$ rpki-client -vvf rpki.apnic.net/member_repository/A91D17F2/4C88A7A0FDFE11E9BD667D1FC4F9AE02/2DFF0AFE1FEB11EF9ECE847FC4F9AE02.roa File: 2DFF0AFE1FEB11EF9ECE847FC4F9AE02.roa (raw, json) Hash identifier: 2TLvwQaDCvq+6iRg1Nm663GwiMTQN6z+na7EH9fdmw4= Subject key identifier: E6:66:73:55:91:77:FB:DC:01:15:9A:55:44:AA:D0:B9:D9:4C:A6:27 Certificate issuer: /CN=A91D17F2/serialNumber=5486376B05B8A2552329E361BD725C77E1F8D0C9 Certificate serial: 0C2F Authority key identifier: 54:86:37:6B:05:B8:A2:55:23:29:E3:61:BD:72:5C:77:E1:F8:D0:C9 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VIY3awW4olUjKeNhvXJcd-H40Mk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D17F2/4C88A7A0FDFE11E9BD667D1FC4F9AE02/2DFF0AFE1FEB11EF9ECE847FC4F9AE02.roa Signing time: Sat 01 Jun 2024 07:48:36 +0000 ROA not before: Sat 01 Jun 2024 07:48:36 +0000 ROA not after: Mon 31 Mar 2025 00:00:00 +0000 asID: 215133 IP address blocks: 59.152.60.0/22 maxlen: 22 59.152.60.0/24 maxlen: 24 59.152.61.0/24 maxlen: 24 59.152.62.0/24 maxlen: 24 59.152.63.0/24 maxlen: 24 103.205.182.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D17F2/4C88A7A0FDFE11E9BD667D1FC4F9AE02/VIY3awW4olUjKeNhvXJcd-H40Mk.crl rsync://rpki.apnic.net/member_repository/A91D17F2/4C88A7A0FDFE11E9BD667D1FC4F9AE02/VIY3awW4olUjKeNhvXJcd-H40Mk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VIY3awW4olUjKeNhvXJcd-H40Mk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 27 Jun 2024 18:52:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3119 (0xc2f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D17F2/serialNumber=5486376B05B8A2552329E361BD725C77E1F8D0C9 Validity Not Before: Jun 1 07:48:36 2024 GMT Not After : Mar 31 00:00:00 2025 GMT Subject: CN=665ad254-707a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:8a:5b:eb:9b:e4:0e:03:51:a6:b0:93:f6:59: 61:6f:ab:07:9d:79:62:1d:40:ed:35:e7:c6:3f:20: 87:01:92:63:cd:d7:57:c9:ff:87:8f:ef:0d:41:2a: 44:7d:20:49:42:bb:79:eb:f3:d7:65:28:34:3f:ca: a6:70:8b:87:68:bc:ff:4e:ff:42:61:cf:38:51:77: f5:0d:df:0c:0f:bc:c2:d0:af:c3:fa:70:56:24:df: 0c:a6:47:e7:14:a3:e1:0d:14:58:09:a9:02:b5:81: cc:83:8a:db:e7:c5:c7:7d:7b:4c:3b:fc:42:83:64: 5c:dc:cd:78:23:f2:27:3c:e4:61:06:24:25:30:c2: 08:38:a4:60:e2:47:b4:1e:3a:b7:f3:90:2c:25:97: 2d:1e:f4:83:80:8a:23:9f:0b:49:ca:45:3c:21:23: 4d:01:1e:32:4f:74:14:71:cd:0e:a5:24:e2:13:af: 8e:cb:19:a0:96:97:57:7a:4b:ca:20:fd:d7:35:45: 18:58:e2:db:c6:4c:90:a5:0a:46:1a:f0:8e:a9:38: fa:66:30:58:af:3c:96:10:7f:51:7d:e0:b2:37:9b: 0b:1b:a6:b6:12:de:6c:d1:31:46:3f:86:21:8a:88: 18:b1:d0:7f:dd:fd:72:ad:16:e9:02:2b:9a:b7:b0: 5a:ef Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E6:66:73:55:91:77:FB:DC:01:15:9A:55:44:AA:D0:B9:D9:4C:A6:27 X509v3 Authority Key Identifier: keyid:54:86:37:6B:05:B8:A2:55:23:29:E3:61:BD:72:5C:77:E1:F8:D0:C9 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D17F2/4C88A7A0FDFE11E9BD667D1FC4F9AE02/VIY3awW4olUjKeNhvXJcd-H40Mk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VIY3awW4olUjKeNhvXJcd-H40Mk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D17F2/4C88A7A0FDFE11E9BD667D1FC4F9AE02/2DFF0AFE1FEB11EF9ECE847FC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 59.152.60.0/22 103.205.182.0/24 Signature Algorithm: sha256WithRSAEncryption 68:03:ea:78:ba:fe:68:5c:e4:f2:05:ab:f7:8a:51:94:0e:0a: 42:13:27:9c:88:52:54:82:fb:b5:73:ea:03:93:56:29:54:af: 87:e4:eb:5c:ef:54:bd:5e:b9:72:dc:67:24:55:96:7f:58:a1: d4:2c:8e:be:29:d9:78:c7:8c:7d:9d:d3:a5:d9:45:8f:91:b8: b2:d8:b3:bc:d0:ec:35:01:d7:25:18:f7:66:40:bc:1a:01:a0: 7e:f9:14:6b:a8:80:49:89:a2:b1:8d:06:f4:15:ef:59:20:8e: 89:4a:65:0e:05:9a:21:d0:8d:75:35:7b:53:6f:99:13:75:ed: 31:a3:78:70:d0:c3:e3:3a:81:ad:ae:08:e7:3a:d2:1f:1f:07: 1c:50:7d:68:32:41:1a:86:c0:d6:e4:ae:81:5b:4b:f6:78:ae: 34:f0:63:53:f4:4d:2c:eb:53:95:1d:16:ba:b9:b3:ab:01:6a: 5c:eb:43:05:b0:1d:b3:5b:8f:77:a7:86:2c:c2:46:85:ef:be: 22:86:2a:c1:67:c1:06:db:86:af:9c:97:34:2f:b3:85:49:f8: 4b:17:ab:53:bd:36:df:aa:ed:a7:12:f8:7a:2b:36:b3:ed:34: 80:fc:08:4d:90:67:a6:63:4f:98:11:18:e8:09:47:84:b5:fe: 41:7c:47:4f -----BEGIN CERTIFICATE----- MIIFdzCCBF+gAwIBAgICDC8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDE3RjIxMTAvBgNVBAUTKDU0ODYzNzZCMDVCOEEyNTUyMzI5RTM2MUJENzI1Qzc3 RTFGOEQwQzkwHhcNMjQwNjAxMDc0ODM2WhcNMjUwMzMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NjVhZDI1NC03MDdhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAyYpb65vkDgNRprCT9llhb6sHnXliHUDtNefGPyCHAZJjzddXyf+Hj+8NQSpE fSBJQrt56/PXZSg0P8qmcIuHaLz/Tv9CYc84UXf1Dd8MD7zC0K/D+nBWJN8Mpkfn FKPhDRRYCakCtYHMg4rb58XHfXtMO/xCg2Rc3M14I/InPORhBiQlMMIIOKRg4ke0 Hjq385AsJZctHvSDgIojnwtJykU8ISNNAR4yT3QUcc0OpSTiE6+OyxmglpdXekvK IP3XNUUYWOLbxkyQpQpGGvCOqTj6ZjBYrzyWEH9RfeCyN5sLG6a2Et5s0TFGP4Yh iogYsdB/3f1yrRbpAiuat7Ba7wIDAQABo4ICmzCCApcwHQYDVR0OBBYEFOZmc1WR d/vcARWaVUSq0LnZTKYnMB8GA1UdIwQYMBaAFFSGN2sFuKJVIynjYb1yXHfh+NDJ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEMTdGMi80Qzg4QTdBMEZE RkUxMUU5QkQ2NjdEMUZDNEY5QUUwMi9WSVkzYXdXNG9sVWpLZU5odlhKY2QtSDQw TWsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1ZJWTNhd1c0b2xVaktlTmh2WEpjZC1INDBNay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RDE3RjIvNEM4OEE3QTBGREZFMTFFOUJENjY3RDFGQzRGOUFFMDIvMkRGRjBBRkUx RkVCMTFFRjlFQ0U4NDdGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E FjAUMBIEAgABMAwDBAI7mDwDBABnzbYwDQYJKoZIhvcNAQELBQADggEBAGgD6ni6 /mhc5PIFq/eKUZQOCkITJ5yIUlSC+7Vz6gOTVilUr4fk61zvVL1euXLcZyRVln9Y odQsjr4p2XjHjH2d06XZRY+RuLLYs7zQ7DUB1yUY92ZAvBoBoH75FGuogEmJorGN BvQV71kgjolKZQ4FmiHQjXU1e1NvmRN17TGjeHDQw+M6ga2uCOc60h8fBxxQfWgy QRqGwNbkroFbS/Z4rjTwY1P0TSzrU5UdFrq5s6sBalzrQwWwHbNbj3enhizCRoXv viKGKsFnwQbbhq+clzQvs4VJ+EsXq1O9Nt+q7acS+HorNrPtNID8CE2QZ6ZjT5gR GOgJR4S1/kF8R08= -----END CERTIFICATE-----Generated at Thu Jun 20 21:03:52 2024 by rpki-client on console-ams.rpki-client.org