$ rpki-client -vvf rpki.apnic.net/member_repository/A91406AA/8658E46686C111EBBAB3184BC4F9AE02/A08AFBB284F211EE89828225C4F9AE02.roa File: A08AFBB284F211EE89828225C4F9AE02.roa (raw, json) Hash identifier: ejLLKPQiBLPobjQYaK5ge3652kCzWTCe2Dnf3ntxw6g= Subject key identifier: 91:8E:B5:43:9A:34:23:97:6B:EF:B2:C7:EF:35:1E:BA:89:68:AD:C1 Certificate issuer: /CN=A91406AA/serialNumber=218A8AA050267B0805E3FDC8A939BF8FBCB00101 Certificate serial: 056B Authority key identifier: 21:8A:8A:A0:50:26:7B:08:05:E3:FD:C8:A9:39:BF:8F:BC:B0:01:01 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IYqKoFAmewgF4_3IqTm_j7ywAQE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91406AA/8658E46686C111EBBAB3184BC4F9AE02/A08AFBB284F211EE89828225C4F9AE02.roa Signing time: Fri 17 Nov 2023 02:40:10 +0000 ROA not before: Fri 17 Nov 2023 02:40:10 +0000 ROA not after: Sun 01 Dec 2024 00:00:00 +0000 asID: 9790 IP address blocks: 131.203.0.0/16 maxlen: 20 131.203.29.0/24 maxlen: 24 131.203.48.0/24 maxlen: 24 131.203.49.0/24 maxlen: 24 131.203.78.0/24 maxlen: 24 131.203.79.0/24 maxlen: 24 158.140.224.0/20 maxlen: 24 158.140.240.0/21 maxlen: 24 158.140.248.0/22 maxlen: 24 161.29.0.0/16 maxlen: 20 161.65.0.0/19 maxlen: 20 161.65.64.0/18 maxlen: 22 161.65.128.0/19 maxlen: 19 161.65.192.0/18 maxlen: 22 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91406AA/8658E46686C111EBBAB3184BC4F9AE02/IYqKoFAmewgF4_3IqTm_j7ywAQE.crl rsync://rpki.apnic.net/member_repository/A91406AA/8658E46686C111EBBAB3184BC4F9AE02/IYqKoFAmewgF4_3IqTm_j7ywAQE.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IYqKoFAmewgF4_3IqTm_j7ywAQE.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 07 Jun 2024 18:32:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1387 (0x56b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91406AA/serialNumber=218A8AA050267B0805E3FDC8A939BF8FBCB00101 Validity Not Before: Nov 17 02:40:10 2023 GMT Not After : Dec 1 00:00:00 2024 GMT Subject: CN=6556d28a-1928 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:7f:bf:ef:99:5d:77:79:22:0f:c2:5d:85:63: a8:d6:84:7f:dc:09:b1:0a:f0:f3:b0:e7:6f:db:40: f4:cb:50:18:d3:64:05:1a:57:e8:43:88:69:c3:df: 52:98:6b:71:97:e7:9c:85:8b:51:5c:a5:c6:bc:f3: 31:a6:b3:77:7f:c1:c4:50:7b:3e:a2:e1:16:bc:94: 8d:ff:37:e2:49:94:e1:87:00:28:9a:2d:9f:ba:02: f7:f1:55:f9:e9:b8:9c:f6:62:d9:20:3c:ea:48:07: 79:dc:78:bc:a5:1d:76:4e:1c:7a:e1:ef:a0:28:40: 81:d2:f8:6e:74:88:ae:df:ca:87:37:95:b5:a7:42: 47:f0:3f:ee:63:95:17:2c:93:3a:88:a5:25:6c:ce: e8:55:85:d4:fd:ac:ec:97:ef:11:25:21:bf:17:45: 1d:05:93:cd:6d:03:0b:4c:d6:14:62:d2:df:95:1e: 47:fd:1d:d5:74:90:93:99:9a:0a:5f:08:0d:16:1d: 42:ff:01:95:80:79:0c:4f:9f:64:3e:ec:4e:19:7e: a0:b3:99:ed:f2:bc:85:61:5e:29:80:ae:e6:c9:52: 80:87:89:d3:0c:85:ce:52:97:04:a8:98:e8:12:24: 01:3c:eb:fd:c5:2c:c6:c7:7f:d4:15:c1:ac:9a:b8: 6d:19 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 91:8E:B5:43:9A:34:23:97:6B:EF:B2:C7:EF:35:1E:BA:89:68:AD:C1 X509v3 Authority Key Identifier: keyid:21:8A:8A:A0:50:26:7B:08:05:E3:FD:C8:A9:39:BF:8F:BC:B0:01:01 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91406AA/8658E46686C111EBBAB3184BC4F9AE02/IYqKoFAmewgF4_3IqTm_j7ywAQE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IYqKoFAmewgF4_3IqTm_j7ywAQE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91406AA/8658E46686C111EBBAB3184BC4F9AE02/A08AFBB284F211EE89828225C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 131.203.0.0/16 158.140.224.0-158.140.251.255 161.29.0.0/16 161.65.0.0/19 161.65.64.0-161.65.159.255 161.65.192.0/18 Signature Algorithm: sha256WithRSAEncryption 47:1e:31:0c:f1:88:dc:e5:55:be:51:89:18:60:b2:c9:d6:d2: 4c:dc:bd:ae:fe:90:e8:7e:6e:48:22:88:8b:5e:a3:fc:69:d9: ba:59:c4:74:e1:f3:f4:8f:bd:4e:e0:1c:5c:3d:8f:88:31:f3: 9a:36:c5:67:af:a3:ec:fa:64:78:71:95:91:b4:41:8f:f5:a9: 1c:a0:e5:64:1e:6e:1a:e4:88:07:6b:ae:e5:d4:e2:20:e9:04: c4:2e:d5:b7:a7:f3:83:d4:25:bd:7c:57:2f:c8:fb:6d:d5:81: 3c:1a:b4:3f:e0:d0:59:2f:78:a9:15:b2:1b:ca:dd:43:2f:e9: 28:43:5b:e2:9d:4b:1d:7f:c9:6b:e0:08:ee:b5:da:d7:6f:62: 9a:c3:fe:90:eb:7d:d4:00:ce:fe:fd:f1:03:3c:ca:44:31:a8: 90:01:e1:1d:15:4b:e1:9f:06:9c:09:6d:fd:b7:e3:44:2f:d8: 52:70:2c:28:77:e6:6f:a6:85:8c:c1:02:5d:cb:b5:77:8e:91: 59:49:91:d9:45:a2:6a:4a:13:b9:d0:78:ef:07:6d:dc:a5:d5: 67:b9:c6:a2:a9:47:10:84:8c:f9:05:a8:82:78:6f:62:f7:45: ac:ec:b7:b8:b4:3c:b7:0e:d5:51:af:78:de:40:cd:ab:e7:67: 98:36:13:0b -----BEGIN CERTIFICATE----- MIIFnTCCBIWgAwIBAgICBWswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDA2QUExMTAvBgNVBAUTKDIxOEE4QUEwNTAyNjdCMDgwNUUzRkRDOEE5MzlCRjhG QkNCMDAxMDEwHhcNMjMxMTE3MDI0MDEwWhcNMjQxMjAxMDAwMDAwWjAYMRYwFAYD VQQDEw02NTU2ZDI4YS0xOTI4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAr3+/75ldd3kiD8JdhWOo1oR/3AmxCvDzsOdv20D0y1AY02QFGlfoQ4hpw99S mGtxl+echYtRXKXGvPMxprN3f8HEUHs+ouEWvJSN/zfiSZThhwAomi2fugL38VX5 6bic9mLZIDzqSAd53Hi8pR12Thx64e+gKECB0vhudIiu38qHN5W1p0JH8D/uY5UX LJM6iKUlbM7oVYXU/azsl+8RJSG/F0UdBZPNbQMLTNYUYtLflR5H/R3VdJCTmZoK XwgNFh1C/wGVgHkMT59kPuxOGX6gs5nt8ryFYV4pgK7myVKAh4nTDIXOUpcEqJjo EiQBPOv9xSzGx3/UFcGsmrhtGQIDAQABo4ICwTCCAr0wHQYDVR0OBBYEFJGOtUOa NCOXa++yx+81HrqJaK3BMB8GA1UdIwQYMBaAFCGKiqBQJnsIBeP9yKk5v4+8sAEB MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0MDZBQS84NjU4RTQ2Njg2 QzExMUVCQkFCMzE4NEJDNEY5QUUwMi9JWXFLb0ZBbWV3Z0Y0XzNJcVRtX2o3eXdB UUUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL0lZcUtvRkFtZXdnRjRfM0lxVG1fajd5d0FRRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NDA2QUEvODY1OEU0NjY4NkMxMTFFQkJBQjMxODRCQzRGOUFFMDIvQTA4QUZCQjI4 NEYyMTFFRTg5ODI4MjI1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwSwYIKwYBBQUHAQcBAf8E PDA6MDgEAgABMDIDAwCDyzAMAwQFnozgAwQCnoz4AwMAoR0DBAWhQQAwDAMEBqFB QAMEBaFBgAMEBqFBwDANBgkqhkiG9w0BAQsFAAOCAQEARx4xDPGI3OVVvlGJGGCy ydbSTNy9rv6Q6H5uSCKIi16j/GnZulnEdOHz9I+9TuAcXD2PiDHzmjbFZ6+j7Ppk eHGVkbRBj/WpHKDlZB5uGuSIB2uu5dTiIOkExC7Vt6fzg9QlvXxXL8j7bdWBPBq0 P+DQWS94qRWyG8rdQy/pKENb4p1LHX/Ja+AI7rXa129imsP+kOt91ADO/v3xAzzK RDGokAHhHRVL4Z8GnAlt/bfjRC/YUnAsKHfmb6aFjMECXcu1d46RWUmR2UWiakoT udB47wdt3KXVZ7nGoqlHEISM+QWognhvYvdFrOy3uLQ8tw7VUa943kDNq+dnmDYT Cw== -----END CERTIFICATE-----Generated at Sat Jun 1 02:55:15 2024 by rpki-client on console-fra.rpki-client.org