$ rpki-client -vvf rpki.apnic.net/member_repository/A91E91BC/AE44D24ADBE911EC95110515C4F9AE02/7B8DCA22D53F11EE98B61A0EC4F9AE02.roa File: 7B8DCA22D53F11EE98B61A0EC4F9AE02.roa (raw, json) Hash identifier: GLDIh0I+WZrdD45kcVfxksE1LMMouxKgbwehtWz1oI4= Subject key identifier: 22:BD:90:8C:37:33:91:46:AF:5A:A7:3C:17:36:10:74:A0:91:20:66 Certificate issuer: /CN=A91E91BC/serialNumber=6D5D50E88B9D65E8AFDA28C2CEA6150127038608 Certificate serial: 0238 Authority key identifier: 6D:5D:50:E8:8B:9D:65:E8:AF:DA:28:C2:CE:A6:15:01:27:03:86:08 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bV1Q6IudZeiv2ijCzqYVAScDhgg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E91BC/AE44D24ADBE911EC95110515C4F9AE02/7B8DCA22D53F11EE98B61A0EC4F9AE02.roa Signing time: Tue 27 Feb 2024 07:11:53 +0000 ROA not before: Tue 27 Feb 2024 07:11:53 +0000 ROA not after: Sat 31 Aug 2024 00:00:00 +0000 asID: 7545 IP address blocks: 202.12.87.0/24 maxlen: 24 202.12.88.0/24 maxlen: 24 202.12.90.0/24 maxlen: 24 203.0.12.0/24 maxlen: 24 203.0.13.0/24 maxlen: 24 203.3.124.0/22 maxlen: 22 203.4.226.0/24 maxlen: 24 203.14.152.0/24 maxlen: 24 203.14.154.0/24 maxlen: 24 203.14.155.0/24 maxlen: 24 203.14.156.0/23 maxlen: 23 203.14.158.0/23 maxlen: 23 203.27.126.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E91BC/AE44D24ADBE911EC95110515C4F9AE02/bV1Q6IudZeiv2ijCzqYVAScDhgg.crl rsync://rpki.apnic.net/member_repository/A91E91BC/AE44D24ADBE911EC95110515C4F9AE02/bV1Q6IudZeiv2ijCzqYVAScDhgg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bV1Q6IudZeiv2ijCzqYVAScDhgg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 26 May 2024 02:50:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 568 (0x238) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E91BC/serialNumber=6D5D50E88B9D65E8AFDA28C2CEA6150127038608 Validity Not Before: Feb 27 07:11:53 2024 GMT Not After : Aug 31 00:00:00 2024 GMT Subject: CN=65dd8b39-c3d1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e0:1e:45:e0:b2:b7:60:4a:31:fa:57:d9:89:5e: 98:4e:bd:be:5f:bf:47:c6:9a:6f:b7:b3:ce:b2:41: 3d:d4:0d:ff:09:c4:7a:83:90:2c:09:bc:bf:9c:d7: 61:62:e9:00:94:3f:ac:c8:22:f8:10:a9:0f:d7:fc: 6b:c5:1d:c7:1d:07:96:c0:94:5d:b6:65:c0:3c:a1: f7:53:37:4e:da:f4:89:da:46:2a:51:d3:21:39:ea: 0b:65:44:56:d7:0d:98:c1:ef:65:db:97:4e:87:58: b4:61:ab:6a:a4:98:d9:7f:e0:50:b8:8e:98:fe:25: b5:bc:c2:cd:fb:86:02:fa:f6:51:67:e9:d7:1e:e0: c1:5d:e0:75:4f:db:18:25:38:8b:e9:d7:be:90:4d: 9d:94:0e:cf:2e:f5:f1:b9:56:07:db:a8:36:09:72: 0f:62:11:7d:20:01:91:eb:74:ee:dd:de:21:71:a3: 2f:e8:66:ad:51:93:40:22:62:ac:76:ee:4b:e6:a2: 8a:37:6b:ca:05:45:51:2c:09:2f:e2:df:75:f2:89: d4:08:03:15:bd:4b:d5:86:7b:02:3c:cc:3f:fc:42: 42:51:39:67:5f:c5:4e:71:20:31:7e:5e:27:5e:99: 37:1b:1e:70:5f:23:ca:52:35:10:4d:fd:0c:67:37: bb:bf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 22:BD:90:8C:37:33:91:46:AF:5A:A7:3C:17:36:10:74:A0:91:20:66 X509v3 Authority Key Identifier: keyid:6D:5D:50:E8:8B:9D:65:E8:AF:DA:28:C2:CE:A6:15:01:27:03:86:08 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E91BC/AE44D24ADBE911EC95110515C4F9AE02/bV1Q6IudZeiv2ijCzqYVAScDhgg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bV1Q6IudZeiv2ijCzqYVAScDhgg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E91BC/AE44D24ADBE911EC95110515C4F9AE02/7B8DCA22D53F11EE98B61A0EC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 202.12.87.0-202.12.88.255 202.12.90.0/24 203.0.12.0/23 203.3.124.0/22 203.4.226.0/24 203.14.152.0/24 203.14.154.0-203.14.159.255 203.27.126.0/24 Signature Algorithm: sha256WithRSAEncryption d5:03:55:e1:4f:d9:a5:8b:73:b8:71:af:65:3e:d2:4d:94:9f: 6a:1f:fa:a5:a7:40:23:26:26:58:e5:90:1b:4c:85:08:10:9c: 14:3f:fb:53:ea:c5:d4:be:8e:25:10:04:4f:5f:e4:b0:4e:90: 9b:84:a9:09:5c:d1:d8:f0:8b:47:ff:35:0e:21:28:a0:b8:c0: 05:0b:b2:59:5f:7d:30:73:38:bb:86:c4:21:8f:44:96:9e:20: 17:92:d2:51:ef:d4:0f:37:21:92:e3:0b:a1:bc:4d:48:f6:75: 1d:a9:01:a1:b1:44:a2:06:05:72:48:2d:a1:64:ec:60:a0:08: f5:51:d3:d8:ba:06:4e:fb:16:d8:7f:7d:e2:22:e2:f0:24:c5: 48:d8:0e:6d:e4:ae:87:d0:aa:32:34:85:75:9b:e7:dd:a6:79: bf:8a:54:b3:1d:0d:3f:cf:c3:42:1a:f6:78:31:c4:42:f5:37: cb:68:7b:8f:6a:fc:eb:cc:5c:21:cb:25:49:cc:15:f0:17:d6: 65:a8:a2:ec:58:e1:80:d8:15:a4:04:5d:23:21:0d:ab:b4:62: c9:18:93:9b:0a:64:21:b5:82:6f:23:4d:86:8e:e7:af:bc:69: 30:d6:81:3a:dd:d2:5f:07:3a:87:22:ed:a0:15:0b:76:1d:5f: 5c:ef:b3:49 -----BEGIN CERTIFICATE----- MIIFqzCCBJOgAwIBAgICAjgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTkxQkMxMTAvBgNVBAUTKDZENUQ1MEU4OEI5RDY1RThBRkRBMjhDMkNFQTYxNTAx MjcwMzg2MDgwHhcNMjQwMjI3MDcxMTUzWhcNMjQwODMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NWRkOGIzOS1jM2QxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA4B5F4LK3YEox+lfZiV6YTr2+X79Hxppvt7POskE91A3/CcR6g5AsCby/nNdh YukAlD+syCL4EKkP1/xrxR3HHQeWwJRdtmXAPKH3UzdO2vSJ2kYqUdMhOeoLZURW 1w2Ywe9l25dOh1i0YatqpJjZf+BQuI6Y/iW1vMLN+4YC+vZRZ+nXHuDBXeB1T9sY JTiL6de+kE2dlA7PLvXxuVYH26g2CXIPYhF9IAGR63Tu3d4hcaMv6GatUZNAImKs du5L5qKKN2vKBUVRLAkv4t918onUCAMVvUvVhnsCPMw//EJCUTlnX8VOcSAxfl4n Xpk3Gx5wXyPKUjUQTf0MZze7vwIDAQABo4ICzzCCAsswHQYDVR0OBBYEFCK9kIw3 M5FGr1qnPBc2EHSgkSBmMB8GA1UdIwQYMBaAFG1dUOiLnWXor9oows6mFQEnA4YI MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFOTFCQy9BRTQ0RDI0QURC RTkxMUVDOTUxMTA1MTVDNEY5QUUwMi9iVjFRNkl1ZFplaXYyaWpDenFZVkFTY0Ro Z2cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2JWMVE2SXVkWmVpdjJpakN6cVlWQVNjRGhnZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RTkxQkMvQUU0NEQyNEFEQkU5MTFFQzk1MTEwNTE1QzRGOUFFMDIvN0I4RENBMjJE NTNGMTFFRTk4QjYxQTBFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwWQYIKwYBBQUHAQcBAf8E SjBIMEYEAgABMEAwDAMEAMoMVwMEAMoMWAMEAMoMWgMEAcsADAMEAssDfAMEAMsE 4gMEAMsOmDAMAwQByw6aAwQFyw6AAwQAyxt+MA0GCSqGSIb3DQEBCwUAA4IBAQDV A1XhT9mli3O4ca9lPtJNlJ9qH/qlp0AjJiZY5ZAbTIUIEJwUP/tT6sXUvo4lEARP X+SwTpCbhKkJXNHY8ItH/zUOISiguMAFC7JZX30wczi7hsQhj0SWniAXktJR79QP NyGS4wuhvE1I9nUdqQGhsUSiBgVySC2hZOxgoAj1UdPYugZO+xbYf33iIuLwJMVI 2A5t5K6H0KoyNIV1m+fdpnm/ilSzHQ0/z8NCGvZ4McRC9TfLaHuPavzrzFwhyyVJ zBXwF9ZlqKLsWOGA2BWkBF0jIQ2rtGLJGJObCmQhtYJvI02GjuevvGkw1oE63dJf BzqHIu2gFQt2HV9c77NJ -----END CERTIFICATE-----Generated at Sun May 19 04:56:56 2024 by rpki-client on console-fra.rpki-client.org