$ rpki-client -vvf rpki.apnic.net/member_repository/A91A54FE/D6117DF6F6E911EEADBFFB52C4F9AE02/CD24A702015411EF83144341C4F9AE02.roa File: CD24A702015411EF83144341C4F9AE02.roa (raw, json) Hash identifier: IQlxGBDm0ccdjlpT18ECed9Odt+DoMhDg+up6Oc4ECg= Subject key identifier: 98:BA:EF:04:61:20:23:07:D6:2E:23:F2:67:E1:79:19:E3:6B:CB:76 Certificate issuer: /CN=A91A54FE/serialNumber=6FC70906FBA6F4539452091932C45FFA4D8572B8 Certificate serial: 0E Authority key identifier: 6F:C7:09:06:FB:A6:F4:53:94:52:09:19:32:C4:5F:FA:4D:85:72:B8 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/b8cJBvum9FOUUgkZMsRf-k2Fcrg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A54FE/D6117DF6F6E911EEADBFFB52C4F9AE02/CD24A702015411EF83144341C4F9AE02.roa Signing time: Tue 23 Apr 2024 09:35:20 +0000 ROA not before: Tue 23 Apr 2024 09:35:20 +0000 ROA not after: Tue 01 Jul 2025 00:00:00 +0000 asID: 9734 IP address blocks: 203.20.114.0/24 maxlen: 24 2001:df3:b540::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A54FE/D6117DF6F6E911EEADBFFB52C4F9AE02/b8cJBvum9FOUUgkZMsRf-k2Fcrg.crl rsync://rpki.apnic.net/member_repository/A91A54FE/D6117DF6F6E911EEADBFFB52C4F9AE02/b8cJBvum9FOUUgkZMsRf-k2Fcrg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/b8cJBvum9FOUUgkZMsRf-k2Fcrg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 30 Jun 2024 02:51:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 14 (0xe) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A54FE/serialNumber=6FC70906FBA6F4539452091932C45FFA4D8572B8 Validity Not Before: Apr 23 09:35:20 2024 GMT Not After : Jul 1 00:00:00 2025 GMT Subject: CN=662780d8-f460 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:38:c5:7a:65:e8:3d:8e:95:24:f0:66:42:26: 54:3e:21:76:d1:bf:37:39:33:f1:95:e8:fa:cd:cc: 3b:ee:52:50:04:98:dd:00:d0:0a:08:bc:5e:2a:24: bf:2a:13:22:7e:79:28:b7:bf:a7:11:4f:2c:9b:7c: 53:63:eb:b5:5d:d7:d9:06:f0:59:8e:e7:99:21:65: 0f:1c:14:b0:08:45:51:2d:85:95:bb:46:59:26:08: 28:ed:84:09:59:db:6b:8a:90:3f:71:10:c5:da:df: f6:34:c4:b5:eb:47:8b:d0:0a:50:4e:01:33:ef:29: 49:71:64:26:5b:3f:cb:0a:4c:ab:3a:7e:8b:80:be: e1:96:7e:bb:de:56:4c:62:1e:ae:1d:7e:b0:3e:94: 07:1a:b1:dc:4a:5d:54:6c:fb:61:71:a1:77:cd:1a: a1:09:b3:a8:08:d7:3e:72:98:f8:6b:80:84:db:2a: fd:45:f5:c2:e8:a3:8f:53:7b:b7:70:75:50:6a:87: 80:3e:a5:96:7f:c2:02:4c:df:7a:84:b8:1c:5f:db: 80:62:95:a0:4d:e9:eb:5f:01:62:c4:58:e7:0e:06: 16:26:26:ed:29:2c:1e:b0:0c:2d:b0:2d:15:45:93: 64:95:e7:c9:c9:d8:cd:54:c0:66:70:4c:25:69:35: 41:3f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 98:BA:EF:04:61:20:23:07:D6:2E:23:F2:67:E1:79:19:E3:6B:CB:76 X509v3 Authority Key Identifier: keyid:6F:C7:09:06:FB:A6:F4:53:94:52:09:19:32:C4:5F:FA:4D:85:72:B8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A54FE/D6117DF6F6E911EEADBFFB52C4F9AE02/b8cJBvum9FOUUgkZMsRf-k2Fcrg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/b8cJBvum9FOUUgkZMsRf-k2Fcrg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A54FE/D6117DF6F6E911EEADBFFB52C4F9AE02/CD24A702015411EF83144341C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 203.20.114.0/24 IPv6: 2001:df3:b540::/48 Signature Algorithm: sha256WithRSAEncryption 71:cc:96:e7:2f:db:49:83:10:a6:18:db:6b:f5:62:6c:c5:d1: fc:f8:73:9a:19:64:3a:51:52:96:39:05:26:30:34:b1:32:b3: 51:0d:f5:91:6b:0e:1e:ec:1d:d6:e0:28:8b:58:de:cd:80:43: eb:be:f5:85:4d:67:4f:6e:ad:02:5b:59:f7:c4:9b:5e:08:b8: df:9a:3b:8b:e0:5a:d7:e5:01:44:93:f0:e0:26:77:77:0f:09: 6b:1d:c7:67:87:41:8c:dd:85:40:9a:7e:ce:76:3f:36:a3:f6: 0e:5b:ba:73:b2:73:fb:a1:51:04:99:73:d8:3b:d3:d7:70:33: bb:4d:88:8c:a6:f5:3f:01:c7:d0:68:e5:99:58:fc:f6:e6:c5: ff:4a:d2:c0:96:11:ab:1e:8c:6d:9e:a4:dd:0e:15:d7:d2:69: 3d:e0:ae:4e:a9:7c:04:e1:09:20:4b:71:d0:20:ee:a1:66:1c: 49:99:0a:38:f1:6f:65:fc:ec:b2:7f:73:ce:f2:1f:b8:ec:7b: ff:cc:99:1b:b1:8e:fe:6b:45:43:d0:cf:06:66:5d:d4:c3:89: f9:75:6d:83:78:8e:7b:a8:f4:c0:1c:6d:01:53:c1:21:3c:a9: 23:ff:0e:7c:27:94:8e:63:1e:3c:46:ae:86:e7:4e:a2:8e:ad: d0:fa:8b:78 -----BEGIN CERTIFICATE----- MIIFgTCCBGmgAwIBAgIBDjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFB NTRGRTExMC8GA1UEBRMoNkZDNzA5MDZGQkE2RjQ1Mzk0NTIwOTE5MzJDNDVGRkE0 RDg1NzJCODAeFw0yNDA0MjMwOTM1MjBaFw0yNTA3MDEwMDAwMDBaMBgxFjAUBgNV BAMTDTY2Mjc4MGQ4LWY0NjAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQC5OMV6Zeg9jpUk8GZCJlQ+IXbRvzc5M/GV6PrNzDvuUlAEmN0A0AoIvF4qJL8q EyJ+eSi3v6cRTyybfFNj67Vd19kG8FmO55khZQ8cFLAIRVEthZW7RlkmCCjthAlZ 22uKkD9xEMXa3/Y0xLXrR4vQClBOATPvKUlxZCZbP8sKTKs6fouAvuGWfrveVkxi Hq4dfrA+lAcasdxKXVRs+2FxoXfNGqEJs6gI1z5ymPhrgITbKv1F9cLoo49Te7dw dVBqh4A+pZZ/wgJM33qEuBxf24BilaBN6etfAWLEWOcOBhYmJu0pLB6wDC2wLRVF k2SV58nJ2M1UwGZwTCVpNUE/AgMBAAGjggKmMIICojAdBgNVHQ4EFgQUmLrvBGEg IwfWLiPyZ+F5GeNry3YwHwYDVR0jBBgwFoAUb8cJBvum9FOUUgkZMsRf+k2Fcrgw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUE1NEZFL0Q2MTE3REY2RjZF OTExRUVBREJGRkI1MkM0RjlBRTAyL2I4Y0pCdnVtOUZPVVVna1pNc1JmLWsyRmNy Zy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvYjhjSkJ2dW05Rk9VVWdrWk1zUmYtazJGY3JnLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB NTRGRS9ENjExN0RGNkY2RTkxMUVFQURCRkZCNTJDNEY5QUUwMi9DRDI0QTcwMjAx NTQxMUVGODMxNDQzNDFDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAwBggrBgEFBQcBBwEB/wQh MB8wDAQCAAEwBgMEAMsUcjAPBAIAAjAJAwcAIAEN87VAMA0GCSqGSIb3DQEBCwUA A4IBAQBxzJbnL9tJgxCmGNtr9WJsxdH8+HOaGWQ6UVKWOQUmMDSxMrNRDfWRaw4e 7B3W4CiLWN7NgEPrvvWFTWdPbq0CW1n3xJteCLjfmjuL4FrX5QFEk/DgJnd3Dwlr Hcdnh0GM3YVAmn7Odj82o/YOW7pzsnP7oVEEmXPYO9PXcDO7TYiMpvU/AcfQaOWZ WPz25sX/StLAlhGrHoxtnqTdDhXX0mk94K5OqXwE4QkgS3HQIO6hZhxJmQo48W9l /Oyyf3PO8h+47Hv/zJkbsY7+a0VD0M8GZl3Uw4n5dW2DeI57qPTAHG0BU8EhPKkj /w58J5SOYx48Rq6G506ijq3Q+ot4 -----END CERTIFICATE-----Generated at Sun Jun 23 08:53:58 2024 by rpki-client on console-ams.rpki-client.org