$ rpki-client -vvf rpki.apnic.net/member_repository/A91A3E3F/FBDFFEC0768611EDA6CB3F41C4F9AE02/E6EB68347F4F11EDBD813D85C4F9AE02.roa File: E6EB68347F4F11EDBD813D85C4F9AE02.roa (raw, json) Hash identifier: 68t7AoSZP/afLoYmZ2cIjMvIFXrWh3T5i52ayRfPKe4= Subject key identifier: 96:73:EE:6C:A1:51:65:9C:2F:E7:75:3B:94:30:A2:09:41:BB:6D:F0 Certificate issuer: /CN=A91A3E3F/serialNumber=59DDC3969B9863CFB5A15528AA4A391AF2337F43 Certificate serial: D2 Authority key identifier: 59:DD:C3:96:9B:98:63:CF:B5:A1:55:28:AA:4A:39:1A:F2:33:7F:43 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Wd3DlpuYY8-1oVUoqko5GvIzf0M.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A3E3F/FBDFFEC0768611EDA6CB3F41C4F9AE02/E6EB68347F4F11EDBD813D85C4F9AE02.roa Signing time: Tue 05 Dec 2023 04:55:10 +0000 ROA not before: Tue 05 Dec 2023 04:55:10 +0000 ROA not after: Fri 31 Jan 2025 00:00:00 +0000 asID: 8075 IP address blocks: 111.221.16.0/21 maxlen: 21 111.221.24.0/22 maxlen: 22 111.221.29.0/24 maxlen: 24 111.221.30.0/23 maxlen: 23 111.221.64.0/18 maxlen: 24 202.89.224.0/21 maxlen: 24 2001:df0:7::/48 maxlen: 48 2001:df0:d7::/48 maxlen: 48 2001:df0:d8::/48 maxlen: 48 2001:df0:d9::/48 maxlen: 48 2404:f800::/32 maxlen: 32 2404:f801:8030::/48 maxlen: 48 2404:f802::/31 maxlen: 31 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A3E3F/FBDFFEC0768611EDA6CB3F41C4F9AE02/Wd3DlpuYY8-1oVUoqko5GvIzf0M.crl rsync://rpki.apnic.net/member_repository/A91A3E3F/FBDFFEC0768611EDA6CB3F41C4F9AE02/Wd3DlpuYY8-1oVUoqko5GvIzf0M.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Wd3DlpuYY8-1oVUoqko5GvIzf0M.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 Nov 2024 20:33:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 210 (0xd2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A3E3F/serialNumber=59DDC3969B9863CFB5A15528AA4A391AF2337F43 Validity Not Before: Dec 5 04:55:10 2023 GMT Not After : Jan 31 00:00:00 2025 GMT Subject: CN=656ead2e-59ff Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f9:34:4c:d0:78:a2:0d:7f:74:5e:4f:ae:52:50: dc:0b:6d:c4:46:52:d6:28:f7:58:c1:b9:8c:50:3c: 2d:05:56:18:86:11:a6:d6:33:e7:e9:9e:9d:c4:50: 09:00:a4:25:1e:d0:c3:b9:bc:9c:85:37:40:98:d5: df:b6:b0:c6:1b:6b:6c:d7:55:8c:41:70:9d:6a:61: 7d:a9:12:84:4a:ad:a2:f4:44:86:3e:c5:ac:0e:f2: ec:9a:37:62:ef:4c:ba:0a:af:7b:ec:91:df:d8:fe: 9d:dc:c3:69:0b:27:55:a6:e6:9c:5e:d3:b6:f6:86: 70:2a:57:22:c9:e2:46:c6:fb:e5:c0:b5:e9:3e:91: a9:be:84:7c:4f:1b:94:cb:ff:fb:3f:cf:74:c2:b9: cb:a4:b1:74:36:c0:e8:da:ab:52:db:be:dd:e2:43: d7:8b:56:d3:ed:2c:bf:6d:0f:e2:9f:e7:4b:a2:f5: 53:6b:3a:f3:af:18:d1:ad:eb:db:03:31:7c:84:fe: d9:80:f8:4d:03:61:2c:44:a6:6f:a9:e5:84:16:86: 98:96:ca:96:ea:d1:44:a1:75:33:8a:05:92:e4:0a: 02:e4:7e:e8:84:05:58:ea:c3:d5:f0:c7:a3:ee:43: b1:ed:75:d4:78:4f:a1:09:a0:c1:93:44:ff:1a:48: c1:5f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 96:73:EE:6C:A1:51:65:9C:2F:E7:75:3B:94:30:A2:09:41:BB:6D:F0 X509v3 Authority Key Identifier: keyid:59:DD:C3:96:9B:98:63:CF:B5:A1:55:28:AA:4A:39:1A:F2:33:7F:43 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A3E3F/FBDFFEC0768611EDA6CB3F41C4F9AE02/Wd3DlpuYY8-1oVUoqko5GvIzf0M.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Wd3DlpuYY8-1oVUoqko5GvIzf0M.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A3E3F/FBDFFEC0768611EDA6CB3F41C4F9AE02/E6EB68347F4F11EDBD813D85C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 111.221.16.0-111.221.27.255 111.221.29.0-111.221.31.255 111.221.64.0/18 202.89.224.0/21 IPv6: 2001:df0:7::/48 2001:df0:d7::-2001:df0:d9:ffff:ffff:ffff:ffff:ffff 2404:f800::/32 2404:f801:8030::/48 2404:f802::/31 Signature Algorithm: sha256WithRSAEncryption 5f:17:bc:e0:d3:19:26:8f:f1:2e:79:f3:46:ff:15:29:e3:8c: 69:7b:47:6e:2e:f4:dd:bd:1a:de:d1:c0:59:f6:00:fe:a1:c7: 37:d4:98:ae:90:20:3d:28:ec:78:08:e9:a0:dd:21:70:9b:96: 6a:4d:0e:f0:44:0b:ab:b3:92:96:4e:48:e6:3e:42:d5:03:18: e1:99:4c:47:ac:6d:44:74:2d:0d:f1:00:a6:82:09:63:ae:83: c6:98:c6:4d:81:00:4f:04:da:2c:43:51:c4:19:0a:64:9f:9d: cf:6f:27:c6:d9:f6:48:16:11:e1:a5:68:99:13:c1:5a:5c:23: 4b:34:6f:db:a0:16:04:92:d3:4d:27:1c:f2:69:36:7d:7e:ef: a6:af:eb:34:c3:9f:26:72:61:cd:d2:69:f5:f6:ed:3a:55:06: 1f:9c:dd:60:62:ce:1a:29:d5:6e:ea:b0:d0:05:62:74:f2:1b: 7f:ce:c5:2c:76:5a:e0:00:11:50:e8:b5:d5:de:f1:13:5b:df: 97:68:0e:ce:69:e0:37:7b:fa:a1:98:8b:c5:db:58:5b:b9:89: 9b:5d:90:69:a0:04:11:76:ea:88:90:c4:de:c6:6b:86:c3:ca: 8c:5f:f4:8d:4c:29:71:a9:02:c9:02:d5:3e:22:1e:6f:28:e2: ff:39:41:c9 -----BEGIN CERTIFICATE----- MIIFzzCCBLegAwIBAgICANIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTNFM0YxMTAvBgNVBAUTKDU5RERDMzk2OUI5ODYzQ0ZCNUExNTUyOEFBNEEzOTFB RjIzMzdGNDMwHhcNMjMxMjA1MDQ1NTEwWhcNMjUwMTMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NTZlYWQyZS01OWZmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA+TRM0HiiDX90Xk+uUlDcC23ERlLWKPdYwbmMUDwtBVYYhhGm1jPn6Z6dxFAJ AKQlHtDDubychTdAmNXftrDGG2ts11WMQXCdamF9qRKESq2i9ESGPsWsDvLsmjdi 70y6Cq977JHf2P6d3MNpCydVpuacXtO29oZwKlciyeJGxvvlwLXpPpGpvoR8TxuU y//7P890wrnLpLF0NsDo2qtS277d4kPXi1bT7Sy/bQ/in+dLovVTazrzrxjRrevb AzF8hP7ZgPhNA2EsRKZvqeWEFoaYlsqW6tFEoXUzigWS5AoC5H7ohAVY6sPV8Mej 7kOx7XXUeE+hCaDBk0T/GkjBXwIDAQABo4IC8zCCAu8wHQYDVR0OBBYEFJZz7myh UWWcL+d1O5QwoglBu23wMB8GA1UdIwQYMBaAFFndw5abmGPPtaFVKKpKORryM39D MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBM0UzRi9GQkRGRkVDMDc2 ODYxMUVEQTZDQjNGNDFDNEY5QUUwMi9XZDNEbHB1WVk4LTFvVlVvcWtvNUd2SXpm ME0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1dkM0RscHVZWTgtMW9WVW9xa281R3ZJemYwTS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QTNFM0YvRkJERkZFQzA3Njg2MTFFREE2Q0IzRjQxQzRGOUFFMDIvRTZFQjY4MzQ3 RjRGMTFFREJEODEzRDg1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwfQYIKwYBBQUHAQcBAf8E bjBsMC4EAgABMCgwDAMEBG/dEAMEAm/dGDAMAwQAb90dAwQFb90AAwQGb91AAwQD ylngMDoEAgACMDQDBwAgAQ3wAAcwEgMHACABDfAA1wMHASABDfAA2AMFACQE+AAD BwAkBPgBgDADBQEkBPgCMA0GCSqGSIb3DQEBCwUAA4IBAQBfF7zg0xkmj/EuefNG /xUp44xpe0duLvTdvRre0cBZ9gD+occ31JiukCA9KOx4COmg3SFwm5ZqTQ7wRAur s5KWTkjmPkLVAxjhmUxHrG1EdC0N8QCmggljroPGmMZNgQBPBNosQ1HEGQpkn53P byfG2fZIFhHhpWiZE8FaXCNLNG/boBYEktNNJxzyaTZ9fu+mr+s0w58mcmHN0mn1 9u06VQYfnN1gYs4aKdVu6rDQBWJ08ht/zsUsdlrgABFQ6LXV3vETW9+XaA7OaeA3 e/qhmIvF21hbuYmbXZBpoAQRduqIkMTexmuGw8qMX/SNTClxqQLJAtU+Ih5vKOL/ OUHJ -----END CERTIFICATE-----Generated at Thu Nov 21 03:12:02 2024 by rpki-client on console-fra.rpki-client.org