$ rpki-client -vvf rpki.apnic.net/member_repository/A91CEAA2/D2AB292C1D9911E2BA529A8608B02CD2/F2C1B32AD59511EC9A77CC14C4F9AE02.roa File: F2C1B32AD59511EC9A77CC14C4F9AE02.roa (raw, json) Hash identifier: DUo6nMXbjV7jS4ARZJJiiM+rlqdCKSiSE1fPTvDpTYs= Subject key identifier: 6A:C5:04:79:F0:75:52:E7:43:EF:56:57:DE:25:A3:22:FF:49:DB:5F Certificate issuer: /CN=A91CEAA2/serialNumber=FF495293CB5F15E5D14BACC2DB1052B2E2C825C8 Certificate serial: 3280 Authority key identifier: FF:49:52:93:CB:5F:15:E5:D1:4B:AC:C2:DB:10:52:B2:E2:C8:25:C8 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_0lSk8tfFeXRS6zC2xBSsuLIJcg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CEAA2/D2AB292C1D9911E2BA529A8608B02CD2/F2C1B32AD59511EC9A77CC14C4F9AE02.roa Signing time: Wed 07 Sep 2022 03:10:48 +0000 ROA not before: Wed 07 Sep 2022 03:10:48 +0000 ROA not after: Tue 31 Oct 2023 00:00:00 +0000 asID: 16509 IP address blocks: 116.214.100.0/24 maxlen: 24 116.214.101.0/24 maxlen: 24 116.214.120.0/24 maxlen: 24 116.214.121.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CEAA2/D2AB292C1D9911E2BA529A8608B02CD2/_0lSk8tfFeXRS6zC2xBSsuLIJcg.crl rsync://rpki.apnic.net/member_repository/A91CEAA2/D2AB292C1D9911E2BA529A8608B02CD2/_0lSk8tfFeXRS6zC2xBSsuLIJcg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_0lSk8tfFeXRS6zC2xBSsuLIJcg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 21 Mar 2023 15:11:24 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 12928 (0x3280) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CEAA2/serialNumber=FF495293CB5F15E5D14BACC2DB1052B2E2C825C8 Validity Not Before: Sep 7 03:10:48 2022 GMT Not After : Oct 31 00:00:00 2023 GMT Subject: CN=63180bb8-572f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:cd:d1:e8:b1:74:63:ea:a4:67:44:83:df:7c: 42:f2:45:8d:34:15:4a:87:ee:80:ff:55:eb:d1:03: 72:9d:77:11:c0:c5:32:97:db:a9:1c:68:5f:ab:67: 1a:ba:85:7b:1f:08:8d:6b:86:55:63:5d:a8:23:b1: d3:22:a7:9d:49:49:c6:66:32:5e:f5:a3:d5:a0:fe: e7:28:3d:c8:57:7e:32:01:39:67:fc:db:6e:b4:ff: ca:d7:33:34:51:50:bc:47:d4:2e:45:5d:be:68:2e: d4:f9:77:3a:10:4d:22:92:82:f8:79:e1:37:02:db: 36:75:9a:ca:50:50:cc:ce:f1:32:08:cb:35:af:6c: ed:f3:64:fa:dd:26:5d:93:63:e8:fe:1b:2a:0c:da: 7e:6e:7b:6c:08:72:cd:91:dd:f0:56:11:d3:47:61: d1:f3:92:dc:79:a6:ee:a2:b9:a8:69:24:9a:42:2c: d5:3e:80:69:2f:b3:b2:38:19:b0:3e:69:37:7e:90: 27:2e:63:03:ed:66:70:6b:74:59:50:d1:85:fc:bc: 43:c3:54:8c:90:4d:a8:13:e0:06:5b:60:18:bf:d7: dd:79:03:94:dc:13:97:0c:e8:44:fb:d9:11:98:f8: 49:a6:0a:ef:a5:c3:e0:46:92:3e:1e:86:2c:2e:d9: 70:23 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6A:C5:04:79:F0:75:52:E7:43:EF:56:57:DE:25:A3:22:FF:49:DB:5F X509v3 Authority Key Identifier: keyid:FF:49:52:93:CB:5F:15:E5:D1:4B:AC:C2:DB:10:52:B2:E2:C8:25:C8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CEAA2/D2AB292C1D9911E2BA529A8608B02CD2/_0lSk8tfFeXRS6zC2xBSsuLIJcg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_0lSk8tfFeXRS6zC2xBSsuLIJcg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CEAA2/D2AB292C1D9911E2BA529A8608B02CD2/F2C1B32AD59511EC9A77CC14C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 116.214.100.0/23 116.214.120.0/23 Signature Algorithm: sha256WithRSAEncryption 54:17:81:4e:75:80:5c:ec:46:be:ed:51:64:62:21:e8:c5:b1: f6:45:60:e8:1f:54:26:d9:bd:3d:6a:d6:f2:0e:54:c2:eb:2a: 5d:ba:50:9c:28:ae:40:46:5c:22:62:4f:b5:9b:98:ff:f4:14: ec:0a:33:b5:38:66:33:68:08:35:84:82:af:06:fc:95:76:96: 43:e3:45:2e:70:e2:64:df:b6:2d:b5:ff:78:9f:61:e2:9c:de: f9:3a:11:cf:73:7d:d4:86:57:e6:63:46:ca:03:1b:8e:1f:d7: dc:36:54:91:f0:49:86:0b:b0:48:01:6d:d1:94:46:db:cf:c2: 7c:80:2d:37:eb:81:e4:da:48:8f:c9:a1:0d:62:1c:4a:32:c8: eb:c9:17:44:a5:d1:d3:03:d8:86:ad:e1:45:e8:78:d9:6d:c7: ad:6d:14:ff:6d:ad:a1:19:e6:54:8c:8d:02:e0:05:9a:27:be: 11:d0:99:b7:21:ab:07:7c:65:a2:38:87:66:49:cf:10:12:3f: 34:69:78:74:a1:8f:6d:8a:f7:dd:ce:45:ec:b1:d4:02:59:5d: 50:cd:0a:d8:d7:a0:cf:73:db:d9:51:4c:d7:61:2f:bb:92:c5: 62:46:e9:59:25:6f:0f:be:d6:49:9d:c2:15:92:41:b0:3b:bc: e3:e5:29:c1 -----BEGIN CERTIFICATE----- MIIFdzCCBF+gAwIBAgICMoAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Q0VBQTIxMTAvBgNVBAUTKEZGNDk1MjkzQ0I1RjE1RTVEMTRCQUNDMkRCMTA1MkIy RTJDODI1QzgwHhcNMjIwOTA3MDMxMDQ4WhcNMjMxMDMxMDAwMDAwWjAYMRYwFAYD VQQDEw02MzE4MGJiOC01NzJmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAuM3R6LF0Y+qkZ0SD33xC8kWNNBVKh+6A/1Xr0QNynXcRwMUyl9upHGhfq2ca uoV7HwiNa4ZVY12oI7HTIqedSUnGZjJe9aPVoP7nKD3IV34yATln/NtutP/K1zM0 UVC8R9QuRV2+aC7U+Xc6EE0ikoL4eeE3Ats2dZrKUFDMzvEyCMs1r2zt82T63SZd k2Po/hsqDNp+bntsCHLNkd3wVhHTR2HR85LceabuormoaSSaQizVPoBpL7OyOBmw Pmk3fpAnLmMD7WZwa3RZUNGF/LxDw1SMkE2oE+AGW2AYv9fdeQOU3BOXDOhE+9kR mPhJpgrvpcPgRpI+HoYsLtlwIwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFGrFBHnw dVLnQ+9WV94loyL/SdtfMB8GA1UdIwQYMBaAFP9JUpPLXxXl0UuswtsQUrLiyCXI MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDRUFBMi9EMkFCMjkyQzFE OTkxMUUyQkE1MjlBODYwOEIwMkNEMi9fMGxTazh0ZkZlWFJTNnpDMnhCU3N1TElK Y2cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL18wbFNrOHRmRmVYUlM2ekMyeEJTc3VMSUpjZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx Q0VBQTIvRDJBQjI5MkMxRDk5MTFFMkJBNTI5QTg2MDhCMDJDRDIvRjJDMUIzMkFE NTk1MTFFQzlBNzdDQzE0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E FjAUMBIEAgABMAwDBAF01mQDBAF01ngwDQYJKoZIhvcNAQELBQADggEBAFQXgU51 gFzsRr7tUWRiIejFsfZFYOgfVCbZvT1q1vIOVMLrKl26UJworkBGXCJiT7WbmP/0 FOwKM7U4ZjNoCDWEgq8G/JV2lkPjRS5w4mTfti21/3ifYeKc3vk6Ec9zfdSGV+Zj RsoDG44f19w2VJHwSYYLsEgBbdGURtvPwnyALTfrgeTaSI/JoQ1iHEoyyOvJF0Sl 0dMD2Iat4UXoeNltx61tFP9traEZ5lSMjQLgBZonvhHQmbchqwd8ZaI4h2ZJzxAS PzRpeHShj22K993OReyx1AJZXVDNCtjXoM9z29lRTNdhL7uSxWJG6Vklbw++1kmd whWSQbA7vOPlKcE= -----END CERTIFICATE-----Generated at Wed Mar 15 11:54:20 2023 by rpki-client on console-fra.rpki-client.org