$ rpki-client -vvf rpki.apnic.net/member_repository/A91FA6FF/D281E7302E2911EFBAED6A1AC4F9AE02/66476E182EAC11EFAAAF8E67C4F9AE02.roa File: 66476E182EAC11EFAAAF8E67C4F9AE02.roa (raw, json) Hash identifier: 5AufB2RsG7jdJMojc2DVF486w/PxZ39VMbcx9j28U7E= Subject key identifier: 98:48:7E:B5:8E:F8:1A:B9:36:DB:19:49:0B:51:EC:87:55:A6:88:54 Certificate issuer: /CN=A91FA6FF/serialNumber=CAE3DB8ADEE7A16AB6CA537F2347B0205BDF4F76 Certificate serial: 0A Authority key identifier: CA:E3:DB:8A:DE:E7:A1:6A:B6:CA:53:7F:23:47:B0:20:5B:DF:4F:76 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yuPbit7noWq2ylN_I0ewIFvfT3Y.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91FA6FF/D281E7302E2911EFBAED6A1AC4F9AE02/66476E182EAC11EFAAAF8E67C4F9AE02.roa Signing time: Thu 20 Jun 2024 03:44:57 +0000 ROA not before: Thu 20 Jun 2024 03:44:57 +0000 ROA not after: Wed 28 May 2025 00:00:00 +0000 asID: 0 IP address blocks: 202.3.136.0/24 maxlen: 24 2001:dee:c000::/48 maxlen: 48 2001:dee:c000::/64 maxlen: 64 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91FA6FF/D281E7302E2911EFBAED6A1AC4F9AE02/yuPbit7noWq2ylN_I0ewIFvfT3Y.crl rsync://rpki.apnic.net/member_repository/A91FA6FF/D281E7302E2911EFBAED6A1AC4F9AE02/yuPbit7noWq2ylN_I0ewIFvfT3Y.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yuPbit7noWq2ylN_I0ewIFvfT3Y.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 24 Sep 2024 04:46:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 10 (0xa) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FA6FF/serialNumber=CAE3DB8ADEE7A16AB6CA537F2347B0205BDF4F76 Validity Not Before: Jun 20 03:44:57 2024 GMT Not After : May 28 00:00:00 2025 GMT Subject: CN=6673a5b9-50be Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:bc:7e:f2:7e:42:41:40:f0:82:b4:ff:db:dc: ad:c2:ae:67:22:bd:5b:d4:8f:f8:31:02:71:40:d8: a5:50:2c:96:ba:82:2e:c5:a6:37:7a:a4:6f:6a:7f: 10:bb:b1:3e:37:b1:f1:39:47:ff:84:30:e0:ab:cc: e5:b2:b1:cd:e5:8f:ae:fb:a7:b6:5f:4e:05:73:35: d0:f6:74:f1:0e:e0:49:80:f1:b1:be:53:1c:aa:28: f5:89:63:ee:8d:9b:ed:7a:1d:5a:0b:34:66:35:1a: 9e:16:ea:3d:24:78:af:45:f9:d9:79:f4:4b:1d:bf: a8:70:ef:eb:af:e9:b6:4b:01:09:7a:1a:9f:e1:bb: 1d:56:80:c4:45:71:8d:ce:78:58:72:71:e7:64:3a: cb:81:f2:e2:30:64:d0:cb:9b:f5:4d:d5:17:aa:2d: 57:25:a1:4f:55:1b:22:ba:35:bc:9a:88:c8:91:13: ae:7c:10:ff:bd:fe:15:5e:0a:bd:11:c7:ee:9d:a6: c0:eb:18:a8:0f:7a:1c:33:d6:91:6f:ce:1d:dd:4c: 3b:0e:81:c7:b4:61:1e:17:9f:cc:b1:59:ea:06:32: d4:10:df:81:2d:be:9a:42:78:56:f6:a7:02:9d:7a: b3:3b:95:a8:24:1a:fe:49:a1:b5:4a:4c:fb:13:7c: 19:5d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 98:48:7E:B5:8E:F8:1A:B9:36:DB:19:49:0B:51:EC:87:55:A6:88:54 X509v3 Authority Key Identifier: keyid:CA:E3:DB:8A:DE:E7:A1:6A:B6:CA:53:7F:23:47:B0:20:5B:DF:4F:76 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91FA6FF/D281E7302E2911EFBAED6A1AC4F9AE02/yuPbit7noWq2ylN_I0ewIFvfT3Y.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yuPbit7noWq2ylN_I0ewIFvfT3Y.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FA6FF/D281E7302E2911EFBAED6A1AC4F9AE02/66476E182EAC11EFAAAF8E67C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 202.3.136.0/24 IPv6: 2001:dee:c000::/48 Signature Algorithm: sha256WithRSAEncryption a7:3e:70:e3:9d:cd:df:97:fc:b2:0f:9e:ae:11:6f:b3:86:64: fa:c9:b5:4a:14:79:84:e6:bb:c6:c6:e7:b5:90:fe:65:ae:cb: 44:c9:66:d1:7b:f9:6c:ed:25:47:2d:88:51:4c:17:ca:77:57: dc:26:2a:fe:4d:02:e4:1f:f9:e5:16:d6:53:3b:41:9a:98:ee: 3a:9d:40:50:09:b9:14:d0:dc:a1:f7:85:09:f8:92:9f:fd:1a: a8:04:d3:d4:1f:aa:95:d4:e6:d4:f6:9c:0c:aa:a4:bb:5c:5d: 26:06:e9:1b:bb:58:c7:74:38:63:ff:70:1b:92:1b:5b:cc:f6: bf:c1:a2:a0:9f:c6:52:72:ed:3a:e8:4f:a1:93:cd:5b:26:72: 79:87:55:04:3c:4a:a5:72:9d:34:79:9b:92:dc:e0:cc:0d:7e: 54:8e:1f:8b:23:a7:6b:18:cc:fc:2d:c2:b8:b2:8b:d2:90:68: e6:c7:bc:f4:13:cc:b2:ac:3c:46:48:8c:4d:2a:b9:4d:82:a7: 9b:d6:9f:1d:8b:f9:83:26:17:8f:4a:f7:8c:d0:4d:2d:bb:27: 80:8b:bf:36:af:bc:e0:25:a2:61:22:59:0d:1a:0c:3e:ac:35: 62:f0:4a:7e:e7:d7:08:8b:e3:55:1e:b8:30:88:1d:73:31:c2: 22:31:41:ef -----BEGIN CERTIFICATE----- MIIFgTCCBGmgAwIBAgIBCjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFG QTZGRjExMC8GA1UEBRMoQ0FFM0RCOEFERUU3QTE2QUI2Q0E1MzdGMjM0N0IwMjA1 QkRGNEY3NjAeFw0yNDA2MjAwMzQ0NTdaFw0yNTA1MjgwMDAwMDBaMBgxFjAUBgNV BAMTDTY2NzNhNWI5LTUwYmUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDJvH7yfkJBQPCCtP/b3K3CrmcivVvUj/gxAnFA2KVQLJa6gi7Fpjd6pG9qfxC7 sT43sfE5R/+EMOCrzOWysc3lj677p7ZfTgVzNdD2dPEO4EmA8bG+UxyqKPWJY+6N m+16HVoLNGY1Gp4W6j0keK9F+dl59Esdv6hw7+uv6bZLAQl6Gp/hux1WgMRFcY3O eFhycedkOsuB8uIwZNDLm/VN1ReqLVcloU9VGyK6NbyaiMiRE658EP+9/hVeCr0R x+6dpsDrGKgPehwz1pFvzh3dTDsOgce0YR4Xn8yxWeoGMtQQ34EtvppCeFb2pwKd erM7lagkGv5JobVKTPsTfBldAgMBAAGjggKmMIICojAdBgNVHQ4EFgQUmEh+tY74 Grk22xlJC1Hsh1WmiFQwHwYDVR0jBBgwFoAUyuPbit7noWq2ylN/I0ewIFvfT3Yw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUZBNkZGL0QyODFFNzMwMkUy OTExRUZCQUVENkExQUM0RjlBRTAyL3l1UGJpdDdub1dxMnlsTl9JMGV3SUZ2ZlQz WS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIveXVQYml0N25vV3EyeWxOX0kwZXdJRnZmVDNZLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG QTZGRi9EMjgxRTczMDJFMjkxMUVGQkFFRDZBMUFDNEY5QUUwMi82NjQ3NkUxODJF QUMxMUVGQUFBRjhFNjdDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAwBggrBgEFBQcBBwEB/wQh MB8wDAQCAAEwBgMEAMoDiDAPBAIAAjAJAwcAIAEN7sAAMA0GCSqGSIb3DQEBCwUA A4IBAQCnPnDjnc3fl/yyD56uEW+zhmT6ybVKFHmE5rvGxue1kP5lrstEyWbRe/ls 7SVHLYhRTBfKd1fcJir+TQLkH/nlFtZTO0GamO46nUBQCbkU0Nyh94UJ+JKf/Rqo BNPUH6qV1ObU9pwMqqS7XF0mBukbu1jHdDhj/3AbkhtbzPa/waKgn8ZScu066E+h k81bJnJ5h1UEPEqlcp00eZuS3ODMDX5Ujh+LI6drGMz8LcK4sovSkGjmx7z0E8yy rDxGSIxNKrlNgqeb1p8di/mDJhePSveM0E0tuyeAi782r7zgJaJhIlkNGgw+rDVi 8Ep+59cIi+NVHrgwiB1zMcIiMUHv -----END CERTIFICATE-----Generated at Tue Sep 17 06:07:34 2024 by rpki-client on console-fra.rpki-client.org