$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6856/2DDB426E486311EEBC0BD213C4F9AE02/B2C9B10A881311EE8CFB5C43C4F9AE02.roa File: B2C9B10A881311EE8CFB5C43C4F9AE02.roa (raw, json) Hash identifier: y7aSqlVu+M8dRxaQ0D1h2oyjB9Hff+DvjcZ1U7cch9M= Subject key identifier: 50:35:D5:DE:CC:EE:D0:05:33:A7:25:D5:40:6C:3A:98:C1:3E:71:44 Certificate issuer: /CN=A91E6856/serialNumber=3A6823A10F03BFACA4068D3398444F3641085485 Certificate serial: 2E Authority key identifier: 3A:68:23:A1:0F:03:BF:AC:A4:06:8D:33:98:44:4F:36:41:08:54:85 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/OmgjoQ8Dv6ykBo0zmERPNkEIVIU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E6856/2DDB426E486311EEBC0BD213C4F9AE02/B2C9B10A881311EE8CFB5C43C4F9AE02.roa Signing time: Tue 21 Nov 2023 02:14:28 +0000 ROA not before: Tue 21 Nov 2023 02:14:28 +0000 ROA not after: Thu 31 Oct 2024 00:00:00 +0000 asID: 24433 IP address blocks: 138.77.0.0/16 maxlen: 17 138.77.96.0/21 maxlen: 21 138.77.104.0/21 maxlen: 21 138.77.168.0/21 maxlen: 21 138.77.208.0/21 maxlen: 21 138.77.216.0/21 maxlen: 21 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E6856/2DDB426E486311EEBC0BD213C4F9AE02/OmgjoQ8Dv6ykBo0zmERPNkEIVIU.crl rsync://rpki.apnic.net/member_repository/A91E6856/2DDB426E486311EEBC0BD213C4F9AE02/OmgjoQ8Dv6ykBo0zmERPNkEIVIU.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/OmgjoQ8Dv6ykBo0zmERPNkEIVIU.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 01 Jul 2024 17:33:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 46 (0x2e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E6856/serialNumber=3A6823A10F03BFACA4068D3398444F3641085485 Validity Not Before: Nov 21 02:14:28 2023 GMT Not After : Oct 31 00:00:00 2024 GMT Subject: CN=655c1284-b969 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:2f:a9:95:f4:81:6c:67:cf:c3:ea:a9:ad:6e: 1e:39:72:b1:39:58:6e:cc:cc:ef:bd:56:ba:e4:12: 5a:00:ba:b9:ad:6c:08:92:ff:c4:30:7f:88:99:f4: 04:b2:bf:7b:01:92:4d:b7:3f:7f:96:fc:28:9f:c7: f0:f4:01:c8:0b:cb:2a:5b:e8:b9:e6:b2:3c:a7:ab: 9c:86:5d:2e:aa:8b:ba:a3:03:a5:95:b2:a9:28:14: 39:4e:f6:2b:c5:42:0b:8d:f0:80:d4:ad:e2:f6:3e: d3:b4:14:a9:0b:7d:f1:86:54:10:e6:9e:af:a1:47: 36:a7:d5:9a:f4:00:bc:0a:f2:e0:f5:84:a0:d5:5c: ed:6e:85:6f:4b:31:e7:8d:73:56:98:83:fc:e3:0f: 6e:b1:54:59:e5:e4:1d:7a:7a:f6:09:6a:3a:eb:ee: 41:24:56:b5:64:fa:26:88:6b:d1:5c:b0:37:30:65: d9:d1:cd:11:01:0e:b3:41:7e:44:d5:7a:88:3f:18: 08:5c:56:21:76:fa:27:e4:11:08:52:95:9a:fa:ca: c4:21:5a:39:72:ae:48:5c:c5:1f:eb:ac:85:0a:d6: 9c:7a:17:10:02:5a:ea:1a:f9:7d:02:89:d5:93:33: 4f:8b:c1:46:2e:94:b5:40:07:e8:db:17:6e:6f:46: 79:8b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 50:35:D5:DE:CC:EE:D0:05:33:A7:25:D5:40:6C:3A:98:C1:3E:71:44 X509v3 Authority Key Identifier: keyid:3A:68:23:A1:0F:03:BF:AC:A4:06:8D:33:98:44:4F:36:41:08:54:85 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E6856/2DDB426E486311EEBC0BD213C4F9AE02/OmgjoQ8Dv6ykBo0zmERPNkEIVIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/OmgjoQ8Dv6ykBo0zmERPNkEIVIU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6856/2DDB426E486311EEBC0BD213C4F9AE02/B2C9B10A881311EE8CFB5C43C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 138.77.0.0/16 Signature Algorithm: sha256WithRSAEncryption 8e:78:89:3c:30:fb:51:7b:de:d2:ca:17:7f:fb:21:69:4a:ea: 19:de:16:1a:f1:17:e3:f8:8d:88:ca:bc:a8:42:4c:60:fe:94: 95:eb:fc:9e:d9:29:a5:9d:2c:ab:7e:88:8f:3f:8a:af:3d:b1: 3a:39:4b:b9:a3:b0:c8:4a:88:fc:d2:b4:f9:26:af:5a:76:56: 7c:af:10:9f:ce:86:b8:4d:4f:83:ec:e0:80:1e:63:65:78:a8: 4a:1c:ac:ce:67:5e:c1:58:6f:54:55:b5:e9:55:65:13:bd:2f: cd:6f:ac:d5:3f:51:62:9e:d8:4d:c1:8b:22:e0:c0:17:3a:f2: 86:fa:96:e0:04:82:6d:d4:a3:15:9a:b5:fd:72:b9:a9:ca:d2: 13:fa:8d:7e:96:c6:b6:57:69:a6:8e:b0:4a:13:e9:93:cf:0c: da:e5:c5:05:18:d3:27:0f:8d:a5:3c:e7:0d:7e:1a:ee:d8:3d: bc:3d:0c:11:1b:a1:23:c5:78:1a:5b:28:3e:e9:a9:a5:1a:ca: 6f:3f:33:91:62:5b:7e:c6:43:b1:55:08:e4:4f:d9:2f:87:43: 48:bc:3b:b4:bf:99:3c:07:36:40:66:03:f3:f8:db:5c:4b:93: 23:5e:d2:9a:7b:56:38:2c:8b:f8:38:88:e4:7c:6a:6d:7b:66: 94:dc:ae:6c -----BEGIN CERTIFICATE----- MIIFbzCCBFegAwIBAgIBLjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFF Njg1NjExMC8GA1UEBRMoM0E2ODIzQTEwRjAzQkZBQ0E0MDY4RDMzOTg0NDRGMzY0 MTA4NTQ4NTAeFw0yMzExMjEwMjE0MjhaFw0yNDEwMzEwMDAwMDBaMBgxFjAUBgNV BAMTDTY1NWMxMjg0LWI5NjkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQC6L6mV9IFsZ8/D6qmtbh45crE5WG7MzO+9VrrkEloAurmtbAiS/8Qwf4iZ9ASy v3sBkk23P3+W/Cifx/D0AcgLyypb6Lnmsjynq5yGXS6qi7qjA6WVsqkoFDlO9ivF QguN8IDUreL2PtO0FKkLffGGVBDmnq+hRzan1Zr0ALwK8uD1hKDVXO1uhW9LMeeN c1aYg/zjD26xVFnl5B16evYJajrr7kEkVrVk+iaIa9FcsDcwZdnRzREBDrNBfkTV eog/GAhcViF2+ifkEQhSlZr6ysQhWjlyrkhcxR/rrIUK1px6FxACWuoa+X0CidWT M0+LwUYulLVAB+jbF25vRnmLAgMBAAGjggKUMIICkDAdBgNVHQ4EFgQUUDXV3szu 0AUzpyXVQGw6mME+cUQwHwYDVR0jBBgwFoAUOmgjoQ8Dv6ykBo0zmERPNkEIVIUw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUU2ODU2LzJEREI0MjZFNDg2 MzExRUVCQzBCRDIxM0M0RjlBRTAyL09tZ2pvUThEdjZ5a0JvMHptRVJQTmtFSVZJ VS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvT21nam9ROER2NnlrQm8wem1FUlBOa0VJVklVLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF Njg1Ni8yRERCNDI2RTQ4NjMxMUVFQkMwQkQyMTNDNEY5QUUwMi9CMkM5QjEwQTg4 MTMxMUVFOENGQjVDNDNDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAeBggrBgEFBQcBBwEB/wQP MA0wCwQCAAEwBQMDAIpNMA0GCSqGSIb3DQEBCwUAA4IBAQCOeIk8MPtRe97Syhd/ +yFpSuoZ3hYa8Rfj+I2IyryoQkxg/pSV6/ye2SmlnSyrfoiPP4qvPbE6OUu5o7DI Soj80rT5Jq9adlZ8rxCfzoa4TU+D7OCAHmNleKhKHKzOZ17BWG9UVbXpVWUTvS/N b6zVP1FinthNwYsi4MAXOvKG+pbgBIJt1KMVmrX9crmpytIT+o1+lsa2V2mmjrBK E+mTzwza5cUFGNMnD42lPOcNfhru2D28PQwRG6EjxXgaWyg+6amlGspvPzORYlt+ xkOxVQjkT9kvh0NIvDu0v5k8BzZAZgPz+NtcS5MjXtKae1Y4LIv4OIjkfGpte2aU 3K5s -----END CERTIFICATE-----Generated at Mon Jun 24 19:37:18 2024 by rpki-client on console-fra.rpki-client.org