$ rpki-client -vvf rpki.apnic.net/member_repository/A91EE1C4/FC672B722FAF11EB94155F33C4F9AE02/D8EA255C2FBC11EB8E017F5CC4F9AE02.roa File: D8EA255C2FBC11EB8E017F5CC4F9AE02.roa (raw, json) Hash identifier: BkTcuyEezWUWEkhN6v2tftRUBORfyEfzklVup25IVEk= Subject key identifier: 04:6C:17:03:57:36:DD:21:E0:6C:07:F5:A5:BC:96:ED:C9:54:95:1F Certificate issuer: /CN=A91EE1C4/serialNumber=70BD1E495E250B22E2798296969785A2D77D737F Certificate serial: 067B Authority key identifier: 70:BD:1E:49:5E:25:0B:22:E2:79:82:96:96:97:85:A2:D7:7D:73:7F Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cL0eSV4lCyLieYKWlpeFotd9c38.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EE1C4/FC672B722FAF11EB94155F33C4F9AE02/D8EA255C2FBC11EB8E017F5CC4F9AE02.roa Signing time: Thu 02 May 2024 23:42:56 +0000 ROA not before: Thu 02 May 2024 23:42:56 +0000 ROA not after: Wed 30 Jul 2025 00:00:00 +0000 asID: 14618 IP address blocks: 202.128.99.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EE1C4/FC672B722FAF11EB94155F33C4F9AE02/cL0eSV4lCyLieYKWlpeFotd9c38.crl rsync://rpki.apnic.net/member_repository/A91EE1C4/FC672B722FAF11EB94155F33C4F9AE02/cL0eSV4lCyLieYKWlpeFotd9c38.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cL0eSV4lCyLieYKWlpeFotd9c38.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 Nov 2024 20:33:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1659 (0x67b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EE1C4/serialNumber=70BD1E495E250B22E2798296969785A2D77D737F Validity Not Before: May 2 23:42:56 2024 GMT Not After : Jul 30 00:00:00 2025 GMT Subject: CN=66342500-6f85 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:90:a1:64:86:55:98:37:9d:52:68:8f:7d:bf: 37:34:4b:58:2e:a0:0a:b5:dd:2a:5c:da:f3:e7:fd: 80:9a:e9:a7:d9:0e:38:c4:b3:54:62:70:d5:d3:07: 24:8e:a7:26:42:4b:fd:eb:82:cf:8d:9c:9e:93:8d: b1:df:89:74:5b:ff:f1:54:95:f1:00:fe:a9:d1:b8: c9:7d:6c:59:f0:a9:38:36:15:51:d3:73:00:be:f2: b7:69:81:b9:a9:43:7c:12:b6:dd:27:55:50:99:86: 4d:01:74:95:95:88:97:c6:41:c5:40:4d:98:79:81: 9b:86:4c:f6:0d:27:e1:53:9a:94:b9:2b:f8:20:f4: c3:80:f8:f2:49:40:09:b3:58:82:0d:b7:e3:ed:49: fa:42:82:81:f6:bf:77:f0:4f:2a:c7:26:43:ab:cc: 47:26:b6:a2:b3:ed:e4:bd:86:a6:6d:5d:6b:06:91: 37:60:fa:74:ec:0d:40:12:cd:18:5c:c9:43:11:a1: 7a:4b:16:fc:31:ab:d0:9b:e3:72:16:29:39:43:7b: ea:80:6e:19:2e:78:c0:7b:ad:b0:4f:67:75:d9:a3: fb:35:4c:05:9c:c4:ce:14:59:21:7e:57:00:5d:ba: 57:94:56:d6:0c:67:72:f5:e5:fd:77:b0:d3:09:6c: 42:cf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 04:6C:17:03:57:36:DD:21:E0:6C:07:F5:A5:BC:96:ED:C9:54:95:1F X509v3 Authority Key Identifier: keyid:70:BD:1E:49:5E:25:0B:22:E2:79:82:96:96:97:85:A2:D7:7D:73:7F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EE1C4/FC672B722FAF11EB94155F33C4F9AE02/cL0eSV4lCyLieYKWlpeFotd9c38.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cL0eSV4lCyLieYKWlpeFotd9c38.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EE1C4/FC672B722FAF11EB94155F33C4F9AE02/D8EA255C2FBC11EB8E017F5CC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 202.128.99.0/24 Signature Algorithm: sha256WithRSAEncryption 79:71:e4:f7:70:93:79:2d:19:53:9b:e5:7d:42:22:21:41:8e: 7a:8e:01:27:41:00:56:d5:6e:e3:89:fe:d4:b3:b5:28:39:11: 3e:14:c5:d1:c4:79:aa:24:19:0a:f9:2b:5d:03:c7:a0:bd:a8: 28:d0:d9:6e:12:e7:55:2f:48:80:1f:83:6a:69:5a:19:10:cf: 55:55:85:32:c9:03:9f:44:7f:78:1d:fa:47:58:73:86:bf:57: fd:12:4d:46:a7:b1:22:68:4d:d2:e5:09:19:0b:34:24:2a:e4: a0:10:10:25:1a:e6:eb:70:87:0e:e3:ed:80:89:91:f1:a6:83: 62:e2:0d:3a:f9:a7:15:c7:3d:bc:13:e7:34:c4:53:de:9b:66: 24:1b:32:67:78:29:eb:1d:03:be:8f:5c:f0:5d:a3:9e:71:77: 81:68:0f:7c:cd:ef:9f:86:b4:0f:31:a6:86:39:14:d6:19:41: 76:8a:8e:73:fb:44:18:58:3c:ae:2b:82:25:62:ec:76:32:f9: 9d:16:42:4e:04:f5:92:53:da:fe:ad:4d:7c:f4:6c:ad:4d:90: 84:f4:ef:49:7e:1d:70:5e:96:5e:b0:82:c4:de:85:b5:e4:55: ba:62:8a:5d:0f:f3:28:6f:b2:11:a8:0d:62:c5:d1:44:09:74: 22:90:a2:32 -----BEGIN CERTIFICATE----- MIIFcTCCBFmgAwIBAgICBnswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RUUxQzQxMTAvBgNVBAUTKDcwQkQxRTQ5NUUyNTBCMjJFMjc5ODI5Njk2OTc4NUEy RDc3RDczN0YwHhcNMjQwNTAyMjM0MjU2WhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD VQQDEw02NjM0MjUwMC02Zjg1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvJChZIZVmDedUmiPfb83NEtYLqAKtd0qXNrz5/2Amumn2Q44xLNUYnDV0wck jqcmQkv964LPjZyek42x34l0W//xVJXxAP6p0bjJfWxZ8Kk4NhVR03MAvvK3aYG5 qUN8ErbdJ1VQmYZNAXSVlYiXxkHFQE2YeYGbhkz2DSfhU5qUuSv4IPTDgPjySUAJ s1iCDbfj7Un6QoKB9r938E8qxyZDq8xHJrais+3kvYambV1rBpE3YPp07A1AEs0Y XMlDEaF6Sxb8MavQm+NyFik5Q3vqgG4ZLnjAe62wT2d12aP7NUwFnMTOFFkhflcA XbpXlFbWDGdy9eX9d7DTCWxCzwIDAQABo4IClTCCApEwHQYDVR0OBBYEFARsFwNX Nt0h4GwH9aW8lu3JVJUfMB8GA1UdIwQYMBaAFHC9HkleJQsi4nmClpaXhaLXfXN/ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFRTFDNC9GQzY3MkI3MjJG QUYxMUVCOTQxNTVGMzNDNEY5QUUwMi9jTDBlU1Y0bEN5TGllWUtXbHBlRm90ZDlj MzguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2NMMGVTVjRsQ3lMaWVZS1dscGVGb3RkOWMzOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RUUxQzQvRkM2NzJCNzIyRkFGMTFFQjk0MTU1RjMzQzRGOUFFMDIvRDhFQTI1NUMy RkJDMTFFQjhFMDE3RjVDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E EDAOMAwEAgABMAYDBADKgGMwDQYJKoZIhvcNAQELBQADggEBAHlx5Pdwk3ktGVOb 5X1CIiFBjnqOASdBAFbVbuOJ/tSztSg5ET4UxdHEeaokGQr5K10Dx6C9qCjQ2W4S 51UvSIAfg2ppWhkQz1VVhTLJA59Ef3gd+kdYc4a/V/0STUansSJoTdLlCRkLNCQq 5KAQECUa5utwhw7j7YCJkfGmg2LiDTr5pxXHPbwT5zTEU96bZiQbMmd4KesdA76P XPBdo55xd4FoD3zN75+GtA8xpoY5FNYZQXaKjnP7RBhYPK4rgiVi7HYy+Z0WQk4E 9ZJT2v6tTXz0bK1NkIT070l+HXBell6wgsTehbXkVbpiil0P8yhvshGoDWLF0UQJ dCKQojI= -----END CERTIFICATE-----Generated at Wed Nov 20 23:11:50 2024 by rpki-client on console-fra.rpki-client.org