$ rpki-client -vvf rpki.apnic.net/member_repository/A91C1621/99D68DCE1D6911E2A4640DA708B02CD2/CDE36D52DB9511E99F3F673EC4F9AE02.roa File: CDE36D52DB9511E99F3F673EC4F9AE02.roa (raw, json) Hash identifier: deoSM2eW9n8Ke+2Gwxfg5Vyb4bl8egcl1/He0/Cy4jM= Subject key identifier: 22:E0:3B:89:C4:C7:8D:22:86:2A:A8:8D:CE:85:48:15:E7:43:A5:21 Certificate issuer: /CN=A91C1621/serialNumber=FA4179627F5B26594E5630353A0B7785E0D692C5 Certificate serial: 339A Authority key identifier: FA:41:79:62:7F:5B:26:59:4E:56:30:35:3A:0B:77:85:E0:D6:92:C5 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-kF5Yn9bJllOVjA1Ogt3heDWksU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C1621/99D68DCE1D6911E2A4640DA708B02CD2/CDE36D52DB9511E99F3F673EC4F9AE02.roa Signing time: Fri 24 Nov 2023 14:20:07 +0000 ROA not before: Fri 24 Nov 2023 14:20:07 +0000 ROA not after: Fri 31 Jan 2025 00:00:00 +0000 asID: 55805 IP address blocks: 27.123.212.0/22 maxlen: 22 27.123.212.0/24 maxlen: 24 27.123.213.0/24 maxlen: 24 27.123.214.0/24 maxlen: 24 27.123.215.0/24 maxlen: 24 103.29.144.0/22 maxlen: 22 103.29.144.0/24 maxlen: 24 103.29.145.0/24 maxlen: 24 103.29.146.0/24 maxlen: 24 103.29.147.0/24 maxlen: 24 103.98.68.0/22 maxlen: 22 103.98.68.0/24 maxlen: 24 103.98.69.0/24 maxlen: 24 103.98.70.0/24 maxlen: 24 103.98.71.0/24 maxlen: 24 202.126.88.0/22 maxlen: 22 202.126.88.0/24 maxlen: 24 202.126.89.0/24 maxlen: 24 202.126.90.0/24 maxlen: 24 202.126.91.0/24 maxlen: 24 2401:90c0::/32 maxlen: 48 2405:600::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C1621/99D68DCE1D6911E2A4640DA708B02CD2/-kF5Yn9bJllOVjA1Ogt3heDWksU.crl rsync://rpki.apnic.net/member_repository/A91C1621/99D68DCE1D6911E2A4640DA708B02CD2/-kF5Yn9bJllOVjA1Ogt3heDWksU.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-kF5Yn9bJllOVjA1Ogt3heDWksU.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 23 May 2024 14:16:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13210 (0x339a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C1621/serialNumber=FA4179627F5B26594E5630353A0B7785E0D692C5 Validity Not Before: Nov 24 14:20:07 2023 GMT Not After : Jan 31 00:00:00 2025 GMT Subject: CN=6560b116-bc79 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f0:0d:5e:0a:cc:0a:34:6d:15:fa:51:44:e6:94: 8e:aa:bd:78:c2:8e:6b:b4:99:7a:92:e9:7c:c7:e9: 80:19:4e:b2:3a:09:ca:e3:54:fe:d1:77:0e:41:6f: 28:c6:9b:4c:5c:06:8d:04:b0:4f:cb:f3:b3:fc:4c: 14:d9:ca:43:5c:7b:e7:60:44:d2:e5:80:c9:ce:f2: 79:59:0e:ba:cf:a9:8f:a5:28:5e:cd:0b:f5:89:99: 19:3e:db:de:e0:9d:fa:ec:aa:77:a8:61:7b:dc:4a: 5c:2c:64:5e:da:c4:8e:a0:cd:b9:d2:2c:1f:7d:22: 90:bd:34:c6:4f:6e:25:0e:88:75:58:b6:73:fd:82: b6:79:2d:e3:8e:92:21:da:ba:c2:3f:23:02:df:1b: a8:1e:3a:80:a6:31:48:07:4a:81:17:03:a8:84:f0: fb:92:fb:86:e6:4a:44:d4:a8:1d:77:1f:c7:55:da: 4f:4d:3a:ec:6d:6a:d5:34:8c:aa:70:fc:c3:d4:66: 38:9f:fc:0d:e9:64:b6:44:e3:26:1e:86:db:c7:5c: fe:87:56:ac:99:56:9f:78:be:c1:2d:92:b9:4c:10: 85:48:63:4e:de:86:3a:57:f8:47:2c:b1:6e:46:db: d7:5e:a0:5c:fe:6c:c7:78:b8:70:1c:bb:22:38:37: d5:f7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 22:E0:3B:89:C4:C7:8D:22:86:2A:A8:8D:CE:85:48:15:E7:43:A5:21 X509v3 Authority Key Identifier: keyid:FA:41:79:62:7F:5B:26:59:4E:56:30:35:3A:0B:77:85:E0:D6:92:C5 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C1621/99D68DCE1D6911E2A4640DA708B02CD2/-kF5Yn9bJllOVjA1Ogt3heDWksU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-kF5Yn9bJllOVjA1Ogt3heDWksU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C1621/99D68DCE1D6911E2A4640DA708B02CD2/CDE36D52DB9511E99F3F673EC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 27.123.212.0/22 103.29.144.0/22 103.98.68.0/22 202.126.88.0/22 IPv6: 2401:90c0::/32 2405:600::/32 Signature Algorithm: sha256WithRSAEncryption 25:b0:f7:bc:e6:f3:d5:9b:97:fd:df:04:78:37:8f:63:1e:e6: 7d:a5:9a:09:b2:a8:70:17:44:f0:9d:dc:2d:d0:3d:61:86:77: 57:3a:e3:4c:97:dd:63:a1:49:e9:3a:5d:60:cc:52:0a:7b:88: db:77:37:e9:aa:91:88:96:76:ee:4b:c1:87:77:75:6c:10:61: af:86:53:df:47:da:b5:59:e6:6c:ea:8f:5f:71:28:75:59:9e: f2:0c:be:3f:59:20:74:bd:fb:20:2d:26:6a:eb:fc:c9:02:f0: 67:31:52:21:ea:c0:de:45:45:eb:ec:d4:3a:67:79:c0:e6:dc: 54:3e:b4:55:ac:32:4f:29:41:ff:c5:2e:d3:f7:54:8c:50:bb: 63:eb:a7:d8:6c:6f:6c:46:77:27:c5:2e:6e:51:af:a7:d0:38: 60:98:68:25:3f:1e:8f:36:df:03:e9:31:da:c9:d4:80:3d:7d: 91:a2:dc:95:9c:d2:81:06:c2:46:d7:89:a7:8f:97:69:f2:b1: 95:c2:99:57:5f:a7:8d:be:62:57:d7:30:8a:4a:17:74:41:7e: a2:9c:9d:54:39:72:9e:0d:b3:1c:23:90:44:76:45:0d:94:db: 22:1e:0f:7d:b4:46:60:a8:da:63:2e:4f:3a:e2:61:23:31:02: 5e:8b:8d:9d -----BEGIN CERTIFICATE----- MIIFmTCCBIGgAwIBAgICM5owDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QzE2MjExMTAvBgNVBAUTKEZBNDE3OTYyN0Y1QjI2NTk0RTU2MzAzNTNBMEI3Nzg1 RTBENjkyQzUwHhcNMjMxMTI0MTQyMDA3WhcNMjUwMTMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NTYwYjExNi1iYzc5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA8A1eCswKNG0V+lFE5pSOqr14wo5rtJl6kul8x+mAGU6yOgnK41T+0XcOQW8o xptMXAaNBLBPy/Oz/EwU2cpDXHvnYETS5YDJzvJ5WQ66z6mPpShezQv1iZkZPtve 4J367Kp3qGF73EpcLGRe2sSOoM250iwffSKQvTTGT24lDoh1WLZz/YK2eS3jjpIh 2rrCPyMC3xuoHjqApjFIB0qBFwOohPD7kvuG5kpE1Kgddx/HVdpPTTrsbWrVNIyq cPzD1GY4n/wN6WS2ROMmHobbx1z+h1asmVafeL7BLZK5TBCFSGNO3oY6V/hHLLFu RtvXXqBc/mzHeLhwHLsiODfV9wIDAQABo4ICvTCCArkwHQYDVR0OBBYEFCLgO4nE x40ihiqojc6FSBXnQ6UhMB8GA1UdIwQYMBaAFPpBeWJ/WyZZTlYwNToLd4Xg1pLF MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDMTYyMS85OUQ2OERDRTFE NjkxMUUyQTQ2NDBEQTcwOEIwMkNEMi8ta0Y1WW45YkpsbE9WakExT2d0M2hlRFdr c1UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLy1rRjVZbjliSmxsT1ZqQTFPZ3QzaGVEV2tzVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QzE2MjEvOTlENjhEQ0UxRDY5MTFFMkE0NjQwREE3MDhCMDJDRDIvQ0RFMzZENTJE Qjk1MTFFOTlGM0Y2NzNFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwRwYIKwYBBQUHAQcBAf8E ODA2MB4EAgABMBgDBAIbe9QDBAJnHZADBAJnYkQDBALKflgwFAQCAAIwDgMFACQB kMADBQAkBQYAMA0GCSqGSIb3DQEBCwUAA4IBAQAlsPe85vPVm5f93wR4N49jHuZ9 pZoJsqhwF0Twndwt0D1hhndXOuNMl91joUnpOl1gzFIKe4jbdzfpqpGIlnbuS8GH d3VsEGGvhlPfR9q1WeZs6o9fcSh1WZ7yDL4/WSB0vfsgLSZq6/zJAvBnMVIh6sDe RUXr7NQ6Z3nA5txUPrRVrDJPKUH/xS7T91SMULtj66fYbG9sRncnxS5uUa+n0Dhg mGglPx6PNt8D6THaydSAPX2RotyVnNKBBsJG14mnj5dp8rGVwplXX6eNvmJX1zCK Shd0QX6inJ1UOXKeDbMcI5BEdkUNlNsiHg99tEZgqNpjLk864mEjMQJei42d -----END CERTIFICATE-----Generated at Thu May 16 16:14:59 2024 by rpki-client on console-fra.rpki-client.org