$ rpki-client -vvf rpki.apnic.net/member_repository/A91AEE28/F1B1FBB090C111E8A493397FC4F9AE02/7BD0C11E8C3311EAB2E95132C4F9AE02.roa File: 7BD0C11E8C3311EAB2E95132C4F9AE02.roa (raw, json) Hash identifier: g/afL00ILJ3mHttnmB7PPDH/HYvyeBN7IhanA0d/L30= Subject key identifier: 40:C0:F6:1A:CD:E9:04:94:23:EC:4E:D6:AE:55:29:A6:CC:4C:6C:99 Certificate issuer: /CN=A91AEE28/serialNumber=A6CB9EFB4FE8C1C4E0C2F1B00E84C7F1A2F49C6F Certificate serial: 12C0 Authority key identifier: A6:CB:9E:FB:4F:E8:C1:C4:E0:C2:F1:B0:0E:84:C7:F1:A2:F4:9C:6F Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/psue-0_owcTgwvGwDoTH8aL0nG8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91AEE28/F1B1FBB090C111E8A493397FC4F9AE02/7BD0C11E8C3311EAB2E95132C4F9AE02.roa Signing time: Tue 06 Feb 2024 17:35:26 +0000 ROA not before: Tue 06 Feb 2024 17:35:26 +0000 ROA not after: Thu 01 May 2025 00:00:00 +0000 asID: 9246 IP address blocks: 43.240.88.0/22 maxlen: 22 103.7.100.0/22 maxlen: 22 114.142.192.0/18 maxlen: 18 114.142.212.0/24 maxlen: 24 117.20.120.0/21 maxlen: 21 202.151.64.0/19 maxlen: 19 202.151.76.0/24 maxlen: 24 202.151.85.0/24 maxlen: 24 2405:7400::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91AEE28/F1B1FBB090C111E8A493397FC4F9AE02/psue-0_owcTgwvGwDoTH8aL0nG8.crl rsync://rpki.apnic.net/member_repository/A91AEE28/F1B1FBB090C111E8A493397FC4F9AE02/psue-0_owcTgwvGwDoTH8aL0nG8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/psue-0_owcTgwvGwDoTH8aL0nG8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Nov 2024 16:30:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4800 (0x12c0) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91AEE28/serialNumber=A6CB9EFB4FE8C1C4E0C2F1B00E84C7F1A2F49C6F Validity Not Before: Feb 6 17:35:26 2024 GMT Not After : May 1 00:00:00 2025 GMT Subject: CN=65c26dde-fd71 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:9e:39:f4:b9:0b:5c:17:af:cf:94:c0:d5:4c: 5a:ad:46:ce:c3:2a:10:80:45:4c:3c:72:43:15:79: f5:38:cc:ec:7b:03:3b:5d:77:c3:f7:9f:32:b5:3c: 88:d5:f9:30:ca:ed:10:9c:b6:f6:e6:29:fa:e1:6d: c8:30:4e:f0:47:59:0a:5b:99:40:78:64:f0:4d:b3: 39:c9:d7:2c:99:6d:5f:9c:5b:25:22:c7:40:51:8e: 7b:52:04:eb:09:52:6a:6e:1a:83:59:ae:92:8a:db: 54:f6:5c:54:1f:43:54:5f:48:25:f5:b5:d3:b7:d4: 14:76:b0:c1:f2:04:de:eb:63:47:e5:57:3c:90:9f: af:5f:22:62:00:04:39:11:27:18:45:ba:d2:2b:6e: c5:92:91:b4:07:0d:eb:2e:6d:2d:bb:72:7e:32:ba: 6f:bc:78:65:5a:8e:a7:94:c5:ca:7f:aa:5d:54:49: ec:ea:a4:00:f6:cf:54:58:8d:91:da:4f:83:f3:a8: 18:9e:8d:2f:dc:fe:d7:4c:b3:65:5e:01:81:93:b9: 45:25:a1:2d:9a:05:80:f6:73:4a:37:58:ad:e2:c9: cf:bd:44:e5:9b:d0:71:46:aa:7a:54:51:75:cc:31: df:eb:e2:07:67:a7:aa:5d:96:9a:25:9a:a0:cb:fa: 24:85 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 40:C0:F6:1A:CD:E9:04:94:23:EC:4E:D6:AE:55:29:A6:CC:4C:6C:99 X509v3 Authority Key Identifier: keyid:A6:CB:9E:FB:4F:E8:C1:C4:E0:C2:F1:B0:0E:84:C7:F1:A2:F4:9C:6F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91AEE28/F1B1FBB090C111E8A493397FC4F9AE02/psue-0_owcTgwvGwDoTH8aL0nG8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/psue-0_owcTgwvGwDoTH8aL0nG8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AEE28/F1B1FBB090C111E8A493397FC4F9AE02/7BD0C11E8C3311EAB2E95132C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.240.88.0/22 103.7.100.0/22 114.142.192.0/18 117.20.120.0/21 202.151.64.0/19 IPv6: 2405:7400::/32 Signature Algorithm: sha256WithRSAEncryption 4d:04:07:8d:5f:a4:92:76:e2:c1:68:44:0a:cc:79:56:60:56: 2f:04:bc:df:b7:53:b4:3e:0b:3f:92:67:b3:86:cf:bf:5e:31: 52:02:ab:1d:f6:47:bf:67:6b:98:ae:2d:6c:a9:d4:de:6a:f3: 5c:3b:f0:bd:17:c6:e4:76:87:62:fd:44:69:54:5e:29:ca:aa: 49:e1:85:d1:44:68:b5:2e:3e:78:8b:57:9a:3c:41:f9:12:cd: 37:d5:a8:25:c4:b1:d0:c0:97:d1:0e:42:3e:ac:7c:07:76:65: 8e:19:ef:1b:d0:e4:9f:38:bd:61:83:61:77:77:ad:47:f2:99: a0:5a:b3:9d:32:a5:b9:0b:cb:40:fe:52:7e:b6:c4:f8:df:dc: 2e:e3:c5:eb:8d:99:77:75:45:37:65:c2:7a:62:f7:07:c0:23: 9f:c4:4b:b6:c9:59:4e:6a:6a:56:c1:40:0d:5a:53:51:25:ba: 98:91:18:c8:2b:bf:ed:5f:e9:86:66:2e:a5:e1:21:84:79:6b: 22:89:ac:94:5c:33:79:3f:7f:bc:8d:89:18:f5:63:be:97:10: ca:37:a7:74:00:54:5a:58:20:26:7d:74:f5:36:af:83:53:cb: de:03:75:b8:5e:fa:2c:a4:8b:c2:e6:49:56:9d:ee:45:a4:ea: 93:53:c8:58 -----BEGIN CERTIFICATE----- MIIFmDCCBICgAwIBAgICEsAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QUVFMjgxMTAvBgNVBAUTKEE2Q0I5RUZCNEZFOEMxQzRFMEMyRjFCMDBFODRDN0Yx QTJGNDlDNkYwHhcNMjQwMjA2MTczNTI2WhcNMjUwNTAxMDAwMDAwWjAYMRYwFAYD VQQDEw02NWMyNmRkZS1mZDcxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtZ459LkLXBevz5TA1UxarUbOwyoQgEVMPHJDFXn1OMzsewM7XXfD958ytTyI 1fkwyu0QnLb25in64W3IME7wR1kKW5lAeGTwTbM5ydcsmW1fnFslIsdAUY57UgTr CVJqbhqDWa6SittU9lxUH0NUX0gl9bXTt9QUdrDB8gTe62NH5Vc8kJ+vXyJiAAQ5 EScYRbrSK27FkpG0Bw3rLm0tu3J+MrpvvHhlWo6nlMXKf6pdVEns6qQA9s9UWI2R 2k+D86gYno0v3P7XTLNlXgGBk7lFJaEtmgWA9nNKN1it4snPvUTlm9BxRqp6VFF1 zDHf6+IHZ6eqXZaaJZqgy/okhQIDAQABo4ICvDCCArgwHQYDVR0OBBYEFEDA9hrN 6QSUI+xO1q5VKabMTGyZMB8GA1UdIwQYMBaAFKbLnvtP6MHE4MLxsA6Ex/Gi9Jxv MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBRUUyOC9GMUIxRkJCMDkw QzExMUU4QTQ5MzM5N0ZDNEY5QUUwMi9wc3VlLTBfb3djVGd3dkd3RG9USDhhTDBu RzguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3BzdWUtMF9vd2NUZ3d2R3dEb1RIOGFMMG5HOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QUVFMjgvRjFCMUZCQjA5MEMxMTFFOEE0OTMzOTdGQzRGOUFFMDIvN0JEMEMxMUU4 QzMzMTFFQUIyRTk1MTMyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwRgYIKwYBBQUHAQcBAf8E NzA1MCQEAgABMB4DBAIr8FgDBAJnB2QDBAZyjsADBAN1FHgDBAXKl0AwDQQCAAIw BwMFACQFdAAwDQYJKoZIhvcNAQELBQADggEBAE0EB41fpJJ24sFoRArMeVZgVi8E vN+3U7Q+Cz+SZ7OGz79eMVICqx32R79na5iuLWyp1N5q81w78L0XxuR2h2L9RGlU XinKqknhhdFEaLUuPniLV5o8QfkSzTfVqCXEsdDAl9EOQj6sfAd2ZY4Z7xvQ5J84 vWGDYXd3rUfymaBas50ypbkLy0D+Un62xPjf3C7jxeuNmXd1RTdlwnpi9wfAI5/E S7bJWU5qalbBQA1aU1ElupiRGMgrv+1f6YZmLqXhIYR5ayKJrJRcM3k/f7yNiRj1 Y76XEMo3p3QAVFpYICZ9dPU2r4NTy94Ddbhe+iyki8LmSVad7kWk6pNTyFg= -----END CERTIFICATE-----Generated at Fri Nov 22 17:56:19 2024 by rpki-client on console-fra.rpki-client.org