$ rpki-client -vvf rpki.apnic.net/member_repository/A91FA645/E0D9F3648C9511ECAE4F1D23C4F9AE02/7785F3008C9911ECB051A327C4F9AE02.roa File: 7785F3008C9911ECB051A327C4F9AE02.roa (raw, json) Hash identifier: Et8BuvzqFaCA9IfxFK1L3f+s8IVhEIRE5sz/0k1LUJo= Subject key identifier: A0:B4:6D:53:D2:10:E8:03:1B:E2:BB:E5:BF:B3:B0:B6:8D:59:2B:A6 Certificate issuer: /CN=A91FA645/serialNumber=1D403E32301E58780A07057CB32B72ECAF46D7D9 Certificate serial: 0281 Authority key identifier: 1D:40:3E:32:30:1E:58:78:0A:07:05:7C:B3:2B:72:EC:AF:46:D7:D9 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HUA-MjAeWHgKBwV8syty7K9G19k.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91FA645/E0D9F3648C9511ECAE4F1D23C4F9AE02/7785F3008C9911ECB051A327C4F9AE02.roa Signing time: Tue 05 Sep 2023 02:13:11 +0000 ROA not before: Tue 05 Sep 2023 02:13:11 +0000 ROA not after: Thu 31 Oct 2024 00:00:00 +0000 asID: 38313 IP address blocks: 202.126.120.0/21 maxlen: 21 202.126.120.0/24 maxlen: 24 202.126.121.0/24 maxlen: 24 202.126.122.0/24 maxlen: 24 202.126.123.0/24 maxlen: 24 202.126.124.0/23 maxlen: 24 202.126.126.0/24 maxlen: 24 202.126.127.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91FA645/E0D9F3648C9511ECAE4F1D23C4F9AE02/HUA-MjAeWHgKBwV8syty7K9G19k.crl rsync://rpki.apnic.net/member_repository/A91FA645/E0D9F3648C9511ECAE4F1D23C4F9AE02/HUA-MjAeWHgKBwV8syty7K9G19k.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HUA-MjAeWHgKBwV8syty7K9G19k.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 May 2024 02:53:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 641 (0x281) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FA645/serialNumber=1D403E32301E58780A07057CB32B72ECAF46D7D9 Validity Not Before: Sep 5 02:13:11 2023 GMT Not After : Oct 31 00:00:00 2024 GMT Subject: CN=64f68eb7-9976 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:ed:70:7f:56:05:52:25:54:2d:8a:b5:91:c6: 50:ce:f0:46:e9:12:8c:a2:c8:37:98:38:77:4d:00: 95:a9:98:e2:0a:6f:00:fe:6f:47:91:ef:78:af:1e: f5:4f:e6:21:39:b5:30:43:24:21:52:15:31:6e:b7: a2:25:d4:35:bd:68:db:42:84:22:ab:06:65:d9:28: 36:db:5f:00:c5:6f:da:c9:b8:ad:67:87:2f:ff:a9: ea:27:16:3e:ef:22:16:a2:a4:0f:ae:e0:ee:14:80: 39:90:ec:b2:cd:00:07:e9:66:d4:ee:b9:ae:5e:59: 99:5e:d5:b0:47:fb:0c:4a:5e:df:a6:42:29:97:6c: 52:f5:89:16:88:b7:22:9c:01:00:02:f2:32:a3:15: 87:86:13:0a:2f:0d:8a:7b:13:df:ac:8f:0e:8f:87: 8d:60:52:10:2f:b9:80:97:a4:66:d5:10:66:53:91: d6:02:6a:56:3e:30:9b:e3:41:25:d9:7d:36:b0:2b: 59:79:63:5e:f0:4d:9b:90:eb:08:9c:a9:3d:da:b4: 1a:e9:77:4b:1c:1d:74:66:01:34:1f:7c:99:cf:f2: 8b:5f:0c:fc:06:16:42:14:ef:f7:51:b5:ba:ca:c5: c0:5f:38:bf:73:e7:dd:1f:0f:b8:4e:29:be:24:41: ae:bd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A0:B4:6D:53:D2:10:E8:03:1B:E2:BB:E5:BF:B3:B0:B6:8D:59:2B:A6 X509v3 Authority Key Identifier: keyid:1D:40:3E:32:30:1E:58:78:0A:07:05:7C:B3:2B:72:EC:AF:46:D7:D9 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91FA645/E0D9F3648C9511ECAE4F1D23C4F9AE02/HUA-MjAeWHgKBwV8syty7K9G19k.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HUA-MjAeWHgKBwV8syty7K9G19k.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FA645/E0D9F3648C9511ECAE4F1D23C4F9AE02/7785F3008C9911ECB051A327C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 202.126.120.0/21 Signature Algorithm: sha256WithRSAEncryption 6a:ed:e7:fe:0c:b0:21:e1:d7:4a:42:59:32:f8:17:48:9d:b1: 27:cc:61:d1:db:34:86:af:66:91:3d:08:6c:7c:86:33:04:f5: 9d:b9:47:ea:b1:11:73:5a:89:9b:53:65:66:cd:d8:0b:d0:df: c4:ce:6f:c7:6a:b3:ea:ef:3b:7f:24:9b:d6:b5:87:c8:58:b8: 70:46:f6:03:07:f3:33:52:d9:00:ae:47:c4:6f:7f:e7:52:85: 3d:22:43:29:1e:04:4b:fc:1c:2c:49:0f:37:4c:a5:15:a2:ea: fe:1f:04:0f:88:b5:e0:56:ce:f7:bc:5b:bd:c1:ce:03:05:3e: 89:05:c0:b9:8a:69:02:a6:d9:53:76:28:ad:3e:c0:2c:d4:a2: 10:0e:3d:ea:5e:03:71:9e:0e:a3:85:f0:3c:6e:37:6b:ea:8f: b5:76:c7:e0:5c:ce:8d:b4:4e:e4:44:03:53:e6:38:fb:fe:42: ff:86:cd:e9:dc:5c:f2:c1:38:61:2e:eb:b3:68:69:0b:78:c8: 1e:ca:3e:b8:fe:0e:9c:6a:60:2b:3c:e4:1e:0d:48:8c:a1:24: 50:67:83:0b:de:90:51:40:06:ab:76:24:09:ce:50:bd:98:c2: 4b:7d:dc:6a:0e:61:b9:1f:12:d6:4c:8d:60:cf:d5:ca:95:c4: 43:8d:d5:0b -----BEGIN CERTIFICATE----- MIIFcTCCBFmgAwIBAgICAoEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RkE2NDUxMTAvBgNVBAUTKDFENDAzRTMyMzAxRTU4NzgwQTA3MDU3Q0IzMkI3MkVD QUY0NkQ3RDkwHhcNMjMwOTA1MDIxMzExWhcNMjQxMDMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NGY2OGViNy05OTc2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAzO1wf1YFUiVULYq1kcZQzvBG6RKMosg3mDh3TQCVqZjiCm8A/m9Hke94rx71 T+YhObUwQyQhUhUxbreiJdQ1vWjbQoQiqwZl2Sg2218AxW/aybitZ4cv/6nqJxY+ 7yIWoqQPruDuFIA5kOyyzQAH6WbU7rmuXlmZXtWwR/sMSl7fpkIpl2xS9YkWiLci nAEAAvIyoxWHhhMKLw2KexPfrI8Oj4eNYFIQL7mAl6Rm1RBmU5HWAmpWPjCb40El 2X02sCtZeWNe8E2bkOsInKk92rQa6XdLHB10ZgE0H3yZz/KLXwz8BhZCFO/3UbW6 ysXAXzi/c+fdHw+4Tim+JEGuvQIDAQABo4IClTCCApEwHQYDVR0OBBYEFKC0bVPS EOgDG+K75b+zsLaNWSumMB8GA1UdIwQYMBaAFB1APjIwHlh4CgcFfLMrcuyvRtfZ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGQTY0NS9FMEQ5RjM2NDhD OTUxMUVDQUU0RjFEMjNDNEY5QUUwMi9IVUEtTWpBZVdIZ0tCd1Y4c3l0eTdLOUcx OWsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0hVQS1NakFlV0hnS0J3VjhzeXR5N0s5RzE5ay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RkE2NDUvRTBEOUYzNjQ4Qzk1MTFFQ0FFNEYxRDIzQzRGOUFFMDIvNzc4NUYzMDA4 Qzk5MTFFQ0IwNTFBMzI3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E EDAOMAwEAgABMAYDBAPKfngwDQYJKoZIhvcNAQELBQADggEBAGrt5/4MsCHh10pC WTL4F0idsSfMYdHbNIavZpE9CGx8hjME9Z25R+qxEXNaiZtTZWbN2AvQ38TOb8dq s+rvO38km9a1h8hYuHBG9gMH8zNS2QCuR8Rvf+dShT0iQykeBEv8HCxJDzdMpRWi 6v4fBA+IteBWzve8W73BzgMFPokFwLmKaQKm2VN2KK0+wCzUohAOPepeA3GeDqOF 8DxuN2vqj7V2x+Bczo20TuREA1PmOPv+Qv+GzencXPLBOGEu67NoaQt4yB7KPrj+ DpxqYCs85B4NSIyhJFBngwvekFFABqt2JAnOUL2Ywkt93GoOYbkfEtZMjWDP1cqV xEON1Qs= -----END CERTIFICATE-----Generated at Fri May 17 03:52:24 2024 by rpki-client on console-ams.rpki-client.org