$ rpki-client -vvf rpki.apnic.net/member_repository/A91DDCB6/F077598ECC3D11EA8BC45C29C4F9AE02/9CB5878688DD11ECAC36C11FC4F9AE02.roa File: 9CB5878688DD11ECAC36C11FC4F9AE02.roa (raw, json) Hash identifier: I+1rdMFlu0j7ia3qK0QlemFhqFiTfHZq0qG04UwCuns= Subject key identifier: 11:BD:7C:1C:0D:2F:6A:4E:AC:59:0B:D8:25:8E:14:1F:86:77:8B:BB Certificate issuer: /CN=A91DDCB6/serialNumber=FEA14F23FDB977AC6489D2106E35E023B28968DC Certificate serial: 074A Authority key identifier: FE:A1:4F:23:FD:B9:77:AC:64:89:D2:10:6E:35:E0:23:B2:89:68:DC Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_qFPI_25d6xkidIQbjXgI7KJaNw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91DDCB6/F077598ECC3D11EA8BC45C29C4F9AE02/9CB5878688DD11ECAC36C11FC4F9AE02.roa Signing time: Tue 10 Oct 2023 21:49:06 +0000 ROA not before: Tue 10 Oct 2023 21:49:06 +0000 ROA not after: Mon 30 Dec 2024 00:00:00 +0000 asID: 132420 IP address blocks: 43.252.88.0/22 maxlen: 24 101.53.128.0/19 maxlen: 24 103.20.212.0/22 maxlen: 24 103.250.244.0/22 maxlen: 24 116.204.172.0/22 maxlen: 24 139.5.188.0/22 maxlen: 24 2001:df0:411::/48 maxlen: 48 2001:df4:3500::/48 maxlen: 48 2406:69c0::/32 maxlen: 36 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91DDCB6/F077598ECC3D11EA8BC45C29C4F9AE02/_qFPI_25d6xkidIQbjXgI7KJaNw.crl rsync://rpki.apnic.net/member_repository/A91DDCB6/F077598ECC3D11EA8BC45C29C4F9AE02/_qFPI_25d6xkidIQbjXgI7KJaNw.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_qFPI_25d6xkidIQbjXgI7KJaNw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 21 May 2024 22:12:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1866 (0x74a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91DDCB6/serialNumber=FEA14F23FDB977AC6489D2106E35E023B28968DC Validity Not Before: Oct 10 21:49:06 2023 GMT Not After : Dec 30 00:00:00 2024 GMT Subject: CN=6525c6d1-c2d5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:cb:4b:78:77:a0:fb:5f:db:eb:77:e8:b4:f2: 86:ef:e4:34:71:61:71:f6:fb:f6:32:41:c8:bd:61: 1b:3f:16:0f:97:94:4f:83:d8:22:ac:8d:65:3c:99: a5:b2:45:71:a8:38:43:c1:8e:b1:9f:51:fd:67:a6: 3e:15:71:99:8c:86:1b:a8:00:61:20:e5:c8:80:a3: bf:07:d9:e1:f1:a6:a6:4b:f6:99:27:72:d5:76:d3: 53:aa:5c:02:a3:91:c4:48:e9:f7:5f:39:dd:61:66: a4:fc:ae:c7:98:af:f9:87:82:eb:47:42:85:e1:ba: a4:a3:9d:ad:78:23:ce:63:45:29:ba:00:9b:45:e5: 77:da:f0:25:d2:a7:b4:21:0d:b6:da:81:7b:bd:6e: 48:c2:05:46:12:34:d6:54:f3:51:03:14:9c:9d:88: bf:68:bf:cc:1e:70:24:f1:9c:3c:8b:15:3a:dd:f0: 51:52:b1:02:2c:ee:26:a2:ae:1e:5e:ff:46:ed:92: 6b:f8:26:a7:5e:43:34:a4:a2:55:2f:fb:54:5e:31: 59:57:5f:64:58:5d:f1:b2:b2:d8:7e:f8:59:65:3b: bb:92:bb:09:99:cb:6d:85:4f:4f:d9:31:43:74:d4: 92:02:27:dc:df:67:5f:46:3f:16:c2:75:16:b4:bd: 21:b3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 11:BD:7C:1C:0D:2F:6A:4E:AC:59:0B:D8:25:8E:14:1F:86:77:8B:BB X509v3 Authority Key Identifier: keyid:FE:A1:4F:23:FD:B9:77:AC:64:89:D2:10:6E:35:E0:23:B2:89:68:DC X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91DDCB6/F077598ECC3D11EA8BC45C29C4F9AE02/_qFPI_25d6xkidIQbjXgI7KJaNw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_qFPI_25d6xkidIQbjXgI7KJaNw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DDCB6/F077598ECC3D11EA8BC45C29C4F9AE02/9CB5878688DD11ECAC36C11FC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.252.88.0/22 101.53.128.0/19 103.20.212.0/22 103.250.244.0/22 116.204.172.0/22 139.5.188.0/22 IPv6: 2001:df0:411::/48 2001:df4:3500::/48 2406:69c0::/32 Signature Algorithm: sha256WithRSAEncryption 66:a8:2b:28:c4:06:9a:9e:b6:33:16:03:2f:01:09:87:a8:05: 6b:e9:d6:22:b3:79:c7:83:c4:ce:6a:7a:38:3a:34:ba:8f:00: be:c9:00:da:30:2a:d0:69:32:af:84:ea:e2:28:45:83:95:12: e0:84:61:2a:8b:a2:33:56:ae:71:30:fa:dd:e4:7f:b1:3a:47: d6:7c:ee:ad:4b:a5:f2:b6:67:f1:c8:ee:0f:fd:5c:8f:d8:eb: f4:19:18:13:13:94:35:83:8c:62:0e:d3:c3:69:d9:f2:1d:bb: 6a:93:29:e2:82:03:78:ae:b2:2c:b8:98:b6:05:84:16:ea:a5: f2:ee:80:48:74:ad:1d:dc:55:52:be:5c:6e:e9:f5:f7:d9:bd: ed:5d:1c:bc:26:ad:e9:47:72:ca:bd:a0:d3:08:d9:dc:e1:e0: 4d:0a:7d:b5:dd:dc:9b:85:3e:20:47:41:97:1f:fe:ec:d4:b3: 9d:c6:66:07:4b:5f:22:cb:43:f2:34:3a:95:2a:bc:b2:31:52: 44:8b:90:3c:88:01:08:45:ad:13:25:a1:19:7f:a3:1b:6d:59: 54:b1:d2:12:f6:b5:b4:10:8a:ff:71:6a:40:0d:5b:ef:7f:37: a4:0e:3b:41:af:e2:b7:89:de:f7:c8:f7:85:bb:ee:0b:51:a8: ce:ab:2a:49 -----BEGIN CERTIFICATE----- MIIFsDCCBJigAwIBAgICB0owDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RERDQjYxMTAvBgNVBAUTKEZFQTE0RjIzRkRCOTc3QUM2NDg5RDIxMDZFMzVFMDIz QjI4OTY4REMwHhcNMjMxMDEwMjE0OTA2WhcNMjQxMjMwMDAwMDAwWjAYMRYwFAYD VQQDEw02NTI1YzZkMS1jMmQ1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAuctLeHeg+1/b63fotPKG7+Q0cWFx9vv2MkHIvWEbPxYPl5RPg9girI1lPJml skVxqDhDwY6xn1H9Z6Y+FXGZjIYbqABhIOXIgKO/B9nh8aamS/aZJ3LVdtNTqlwC o5HESOn3XzndYWak/K7HmK/5h4LrR0KF4bqko52teCPOY0UpugCbReV32vAl0qe0 IQ222oF7vW5IwgVGEjTWVPNRAxScnYi/aL/MHnAk8Zw8ixU63fBRUrECLO4moq4e Xv9G7ZJr+CanXkM0pKJVL/tUXjFZV19kWF3xsrLYfvhZZTu7krsJmctthU9P2TFD dNSSAifc32dfRj8WwnUWtL0hswIDAQABo4IC1DCCAtAwHQYDVR0OBBYEFBG9fBwN L2pOrFkL2CWOFB+Gd4u7MB8GA1UdIwQYMBaAFP6hTyP9uXesZInSEG414COyiWjc MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFERENCNi9GMDc3NTk4RUND M0QxMUVBOEJDNDVDMjlDNEY5QUUwMi9fcUZQSV8yNWQ2eGtpZElRYmpYZ0k3S0ph TncuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL19xRlBJXzI1ZDZ4a2lkSVFialhnSTdLSmFOdy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RERDQjYvRjA3NzU5OEVDQzNEMTFFQThCQzQ1QzI5QzRGOUFFMDIvOUNCNTg3ODY4 OEREMTFFQ0FDMzZDMTFGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwXgYIKwYBBQUHAQcBAf8E TzBNMCoEAgABMCQDBAIr/FgDBAVlNYADBAJnFNQDBAJn+vQDBAJ0zKwDBAKLBbww HwQCAAIwGQMHACABDfAEEQMHACABDfQ1AAMFACQGacAwDQYJKoZIhvcNAQELBQAD ggEBAGaoKyjEBpqetjMWAy8BCYeoBWvp1iKzeceDxM5qejg6NLqPAL7JANowKtBp Mq+E6uIoRYOVEuCEYSqLojNWrnEw+t3kf7E6R9Z87q1LpfK2Z/HI7g/9XI/Y6/QZ GBMTlDWDjGIO08Np2fIdu2qTKeKCA3iusiy4mLYFhBbqpfLugEh0rR3cVVK+XG7p 9ffZve1dHLwmrelHcsq9oNMI2dzh4E0KfbXd3JuFPiBHQZcf/uzUs53GZgdLXyLL Q/I0OpUqvLIxUkSLkDyIAQhFrRMloRl/oxttWVSx0hL2tbQQiv9xakANW+9/N6QO O0Gv4reJ3vfI94W77gtRqM6rKkk= -----END CERTIFICATE-----Generated at Tue May 14 23:01:11 2024 by rpki-client on console-fra.rpki-client.org