$ rpki-client -vvf rpki.apnic.net/member_repository/A91F33A5/1C0E706AD4D811ECA4245F10C4F9AE02/40838EC01EDA11ED90A3A71FC4F9AE02.roa File: 40838EC01EDA11ED90A3A71FC4F9AE02.roa (raw, json) Hash identifier: QkUOxUdOqeDJq40oU7W9ZvA1XabLukGzl2cHkw2yMIw= Subject key identifier: F1:0F:8E:F4:2A:CB:82:C3:CD:EA:48:07:B6:3E:4D:B5:0C:00:37:15 Certificate issuer: /CN=A91F33A5/serialNumber=C4F638C09E372046C01DF4604C281164F6AC1622 Certificate serial: 02A1 Authority key identifier: C4:F6:38:C0:9E:37:20:46:C0:1D:F4:60:4C:28:11:64:F6:AC:16:22 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xPY4wJ43IEbAHfRgTCgRZPasFiI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F33A5/1C0E706AD4D811ECA4245F10C4F9AE02/40838EC01EDA11ED90A3A71FC4F9AE02.roa Signing time: Thu 05 Sep 2024 02:45:29 +0000 ROA not before: Thu 05 Sep 2024 02:45:29 +0000 ROA not after: Mon 01 Dec 2025 00:00:00 +0000 asID: 134111 IP address blocks: 202.8.32.0/21 maxlen: 24 202.9.8.0/22 maxlen: 24 202.9.12.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F33A5/1C0E706AD4D811ECA4245F10C4F9AE02/xPY4wJ43IEbAHfRgTCgRZPasFiI.crl rsync://rpki.apnic.net/member_repository/A91F33A5/1C0E706AD4D811ECA4245F10C4F9AE02/xPY4wJ43IEbAHfRgTCgRZPasFiI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xPY4wJ43IEbAHfRgTCgRZPasFiI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 Nov 2024 20:33:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 673 (0x2a1) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F33A5/serialNumber=C4F638C09E372046C01DF4604C281164F6AC1622 Validity Not Before: Sep 5 02:45:29 2024 GMT Not After : Dec 1 00:00:00 2025 GMT Subject: CN=66d91b49-ac22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:f9:96:1d:fd:53:af:20:e3:e1:14:3f:fc:6b: 7a:5e:2a:82:0d:85:73:02:4d:00:fd:6d:a0:04:f6: 4c:eb:4b:7b:d3:da:09:94:03:55:91:c3:08:42:80: 8e:04:ba:1d:60:f9:6d:c0:41:ba:50:c7:fc:28:e8: 87:2e:08:05:c6:ed:2c:4b:f9:fe:ad:28:95:de:01: 37:57:69:e9:af:90:75:d6:f5:63:0d:56:ef:8e:85: 35:59:42:83:6f:65:c4:b8:65:dc:38:b4:8b:c8:ea: 0b:3f:55:34:fb:aa:c8:61:99:da:05:0c:da:85:ad: 2e:e3:ec:ea:4a:58:8c:ec:00:6e:62:50:5e:95:75: 25:10:42:c5:44:93:a8:83:2f:a0:94:72:55:ae:07: b5:a3:0a:79:54:d0:f7:8c:17:75:01:0b:1d:f0:60: e5:68:6d:64:18:42:5b:f5:56:31:d1:65:c8:7e:18: 4e:b2:da:f2:19:2d:fe:c2:a9:d7:83:08:f0:06:8c: 03:6f:5a:24:2b:9d:b2:5d:7f:d7:05:6b:8d:1a:5c: 83:7b:55:7e:d6:25:c4:c0:b4:74:97:87:67:a9:5e: 94:d6:43:d1:c0:24:74:f0:f4:f7:2c:36:8f:1d:bd: 04:5d:97:ca:f9:49:7b:dc:17:77:05:39:95:68:99: b2:9d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F1:0F:8E:F4:2A:CB:82:C3:CD:EA:48:07:B6:3E:4D:B5:0C:00:37:15 X509v3 Authority Key Identifier: keyid:C4:F6:38:C0:9E:37:20:46:C0:1D:F4:60:4C:28:11:64:F6:AC:16:22 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F33A5/1C0E706AD4D811ECA4245F10C4F9AE02/xPY4wJ43IEbAHfRgTCgRZPasFiI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xPY4wJ43IEbAHfRgTCgRZPasFiI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F33A5/1C0E706AD4D811ECA4245F10C4F9AE02/40838EC01EDA11ED90A3A71FC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 202.8.32.0/21 202.9.8.0-202.9.13.255 Signature Algorithm: sha256WithRSAEncryption 0a:12:23:4a:50:1d:80:37:aa:fd:99:4b:4f:d8:21:a4:d6:d8: 05:4c:6e:f2:b3:5f:9f:b2:30:ba:67:17:93:f1:4f:3a:da:58: d7:ee:62:6e:38:bc:71:07:c4:39:b1:d4:06:2a:f2:47:22:93: d8:c0:73:2e:85:5c:32:fd:b7:f2:ee:5c:a7:bd:48:1b:67:09: 0d:aa:0f:46:60:b0:0b:0a:22:e0:1d:3c:0d:b0:5a:72:21:3b: 67:f7:41:7d:be:94:8f:e6:73:ac:2f:05:30:1e:91:25:e7:02: 21:44:fe:8f:70:b8:4a:53:5f:53:d8:45:bf:dd:aa:74:ca:87: c8:63:50:be:3d:5a:37:08:6c:e1:a8:f5:f3:16:73:63:61:1f: 72:4e:ad:61:40:a0:f1:16:8a:e7:3f:48:6e:dc:e7:c1:99:56: 99:56:49:f8:2b:cf:7c:eb:22:7f:dc:52:5e:9c:fb:ac:e8:77: a6:19:5a:f8:dd:f8:f1:6f:c7:4d:08:a8:14:14:2b:3f:56:c2: 4b:66:05:1d:b7:0b:24:47:5d:ff:05:c2:69:9c:14:67:c2:26: 04:db:db:ce:3a:71:13:af:dd:4e:26:9f:89:93:fe:5a:a3:04: f8:34:7d:77:13:b0:ec:04:8c:dc:a2:01:04:b5:fa:7e:cb:ad: ad:d5:bb:73 -----BEGIN CERTIFICATE----- MIIFfzCCBGegAwIBAgICAqEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjMzQTUxMTAvBgNVBAUTKEM0RjYzOEMwOUUzNzIwNDZDMDFERjQ2MDRDMjgxMTY0 RjZBQzE2MjIwHhcNMjQwOTA1MDI0NTI5WhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD VQQDEw02NmQ5MWI0OS1hYzIyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEApvmWHf1TryDj4RQ//Gt6XiqCDYVzAk0A/W2gBPZM60t709oJlANVkcMIQoCO BLodYPltwEG6UMf8KOiHLggFxu0sS/n+rSiV3gE3V2npr5B11vVjDVbvjoU1WUKD b2XEuGXcOLSLyOoLP1U0+6rIYZnaBQzaha0u4+zqSliM7ABuYlBelXUlEELFRJOo gy+glHJVrge1owp5VND3jBd1AQsd8GDlaG1kGEJb9VYx0WXIfhhOstryGS3+wqnX gwjwBowDb1okK52yXX/XBWuNGlyDe1V+1iXEwLR0l4dnqV6U1kPRwCR08PT3LDaP Hb0EXZfK+Ul73Bd3BTmVaJmynQIDAQABo4ICozCCAp8wHQYDVR0OBBYEFPEPjvQq y4LDzepIB7Y+TbUMADcVMB8GA1UdIwQYMBaAFMT2OMCeNyBGwB30YEwoEWT2rBYi MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGMzNBNS8xQzBFNzA2QUQ0 RDgxMUVDQTQyNDVGMTBDNEY5QUUwMi94UFk0d0o0M0lFYkFIZlJnVENnUlpQYXNG aUkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3hQWTR3SjQzSUViQUhmUmdUQ2dSWlBhc0ZpSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RjMzQTUvMUMwRTcwNkFENEQ4MTFFQ0E0MjQ1RjEwQzRGOUFFMDIvNDA4MzhFQzAx RURBMTFFRDkwQTNBNzFGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLQYIKwYBBQUHAQcBAf8E HjAcMBoEAgABMBQDBAPKCCAwDAMEA8oJCAMEAcoJDDANBgkqhkiG9w0BAQsFAAOC AQEAChIjSlAdgDeq/ZlLT9ghpNbYBUxu8rNfn7IwumcXk/FPOtpY1+5ibji8cQfE ObHUBiryRyKT2MBzLoVcMv238u5cp71IG2cJDaoPRmCwCwoi4B08DbBaciE7Z/dB fb6Uj+ZzrC8FMB6RJecCIUT+j3C4SlNfU9hFv92qdMqHyGNQvj1aNwhs4aj18xZz Y2Efck6tYUCg8RaK5z9IbtznwZlWmVZJ+CvPfOsif9xSXpz7rOh3phla+N348W/H TQioFBQrP1bCS2YFHbcLJEdd/wXCaZwUZ8ImBNvbzjpxE6/dTiafiZP+WqME+DR9 dxOw7ASM3KIBBLX6fsutrdW7cw== -----END CERTIFICATE-----Generated at Thu Nov 21 03:21:57 2024 by rpki-client on console-ams.rpki-client.org