$ rpki-client -vvf rpki.apnic.net/member_repository/A91D3DAE/FEFBCC8E1D8F11E2B54A7DEF08B02CD2/232E8BFEFEA411EDBC673B4BC4F9AE02.roa File: 232E8BFEFEA411EDBC673B4BC4F9AE02.roa (raw, json) Hash identifier: 2R/JIm+dy3J9QEhBrc+vl6TnBvASBKCKIARBdM+hz20= Subject key identifier: AB:CD:98:38:0D:3A:C0:64:9A:E0:E9:6C:41:35:2B:EC:48:FA:8E:D3 Certificate issuer: /CN=A91D3DAE/serialNumber=1AEFB51DEC8EB07962A75E459CE210A7400104FB Certificate serial: 3424 Authority key identifier: 1A:EF:B5:1D:EC:8E:B0:79:62:A7:5E:45:9C:E2:10:A7:40:01:04:FB Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Gu-1HeyOsHlip15FnOIQp0ABBPs.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D3DAE/FEFBCC8E1D8F11E2B54A7DEF08B02CD2/232E8BFEFEA411EDBC673B4BC4F9AE02.roa Signing time: Mon 28 Oct 2024 15:10:52 +0000 ROA not before: Mon 28 Oct 2024 15:10:52 +0000 ROA not after: Sat 31 Jan 2026 00:00:00 +0000 asID: 7654 IP address blocks: 202.57.128.0/24 maxlen: 24 202.57.130.0/24 maxlen: 24 202.57.160.0/24 maxlen: 24 202.57.176.0/22 maxlen: 22 202.57.191.0/24 maxlen: 24 2406:400::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D3DAE/FEFBCC8E1D8F11E2B54A7DEF08B02CD2/Gu-1HeyOsHlip15FnOIQp0ABBPs.crl rsync://rpki.apnic.net/member_repository/A91D3DAE/FEFBCC8E1D8F11E2B54A7DEF08B02CD2/Gu-1HeyOsHlip15FnOIQp0ABBPs.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Gu-1HeyOsHlip15FnOIQp0ABBPs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Nov 2024 14:41:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13348 (0x3424) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D3DAE/serialNumber=1AEFB51DEC8EB07962A75E459CE210A7400104FB Validity Not Before: Oct 28 15:10:52 2024 GMT Not After : Jan 31 00:00:00 2026 GMT Subject: CN=671fa97c-2b1b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dc:bf:21:fd:cb:70:f9:1f:2e:98:84:e5:e3:b7: 29:0c:bc:42:5d:7b:4c:2e:be:97:b7:e3:5f:2b:ae: 6a:4b:ca:5c:dc:5f:da:2b:a8:f9:99:d2:16:7a:16: fd:7b:b4:51:a2:fb:73:fe:22:4d:6e:23:b2:24:ad: d9:1f:fb:ee:25:9b:4e:c7:28:d7:ef:d1:22:5a:36: 1b:e1:05:9a:2e:f0:a4:91:ea:f8:10:6b:52:ce:a8: a9:62:52:46:15:6c:8d:e3:08:e9:21:24:95:52:1b: 6e:6b:dc:aa:69:b0:72:30:f9:70:f8:9e:f8:23:27: 56:1d:36:5c:c4:54:9f:ea:64:cb:a2:47:52:b2:ca: 0f:0a:19:77:93:14:c6:53:4d:95:5b:d1:8f:da:8b: 49:a9:5c:1e:ae:d6:9e:00:d2:e1:1c:e1:20:78:b0: 88:03:f0:7c:77:2f:02:6b:6e:27:6b:54:95:82:8f: 58:ce:75:23:b9:e0:df:9e:20:eb:72:c9:01:b9:fb: fc:42:3f:0e:15:61:b1:12:ea:d4:49:ec:0e:56:80: 00:f1:df:73:8c:c8:13:7c:e4:65:3e:81:aa:4a:f0: 2c:04:32:3a:d7:04:81:bd:a5:9f:d1:2f:fa:83:4f: a0:1f:72:f8:d8:9a:94:34:3b:f2:d5:f8:e5:55:d5: e5:b1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AB:CD:98:38:0D:3A:C0:64:9A:E0:E9:6C:41:35:2B:EC:48:FA:8E:D3 X509v3 Authority Key Identifier: keyid:1A:EF:B5:1D:EC:8E:B0:79:62:A7:5E:45:9C:E2:10:A7:40:01:04:FB X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D3DAE/FEFBCC8E1D8F11E2B54A7DEF08B02CD2/Gu-1HeyOsHlip15FnOIQp0ABBPs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Gu-1HeyOsHlip15FnOIQp0ABBPs.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D3DAE/FEFBCC8E1D8F11E2B54A7DEF08B02CD2/232E8BFEFEA411EDBC673B4BC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 202.57.128.0/24 202.57.130.0/24 202.57.160.0/24 202.57.176.0/22 202.57.191.0/24 IPv6: 2406:400::/32 Signature Algorithm: sha256WithRSAEncryption a1:cb:21:3d:11:73:da:eb:41:dd:f8:aa:00:68:83:5a:49:86: 9d:11:65:73:83:10:ec:a3:64:b3:d3:a4:08:e7:97:2a:d3:a5: 63:6c:b6:79:7b:2c:23:a8:79:be:21:b2:30:1f:89:0a:42:b7: 24:9b:55:aa:ab:28:41:ce:60:9f:86:7e:cc:65:c4:a0:f8:11: b5:ab:66:94:27:69:66:0d:bc:31:12:5c:06:5c:97:e5:e1:fb: f0:18:c4:b5:02:0e:fe:0b:35:21:5f:a9:48:ff:2a:2a:29:06: ae:fb:13:04:56:9c:18:87:1d:3c:0c:69:65:54:9c:60:1a:a5: 93:c6:15:91:6a:a7:12:c3:9c:d9:6d:f8:80:3f:71:5c:e6:74: 89:2a:cc:f3:42:2b:5c:87:96:9a:a3:9b:bb:57:3e:a0:90:2f: c9:bf:41:51:dc:c0:2a:be:bd:8c:51:cd:4e:69:2b:51:f4:c5: 6c:81:fc:2e:62:d8:88:4e:10:b6:dd:78:19:74:2c:c8:bf:b7: cf:cc:58:ab:51:7d:62:42:dd:fb:3b:4f:1b:0f:89:ec:ef:8b: 72:b3:21:d6:28:4c:94:f6:fa:b9:e0:52:46:46:9e:cd:5d:1c: 7d:ca:f2:38:9f:f3:ca:da:0c:2c:2d:09:1e:97:3d:76:d6:cf: 1b:c9:9d:cb -----BEGIN CERTIFICATE----- MIIFmDCCBICgAwIBAgICNCQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDNEQUUxMTAvBgNVBAUTKDFBRUZCNTFERUM4RUIwNzk2MkE3NUU0NTlDRTIxMEE3 NDAwMTA0RkIwHhcNMjQxMDI4MTUxMDUyWhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NzFmYTk3Yy0yYjFiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA3L8h/ctw+R8umITl47cpDLxCXXtMLr6Xt+NfK65qS8pc3F/aK6j5mdIWehb9 e7RRovtz/iJNbiOyJK3ZH/vuJZtOxyjX79EiWjYb4QWaLvCkker4EGtSzqipYlJG FWyN4wjpISSVUhtua9yqabByMPlw+J74IydWHTZcxFSf6mTLokdSssoPChl3kxTG U02VW9GP2otJqVwertaeANLhHOEgeLCIA/B8dy8Ca24na1SVgo9YznUjueDfniDr cskBufv8Qj8OFWGxEurUSewOVoAA8d9zjMgTfORlPoGqSvAsBDI61wSBvaWf0S/6 g0+gH3L42JqUNDvy1fjlVdXlsQIDAQABo4ICvDCCArgwHQYDVR0OBBYEFKvNmDgN OsBkmuDpbEE1K+xI+o7TMB8GA1UdIwQYMBaAFBrvtR3sjrB5YqdeRZziEKdAAQT7 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEM0RBRS9GRUZCQ0M4RTFE OEYxMUUyQjU0QTdERUYwOEIwMkNEMi9HdS0xSGV5T3NIbGlwMTVGbk9JUXAwQUJC UHMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0d1LTFIZXlPc0hsaXAxNUZuT0lRcDBBQkJQcy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RDNEQUUvRkVGQkNDOEUxRDhGMTFFMkI1NEE3REVGMDhCMDJDRDIvMjMyRThCRkVG RUE0MTFFREJDNjczQjRCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwRgYIKwYBBQUHAQcBAf8E NzA1MCQEAgABMB4DBADKOYADBADKOYIDBADKOaADBALKObADBADKOb8wDQQCAAIw BwMFACQGBAAwDQYJKoZIhvcNAQELBQADggEBAKHLIT0Rc9rrQd34qgBog1pJhp0R ZXODEOyjZLPTpAjnlyrTpWNstnl7LCOoeb4hsjAfiQpCtySbVaqrKEHOYJ+Gfsxl xKD4EbWrZpQnaWYNvDESXAZcl+Xh+/AYxLUCDv4LNSFfqUj/KiopBq77EwRWnBiH HTwMaWVUnGAapZPGFZFqpxLDnNlt+IA/cVzmdIkqzPNCK1yHlpqjm7tXPqCQL8m/ QVHcwCq+vYxRzU5pK1H0xWyB/C5i2IhOELbdeBl0LMi/t8/MWKtRfWJC3fs7TxsP iezvi3KzIdYoTJT2+rngUkZGns1dHH3K8jif88raDCwtCR6XPXbWzxvJncs= -----END CERTIFICATE-----Generated at Fri Nov 22 15:25:44 2024 by rpki-client on console-fra.rpki-client.org