$ rpki-client -vvf rpki.apnic.net/member_repository/A91AAEB2/3952100E6E8311EFAB726180C4F9AE02/F73A83F4721511EFA7D82D3EC4F9AE02.roa File: F73A83F4721511EFA7D82D3EC4F9AE02.roa (raw, json) Hash identifier: GBSI0PgbpJqp4iAvP3Hqd87SirvCj9ZEjHyB3nOg7BY= Subject key identifier: E9:E1:2C:EF:D7:31:34:DB:A9:34:99:2F:11:C8:61:75:A3:11:B5:25 Certificate issuer: /CN=A91AAEB2/serialNumber=9B98FB7D468983A2C14772733248EFFA3462E126 Certificate serial: 3B Authority key identifier: 9B:98:FB:7D:46:89:83:A2:C1:47:72:73:32:48:EF:FA:34:62:E1:26 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/m5j7fUaJg6LBR3JzMkjv-jRi4SY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91AAEB2/3952100E6E8311EFAB726180C4F9AE02/F73A83F4721511EFA7D82D3EC4F9AE02.roa Signing time: Fri 13 Sep 2024 21:20:14 +0000 ROA not before: Fri 13 Sep 2024 21:20:14 +0000 ROA not after: Sun 02 Mar 2025 00:00:00 +0000 asID: 9464 IP address blocks: 202.29.144.0/21 maxlen: 21 2001:3c8:9007::/48 maxlen: 48 2001:3c8:9009::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91AAEB2/3952100E6E8311EFAB726180C4F9AE02/m5j7fUaJg6LBR3JzMkjv-jRi4SY.crl rsync://rpki.apnic.net/member_repository/A91AAEB2/3952100E6E8311EFAB726180C4F9AE02/m5j7fUaJg6LBR3JzMkjv-jRi4SY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/m5j7fUaJg6LBR3JzMkjv-jRi4SY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 28 Nov 2024 05:18:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 59 (0x3b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91AAEB2/serialNumber=9B98FB7D468983A2C14772733248EFFA3462E126 Validity Not Before: Sep 13 21:20:14 2024 GMT Not After : Mar 2 00:00:00 2025 GMT Subject: CN=66e4ac8e-cc3b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:d5:15:80:2d:b2:c7:da:1e:09:cc:49:6c:b1: 52:c5:f9:92:98:bb:a9:b0:31:b5:71:36:d6:e3:d1: 61:51:05:5c:1b:4b:31:94:29:7e:2a:69:f5:f8:a0: 82:aa:2e:16:f8:81:75:89:b4:48:64:12:41:c5:e1: 8f:d5:60:49:77:94:41:50:62:e1:0f:66:07:85:63: 5f:4e:7f:62:4b:9a:f6:a7:f3:c2:6b:39:fa:1f:4c: 66:f7:b3:af:8b:83:03:df:e7:85:bc:7b:23:ac:80: 2f:1c:cc:44:d2:6a:3c:ac:9e:b7:9b:34:2b:c5:71: 50:31:db:09:7e:23:7f:81:13:0f:e7:fe:89:02:02: b6:ae:e1:b5:57:5f:e5:3a:72:d1:a5:11:d2:bf:66: 81:26:4a:d5:e1:94:2a:74:8a:54:96:7d:39:da:b4: 9e:0a:00:6f:0a:ff:66:1b:ad:f2:cc:02:9c:ad:cb: 25:a3:c0:3e:6f:eb:4b:ad:4a:d2:f6:13:2f:61:24: c3:c1:e6:09:9a:6e:f7:cc:a8:79:c4:1d:8c:dc:f2: 1b:81:59:d4:63:fc:c3:7c:8c:bb:cf:da:b9:2c:40: a7:9a:0e:e8:00:01:50:fc:51:45:14:37:4b:7a:61: bf:eb:14:16:3d:19:d7:ad:a8:dd:29:b6:40:98:f1: bb:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E9:E1:2C:EF:D7:31:34:DB:A9:34:99:2F:11:C8:61:75:A3:11:B5:25 X509v3 Authority Key Identifier: keyid:9B:98:FB:7D:46:89:83:A2:C1:47:72:73:32:48:EF:FA:34:62:E1:26 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91AAEB2/3952100E6E8311EFAB726180C4F9AE02/m5j7fUaJg6LBR3JzMkjv-jRi4SY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/m5j7fUaJg6LBR3JzMkjv-jRi4SY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AAEB2/3952100E6E8311EFAB726180C4F9AE02/F73A83F4721511EFA7D82D3EC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 202.29.144.0/21 IPv6: 2001:3c8:9007::/48 2001:3c8:9009::/48 Signature Algorithm: sha256WithRSAEncryption a6:d9:15:5b:09:69:cd:77:d9:4f:ef:61:d7:35:97:e1:ca:93: 5c:9b:b2:9c:3d:b1:35:05:77:01:bc:2c:58:7b:ae:4a:46:e7: a4:f6:64:bb:d7:8e:42:56:fd:85:ce:29:e2:2b:41:60:cf:11: b8:50:10:85:0e:84:d0:9b:28:45:b3:12:0a:1b:ad:5b:c5:44: 3e:69:71:3f:a8:7d:1a:69:16:02:87:31:b8:2a:b8:8f:26:90: 56:44:8f:27:79:6a:8b:96:7c:11:b9:9c:09:71:61:55:d7:2e: cd:eb:8c:d3:49:07:89:6c:a8:81:97:35:2e:fe:d3:0a:bc:3b: 86:86:17:bd:ab:0b:22:22:d4:69:c0:e0:6b:10:e4:02:7f:06: 7c:f1:85:a8:c6:99:6e:09:47:8f:fa:56:37:23:06:09:a6:d9: f1:11:e8:fc:32:52:4c:5d:b2:c5:cd:2b:16:02:3e:f9:d7:2f: 73:7a:76:1a:cd:9c:98:0e:24:2c:83:67:78:9d:f8:20:97:52: 30:be:a5:cc:72:ac:ef:5a:5b:84:eb:30:a6:e4:1a:58:27:2b: 8c:1c:52:5e:37:e7:a9:3a:42:98:a9:9c:e9:98:68:f1:28:a0: fe:84:78:26:6b:ca:2e:9d:b1:84:f0:a3:3c:60:c1:80:ff:22: 9e:ab:79:c6 -----BEGIN CERTIFICATE----- MIIFijCCBHKgAwIBAgIBOzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFB QUVCMjExMC8GA1UEBRMoOUI5OEZCN0Q0Njg5ODNBMkMxNDc3MjczMzI0OEVGRkEz NDYyRTEyNjAeFw0yNDA5MTMyMTIwMTRaFw0yNTAzMDIwMDAwMDBaMBgxFjAUBgNV BAMTDTY2ZTRhYzhlLWNjM2IwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCv1RWALbLH2h4JzElssVLF+ZKYu6mwMbVxNtbj0WFRBVwbSzGUKX4qafX4oIKq Lhb4gXWJtEhkEkHF4Y/VYEl3lEFQYuEPZgeFY19Of2JLmvan88JrOfofTGb3s6+L gwPf54W8eyOsgC8czETSajysnrebNCvFcVAx2wl+I3+BEw/n/okCArau4bVXX+U6 ctGlEdK/ZoEmStXhlCp0ilSWfTnatJ4KAG8K/2YbrfLMApytyyWjwD5v60utStL2 Ey9hJMPB5gmabvfMqHnEHYzc8huBWdRj/MN8jLvP2rksQKeaDugAAVD8UUUUN0t6 Yb/rFBY9GdetqN0ptkCY8btXAgMBAAGjggKvMIICqzAdBgNVHQ4EFgQU6eEs79cx NNupNJkvEchhdaMRtSUwHwYDVR0jBBgwFoAUm5j7fUaJg6LBR3JzMkjv+jRi4SYw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUFBRUIyLzM5NTIxMDBFNkU4 MzExRUZBQjcyNjE4MEM0RjlBRTAyL201ajdmVWFKZzZMQlIzSnpNa2p2LWpSaTRT WS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvbTVqN2ZVYUpnNkxCUjNKek1ranYtalJpNFNZLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB QUVCMi8zOTUyMTAwRTZFODMxMUVGQUI3MjYxODBDNEY5QUUwMi9GNzNBODNGNDcy MTUxMUVGQTdEODJEM0VDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDA5BggrBgEFBQcBBwEB/wQq MCgwDAQCAAEwBgMEA8odkDAYBAIAAjASAwcAIAEDyJAHAwcAIAEDyJAJMA0GCSqG SIb3DQEBCwUAA4IBAQCm2RVbCWnNd9lP72HXNZfhypNcm7KcPbE1BXcBvCxYe65K Ruek9mS7145CVv2FziniK0FgzxG4UBCFDoTQmyhFsxIKG61bxUQ+aXE/qH0aaRYC hzG4KriPJpBWRI8neWqLlnwRuZwJcWFV1y7N64zTSQeJbKiBlzUu/tMKvDuGhhe9 qwsiItRpwOBrEOQCfwZ88YWoxpluCUeP+lY3IwYJptnxEej8MlJMXbLFzSsWAj75 1y9zenYazZyYDiQsg2d4nfggl1IwvqXMcqzvWluE6zCm5BpYJyuMHFJeN+epOkKY qZzpmGjxKKD+hHgma8ounbGE8KM8YMGA/yKeq3nG -----END CERTIFICATE-----Generated at Thu Nov 21 07:40:37 2024 by rpki-client on console-ams.rpki-client.org