$ rpki-client -vvf rpki.apnic.net/member_repository/A912F9FB/AF0098D0896F11E78A81C83CC4F9AE02/8732232CCBA011E887F87451C4F9AE02.roa File: 8732232CCBA011E887F87451C4F9AE02.roa (raw, json) Hash identifier: zIb/qqt/XxUnL1IKmR5Wx3MZ0RU4Cd7boHHkYQ6iV7k= Subject key identifier: 4B:9D:4F:4D:A1:E9:1B:D7:97:24:51:A5:1C:8B:AF:E2:DC:C1:1F:7D Certificate issuer: /CN=A912F9FB/serialNumber=BFFDB7EBF45D7C61BF9D23908A9F38C332985970 Certificate serial: 17EA Authority key identifier: BF:FD:B7:EB:F4:5D:7C:61:BF:9D:23:90:8A:9F:38:C3:32:98:59:70 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/v_236_RdfGG_nSOQip84wzKYWXA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A912F9FB/AF0098D0896F11E78A81C83CC4F9AE02/8732232CCBA011E887F87451C4F9AE02.roa Signing time: Wed 22 Nov 2023 17:04:17 +0000 ROA not before: Wed 22 Nov 2023 17:04:17 +0000 ROA not after: Fri 31 Jan 2025 00:00:00 +0000 asID: 38719 IP address blocks: 103.20.200.0/22 maxlen: 22 103.28.48.0/22 maxlen: 22 122.201.64.0/19 maxlen: 19 122.201.96.0/19 maxlen: 19 202.146.208.0/21 maxlen: 24 2402:af00::/32 maxlen: 32 2405:3f00::/32 maxlen: 32 2405:3f01::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A912F9FB/AF0098D0896F11E78A81C83CC4F9AE02/v_236_RdfGG_nSOQip84wzKYWXA.crl rsync://rpki.apnic.net/member_repository/A912F9FB/AF0098D0896F11E78A81C83CC4F9AE02/v_236_RdfGG_nSOQip84wzKYWXA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/v_236_RdfGG_nSOQip84wzKYWXA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 05 Jul 2024 16:54:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6122 (0x17ea) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A912F9FB/serialNumber=BFFDB7EBF45D7C61BF9D23908A9F38C332985970 Validity Not Before: Nov 22 17:04:17 2023 GMT Not After : Jan 31 00:00:00 2025 GMT Subject: CN=655e3490-45d5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:bb:84:1c:34:90:c9:61:56:02:69:2b:cc:b5: 0d:4a:52:3d:3d:e3:19:eb:fb:92:17:28:d2:fb:02: 55:99:ee:b3:6e:83:37:cc:e9:b5:34:90:dd:68:54: 28:0b:fb:be:b6:ad:c2:15:c1:f0:3d:d3:23:e6:39: 1d:90:d2:81:8a:0f:d0:d0:3f:3a:b8:eb:3c:66:5b: 3a:1e:e4:5d:76:7b:d4:38:65:02:2e:d2:2a:25:38: 5d:56:21:b3:50:e2:44:ed:ce:ad:90:53:d2:25:f8: fe:79:0b:d5:24:3e:99:c0:37:a3:a4:aa:20:18:c7: 88:c4:41:4b:11:12:c4:c9:fd:58:b3:b7:d7:9d:f4: 30:d4:58:56:cf:8e:14:c9:1c:ce:5b:c6:b6:2d:6b: d0:18:2f:a6:39:de:b7:00:94:24:8f:41:1b:bd:d6: 65:49:80:f6:ca:66:cd:17:e7:6f:bb:cc:bf:a8:e5: 22:b1:34:83:22:a0:bd:63:cc:f5:0c:3f:f1:be:90: b5:fa:54:2a:52:37:d5:f2:a1:1c:24:e7:95:fd:b1: 00:a3:24:af:b9:1e:d5:0c:5e:7d:cc:2b:6a:dd:ae: e0:70:88:ad:9e:28:91:f6:43:c0:7e:a7:66:b0:a5: 1b:3f:2f:af:d6:25:3d:d2:fe:f4:3c:d0:12:f3:69: 74:4d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4B:9D:4F:4D:A1:E9:1B:D7:97:24:51:A5:1C:8B:AF:E2:DC:C1:1F:7D X509v3 Authority Key Identifier: keyid:BF:FD:B7:EB:F4:5D:7C:61:BF:9D:23:90:8A:9F:38:C3:32:98:59:70 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A912F9FB/AF0098D0896F11E78A81C83CC4F9AE02/v_236_RdfGG_nSOQip84wzKYWXA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/v_236_RdfGG_nSOQip84wzKYWXA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912F9FB/AF0098D0896F11E78A81C83CC4F9AE02/8732232CCBA011E887F87451C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.20.200.0/22 103.28.48.0/22 122.201.64.0/18 202.146.208.0/21 IPv6: 2402:af00::/32 2405:3f00::/31 Signature Algorithm: sha256WithRSAEncryption 33:7d:a0:c4:f6:29:e3:6d:04:79:a0:dd:71:47:8c:7f:86:76: 4a:6d:f1:d8:0f:6f:e3:36:29:bb:9d:ef:4a:07:2d:f1:ea:46: d0:0d:65:08:60:10:6e:72:18:e7:00:47:9b:f0:fc:84:82:ab: 66:fb:1c:0d:59:09:1d:4a:d8:24:cd:b5:0e:a1:2a:56:4f:09: 7d:0a:34:4f:8e:05:e5:26:20:cd:28:52:3f:15:02:83:cd:52: 75:ee:4f:7e:f8:36:14:a0:a7:cf:82:7b:3b:7d:0b:dc:b6:dc: 8f:06:40:7b:be:ce:33:ea:47:1e:8f:ba:ee:25:a0:b1:1f:ff: c6:05:23:a9:48:f7:38:7b:66:ac:47:bf:bc:bd:50:95:94:0e: 97:39:cf:30:fd:35:64:21:b1:32:e4:a3:d3:c6:50:9b:d8:70: f4:37:12:57:34:b7:a3:48:2f:5d:93:50:a7:a7:83:99:e0:e7: 14:9f:7e:79:79:49:39:fd:c9:13:5b:fc:60:6c:0b:02:68:61: e7:3f:4c:d6:e8:6d:ca:ac:26:13:71:b5:4f:31:81:7f:23:a5: 17:28:f7:81:61:3d:f4:a8:79:ef:a1:c8:dc:6d:ae:15:05:17: 15:10:d9:16:d1:f0:77:7c:2e:89:ec:57:78:56:db:b8:1b:34: ac:7c:1d:be -----BEGIN CERTIFICATE----- MIIFmTCCBIGgAwIBAgICF+owDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MkY5RkIxMTAvBgNVBAUTKEJGRkRCN0VCRjQ1RDdDNjFCRjlEMjM5MDhBOUYzOEMz MzI5ODU5NzAwHhcNMjMxMTIyMTcwNDE3WhcNMjUwMTMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NTVlMzQ5MC00NWQ1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAzruEHDSQyWFWAmkrzLUNSlI9PeMZ6/uSFyjS+wJVme6zboM3zOm1NJDdaFQo C/u+tq3CFcHwPdMj5jkdkNKBig/Q0D86uOs8Zls6HuRddnvUOGUCLtIqJThdViGz UOJE7c6tkFPSJfj+eQvVJD6ZwDejpKogGMeIxEFLERLEyf1Ys7fXnfQw1FhWz44U yRzOW8a2LWvQGC+mOd63AJQkj0EbvdZlSYD2ymbNF+dvu8y/qOUisTSDIqC9Y8z1 DD/xvpC1+lQqUjfV8qEcJOeV/bEAoySvuR7VDF59zCtq3a7gcIitniiR9kPAfqdm sKUbPy+v1iU90v70PNAS82l0TQIDAQABo4ICvTCCArkwHQYDVR0OBBYEFEudT02h 6RvXlyRRpRyLr+LcwR99MB8GA1UdIwQYMBaAFL/9t+v0XXxhv50jkIqfOMMymFlw MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyRjlGQi9BRjAwOThEMDg5 NkYxMUU3OEE4MUM4M0NDNEY5QUUwMi92XzIzNl9SZGZHR19uU09RaXA4NHd6S1lX WEEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3ZfMjM2X1JkZkdHX25TT1FpcDg0d3pLWVdYQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MkY5RkIvQUYwMDk4RDA4OTZGMTFFNzhBODFDODNDQzRGOUFFMDIvODczMjIzMkND QkEwMTFFODg3Rjg3NDUxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwRwYIKwYBBQUHAQcBAf8E ODA2MB4EAgABMBgDBAJnFMgDBAJnHDADBAZ6yUADBAPKktAwFAQCAAIwDgMFACQC rwADBQEkBT8AMA0GCSqGSIb3DQEBCwUAA4IBAQAzfaDE9injbQR5oN1xR4x/hnZK bfHYD2/jNim7ne9KBy3x6kbQDWUIYBBuchjnAEeb8PyEgqtm+xwNWQkdStgkzbUO oSpWTwl9CjRPjgXlJiDNKFI/FQKDzVJ17k9++DYUoKfPgns7fQvcttyPBkB7vs4z 6kcej7ruJaCxH//GBSOpSPc4e2asR7+8vVCVlA6XOc8w/TVkIbEy5KPTxlCb2HD0 NxJXNLejSC9dk1Cnp4OZ4OcUn355eUk5/ckTW/xgbAsCaGHnP0zW6G3KrCYTcbVP MYF/I6UXKPeBYT30qHnvocjcba4VBRcVENkW0fB3fC6J7Fd4Vtu4GzSsfB2+ -----END CERTIFICATE-----Generated at Fri Jun 28 21:07:11 2024 by rpki-client on console-ams.rpki-client.org