c0:ec:ad:97:3b:1f:b1:c6:a2:f1:c8: c5:e9:5e:cc:25:c8:6c:62:8b:a3:64:1c:d5:1f:23:70:f7:56: 98:77:36:76:62:01:f6:a0:c8:e4:d7:8a:d3:f8:3b:ef:a2:61: ab:1d:81:1c:0a:b1:e6:a2:8b:65:9e:cf:e5:a0:3e:77:63:62: 4f:32:49:47:92:26:cb:e4:95:0d:5f:f0:ef:fc:bf:f8:ee:6e: 69:28:a8:87:b7:17:a3:e7:3b:b2:cc:41:ea:00:a5:60:51:cd: a5:5d:8a:7b:b3:b7:12:5d:3f:a8:36:d9:06:71:ee:95:6f:9b: ea:6d:80:e0:3c:e8:5a:ca:93:04:4e:ca:d2:75:6d:63:ad:fc: 1d:97:64:9b:d4:ab:22:ea:d7:21:75:c8:a8:50:3f:41:bb:2b: 2d:ae:f0:24 -----BEGIN CERTIFICATE----- MIIFpDCCBIygAwIBAgICDp4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OTE5RUExMTAvBgNVBAUTKDdCMDFDQUNDMTcwRkU2QTYxQjIwMzA0MTg1RTg2ODk0 NkRGNzI4NUEwHhcNMjQwMjI5MTkzODA4WhcNMjUwNTAxMDAwMDAwWjAYMRYwFAYD VQQDEw02NWUwZGQxZi05YzViMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAt0rtLDouPXcY3Mp2/lYapfg97Fk2KLI4Rx2v23UaHapISMrFbzsICHHjCnIy u+hHz/d42zW4DBNrzcOy8RQsoB1GH0rBYdpm73NNmbdFDmY4A0U9wC0Tx4DnbDmT +63GMA4liFdg11zsU763VgIRfXS/BuMCEB/uJYBhrtHiesQjcSJIpBcsymM/Q62l JbmvbTIntsDSH2l0swMHyCNRgX7HocrAhB24SeC2CmOemHhSEmH3AONZhwRoiG2D vB81I1DV0Jxpjo2fhJwA2WyJg2XFqiZRhpCpIXOS4U7yu3kUfIcp5R94072VI7rP YQOBa1MIlql9Og29efifXbWzUQIDAQABo4ICyDCCAsQwHQYDVR0OBBYEFDac6EWJ WH7c25Q+H5JhlLW9VW4GMB8GA1UdIwQYMBaAFHsByswXD+amGyAwQYXoaJRt9yha MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5MTlFQS82RDQ2M0NGRTA0 RkQxMUVBODJDQ0NBMThDNEY5QUUwMi9ld0hLekJjUDVxWWJJREJCaGVob2xHMzNL Rm8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2V3SEt6QmNQNXFZYklEQkJoZWhvbEczM0tGby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx OTE5RUEvNkQ0NjNDRkUwNEZEMTFFQTgyQ0NDQTE4QzRGOUFFMDIvRjFEOUNENUUw OTlBMTFFQUI1ODkxRDVCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwUgYIKwYBBQUHAQcBAf8E QzBBMBoEAgABMBQwDAMEAngd/AMEAHgd/gMEAMsRSDAjBAIAAjAdMBIDBwAgAQ3N AAEDBwMgAQ3NAAADBwAgAQ3N3QUwDQYJKoZIhvcNAQELBQADggEBAA13y1y+qfpI GjlzIbOFJI2MqENcPawxw6LYlxu6taiNHVsRJPLbHC2I6x+1THvlBWyJBusqUYsZ zx5+dYQHvKwv0FHRxq9lZT8+EJiwV0fYX1dGtjDhu7zICvVS3022pUfA7K2XOx+x xqLxyMXpXswlyGxii6NkHNUfI3D3Vph3NnZiAfagyOTXitP4O++iYasdgRwKseai i2Wez+WgPndjYk8ySUeSJsvklQ1f8O/8v/jubmkoqIe3F6PnO7LMQeoApWBRzaVd inuztxJdP6g22QZx7pVvm+ptgOA86FrKkwROytJ1bWOt/B2XZJvUqyLq1yF1yKhQ P0G7Ky2u8CQ= -----END CERTIFICATE-----Generated at Wed Nov 20 20:07:26 2024 by rpki-client on console-fra.rpki-client.org