$ rpki-client -vvf rpki.apnic.net/member_repository/A911902E/57AFDB28855511EB94C2215FC4F9AE02/C3FEC56C855711EB871D267FC4F9AE02.roa File: C3FEC56C855711EB871D267FC4F9AE02.roa (raw, json) Hash identifier: MIHHCA2H7xXD0VmwKScOnxk+jNMTwOWmph8DHWmwD6U= Subject key identifier: 5D:E6:33:47:E7:73:0F:11:A8:58:0E:05:AB:81:85:C6:08:6A:CE:19 Certificate issuer: /CN=A911902E/serialNumber=521B06C29110284AAAFE0875AA6186B0006D2767 Certificate serial: 0513 Authority key identifier: 52:1B:06:C2:91:10:28:4A:AA:FE:08:75:AA:61:86:B0:00:6D:27:67 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UhsGwpEQKEqq_gh1qmGGsABtJ2c.cer Subject info access: rsync://rpki.apnic.net/member_repository/A911902E/57AFDB28855511EB94C2215FC4F9AE02/C3FEC56C855711EB871D267FC4F9AE02.roa Signing time: Wed 16 Aug 2023 23:41:19 +0000 ROA not before: Wed 16 Aug 2023 23:41:19 +0000 ROA not after: Thu 31 Oct 2024 00:00:00 +0000 asID: 58505 IP address blocks: 43.245.176.0/24 maxlen: 24 43.245.177.0/24 maxlen: 24 43.245.178.0/23 maxlen: 23 103.4.172.0/24 maxlen: 24 103.4.173.0/24 maxlen: 24 103.13.84.0/24 maxlen: 24 103.13.85.0/24 maxlen: 24 2001:df0:26b::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A911902E/57AFDB28855511EB94C2215FC4F9AE02/UhsGwpEQKEqq_gh1qmGGsABtJ2c.crl rsync://rpki.apnic.net/member_repository/A911902E/57AFDB28855511EB94C2215FC4F9AE02/UhsGwpEQKEqq_gh1qmGGsABtJ2c.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UhsGwpEQKEqq_gh1qmGGsABtJ2c.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 08 Jun 2024 01:16:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1299 (0x513) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A911902E/serialNumber=521B06C29110284AAAFE0875AA6186B0006D2767 Validity Not Before: Aug 16 23:41:19 2023 GMT Not After : Oct 31 00:00:00 2024 GMT Subject: CN=64dd5e9f-e39e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e3:0e:60:6e:27:1d:45:4e:c9:3c:c7:3e:93:f0: ab:18:29:db:0e:4d:40:dc:70:a5:c3:bc:86:74:a3: 13:e7:77:5b:78:b3:1b:4d:16:e5:56:6c:ca:06:3d: ef:04:82:bc:d8:02:14:29:f6:6f:88:9b:3d:80:7a: 48:38:6f:13:08:e1:1b:7d:3a:fa:2d:6d:4a:c1:f2: 9c:eb:82:e0:43:15:be:73:c1:b1:18:11:b4:ac:e8: d4:50:fa:a7:51:10:81:41:52:86:64:63:ee:31:70: b4:1a:e0:80:5e:5d:5b:d8:a1:c3:23:b4:9f:94:d7: e5:74:a7:a4:f2:d4:35:31:bd:49:80:a6:0c:87:25: 76:45:5d:64:08:b2:0c:0b:27:a4:11:9f:4c:b6:ab: aa:42:80:5c:be:9f:1d:92:63:09:ef:f6:0e:bb:5f: 14:31:e0:cb:2a:12:01:f2:26:cc:22:7e:fd:83:28: 92:c4:ca:e3:b3:d2:ba:0e:5b:7e:09:a5:a6:a0:c3: 58:15:a0:f0:21:eb:5c:cb:21:c7:3b:ed:03:b1:5a: 09:de:57:83:c7:bf:2a:ae:7d:e8:71:c7:be:31:33: 5b:00:ca:ce:c1:ee:d3:17:d4:09:de:ef:01:8f:f1: 39:78:04:b8:3f:b5:ed:c6:b8:c1:bb:50:f6:5b:e6: e3:77 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5D:E6:33:47:E7:73:0F:11:A8:58:0E:05:AB:81:85:C6:08:6A:CE:19 X509v3 Authority Key Identifier: keyid:52:1B:06:C2:91:10:28:4A:AA:FE:08:75:AA:61:86:B0:00:6D:27:67 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A911902E/57AFDB28855511EB94C2215FC4F9AE02/UhsGwpEQKEqq_gh1qmGGsABtJ2c.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UhsGwpEQKEqq_gh1qmGGsABtJ2c.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911902E/57AFDB28855511EB94C2215FC4F9AE02/C3FEC56C855711EB871D267FC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.245.176.0/22 103.4.172.0/23 103.13.84.0/23 IPv6: 2001:df0:26b::/48 Signature Algorithm: sha256WithRSAEncryption bc:5b:68:03:92:fd:43:69:0d:98:f7:3b:c0:a3:d8:22:ef:2c: 58:7d:ff:0e:bf:70:a9:9b:74:2a:1f:3d:e7:74:54:3b:14:ca: d3:d7:7a:eb:92:27:af:4e:f3:e2:be:bc:d5:41:bb:de:b0:03: 31:c5:85:b5:64:39:07:3a:9b:ba:f4:e4:07:6a:61:79:45:3f: 00:de:b4:af:f3:f4:4d:27:d7:33:0e:b2:60:34:03:5c:39:64: 13:21:0d:6c:d1:b9:14:e8:06:29:b2:0d:06:a8:6f:a3:06:c4: ab:29:23:9a:9b:27:92:b5:9a:87:ce:32:58:31:e0:67:b6:d5: 55:d5:da:8b:42:0f:fb:15:53:40:ab:26:71:cd:58:5c:94:b9: 9e:aa:26:34:6d:4d:48:d6:d7:d3:63:66:38:66:a1:90:8b:5b: 3e:5b:4d:8f:27:de:bf:19:9b:d7:b7:d6:e8:26:24:3b:04:e0: 3a:d1:46:c1:70:5a:af:48:a9:aa:c7:de:7f:24:72:c4:98:90: 88:28:0a:21:d2:30:2e:6f:df:83:73:f4:65:02:2e:93:2c:56: c3:62:63:98:69:1d:d4:34:74:53:4d:91:5c:2e:48:2f:6a:7f: 9b:13:54:67:ff:d1:5b:6d:ab:3e:55:c1:be:c2:de:cf:1c:db: 5a:e4:54:2b -----BEGIN CERTIFICATE----- MIIFjjCCBHagAwIBAgICBRMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MTkwMkUxMTAvBgNVBAUTKDUyMUIwNkMyOTExMDI4NEFBQUZFMDg3NUFBNjE4NkIw MDA2RDI3NjcwHhcNMjMwODE2MjM0MTE5WhcNMjQxMDMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NGRkNWU5Zi1lMzllMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA4w5gbicdRU7JPMc+k/CrGCnbDk1A3HClw7yGdKMT53dbeLMbTRblVmzKBj3v BIK82AIUKfZviJs9gHpIOG8TCOEbfTr6LW1KwfKc64LgQxW+c8GxGBG0rOjUUPqn URCBQVKGZGPuMXC0GuCAXl1b2KHDI7SflNfldKek8tQ1Mb1JgKYMhyV2RV1kCLIM CyekEZ9MtquqQoBcvp8dkmMJ7/YOu18UMeDLKhIB8ibMIn79gyiSxMrjs9K6Dlt+ CaWmoMNYFaDwIetcyyHHO+0DsVoJ3leDx78qrn3occe+MTNbAMrOwe7TF9QJ3u8B j/E5eAS4P7XtxrjBu1D2W+bjdwIDAQABo4ICsjCCAq4wHQYDVR0OBBYEFF3mM0fn cw8RqFgOBauBhcYIas4ZMB8GA1UdIwQYMBaAFFIbBsKREChKqv4IdaphhrAAbSdn MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExOTAyRS81N0FGREIyODg1 NTUxMUVCOTRDMjIxNUZDNEY5QUUwMi9VaHNHd3BFUUtFcXFfZ2gxcW1HR3NBQnRK MmMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1Voc0d3cEVRS0VxcV9naDFxbUdHc0FCdEoyYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MTkwMkUvNTdBRkRCMjg4NTU1MTFFQjk0QzIyMTVGQzRGOUFFMDIvQzNGRUM1NkM4 NTU3MTFFQjg3MUQyNjdGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwPAYIKwYBBQUHAQcBAf8E LTArMBgEAgABMBIDBAIr9bADBAFnBKwDBAFnDVQwDwQCAAIwCQMHACABDfACazAN BgkqhkiG9w0BAQsFAAOCAQEAvFtoA5L9Q2kNmPc7wKPYIu8sWH3/Dr9wqZt0Kh89 53RUOxTK09d665Inr07z4r681UG73rADMcWFtWQ5BzqbuvTkB2pheUU/AN60r/P0 TSfXMw6yYDQDXDlkEyENbNG5FOgGKbINBqhvowbEqykjmpsnkrWah84yWDHgZ7bV VdXai0IP+xVTQKsmcc1YXJS5nqomNG1NSNbX02NmOGahkItbPltNjyfevxmb17fW 6CYkOwTgOtFGwXBar0ipqsfefyRyxJiQiCgKIdIwLm/fg3P0ZQIukyxWw2JjmGkd 1DR0U02RXC5IL2p/mxNUZ//RW22rPlXBvsLezxzbWuRUKw== -----END CERTIFICATE-----Generated at Sat Jun 1 02:55:14 2024 by rpki-client on console-fra.rpki-client.org