$ rpki-client -vvf rpki.apnic.net/member_repository/A91B2492/DAD510D43CB511EAB82CCC6CC4F9AE02/C8436A008D7B11EDB7EB7F37C4F9AE02.roa File: C8436A008D7B11EDB7EB7F37C4F9AE02.roa (raw, json) Hash identifier: 42VvBlg/h+BrMDeCNHd6S2PYJbQdXPmTgZgY8yTqMto= Subject key identifier: 1D:4C:92:3E:1A:FF:C0:59:A5:13:08:14:EB:D1:3A:86:09:FB:40:3A Certificate issuer: /CN=A91B2492/serialNumber=73B561DF3A58976F7FAD997A9BA8DE5F676DCFB2 Certificate serial: 09CD Authority key identifier: 73:B5:61:DF:3A:58:97:6F:7F:AD:99:7A:9B:A8:DE:5F:67:6D:CF:B2 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/c7Vh3zpYl29_rZl6m6jeX2dtz7I.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B2492/DAD510D43CB511EAB82CCC6CC4F9AE02/C8436A008D7B11EDB7EB7F37C4F9AE02.roa Signing time: Wed 12 Jul 2023 19:56:32 +0000 ROA not before: Wed 12 Jul 2023 19:56:32 +0000 ROA not after: Mon 30 Sep 2024 00:00:00 +0000 asID: 6507 IP address blocks: 43.229.64.0/22 maxlen: 24 103.240.224.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B2492/DAD510D43CB511EAB82CCC6CC4F9AE02/c7Vh3zpYl29_rZl6m6jeX2dtz7I.crl rsync://rpki.apnic.net/member_repository/A91B2492/DAD510D43CB511EAB82CCC6CC4F9AE02/c7Vh3zpYl29_rZl6m6jeX2dtz7I.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/c7Vh3zpYl29_rZl6m6jeX2dtz7I.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 11 May 2024 19:44:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2509 (0x9cd) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B2492/serialNumber=73B561DF3A58976F7FAD997A9BA8DE5F676DCFB2 Validity Not Before: Jul 12 19:56:32 2023 GMT Not After : Sep 30 00:00:00 2024 GMT Subject: CN=64af0570-27f4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e5:ea:93:fd:d8:6a:4a:68:09:5b:02:8d:d8:d5: b9:02:25:9c:6d:4d:26:1f:2c:df:41:58:de:70:eb: 00:cf:29:f0:e5:00:a5:51:8a:cf:8c:3f:3b:01:5e: 88:7b:1d:ea:09:8b:4d:07:ff:46:bb:46:c8:23:ba: 4d:a2:9d:c5:8e:64:8c:79:52:67:69:ff:95:44:cf: 4b:84:d5:22:76:40:17:3e:56:de:32:7f:e8:24:9e: 9b:a3:8f:62:30:2b:e4:4a:3f:b3:76:4d:3b:30:8c: 78:38:3d:75:e8:9b:58:bd:22:da:57:e0:5d:ae:35: 06:72:f4:17:cf:f0:9e:3d:10:71:9f:29:cb:50:e2: 53:76:fa:66:4c:d4:f1:c5:83:ee:28:f9:c7:94:98: b4:5a:1c:be:ce:00:6f:be:21:50:61:9d:77:87:63: 9d:56:6e:98:07:ff:d1:b7:f8:91:3c:2a:e6:27:52: 5e:98:72:39:db:49:07:2e:65:09:6a:72:66:05:49: e9:2f:12:2f:c2:4f:04:0b:72:7e:98:6b:ff:8b:8c: c6:36:5a:f8:79:01:27:eb:96:13:d9:ee:f1:f4:60: 6d:ec:ea:e0:4a:47:0e:dc:49:31:e7:f4:60:88:82: 98:53:d7:f8:71:e5:1b:bf:2c:fc:ca:72:46:fe:a0: 83:ef Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1D:4C:92:3E:1A:FF:C0:59:A5:13:08:14:EB:D1:3A:86:09:FB:40:3A X509v3 Authority Key Identifier: keyid:73:B5:61:DF:3A:58:97:6F:7F:AD:99:7A:9B:A8:DE:5F:67:6D:CF:B2 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B2492/DAD510D43CB511EAB82CCC6CC4F9AE02/c7Vh3zpYl29_rZl6m6jeX2dtz7I.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/c7Vh3zpYl29_rZl6m6jeX2dtz7I.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B2492/DAD510D43CB511EAB82CCC6CC4F9AE02/C8436A008D7B11EDB7EB7F37C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.229.64.0/22 103.240.224.0/22 Signature Algorithm: sha256WithRSAEncryption 47:6e:47:be:20:8f:44:f4:1b:db:28:64:b6:93:73:33:f6:cf: 99:ca:30:2e:b4:00:8a:a8:46:fa:23:3a:37:e6:c7:7c:88:ff: ad:eb:8e:04:f7:ef:9e:fb:1b:ca:27:31:ef:83:98:d1:89:b1: 6a:da:6d:28:78:72:61:a1:4a:24:98:2e:2d:95:70:7f:53:9e: 07:4f:dd:07:57:14:17:ff:4d:20:8f:6d:be:a8:28:ad:24:5c: c4:2e:47:b6:1b:9b:c4:87:86:65:c3:ab:ac:1a:e6:e9:92:68: 21:2b:b0:1c:7e:b9:3f:36:bb:41:63:25:4e:12:69:b3:bb:1c: 62:ff:cb:85:c7:32:d6:44:d8:60:31:f6:67:36:2a:b4:18:a5: 4f:ed:89:c6:6e:2a:f3:31:31:1e:86:5b:f4:f1:b0:2d:1c:d0: 18:89:24:2a:96:1f:d1:08:82:6a:43:dd:53:03:3d:99:ea:07: 07:3b:1c:64:b4:62:d0:6f:f7:19:bb:fa:f0:ea:94:6d:14:13: 89:f9:4e:12:9c:b6:be:45:ac:24:15:78:5e:f9:da:21:c4:dc: cb:ec:e7:ae:da:68:9c:c9:b8:76:7d:51:7e:58:f2:43:77:cd: 67:1c:9c:a8:e1:25:7c:75:84:c9:60:83:a7:9d:af:9e:6f:18: a4:e0:e2:35 -----BEGIN CERTIFICATE----- MIIFdzCCBF+gAwIBAgICCc0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjI0OTIxMTAvBgNVBAUTKDczQjU2MURGM0E1ODk3NkY3RkFEOTk3QTlCQThERTVG Njc2RENGQjIwHhcNMjMwNzEyMTk1NjMyWhcNMjQwOTMwMDAwMDAwWjAYMRYwFAYD VQQDEw02NGFmMDU3MC0yN2Y0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA5eqT/dhqSmgJWwKN2NW5AiWcbU0mHyzfQVjecOsAzynw5QClUYrPjD87AV6I ex3qCYtNB/9Gu0bII7pNop3FjmSMeVJnaf+VRM9LhNUidkAXPlbeMn/oJJ6bo49i MCvkSj+zdk07MIx4OD116JtYvSLaV+BdrjUGcvQXz/CePRBxnynLUOJTdvpmTNTx xYPuKPnHlJi0Why+zgBvviFQYZ13h2OdVm6YB//Rt/iRPCrmJ1JemHI520kHLmUJ anJmBUnpLxIvwk8EC3J+mGv/i4zGNlr4eQEn65YT2e7x9GBt7OrgSkcO3Ekx5/Rg iIKYU9f4ceUbvyz8ynJG/qCD7wIDAQABo4ICmzCCApcwHQYDVR0OBBYEFB1Mkj4a /8BZpRMIFOvROoYJ+0A6MB8GA1UdIwQYMBaAFHO1Yd86WJdvf62Zepuo3l9nbc+y MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCMjQ5Mi9EQUQ1MTBENDND QjUxMUVBQjgyQ0NDNkNDNEY5QUUwMi9jN1ZoM3pwWWwyOV9yWmw2bTZqZVgyZHR6 N0kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2M3VmgzenBZbDI5X3JabDZtNmplWDJkdHo3SS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QjI0OTIvREFENTEwRDQzQ0I1MTFFQUI4MkNDQzZDQzRGOUFFMDIvQzg0MzZBMDA4 RDdCMTFFREI3RUI3RjM3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E FjAUMBIEAgABMAwDBAIr5UADBAJn8OAwDQYJKoZIhvcNAQELBQADggEBAEduR74g j0T0G9soZLaTczP2z5nKMC60AIqoRvojOjfmx3yI/63rjgT37577G8onMe+DmNGJ sWrabSh4cmGhSiSYLi2VcH9TngdP3QdXFBf/TSCPbb6oKK0kXMQuR7Ybm8SHhmXD q6wa5umSaCErsBx+uT82u0FjJU4SabO7HGL/y4XHMtZE2GAx9mc2KrQYpU/ticZu KvMxMR6GW/TxsC0c0BiJJCqWH9EIgmpD3VMDPZnqBwc7HGS0YtBv9xm7+vDqlG0U E4n5ThKctr5FrCQVeF752iHE3Mvs567aaJzJuHZ9UX5Y8kN3zWccnKjhJXx1hMlg g6edr55vGKTg4jU= -----END CERTIFICATE-----Generated at Sat May 4 21:33:00 2024 by rpki-client on console-fra.rpki-client.org