$ rpki-client -vvf rpki.apnic.net/member_repository/A91919EA/6D463CFE04FD11EA82CCCA18C4F9AE02/F2D46CA0099A11EAB5891D5BC4F9AE02.roa File: F2D46CA0099A11EAB5891D5BC4F9AE02.roa (raw, json) Hash identifier: zic/oINhYmRooQ8iMUf+tscj5beBiqiSkdPRCqJqGYw= Subject key identifier: C5:CF:4D:B3:D4:CA:07:12:FC:03:08:29:C7:48:72:64:7C:97:C6:1B Certificate issuer: /CN=A91919EA/serialNumber=7B01CACC170FE6A61B20304185E868946DF7285A Certificate serial: 0EAA Authority key identifier: 7B:01:CA:CC:17:0F:E6:A6:1B:20:30:41:85:E8:68:94:6D:F7:28:5A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ewHKzBcP5qYbIDBBheholG33KFo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91919EA/6D463CFE04FD11EA82CCCA18C4F9AE02/F2D46CA0099A11EAB5891D5BC4F9AE02.roa Signing time: Thu 29 Feb 2024 19:38:20 +0000 ROA not before: Thu 29 Feb 2024 19:38:20 +0000 ROA not after: Thu 01 May 2025 00:00:00 +0000 asID: 397237 IP address blocks: 120.29.252.0/24 maxlen: 24 120.29.253.0/24 maxlen: 24 120.29.254.0/24 maxlen: 24 203.17.72.0/24 maxlen: 24 2001:dcd:1::/48 maxlen: 48 2001:dcd:2::/48 maxlen: 48 2001:dcd:3::/48 maxlen: 48 2001:dcd:4::/48 maxlen: 48 2001:dcd:5::/48 maxlen: 48 2001:dcd:6::/48 maxlen: 48 2001:dcd:7::/48 maxlen: 48 2001:dcd:dd05::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91919EA/6D463CFE04FD11EA82CCCA18C4F9AE02/ewHKzBcP5qYbIDBBheholG33KFo.crl rsync://rpki.apnic.net/member_repository/A91919EA/6D463CFE04FD11EA82CCCA18C4F9AE02/ewHKzBcP5qYbIDBBheholG33KFo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ewHKzBcP5qYbIDBBheholG33KFo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 01 May 2024 18:35:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3754 (0xeaa) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91919EA/serialNumber=7B01CACC170FE6A61B20304185E868946DF7285A Validity Not Before: Feb 29 19:38:20 2024 GMT Not After : May 1 00:00:00 2025 GMT Subject: CN=65e0dd2c-3a91 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:94:42:56:d9:06:19:ce:39:9c:6c:8e:f3:da:82: 3a:64:f5:36:98:67:30:84:40:2f:9f:de:fa:b4:55: 56:fd:ae:c3:c8:18:35:48:4c:65:52:02:cb:c9:7d: 19:94:d3:49:75:4c:6b:a1:92:15:c9:78:7b:7d:73: 3d:fb:5c:b0:1c:22:6d:e6:19:21:dd:f3:10:2b:88: f5:f2:3e:c7:b7:f4:64:87:8d:b2:63:f0:5a:45:8f: 0d:7c:d4:be:f1:38:00:71:d3:74:42:12:4c:d9:49: 8b:93:8e:30:8a:94:85:53:04:bf:b3:c5:3f:b6:f5: 6d:7b:36:c3:3c:45:08:79:9b:34:e3:3c:71:52:ba: 85:46:91:ef:7e:39:75:4f:0f:bb:33:7e:b3:32:2e: a1:c2:ef:b1:9b:da:90:6e:34:61:c9:19:0b:dc:44: b4:39:3d:25:15:5b:78:7d:1d:79:93:c4:36:05:93: a2:14:5f:a2:86:90:26:2b:72:e1:9e:ba:de:54:8c: 18:d1:64:c5:27:98:1f:40:8a:23:a4:a8:8d:53:c0: 8d:af:9e:bd:57:a6:50:14:bf:09:a1:21:58:d6:c9: 9f:08:29:80:01:2b:f2:c2:9c:89:3b:4d:c2:00:8c: c7:51:90:fc:0f:96:79:64:f7:fb:96:56:6b:f6:74: c7:6d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C5:CF:4D:B3:D4:CA:07:12:FC:03:08:29:C7:48:72:64:7C:97:C6:1B X509v3 Authority Key Identifier: keyid:7B:01:CA:CC:17:0F:E6:A6:1B:20:30:41:85:E8:68:94:6D:F7:28:5A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91919EA/6D463CFE04FD11EA82CCCA18C4F9AE02/ewHKzBcP5qYbIDBBheholG33KFo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ewHKzBcP5qYbIDBBheholG33KFo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91919EA/6D463CFE04FD11EA82CCCA18C4F9AE02/F2D46CA0099A11EAB5891D5BC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 120.29.252.0-120.29.254.255 203.17.72.0/24 IPv6: 2001:dcd:1::-2001:dcd:7:ffff:ffff:ffff:ffff:ffff 2001:dcd:dd05::/48 Signature Algorithm: sha256WithRSAEncryption 2b:43:04:b1:8c:6a:da:67:1f:da:d8:47:89:dd:cd:43:1f:9f: 29:9e:5e:5e:5e:06:f9:ab:01:dc:c0:ba:c3:53:0d:69:08:ed: 2f:87:b7:36:68:b9:81:93:ef:6d:28:b4:31:40:b7:d7:13:42: c4:00:f5:db:06:e3:eb:2d:05:7d:4c:10:0d:b3:7d:d2:a8:20: 08:12:ed:97:08:a8:4a:73:a0:47:fa:15:30:b8:72:71:49:3a: f3:16:1a:c1:fb:ea:2c:f8:33:9f:ae:ea:04:e4:c0:bd:7c:af: e6:f9:98:7f:81:5a:54:23:1d:11:4e:c3:81:2c:8c:a8:b1:7b: 7a:78:70:48:52:11:5f:c4:b4:b7:83:87:0b:6f:a7:db:38:da: dd:dd:2a:bb:7b:f5:40:3f:e2:c4:db:96:0f:7b:ed:c7:b8:84: 65:e4:40:4d:d2:1a:22:ae:dc:fd:fb:d4:3b:94:55:b6:ee:0e: 63:85:08:24:3e:37:f3:c3:4f:b5:88:90:26:d4:e7:55:d4:7e: dd:84:f0:fa:08:e5:3d:ca:bd:04:20:76:15:98:9a:c9:7a:51: ba:eb:97:2d:69:c6:a2:84:a2:25:0a:8a:80:71:60:7f:2c:1b: be:4e:b0:52:ea:d3:73:b4:cd:18:a1:95:05:34:23:2b:b6:4f: 84:26:da:c3 -----BEGIN CERTIFICATE----- MIIFpDCCBIygAwIBAgICDqowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OTE5RUExMTAvBgNVBAUTKDdCMDFDQUNDMTcwRkU2QTYxQjIwMzA0MTg1RTg2ODk0 NkRGNzI4NUEwHhcNMjQwMjI5MTkzODIwWhcNMjUwNTAxMDAwMDAwWjAYMRYwFAYD VQQDEw02NWUwZGQyYy0zYTkxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAlEJW2QYZzjmcbI7z2oI6ZPU2mGcwhEAvn976tFVW/a7DyBg1SExlUgLLyX0Z lNNJdUxroZIVyXh7fXM9+1ywHCJt5hkh3fMQK4j18j7Ht/Rkh42yY/BaRY8NfNS+ 8TgAcdN0QhJM2UmLk44wipSFUwS/s8U/tvVtezbDPEUIeZs04zxxUrqFRpHvfjl1 Tw+7M36zMi6hwu+xm9qQbjRhyRkL3ES0OT0lFVt4fR15k8Q2BZOiFF+ihpAmK3Lh nrreVIwY0WTFJ5gfQIojpKiNU8CNr569V6ZQFL8JoSFY1smfCCmAASvywpyJO03C AIzHUZD8D5Z5ZPf7llZr9nTHbQIDAQABo4ICyDCCAsQwHQYDVR0OBBYEFMXPTbPU ygcS/AMIKcdIcmR8l8YbMB8GA1UdIwQYMBaAFHsByswXD+amGyAwQYXoaJRt9yha MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5MTlFQS82RDQ2M0NGRTA0 RkQxMUVBODJDQ0NBMThDNEY5QUUwMi9ld0hLekJjUDVxWWJJREJCaGVob2xHMzNL Rm8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2V3SEt6QmNQNXFZYklEQkJoZWhvbEczM0tGby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx OTE5RUEvNkQ0NjNDRkUwNEZEMTFFQTgyQ0NDQTE4QzRGOUFFMDIvRjJENDZDQTAw OTlBMTFFQUI1ODkxRDVCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwUgYIKwYBBQUHAQcBAf8E QzBBMBoEAgABMBQwDAMEAngd/AMEAHgd/gMEAMsRSDAjBAIAAjAdMBIDBwAgAQ3N AAEDBwMgAQ3NAAADBwAgAQ3N3QUwDQYJKoZIhvcNAQELBQADggEBACtDBLGMatpn H9rYR4ndzUMfnymeXl5eBvmrAdzAusNTDWkI7S+HtzZouYGT720otDFAt9cTQsQA 9dsG4+stBX1MEA2zfdKoIAgS7ZcIqEpzoEf6FTC4cnFJOvMWGsH76iz4M5+u6gTk wL18r+b5mH+BWlQjHRFOw4EsjKixe3p4cEhSEV/EtLeDhwtvp9s42t3dKrt79UA/ 4sTblg977ce4hGXkQE3SGiKu3P371DuUVbbuDmOFCCQ+N/PDT7WIkCbU51XUft2E 8PoI5T3KvQQgdhWYmsl6Ubrrly1pxqKEoiUKioBxYH8sG75OsFLq03O0zRihlQU0 Iyu2T4Qm2sM= -----END CERTIFICATE-----Generated at Wed Apr 24 20:29:50 2024 by rpki-client on console-fra.rpki-client.org