$ rpki-client -vvf rpki.apnic.net/member_repository/A91BA5BA/4326CBC0B7CD11ECAF681335C4F9AE02/87F2D334F2D811EC8F663D52C4F9AE02.roa File: 87F2D334F2D811EC8F663D52C4F9AE02.roa (raw, json) Hash identifier: /NuTqSUBTeFJ9CyVzXuBIUWT5gpveEGDRyxNvLNEQIM= Subject key identifier: 05:9B:39:46:1D:7F:B5:5F:4C:0B:00:38:14:81:7E:54:0B:36:C5:CA Certificate issuer: /CN=A91BA5BA/serialNumber=02AA3A76C459497B1B45F26E9044ACC6F2E8044F Certificate serial: 02C9 Authority key identifier: 02:AA:3A:76:C4:59:49:7B:1B:45:F2:6E:90:44:AC:C6:F2:E8:04:4F Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Aqo6dsRZSXsbRfJukESsxvLoBE8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91BA5BA/4326CBC0B7CD11ECAF681335C4F9AE02/87F2D334F2D811EC8F663D52C4F9AE02.roa Signing time: Fri 05 Jul 2024 02:44:36 +0000 ROA not before: Fri 05 Jul 2024 02:44:36 +0000 ROA not after: Sun 31 Aug 2025 00:00:00 +0000 asID: 131329 IP address blocks: 202.88.42.0/24 maxlen: 24 2400:1560:6::/64 maxlen: 64 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91BA5BA/4326CBC0B7CD11ECAF681335C4F9AE02/Aqo6dsRZSXsbRfJukESsxvLoBE8.crl rsync://rpki.apnic.net/member_repository/A91BA5BA/4326CBC0B7CD11ECAF681335C4F9AE02/Aqo6dsRZSXsbRfJukESsxvLoBE8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Aqo6dsRZSXsbRfJukESsxvLoBE8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Nov 2024 20:43:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 713 (0x2c9) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91BA5BA/serialNumber=02AA3A76C459497B1B45F26E9044ACC6F2E8044F Validity Not Before: Jul 5 02:44:36 2024 GMT Not After : Aug 31 00:00:00 2025 GMT Subject: CN=66875e14-4aa3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:2f:ec:1d:3e:9b:de:02:92:ba:2d:dd:87:f5: 70:6d:ac:86:3d:33:f3:8d:16:af:ad:e2:70:47:e2: 60:0e:3f:3e:61:b6:e4:c2:0c:59:a7:ef:be:01:71: 45:19:18:9d:f2:ad:bc:ff:dc:23:e0:eb:34:ea:e4: 00:62:66:68:a5:62:03:8f:20:42:c5:fc:5f:e0:f7: 51:08:c4:c5:ee:1a:e1:7d:d5:e2:0d:83:63:0d:5d: 6e:23:ec:f1:ff:12:5c:54:2d:ed:d7:cb:65:93:30: b1:c8:04:78:80:ce:c0:b5:5d:1c:a4:d2:1e:59:a4: 5d:e4:5b:7e:48:59:2b:3e:de:c9:3c:9b:15:d2:12: 50:1d:50:db:e5:f0:f1:1e:9b:6f:60:ce:6f:18:4c: ab:c4:54:8a:4b:83:4d:ab:f5:a0:66:9d:5a:c6:e9: c7:57:64:7e:dc:2e:3c:33:b3:e7:23:20:63:df:69: d8:83:dc:9e:89:2e:a9:62:60:a5:ae:99:46:27:f9: 8a:8b:3a:d5:81:b1:6e:15:e3:b8:4d:ee:0e:6b:aa: a5:9b:c5:63:03:8f:cc:24:93:06:e9:12:59:0a:87: 4c:8b:2a:6e:8e:80:ee:0a:1b:f2:31:6e:f5:59:2b: 2c:52:ee:b5:6d:30:e8:b6:95:d8:d2:8c:cf:9f:5e: 2e:8b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 05:9B:39:46:1D:7F:B5:5F:4C:0B:00:38:14:81:7E:54:0B:36:C5:CA X509v3 Authority Key Identifier: keyid:02:AA:3A:76:C4:59:49:7B:1B:45:F2:6E:90:44:AC:C6:F2:E8:04:4F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91BA5BA/4326CBC0B7CD11ECAF681335C4F9AE02/Aqo6dsRZSXsbRfJukESsxvLoBE8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Aqo6dsRZSXsbRfJukESsxvLoBE8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BA5BA/4326CBC0B7CD11ECAF681335C4F9AE02/87F2D334F2D811EC8F663D52C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 202.88.42.0/24 IPv6: 2400:1560:6::/64 Signature Algorithm: sha256WithRSAEncryption d1:55:c5:c1:0a:11:33:26:14:aa:74:07:43:8e:0d:30:84:69: 95:a5:f8:d3:59:e8:72:6a:98:39:71:8c:8a:30:d0:19:85:94: fd:ad:69:29:27:f3:ef:76:83:59:1d:a1:7f:15:f0:67:e6:ec: 84:b3:2b:f3:cb:98:1d:0f:31:61:18:a6:3f:b5:e8:38:54:ff: 86:e4:d7:17:04:66:f1:6c:76:09:d0:06:fb:8c:ad:48:21:ae: 75:40:b1:2a:6f:a1:ff:d6:e2:b6:cd:87:6d:70:51:a5:c0:f2: fc:db:2d:0a:09:49:b6:b7:41:a7:3f:ea:2a:7c:6d:2f:55:b3: e2:04:0b:a9:b9:2d:42:72:f4:21:87:48:85:09:e6:55:5a:f9: 2c:46:6b:b8:18:60:7b:ac:01:2e:65:51:7a:20:97:c8:10:77: cd:8c:96:5b:11:4b:71:4d:50:d8:f7:71:b6:eb:ce:54:8d:a5: 8e:5a:54:3c:1d:bb:58:52:89:97:fa:9e:9b:8e:9e:5d:25:c9: eb:81:9f:38:a5:79:60:e9:cf:91:4e:78:bd:a8:80:34:76:5c: fb:a1:34:c7:35:03:54:ae:da:d8:6b:dc:37:ed:f3:b3:42:80: 43:58:c1:2c:23:38:c6:54:bc:76:e0:2c:51:b9:d0:46:07:b8: 5e:bd:c2:58 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAskwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QkE1QkExMTAvBgNVBAUTKDAyQUEzQTc2QzQ1OTQ5N0IxQjQ1RjI2RTkwNDRBQ0M2 RjJFODA0NEYwHhcNMjQwNzA1MDI0NDM2WhcNMjUwODMxMDAwMDAwWjAYMRYwFAYD VQQDEw02Njg3NWUxNC00YWEzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwS/sHT6b3gKSui3dh/VwbayGPTPzjRavreJwR+JgDj8+YbbkwgxZp+++AXFF GRid8q28/9wj4Os06uQAYmZopWIDjyBCxfxf4PdRCMTF7hrhfdXiDYNjDV1uI+zx /xJcVC3t18tlkzCxyAR4gM7AtV0cpNIeWaRd5Ft+SFkrPt7JPJsV0hJQHVDb5fDx HptvYM5vGEyrxFSKS4NNq/WgZp1axunHV2R+3C48M7PnIyBj32nYg9yeiS6pYmCl rplGJ/mKizrVgbFuFeO4Te4Oa6qlm8VjA4/MJJMG6RJZCodMiypujoDuChvyMW71 WSssUu61bTDotpXY0ozPn14uiwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFAWbOUYd f7VfTAsAOBSBflQLNsXKMB8GA1UdIwQYMBaAFAKqOnbEWUl7G0XybpBErMby6ARP MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCQTVCQS80MzI2Q0JDMEI3 Q0QxMUVDQUY2ODEzMzVDNEY5QUUwMi9BcW82ZHNSWlNYc2JSZkp1a0VTc3h2TG9C RTguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0FxbzZkc1JaU1hzYlJmSnVrRVNzeHZMb0JFOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QkE1QkEvNDMyNkNCQzBCN0NEMTFFQ0FGNjgxMzM1QzRGOUFFMDIvODdGMkQzMzRG MkQ4MTFFQzhGNjYzRDUyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMgYIKwYBBQUHAQcBAf8E IzAhMAwEAgABMAYDBADKWCowEQQCAAIwCwMJACQAFWAABgAAMA0GCSqGSIb3DQEB CwUAA4IBAQDRVcXBChEzJhSqdAdDjg0whGmVpfjTWehyapg5cYyKMNAZhZT9rWkp J/PvdoNZHaF/FfBn5uyEsyvzy5gdDzFhGKY/teg4VP+G5NcXBGbxbHYJ0Ab7jK1I Ia51QLEqb6H/1uK2zYdtcFGlwPL82y0KCUm2t0GnP+oqfG0vVbPiBAupuS1CcvQh h0iFCeZVWvksRmu4GGB7rAEuZVF6IJfIEHfNjJZbEUtxTVDY93G2685UjaWOWlQ8 HbtYUomX+p6bjp5dJcnrgZ84pXlg6c+RTni9qIA0dlz7oTTHNQNUrtrYa9w37fOz QoBDWMEsIzjGVLx24CxRudBGB7hevcJY -----END CERTIFICATE-----Generated at Sat Nov 23 02:33:44 2024 by rpki-client on console-fra.rpki-client.org