$ rpki-client -vvf rpki.apnic.net/member_repository/A91A192D/CC67D252A4BC11EE9E5A5D72C4F9AE02/206CBC5CF76811EEAF5CBE5FC4F9AE02.roa File: 206CBC5CF76811EEAF5CBE5FC4F9AE02.roa (raw, json) Hash identifier: Zbfa5MMYIb5XjdO39IICaP2hG6ZT9IQx+CLPJhnO76o= Subject key identifier: AE:9E:85:EB:09:29:E1:C0:70:7D:13:5B:01:EF:1C:E8:00:E9:85:4E Certificate issuer: /CN=A91A192D/serialNumber=A81D0D61F7B730DDB742CC48ADD88A04D46FD024 Certificate serial: 69 Authority key identifier: A8:1D:0D:61:F7:B7:30:DD:B7:42:CC:48:AD:D8:8A:04:D4:6F:D0:24 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qB0NYfe3MN23QsxIrdiKBNRv0CQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A192D/CC67D252A4BC11EE9E5A5D72C4F9AE02/206CBC5CF76811EEAF5CBE5FC4F9AE02.roa Signing time: Wed 10 Apr 2024 18:37:51 +0000 ROA not before: Wed 10 Apr 2024 18:37:51 +0000 ROA not after: Mon 31 Mar 2025 00:00:00 +0000 asID: 137707 IP address blocks: 36.50.240.0/24 maxlen: 31 36.50.241.0/24 maxlen: 31 2001:df3:5240::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A192D/CC67D252A4BC11EE9E5A5D72C4F9AE02/qB0NYfe3MN23QsxIrdiKBNRv0CQ.crl rsync://rpki.apnic.net/member_repository/A91A192D/CC67D252A4BC11EE9E5A5D72C4F9AE02/qB0NYfe3MN23QsxIrdiKBNRv0CQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qB0NYfe3MN23QsxIrdiKBNRv0CQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 08 Jun 2024 08:57:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 105 (0x69) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A192D/serialNumber=A81D0D61F7B730DDB742CC48ADD88A04D46FD024 Validity Not Before: Apr 10 18:37:51 2024 GMT Not After : Mar 31 00:00:00 2025 GMT Subject: CN=6616dc7f-c7d1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:7c:3c:07:47:23:ba:d9:b5:da:d5:a5:2c:35: 2d:16:a9:af:8e:bb:5c:28:16:ec:26:19:5b:39:83: a6:b7:51:43:71:09:e5:2c:7e:7f:62:c8:e0:1f:95: 75:4f:04:7b:ac:7d:d4:68:a0:3b:b0:19:eb:90:04: 4f:1e:a2:e9:f8:b8:d1:88:19:4f:f4:68:6b:6d:f3: 58:a7:04:1e:47:94:63:66:dd:0f:90:09:c1:06:d3: 72:ca:cc:ee:65:ce:6e:eb:3f:45:e1:88:81:31:a4: eb:0f:e0:02:d4:52:a0:f5:f6:9f:13:8a:1e:6f:ec: 85:db:44:b3:ba:21:1f:9e:99:26:b9:39:c7:f7:79: 0c:d0:b6:37:3b:c6:bb:d5:ec:73:02:70:6f:85:23: 0e:f7:fd:63:1c:c0:a8:d7:71:a4:a3:3a:a6:0e:95: 0e:fb:55:38:86:39:b2:64:95:fe:d5:08:76:e0:dd: 5a:18:01:9e:65:61:0a:5d:7a:8d:a3:e9:e9:0b:bf: c0:e4:0c:13:29:b1:4e:34:64:19:de:64:e9:62:e2: e4:21:cb:0a:1c:dc:e7:88:0a:db:0e:1b:8e:69:b2: 6f:80:44:cc:68:cf:3a:3f:14:98:bd:aa:a7:b7:08: d0:59:c5:f1:1d:6f:11:84:14:bf:35:51:87:0d:02: e5:09 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AE:9E:85:EB:09:29:E1:C0:70:7D:13:5B:01:EF:1C:E8:00:E9:85:4E X509v3 Authority Key Identifier: keyid:A8:1D:0D:61:F7:B7:30:DD:B7:42:CC:48:AD:D8:8A:04:D4:6F:D0:24 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A192D/CC67D252A4BC11EE9E5A5D72C4F9AE02/qB0NYfe3MN23QsxIrdiKBNRv0CQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qB0NYfe3MN23QsxIrdiKBNRv0CQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A192D/CC67D252A4BC11EE9E5A5D72C4F9AE02/206CBC5CF76811EEAF5CBE5FC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 36.50.240.0/23 IPv6: 2001:df3:5240::/48 Signature Algorithm: sha256WithRSAEncryption c1:eb:4b:9e:33:08:be:54:3f:2d:81:de:f8:6d:33:95:fb:61: 0b:a0:bd:d5:44:7e:d4:d0:87:77:9f:ef:d7:dd:bd:d1:8b:c6: 01:7c:cb:3f:98:08:64:8c:67:2c:6b:98:a1:0c:cf:d8:40:e2: e7:61:45:e1:58:88:3d:f6:b2:e6:22:8f:64:97:bf:f3:bb:53: 79:b3:6b:61:39:df:ff:93:a9:60:d0:fb:81:1a:ef:d2:59:83: 57:9f:a3:47:69:62:f1:f0:4d:d7:96:9a:ad:47:7b:d0:1d:0d: f7:71:b3:62:8f:e3:76:b6:77:57:8b:56:a0:a7:80:0e:ae:92: e2:f9:42:40:ac:8e:3e:d6:ef:b5:25:6d:2c:bc:65:03:a8:1b: 04:52:ff:b1:2e:2c:3e:66:a7:a1:a9:b0:66:11:a7:21:52:6c: 16:2a:f0:8a:2d:18:1c:4a:73:2a:33:97:d1:96:e6:73:86:cf: d8:b6:7b:b9:88:d9:2e:c0:92:a0:ce:f2:40:b0:0e:d4:df:cc: 10:db:a0:9b:2a:11:1d:a7:6e:43:6c:d2:d3:b9:27:79:ea:b0: 36:8a:e8:88:ad:d3:21:0b:f8:5d:3a:55:fb:6d:7e:a7:dd:ad: 5c:8e:a9:d5:a4:49:55:61:fd:02:ca:87:62:9b:be:75:cf:8d: 41:1d:1c:3e -----BEGIN CERTIFICATE----- MIIFgTCCBGmgAwIBAgIBaTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFB MTkyRDExMC8GA1UEBRMoQTgxRDBENjFGN0I3MzBEREI3NDJDQzQ4QUREODhBMDRE NDZGRDAyNDAeFw0yNDA0MTAxODM3NTFaFw0yNTAzMzEwMDAwMDBaMBgxFjAUBgNV BAMTDTY2MTZkYzdmLWM3ZDEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQChfDwHRyO62bXa1aUsNS0Wqa+Ou1woFuwmGVs5g6a3UUNxCeUsfn9iyOAflXVP BHusfdRooDuwGeuQBE8eoun4uNGIGU/0aGtt81inBB5HlGNm3Q+QCcEG03LKzO5l zm7rP0XhiIExpOsP4ALUUqD19p8Tih5v7IXbRLO6IR+emSa5Ocf3eQzQtjc7xrvV 7HMCcG+FIw73/WMcwKjXcaSjOqYOlQ77VTiGObJklf7VCHbg3VoYAZ5lYQpdeo2j 6ekLv8DkDBMpsU40ZBneZOli4uQhywoc3OeICtsOG45psm+ARMxozzo/FJi9qqe3 CNBZxfEdbxGEFL81UYcNAuUJAgMBAAGjggKmMIICojAdBgNVHQ4EFgQUrp6F6wkp 4cBwfRNbAe8c6ADphU4wHwYDVR0jBBgwFoAUqB0NYfe3MN23QsxIrdiKBNRv0CQw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUExOTJEL0NDNjdEMjUyQTRC QzExRUU5RTVBNUQ3MkM0RjlBRTAyL3FCME5ZZmUzTU4yM1FzeElyZGlLQk5SdjBD US5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvcUIwTllmZTNNTjIzUXN4SXJkaUtCTlJ2MENRLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB MTkyRC9DQzY3RDI1MkE0QkMxMUVFOUU1QTVENzJDNEY5QUUwMi8yMDZDQkM1Q0Y3 NjgxMUVFQUY1Q0JFNUZDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAwBggrBgEFBQcBBwEB/wQh MB8wDAQCAAEwBgMEASQy8DAPBAIAAjAJAwcAIAEN81JAMA0GCSqGSIb3DQEBCwUA A4IBAQDB60ueMwi+VD8tgd74bTOV+2ELoL3VRH7U0Id3n+/X3b3Ri8YBfMs/mAhk jGcsa5ihDM/YQOLnYUXhWIg99rLmIo9kl7/zu1N5s2thOd//k6lg0PuBGu/SWYNX n6NHaWLx8E3XlpqtR3vQHQ33cbNij+N2tndXi1agp4AOrpLi+UJArI4+1u+1JW0s vGUDqBsEUv+xLiw+ZqehqbBmEachUmwWKvCKLRgcSnMqM5fRluZzhs/Ytnu5iNku wJKgzvJAsA7U38wQ26CbKhEdp25DbNLTuSd56rA2iuiIrdMhC/hdOlX7bX6n3a1c jqnVpElVYf0Cyodim751z41BHRw+ -----END CERTIFICATE-----Generated at Sat Jun 1 11:14:30 2024 by rpki-client on console-fra.rpki-client.org