$ rpki-client -vvf rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/5C28D68A11D111EFB40E6557C4F9AE02.roa File: 5C28D68A11D111EFB40E6557C4F9AE02.roa (raw, json) Hash identifier: ntQVoALl4Xn6H+nB0V+atW69YmcyMn33rZgsnmheQiI= Subject key identifier: 69:FB:53:93:40:C3:F3:ED:16:64:80:AC:FA:F9:B8:E9:89:A4:BD:FF Certificate issuer: /CN=A911B412/serialNumber=873D595AF5569C20239F53DD80EB1177D80B0934 Certificate serial: 05E3 Authority key identifier: 87:3D:59:5A:F5:56:9C:20:23:9F:53:DD:80:EB:11:77:D8:0B:09:34 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/5C28D68A11D111EFB40E6557C4F9AE02.roa Signing time: Tue 14 May 2024 09:07:16 +0000 ROA not before: Tue 14 May 2024 09:07:16 +0000 ROA not after: Mon 30 Dec 2024 00:00:00 +0000 asID: 64021 IP address blocks: 43.229.152.0/24 maxlen: 24 43.252.208.0/24 maxlen: 24 43.252.209.0/24 maxlen: 24 43.252.210.0/24 maxlen: 24 103.228.64.0/24 maxlen: 24 103.228.66.0/23 maxlen: 23 103.234.54.0/24 maxlen: 24 150.107.0.0/24 maxlen: 24 150.107.1.0/24 maxlen: 24 150.107.2.0/24 maxlen: 24 150.107.3.0/24 maxlen: 24 150.129.42.0/24 maxlen: 24 163.53.16.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.crl rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 08 Jun 2024 02:11:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1507 (0x5e3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A911B412/serialNumber=873D595AF5569C20239F53DD80EB1177D80B0934 Validity Not Before: May 14 09:07:16 2024 GMT Not After : Dec 30 00:00:00 2024 GMT Subject: CN=664329c4-e4bf Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:5a:a8:80:34:f6:c2:59:de:a5:36:1b:f3:21: 73:e5:fd:a6:1d:c2:41:47:45:c6:18:1b:8a:20:7e: fa:96:19:1e:2f:bd:cd:ea:cd:51:90:93:00:e1:52: 20:33:8b:9f:92:da:b6:37:42:73:3e:ad:aa:36:24: 5b:ef:8c:49:d8:5d:08:9e:68:c6:32:e6:84:1a:03: d6:7a:f2:ea:d9:e5:7d:6d:c4:0d:2c:e1:69:65:18: 1d:f7:eb:76:76:3c:f1:10:b6:b8:e2:67:2f:fa:8e: df:ab:1c:76:03:8c:2f:33:df:ef:96:4b:34:4e:6a: f9:52:c3:26:a4:c1:34:89:bd:07:a8:a3:57:b1:07: ea:7c:65:8c:7c:9e:32:0d:da:c8:4a:40:b4:9a:63: b5:a1:26:8b:84:23:fc:98:25:c8:96:4b:47:26:d1: 13:42:9c:ed:dd:e0:c3:1e:c3:f2:4f:e6:88:02:b0: 53:6c:d5:9d:74:20:22:25:0c:1c:fc:48:7c:5d:86: 9d:fe:07:c9:35:f9:da:0b:96:40:bf:ae:ce:b4:95: 1a:ac:a0:e0:b0:01:f9:fe:0f:5d:4b:8d:43:ca:46: c4:f3:e5:3e:93:46:e3:00:64:07:c7:41:e7:f3:12: d2:f7:89:55:c5:24:d5:1c:fc:9d:7e:9c:02:5c:80: e1:ad Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 69:FB:53:93:40:C3:F3:ED:16:64:80:AC:FA:F9:B8:E9:89:A4:BD:FF X509v3 Authority Key Identifier: keyid:87:3D:59:5A:F5:56:9C:20:23:9F:53:DD:80:EB:11:77:D8:0B:09:34 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/5C28D68A11D111EFB40E6557C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.229.152.0/24 43.252.208.0-43.252.210.255 103.228.64.0/24 103.228.66.0/23 103.234.54.0/24 150.107.0.0/22 150.129.42.0/24 163.53.16.0/24 Signature Algorithm: sha256WithRSAEncryption 7c:3c:0b:83:05:3e:11:bf:bd:35:f4:42:99:4e:65:31:4e:cb: 0d:cf:59:db:18:48:62:c2:dc:b7:dd:41:7c:34:d5:f7:4f:9d: 53:45:00:da:d4:da:8e:1c:56:c8:ff:a7:49:ed:a6:0a:67:30: 49:f6:cb:14:f4:04:7e:09:27:6e:92:bf:35:5e:39:e8:44:bb: 92:1f:e6:2a:91:0b:e7:a3:b5:92:52:a2:bb:b1:7f:78:71:e7: 4c:70:3e:b3:4a:5e:7f:c8:27:3b:76:7a:56:7f:88:0f:a4:7e: 41:d5:7d:99:e4:ad:4b:67:a2:13:28:08:e8:bc:3c:bd:b8:97: 39:d9:5b:4e:a5:68:ae:df:a5:a4:bb:63:93:bb:93:35:05:7b: af:90:8b:a3:67:4f:0a:0d:43:a2:ce:1e:26:bb:8e:86:26:ba: ff:9e:6f:dc:e5:e9:4f:e4:94:37:49:9e:16:43:b6:e8:2a:6d: 69:e7:bf:3e:5a:b4:b4:7b:de:ee:65:74:e7:f5:4c:2d:30:83: 4a:15:13:64:aa:0b:8c:89:bb:63:81:f4:10:9d:f9:63:75:ba: d0:11:49:4d:a5:05:be:7f:2e:be:f6:b8:69:4d:42:b5:4c:80: d1:ac:36:bf:ee:26:fe:81:c1:d1:b2:14:8f:b2:49:74:be:45: 66:db:72:3b -----BEGIN CERTIFICATE----- MIIFozCCBIugAwIBAgICBeMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MUI0MTIxMTAvBgNVBAUTKDg3M0Q1OTVBRjU1NjlDMjAyMzlGNTNERDgwRUIxMTc3 RDgwQjA5MzQwHhcNMjQwNTE0MDkwNzE2WhcNMjQxMjMwMDAwMDAwWjAYMRYwFAYD VQQDEw02NjQzMjljNC1lNGJmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAzlqogDT2wlnepTYb8yFz5f2mHcJBR0XGGBuKIH76lhkeL73N6s1RkJMA4VIg M4ufktq2N0JzPq2qNiRb74xJ2F0InmjGMuaEGgPWevLq2eV9bcQNLOFpZRgd9+t2 djzxELa44mcv+o7fqxx2A4wvM9/vlks0Tmr5UsMmpME0ib0HqKNXsQfqfGWMfJ4y DdrISkC0mmO1oSaLhCP8mCXIlktHJtETQpzt3eDDHsPyT+aIArBTbNWddCAiJQwc /Eh8XYad/gfJNfnaC5ZAv67OtJUarKDgsAH5/g9dS41DykbE8+U+k0bjAGQHx0Hn 8xLS94lVxSTVHPydfpwCXIDhrQIDAQABo4ICxzCCAsMwHQYDVR0OBBYEFGn7U5NA w/PtFmSArPr5uOmJpL3/MB8GA1UdIwQYMBaAFIc9WVr1VpwgI59T3YDrEXfYCwk0 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQjQxMi9DMUVBMDMzQ0Qy RUExMUVCQTIwNkIxNzhDNEY5QUUwMi9oejFaV3ZWV25DQWpuMVBkZ09zUmQ5Z0xD VFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2h6MVpXdlZXbkNBam4xUGRnT3NSZDlnTENUUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MUI0MTIvQzFFQTAzM0NEMkVBMTFFQkEyMDZCMTc4QzRGOUFFMDIvNUMyOEQ2OEEx MUQxMTFFRkI0MEU2NTU3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwUQYIKwYBBQUHAQcBAf8E QjBAMD4EAgABMDgDBAAr5ZgwDAMEBCv80AMEACv80gMEAGfkQAMEAWfkQgMEAGfq NgMEApZrAAMEAJaBKgMEAKM1EDANBgkqhkiG9w0BAQsFAAOCAQEAfDwLgwU+Eb+9 NfRCmU5lMU7LDc9Z2xhIYsLct91BfDTV90+dU0UA2tTajhxWyP+nSe2mCmcwSfbL FPQEfgknbpK/NV456ES7kh/mKpEL56O1klKiu7F/eHHnTHA+s0pef8gnO3Z6Vn+I D6R+QdV9meStS2eiEygI6Lw8vbiXOdlbTqVort+lpLtjk7uTNQV7r5CLo2dPCg1D os4eJruOhia6/55v3OXpT+SUN0meFkO26Cptaee/Plq0tHve7mV05/VMLTCDShUT ZKoLjIm7Y4H0EJ35Y3W60BFJTaUFvn8uvva4aU1CtUyA0aw2v+4m/oHB0bIUj7JJ dL5FZttyOw== -----END CERTIFICATE-----Generated at Sat Jun 1 02:55:14 2024 by rpki-client on console-fra.rpki-client.org