$ rpki-client -vvf rpki.apnic.net/member_repository/A91A60A9/6BA8061A1D8411E2B3A54FDA08B02CD2/C28E34620A2011EC8B517885C4F9AE02.roa File: C28E34620A2011EC8B517885C4F9AE02.roa (raw, json) Hash identifier: tH+POgRMZAhmbeasbPpcjrc1nV84O4M1OMPTlFS42fo= Subject key identifier: E5:23:35:60:35:2D:05:9C:EB:14:6E:E2:42:B8:B4:BE:E3:22:C2:9A Certificate issuer: /CN=A91A60A9/serialNumber=7787F1E53E9B78132DE9A78711088316DD6055B3 Certificate serial: 3390 Authority key identifier: 77:87:F1:E5:3E:9B:78:13:2D:E9:A7:87:11:08:83:16:DD:60:55:B3 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/d4fx5T6beBMt6aeHEQiDFt1gVbM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A60A9/6BA8061A1D8411E2B3A54FDA08B02CD2/C28E34620A2011EC8B517885C4F9AE02.roa Signing time: Tue 28 Nov 2023 14:40:20 +0000 ROA not before: Tue 28 Nov 2023 14:40:20 +0000 ROA not after: Fri 31 Jan 2025 00:00:00 +0000 asID: 7656 IP address blocks: 210.208.0.0/18 maxlen: 24 210.208.64.0/20 maxlen: 24 210.208.64.0/21 maxlen: 24 210.208.128.0/18 maxlen: 24 210.209.0.0/18 maxlen: 24 2407:680:8000::/33 maxlen: 64 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A60A9/6BA8061A1D8411E2B3A54FDA08B02CD2/d4fx5T6beBMt6aeHEQiDFt1gVbM.crl rsync://rpki.apnic.net/member_repository/A91A60A9/6BA8061A1D8411E2B3A54FDA08B02CD2/d4fx5T6beBMt6aeHEQiDFt1gVbM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/d4fx5T6beBMt6aeHEQiDFt1gVbM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Nov 2024 14:23:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13200 (0x3390) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A60A9/serialNumber=7787F1E53E9B78132DE9A78711088316DD6055B3 Validity Not Before: Nov 28 14:40:20 2023 GMT Not After : Jan 31 00:00:00 2025 GMT Subject: CN=6565fbd4-250c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:e8:7b:54:fd:22:80:21:23:32:0c:4c:f4:93: bc:80:9c:89:b4:55:d3:db:55:8b:61:d4:dd:2e:df: e9:06:bb:47:76:67:b5:8b:dc:e3:20:21:85:f4:1b: 66:78:9f:ed:67:2f:46:95:24:6c:38:66:91:99:97: 9b:50:41:4d:c9:22:02:eb:d8:3e:73:3f:2f:9f:18: e6:03:d7:c8:81:ae:82:84:1e:e3:f6:03:27:b8:99: 9a:67:a9:2b:af:41:18:70:70:58:0d:ba:5c:ce:aa: 11:05:01:28:e6:0a:01:26:50:1e:09:21:0b:79:f0: fe:8b:47:ee:6b:9e:dd:a4:8d:9e:fd:0a:2a:4a:e1: cb:de:32:76:f7:11:0b:0b:90:c6:14:ef:ed:b7:79: d0:a4:29:d6:b1:59:a2:0b:54:c1:3f:62:5b:31:04: 71:00:ea:ca:1c:8f:1a:71:bf:83:54:18:b3:68:e4: 20:02:54:f6:3e:a1:8e:d1:d9:aa:3b:2b:aa:48:b1: cd:8a:96:ad:2f:92:08:58:7f:19:ce:24:dc:6b:e3: df:31:84:64:c8:dc:0a:d3:32:0b:d5:e1:55:82:a3: 80:08:44:b1:7d:d9:f2:aa:01:e2:be:99:ae:b3:20: 3c:b9:36:ef:f2:b0:6f:d5:7f:6a:c9:8c:d9:08:45: 81:d1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E5:23:35:60:35:2D:05:9C:EB:14:6E:E2:42:B8:B4:BE:E3:22:C2:9A X509v3 Authority Key Identifier: keyid:77:87:F1:E5:3E:9B:78:13:2D:E9:A7:87:11:08:83:16:DD:60:55:B3 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A60A9/6BA8061A1D8411E2B3A54FDA08B02CD2/d4fx5T6beBMt6aeHEQiDFt1gVbM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/d4fx5T6beBMt6aeHEQiDFt1gVbM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A60A9/6BA8061A1D8411E2B3A54FDA08B02CD2/C28E34620A2011EC8B517885C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 210.208.0.0-210.208.79.255 210.208.128.0/18 210.209.0.0/18 IPv6: 2407:680:8000::/33 Signature Algorithm: sha256WithRSAEncryption 5b:29:0d:38:9a:3f:f1:75:0c:46:a0:1e:ee:8b:76:91:e8:f5: da:ec:0c:82:65:0c:05:e2:6a:16:2e:b4:cf:a9:6f:c2:9f:d7: 5c:25:80:ba:72:62:7d:5a:45:b2:09:51:d8:bd:26:1d:fd:15: f3:b8:ff:69:b4:c2:b4:43:53:ac:ca:ae:5a:fa:73:fc:ee:a8: 4e:4d:4d:a3:2c:b0:61:50:e1:b4:95:d7:f0:88:57:1b:91:7b: 1c:6a:47:2f:2e:4c:8f:f0:21:bc:55:42:b2:86:de:d4:b0:88: 24:bc:29:59:2f:8f:eb:77:da:1d:6d:13:8a:59:b2:9c:c5:f1: 7b:a1:a9:9f:bb:34:08:e9:2e:84:24:7e:2c:bc:1e:f4:c2:21: 6b:3d:0d:76:d4:b5:41:14:d6:3b:4f:9b:c6:37:69:e8:75:1c: b8:cf:09:cc:16:fb:b4:7b:e4:9a:4a:70:96:9a:e6:bd:61:90: 5f:48:7c:29:18:c9:04:a1:ab:f4:ff:e8:74:6d:a3:42:e5:0c: af:a3:db:e1:a6:af:2b:52:99:1a:b0:04:ed:25:12:dc:cb:aa: dd:9c:ae:6d:8d:d4:6f:b0:83:3b:9b:16:70:25:4f:5d:fa:6a: 0a:55:b9:55:35:b2:eb:0c:e2:7a:b5:9e:3e:79:1f:e2:33:81: 11:2b:40:c3 -----BEGIN CERTIFICATE----- MIIFlDCCBHygAwIBAgICM5AwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTYwQTkxMTAvBgNVBAUTKDc3ODdGMUU1M0U5Qjc4MTMyREU5QTc4NzExMDg4MzE2 REQ2MDU1QjMwHhcNMjMxMTI4MTQ0MDIwWhcNMjUwMTMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NTY1ZmJkNC0yNTBjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAsuh7VP0igCEjMgxM9JO8gJyJtFXT21WLYdTdLt/pBrtHdme1i9zjICGF9Btm eJ/tZy9GlSRsOGaRmZebUEFNySIC69g+cz8vnxjmA9fIga6ChB7j9gMnuJmaZ6kr r0EYcHBYDbpczqoRBQEo5goBJlAeCSELefD+i0fua57dpI2e/QoqSuHL3jJ29xEL C5DGFO/tt3nQpCnWsVmiC1TBP2JbMQRxAOrKHI8acb+DVBizaOQgAlT2PqGO0dmq OyuqSLHNipatL5IIWH8ZziTca+PfMYRkyNwK0zIL1eFVgqOACESxfdnyqgHivpmu syA8uTbv8rBv1X9qyYzZCEWB0QIDAQABo4ICuDCCArQwHQYDVR0OBBYEFOUjNWA1 LQWc6xRu4kK4tL7jIsKaMB8GA1UdIwQYMBaAFHeH8eU+m3gTLemnhxEIgxbdYFWz MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNjBBOS82QkE4MDYxQTFE ODQxMUUyQjNBNTRGREEwOEIwMkNEMi9kNGZ4NVQ2YmVCTXQ2YWVIRVFpREZ0MWdW Yk0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2Q0Zng1VDZiZUJNdDZhZUhFUWlERnQxZ1ZiTS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QTYwQTkvNkJBODA2MUExRDg0MTFFMkIzQTU0RkRBMDhCMDJDRDIvQzI4RTM0NjIw QTIwMTFFQzhCNTE3ODg1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQgYIKwYBBQUHAQcBAf8E MzAxMB8EAgABMBkwCwMDBNLQAwQE0tBAAwQG0tCAAwQG0tEAMA4EAgACMAgDBgck BwaAgDANBgkqhkiG9w0BAQsFAAOCAQEAWykNOJo/8XUMRqAe7ot2kej12uwMgmUM BeJqFi60z6lvwp/XXCWAunJifVpFsglR2L0mHf0V87j/abTCtENTrMquWvpz/O6o Tk1NoyywYVDhtJXX8IhXG5F7HGpHLy5Mj/AhvFVCsobe1LCIJLwpWS+P63faHW0T ilmynMXxe6Gpn7s0COkuhCR+LLwe9MIhaz0NdtS1QRTWO0+bxjdp6HUcuM8JzBb7 tHvkmkpwlprmvWGQX0h8KRjJBKGr9P/odG2jQuUMr6Pb4aavK1KZGrAE7SUS3Muq 3ZyubY3Ub7CDO5sWcCVPXfpqClW5VTWy6wzierWePnkf4jOBEStAww== -----END CERTIFICATE-----Generated at Fri Nov 22 15:25:43 2024 by rpki-client on console-fra.rpki-client.org