$ rpki-client -vvf rpki.apnic.net/member_repository/A91C0BDE/7E5AC3E0897111EA92402A0AC4F9AE02/2131E0225B7E11EDB98BC14EC4F9AE02.roa File: 2131E0225B7E11EDB98BC14EC4F9AE02.roa (raw, json) Hash identifier: K12UGDVHASHEXRGJdQq6CXILggkzic3axnGkVWsX9Zo= Subject key identifier: CA:07:E5:2E:B2:83:C3:FD:5F:BB:13:21:E2:9C:A4:E4:FB:A6:EA:4A Certificate issuer: /CN=A91C0BDE/serialNumber=A4B50BECD8BBA285587128D5919283DBE1690918 Certificate serial: 0760 Authority key identifier: A4:B5:0B:EC:D8:BB:A2:85:58:71:28:D5:91:92:83:DB:E1:69:09:18 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pLUL7Ni7ooVYcSjVkZKD2-FpCRg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C0BDE/7E5AC3E0897111EA92402A0AC4F9AE02/2131E0225B7E11EDB98BC14EC4F9AE02.roa Signing time: Sat 03 Jun 2023 06:04:21 +0000 ROA not before: Sat 03 Jun 2023 06:04:21 +0000 ROA not after: Mon 01 Jul 2024 00:00:00 +0000 asID: 38138 IP address blocks: 114.129.8.0/22 maxlen: 22 114.129.8.0/24 maxlen: 24 114.129.9.0/24 maxlen: 24 114.129.10.0/24 maxlen: 24 114.129.11.0/24 maxlen: 24 114.129.15.0/24 maxlen: 24 2405:eec0::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C0BDE/7E5AC3E0897111EA92402A0AC4F9AE02/pLUL7Ni7ooVYcSjVkZKD2-FpCRg.crl rsync://rpki.apnic.net/member_repository/A91C0BDE/7E5AC3E0897111EA92402A0AC4F9AE02/pLUL7Ni7ooVYcSjVkZKD2-FpCRg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pLUL7Ni7ooVYcSjVkZKD2-FpCRg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 25 Jul 2023 20:47:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1888 (0x760) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C0BDE/serialNumber=A4B50BECD8BBA285587128D5919283DBE1690918 Validity Not Before: Jun 3 06:04:21 2023 GMT Not After : Jul 1 00:00:00 2024 GMT Subject: CN=647ad7e5-aea5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ed:1d:14:bb:e2:a0:c5:1a:64:35:68:06:3f:5e: 32:ce:82:df:95:9b:54:00:fa:b4:02:bb:c7:7a:a6: 26:32:b0:44:29:52:21:0d:91:ef:9e:45:89:51:06: c2:b4:3f:39:69:63:c5:5d:81:d7:fd:d0:7c:4d:08: d4:a2:33:cd:de:3e:42:65:4f:9e:2c:24:c1:02:c9: 28:43:e1:a9:53:24:df:f0:4b:56:36:c1:70:d5:fd: 20:c9:bf:fe:1f:88:dd:a9:4f:94:60:d9:d4:fe:76: db:2a:9a:87:9f:4c:f3:23:9e:14:1c:db:75:4e:b6: 11:1d:11:ed:9d:c9:a8:36:1f:90:d3:34:09:83:c1: 15:c3:62:da:0f:4e:60:72:5a:cf:e2:d4:6f:19:c6: c8:97:33:3d:8e:87:db:62:2d:21:0e:75:35:72:fd: 1c:05:2a:e9:4a:ca:64:aa:49:9a:3a:45:88:77:32: 14:78:da:25:3f:ce:e7:66:22:c8:16:f1:1b:50:0c: 9a:84:b7:3e:a7:57:13:18:3e:a9:43:8b:28:3f:c1: ef:f0:31:53:e5:28:51:3f:12:9c:d3:d6:c5:75:3d: 51:8c:da:83:ef:f8:33:87:9e:5c:69:5e:e8:a1:1b: b4:64:b5:ae:61:b9:8c:ef:da:4e:af:6e:f5:23:00: 87:81 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CA:07:E5:2E:B2:83:C3:FD:5F:BB:13:21:E2:9C:A4:E4:FB:A6:EA:4A X509v3 Authority Key Identifier: keyid:A4:B5:0B:EC:D8:BB:A2:85:58:71:28:D5:91:92:83:DB:E1:69:09:18 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C0BDE/7E5AC3E0897111EA92402A0AC4F9AE02/pLUL7Ni7ooVYcSjVkZKD2-FpCRg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pLUL7Ni7ooVYcSjVkZKD2-FpCRg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C0BDE/7E5AC3E0897111EA92402A0AC4F9AE02/2131E0225B7E11EDB98BC14EC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 114.129.8.0/22 114.129.15.0/24 IPv6: 2405:eec0::/32 Signature Algorithm: sha256WithRSAEncryption 40:e5:a6:24:d9:5b:84:56:fb:67:76:f8:bd:80:3f:b1:8e:37: 0c:10:7b:82:c9:bc:b3:b6:26:8f:5d:e0:7d:e9:83:35:e4:bf: 0e:78:cf:9b:57:15:09:6b:20:7f:69:2e:12:c1:aa:06:59:65: 7e:e9:11:e7:43:7b:c2:ae:ff:a6:78:b6:2d:fe:94:3d:ba:30: ba:f9:04:cd:52:6e:77:d9:f5:8b:00:1d:49:8c:46:5f:b0:84: 62:90:d5:09:fb:44:ed:a4:eb:35:1f:5b:94:6b:62:29:db:76: 65:79:92:ed:f1:dd:cd:e4:a9:fc:05:9c:dd:06:f0:9f:89:4e: 1f:33:fe:e8:b6:a3:12:23:85:2e:83:86:91:4d:e9:2d:a8:7d: d8:2c:4c:62:57:8f:2a:68:a2:d8:c5:f3:17:0c:10:d1:4a:62: 37:df:15:b8:f0:2f:fd:3e:6d:22:56:74:5f:e4:b7:ba:15:21: 5e:d1:3d:e9:04:c0:7b:4e:58:5d:f8:77:ad:a8:56:7f:16:06: 9a:0e:73:db:c1:6b:8e:d0:68:e9:27:50:17:49:2e:ae:7c:05: 0b:44:5a:ec:98:83:ac:b6:f4:0d:db:43:3b:22:ed:ef:70:18: fa:b8:89:d5:ac:0f:d9:26:e2:8c:ad:15:cd:22:74:c2:6d:75: b6:cb:46:5e -----BEGIN CERTIFICATE----- MIIFhjCCBG6gAwIBAgICB2AwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QzBCREUxMTAvBgNVBAUTKEE0QjUwQkVDRDhCQkEyODU1ODcxMjhENTkxOTI4M0RC RTE2OTA5MTgwHhcNMjMwNjAzMDYwNDIxWhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD VQQDEw02NDdhZDdlNS1hZWE1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA7R0Uu+KgxRpkNWgGP14yzoLflZtUAPq0ArvHeqYmMrBEKVIhDZHvnkWJUQbC tD85aWPFXYHX/dB8TQjUojPN3j5CZU+eLCTBAskoQ+GpUyTf8EtWNsFw1f0gyb/+ H4jdqU+UYNnU/nbbKpqHn0zzI54UHNt1TrYRHRHtncmoNh+Q0zQJg8EVw2LaD05g clrP4tRvGcbIlzM9jofbYi0hDnU1cv0cBSrpSspkqkmaOkWIdzIUeNolP87nZiLI FvEbUAyahLc+p1cTGD6pQ4soP8Hv8DFT5ShRPxKc09bFdT1RjNqD7/gzh55caV7o oRu0ZLWuYbmM79pOr271IwCHgQIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFMoH5S6y g8P9X7sTIeKcpOT7pupKMB8GA1UdIwQYMBaAFKS1C+zYu6KFWHEo1ZGSg9vhaQkY MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDMEJERS83RTVBQzNFMDg5 NzExMUVBOTI0MDJBMEFDNEY5QUUwMi9wTFVMN05pN29vVlljU2pWa1pLRDItRnBD UmcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3BMVUw3Tmk3b29WWWNTalZrWktEMi1GcENSZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QzBCREUvN0U1QUMzRTA4OTcxMTFFQTkyNDAyQTBBQzRGOUFFMDIvMjEzMUUwMjI1 QjdFMTFFREI5OEJDMTRFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E JTAjMBIEAgABMAwDBAJygQgDBABygQ8wDQQCAAIwBwMFACQF7sAwDQYJKoZIhvcN AQELBQADggEBAEDlpiTZW4RW+2d2+L2AP7GONwwQe4LJvLO2Jo9d4H3pgzXkvw54 z5tXFQlrIH9pLhLBqgZZZX7pEedDe8Ku/6Z4ti3+lD26MLr5BM1SbnfZ9YsAHUmM Rl+whGKQ1Qn7RO2k6zUfW5RrYinbdmV5ku3x3c3kqfwFnN0G8J+JTh8z/ui2oxIj hS6DhpFN6S2ofdgsTGJXjypootjF8xcMENFKYjffFbjwL/0+bSJWdF/kt7oVIV7R PekEwHtOWF34d62oVn8WBpoOc9vBa47QaOknUBdJLq58BQtEWuyYg6y29A3bQzsi 7e9wGPq4idWsD9km4oytFc0idMJtdbbLRl4= -----END CERTIFICATE-----Generated at Wed Jul 19 23:23:03 2023 by rpki-client on console-ams.rpki-client.org