$ rpki-client -vvf rpki.apnic.net/member_repository/A9191A09/4ACFF3601D9011E2B87CF2EF08B02CD2/0537EDD4E37C11EA8C217816C4F9AE02.roa File: 0537EDD4E37C11EA8C217816C4F9AE02.roa (raw, json) Hash identifier: R+pacwfcTdHklwFfetq2LYa4OpDYKVQ0ZEJVkosxwgY= Subject key identifier: E6:9B:E1:06:1A:8B:A4:D4:E5:82:81:00:C4:4D:CB:91:0A:35:C7:E2 Certificate issuer: /CN=A9191A09/serialNumber=ACF2C8D0DCFBA74516B33CEBE26AE14F8B067C80 Certificate serial: 3408 Authority key identifier: AC:F2:C8:D0:DC:FB:A7:45:16:B3:3C:EB:E2:6A:E1:4F:8B:06:7C:80 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rPLI0Nz7p0UWszzr4mrhT4sGfIA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9191A09/4ACFF3601D9011E2B87CF2EF08B02CD2/0537EDD4E37C11EA8C217816C4F9AE02.roa Signing time: Thu 14 Dec 2023 15:00:41 +0000 ROA not before: Thu 14 Dec 2023 15:00:41 +0000 ROA not after: Sun 02 Mar 2025 00:00:00 +0000 asID: 24492 IP address blocks: 27.111.8.0/22 maxlen: 24 43.245.216.0/22 maxlen: 24 49.156.32.0/20 maxlen: 23 49.156.32.0/20 maxlen: 24 49.156.34.0/23 maxlen: 24 49.156.36.0/22 maxlen: 24 49.156.40.0/21 maxlen: 24 103.17.212.0/22 maxlen: 24 116.206.16.0/22 maxlen: 24 119.15.80.0/20 maxlen: 24 202.79.24.0/21 maxlen: 24 218.100.71.0/24 maxlen: 24 2405:1a00::/32 maxlen: 36 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9191A09/4ACFF3601D9011E2B87CF2EF08B02CD2/rPLI0Nz7p0UWszzr4mrhT4sGfIA.crl rsync://rpki.apnic.net/member_repository/A9191A09/4ACFF3601D9011E2B87CF2EF08B02CD2/rPLI0Nz7p0UWszzr4mrhT4sGfIA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rPLI0Nz7p0UWszzr4mrhT4sGfIA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 25 May 2024 14:46:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13320 (0x3408) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9191A09/serialNumber=ACF2C8D0DCFBA74516B33CEBE26AE14F8B067C80 Validity Not Before: Dec 14 15:00:41 2023 GMT Not After : Mar 2 00:00:00 2025 GMT Subject: CN=657b1899-babc Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:64:b8:c8:f3:5d:4f:b2:f2:75:7d:f0:96:cc: 8b:df:1c:d9:65:70:b8:68:61:50:8c:46:a8:77:e4: 5c:7b:a3:85:8b:88:4c:50:ad:af:12:0f:59:9f:52: 69:e4:61:16:e7:ca:60:d1:bf:72:5a:b3:22:5d:fb: 2d:7e:3d:3c:d3:9d:93:0d:14:e1:77:c7:7c:a6:8e: c6:9f:26:58:9e:ce:c2:4d:fb:5f:8b:3a:10:04:44: 1f:0e:0e:98:6b:c3:f9:1a:44:6e:4f:17:2f:d9:d3: f0:8b:6c:bb:a1:8a:dc:71:ef:63:f8:54:fe:e0:53: 4f:7a:13:f0:c1:00:56:3b:4c:a4:14:d8:b4:95:db: 15:b2:a9:e4:12:8c:71:2b:4f:7b:48:32:2d:16:59: 36:a8:26:e4:46:7b:55:17:27:db:2d:67:07:de:59: f6:9b:50:7d:e7:ff:30:65:a2:7e:a3:17:c9:06:e2: d9:61:d9:20:bb:25:04:50:dc:ff:01:0d:3d:34:96: ef:27:90:0e:71:bf:eb:50:b4:c6:84:74:ce:af:d8: 15:3c:26:76:27:7a:a9:cf:64:e1:99:50:e7:b8:6c: 7d:76:15:36:45:2a:8e:e0:c6:36:80:d3:5e:e3:8b: 85:a6:3a:5a:d3:24:0b:b4:87:e0:b1:74:04:0f:c2: fe:a7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E6:9B:E1:06:1A:8B:A4:D4:E5:82:81:00:C4:4D:CB:91:0A:35:C7:E2 X509v3 Authority Key Identifier: keyid:AC:F2:C8:D0:DC:FB:A7:45:16:B3:3C:EB:E2:6A:E1:4F:8B:06:7C:80 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9191A09/4ACFF3601D9011E2B87CF2EF08B02CD2/rPLI0Nz7p0UWszzr4mrhT4sGfIA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rPLI0Nz7p0UWszzr4mrhT4sGfIA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9191A09/4ACFF3601D9011E2B87CF2EF08B02CD2/0537EDD4E37C11EA8C217816C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 27.111.8.0/22 43.245.216.0/22 49.156.32.0/20 103.17.212.0/22 116.206.16.0/22 119.15.80.0/20 202.79.24.0/21 218.100.71.0/24 IPv6: 2405:1a00::/32 Signature Algorithm: sha256WithRSAEncryption b8:bb:6a:c5:06:14:e9:55:6b:ad:c3:c2:42:c7:9e:c8:ff:20: 1c:3b:93:e8:13:ef:81:e1:9a:87:c7:5e:2b:ba:2d:b2:ad:54: 4e:ac:cb:42:6b:a4:a2:4c:a4:ce:a5:ea:29:63:fa:86:62:37: 39:5d:c4:b1:0e:f0:5f:d8:fa:9c:20:24:4d:7e:55:63:99:ae: d6:ea:8c:ca:fb:5c:63:c6:ff:ab:d0:d4:20:7b:59:6d:aa:21: 2a:08:ec:ac:74:2c:da:e5:d2:8f:b7:d8:93:bb:ce:aa:8d:f6: 28:76:0e:68:82:5c:9c:69:86:4e:ef:40:59:2d:ff:ac:29:b5: 4a:1f:ac:1a:b6:2b:04:ea:20:22:87:e8:23:cc:17:97:e1:c1: d6:1b:84:e8:4e:3c:12:c1:3a:a4:5d:7a:09:6f:5a:42:6c:15: c7:55:41:68:a7:1e:1b:05:0a:74:1b:8b:e4:8d:36:61:8d:de: ce:4d:f8:97:26:e2:42:2d:0e:c7:10:06:fb:8b:9d:64:ec:06: 4a:d3:33:05:7e:8f:69:7f:49:24:a4:b1:da:07:b3:08:19:3d: 99:ed:99:94:c5:f3:97:98:2c:75:27:a8:28:e3:0a:c9:8a:5d: 0c:86:42:f2:af:23:6b:71:4d:9b:72:a4:5b:ae:c4:70:5f:fa: 05:e4:b3:28 -----BEGIN CERTIFICATE----- MIIFqjCCBJKgAwIBAgICNAgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OTFBMDkxMTAvBgNVBAUTKEFDRjJDOEQwRENGQkE3NDUxNkIzM0NFQkUyNkFFMTRG OEIwNjdDODAwHhcNMjMxMjE0MTUwMDQxWhcNMjUwMzAyMDAwMDAwWjAYMRYwFAYD VQQDEw02NTdiMTg5OS1iYWJjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAu2S4yPNdT7LydX3wlsyL3xzZZXC4aGFQjEaod+Rce6OFi4hMUK2vEg9Zn1Jp 5GEW58pg0b9yWrMiXfstfj08052TDRThd8d8po7GnyZYns7CTftfizoQBEQfDg6Y a8P5GkRuTxcv2dPwi2y7oYrcce9j+FT+4FNPehPwwQBWO0ykFNi0ldsVsqnkEoxx K097SDItFlk2qCbkRntVFyfbLWcH3ln2m1B95/8wZaJ+oxfJBuLZYdkguyUEUNz/ AQ09NJbvJ5AOcb/rULTGhHTOr9gVPCZ2J3qpz2ThmVDnuGx9dhU2RSqO4MY2gNNe 44uFpjpa0yQLtIfgsXQED8L+pwIDAQABo4ICzjCCAsowHQYDVR0OBBYEFOab4QYa i6TU5YKBAMRNy5EKNcfiMB8GA1UdIwQYMBaAFKzyyNDc+6dFFrM86+Jq4U+LBnyA MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5MUEwOS80QUNGRjM2MDFE OTAxMUUyQjg3Q0YyRUYwOEIwMkNEMi9yUExJME56N3AwVVdzenpyNG1yaFQ0c0dm SUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3JQTEkwTno3cDBVV3N6enI0bXJoVDRzR2ZJQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx OTFBMDkvNEFDRkYzNjAxRDkwMTFFMkI4N0NGMkVGMDhCMDJDRDIvMDUzN0VERDRF MzdDMTFFQThDMjE3ODE2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwWAYIKwYBBQUHAQcBAf8E STBHMDYEAgABMDADBAIbbwgDBAIr9dgDBAQxnCADBAJnEdQDBAJ0zhADBAR3D1AD BAPKTxgDBADaZEcwDQQCAAIwBwMFACQFGgAwDQYJKoZIhvcNAQELBQADggEBALi7 asUGFOlVa63DwkLHnsj/IBw7k+gT74HhmofHXiu6LbKtVE6sy0JrpKJMpM6l6ilj +oZiNzldxLEO8F/Y+pwgJE1+VWOZrtbqjMr7XGPG/6vQ1CB7WW2qISoI7Kx0LNrl 0o+32JO7zqqN9ih2DmiCXJxphk7vQFkt/6wptUofrBq2KwTqICKH6CPMF5fhwdYb hOhOPBLBOqRdeglvWkJsFcdVQWinHhsFCnQbi+SNNmGN3s5N+Jcm4kItDscQBvuL nWTsBkrTMwV+j2l/SSSksdoHswgZPZntmZTF85eYLHUnqCjjCsmKXQyGQvKvI2tx TZtypFuuxHBf+gXksyg= -----END CERTIFICATE-----Generated at Sat May 18 15:26:05 2024 by rpki-client on console-fra.rpki-client.org