$ rpki-client -vvf rpki.apnic.net/member_repository/A91406AA/8F5BB4F886C111EBBAB3184BC4F9AE02/B3570772A69A11ED83470E12C4F9AE02.roa File: B3570772A69A11ED83470E12C4F9AE02.roa (raw, json) Hash identifier: xM7w+4gY6+TWDCm0XJxwNxkPTvBftJ2/Vk5aPFMwGUs= Subject key identifier: E4:E3:E1:A4:1C:81:8E:7B:D8:65:16:B7:26:76:9B:FA:56:14:0E:C8 Certificate issuer: /CN=A91406AA/serialNumber=315513E54AB0C99B8BCA84042E38358B60DB1B2C Certificate serial: 05BE Authority key identifier: 31:55:13:E5:4A:B0:C9:9B:8B:CA:84:04:2E:38:35:8B:60:DB:1B:2C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MVUT5UqwyZuLyoQELjg1i2DbGyw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91406AA/8F5BB4F886C111EBBAB3184BC4F9AE02/B3570772A69A11ED83470E12C4F9AE02.roa Signing time: Wed 04 Oct 2023 23:41:37 +0000 ROA not before: Wed 04 Oct 2023 23:41:37 +0000 ROA not after: Sun 01 Dec 2024 00:00:00 +0000 asID: 9889 IP address blocks: 123.100.64.0/18 maxlen: 24 124.198.128.0/18 maxlen: 24 124.198.192.0/18 maxlen: 20 202.89.32.0/19 maxlen: 19 203.89.160.0/19 maxlen: 19 203.89.176.0/24 maxlen: 24 203.89.177.0/24 maxlen: 24 2401:5c00::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91406AA/8F5BB4F886C111EBBAB3184BC4F9AE02/MVUT5UqwyZuLyoQELjg1i2DbGyw.crl rsync://rpki.apnic.net/member_repository/A91406AA/8F5BB4F886C111EBBAB3184BC4F9AE02/MVUT5UqwyZuLyoQELjg1i2DbGyw.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MVUT5UqwyZuLyoQELjg1i2DbGyw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 08 Jun 2024 01:00:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1470 (0x5be) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91406AA/serialNumber=315513E54AB0C99B8BCA84042E38358B60DB1B2C Validity Not Before: Oct 4 23:41:37 2023 GMT Not After : Dec 1 00:00:00 2024 GMT Subject: CN=651df831-c3eb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e8:62:24:70:07:a7:f7:4c:d6:e5:41:db:39:f0: 3b:b5:98:d7:2e:a8:bf:e4:b1:3a:5b:7b:4b:02:ec: 0f:e7:e2:03:c8:d1:ca:14:6d:1f:6c:f3:4c:ce:f0: e3:54:8e:91:ca:ef:79:51:d3:02:1f:2b:fc:98:1e: ab:5e:49:2d:b3:7a:30:73:d5:05:f4:2d:80:5a:97: 82:9d:3a:e9:8a:2d:56:6d:ff:53:59:a0:a7:1e:e7: 07:6a:4a:63:aa:cc:3c:a0:e0:1a:f2:64:fe:0d:66: ce:51:4c:2d:ae:4c:66:01:4a:3e:9a:84:22:6d:88: cb:cc:13:e8:04:1c:a5:41:13:73:2b:55:18:af:94: c0:6d:3f:d5:89:09:03:6c:ae:f2:b4:86:22:b4:d5: 65:27:32:2e:71:54:9d:3b:fa:72:eb:c7:5e:11:a4: 61:db:3c:c6:03:8f:e6:89:d2:4a:6e:41:d4:b6:20: a9:c2:6b:0f:04:54:8d:81:59:59:86:03:60:19:7f: 33:71:b9:bf:ea:a0:56:49:63:60:03:9f:c6:12:ab: 59:1e:b5:b4:64:f6:c0:28:61:80:6e:fd:9e:3b:68: 5d:2e:c7:7a:0b:e2:68:6e:71:f9:84:44:f8:6d:c0: 84:36:fb:65:27:9e:54:4b:77:b4:90:94:1d:da:0a: fa:9b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E4:E3:E1:A4:1C:81:8E:7B:D8:65:16:B7:26:76:9B:FA:56:14:0E:C8 X509v3 Authority Key Identifier: keyid:31:55:13:E5:4A:B0:C9:9B:8B:CA:84:04:2E:38:35:8B:60:DB:1B:2C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91406AA/8F5BB4F886C111EBBAB3184BC4F9AE02/MVUT5UqwyZuLyoQELjg1i2DbGyw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MVUT5UqwyZuLyoQELjg1i2DbGyw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91406AA/8F5BB4F886C111EBBAB3184BC4F9AE02/B3570772A69A11ED83470E12C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 123.100.64.0/18 124.198.128.0/17 202.89.32.0/19 203.89.160.0/19 IPv6: 2401:5c00::/32 Signature Algorithm: sha256WithRSAEncryption 58:4b:cc:d1:cd:c5:ef:e8:f4:9a:a5:2b:11:83:3c:25:1d:3a: 34:49:2d:cc:b9:d2:aa:10:49:2b:e2:f8:6c:db:64:01:a5:4a: 34:fc:1f:97:ed:47:97:1d:7d:b9:cb:b7:91:ed:eb:3b:1b:a8: 2c:4e:40:92:65:af:e8:e6:df:68:42:0c:0a:07:cf:85:b4:82: ef:48:40:78:51:3a:72:20:78:92:fd:f8:cd:0f:8d:a5:87:fa: 40:15:2d:1e:1e:29:40:95:d2:0e:10:a1:77:02:dc:18:4b:ee: 5c:e3:f6:87:51:96:55:56:63:c9:65:18:e9:31:ea:60:91:10: 7d:56:03:72:87:c8:33:1e:8b:4b:b2:92:e8:1b:42:ff:3a:68: a8:a2:e6:ea:29:9c:0d:37:f8:5c:93:4d:42:8a:e5:8c:3b:63: f6:96:48:8b:e7:68:3f:0c:bf:e8:f4:b3:9f:a0:35:7f:2b:93: 44:a2:b3:d3:27:f8:91:75:6e:ee:f1:ce:2a:37:a7:8b:40:d5: 0d:de:fb:8b:1d:46:25:c4:b4:6a:dc:84:dc:84:1c:2f:97:b3: 3b:82:67:13:0f:d4:d9:3e:13:d4:0a:5c:57:29:b0:50:a4:e6: c0:31:92:92:0f:a7:c4:e7:ee:dd:e9:02:a7:e5:17:e4:5c:60: 6f:db:43:85 -----BEGIN CERTIFICATE----- MIIFkjCCBHqgAwIBAgICBb4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDA2QUExMTAvBgNVBAUTKDMxNTUxM0U1NEFCMEM5OUI4QkNBODQwNDJFMzgzNThC NjBEQjFCMkMwHhcNMjMxMDA0MjM0MTM3WhcNMjQxMjAxMDAwMDAwWjAYMRYwFAYD VQQDEw02NTFkZjgzMS1jM2ViMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA6GIkcAen90zW5UHbOfA7tZjXLqi/5LE6W3tLAuwP5+IDyNHKFG0fbPNMzvDj VI6Ryu95UdMCHyv8mB6rXkkts3owc9UF9C2AWpeCnTrpii1Wbf9TWaCnHucHakpj qsw8oOAa8mT+DWbOUUwtrkxmAUo+moQibYjLzBPoBBylQRNzK1UYr5TAbT/ViQkD bK7ytIYitNVlJzIucVSdO/py68deEaRh2zzGA4/midJKbkHUtiCpwmsPBFSNgVlZ hgNgGX8zcbm/6qBWSWNgA5/GEqtZHrW0ZPbAKGGAbv2eO2hdLsd6C+JobnH5hET4 bcCENvtlJ55US3e0kJQd2gr6mwIDAQABo4ICtjCCArIwHQYDVR0OBBYEFOTj4aQc gY572GUWtyZ2m/pWFA7IMB8GA1UdIwQYMBaAFDFVE+VKsMmbi8qEBC44NYtg2xss MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0MDZBQS84RjVCQjRGODg2 QzExMUVCQkFCMzE4NEJDNEY5QUUwMi9NVlVUNVVxd3ladUx5b1FFTGpnMWkyRGJH eXcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL01WVVQ1VXF3eVp1THlvUUVMamcxaTJEYkd5dy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NDA2QUEvOEY1QkI0Rjg4NkMxMTFFQkJBQjMxODRCQzRGOUFFMDIvQjM1NzA3NzJB NjlBMTFFRDgzNDcwRTEyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQAYIKwYBBQUHAQcBAf8E MTAvMB4EAgABMBgDBAZ7ZEADBAd8xoADBAXKWSADBAXLWaAwDQQCAAIwBwMFACQB XAAwDQYJKoZIhvcNAQELBQADggEBAFhLzNHNxe/o9JqlKxGDPCUdOjRJLcy50qoQ SSvi+GzbZAGlSjT8H5ftR5cdfbnLt5Ht6zsbqCxOQJJlr+jm32hCDAoHz4W0gu9I QHhROnIgeJL9+M0PjaWH+kAVLR4eKUCV0g4QoXcC3BhL7lzj9odRllVWY8llGOkx 6mCREH1WA3KHyDMei0uykugbQv86aKii5uopnA03+FyTTUKK5Yw7Y/aWSIvnaD8M v+j0s5+gNX8rk0Sis9Mn+JF1bu7xzio3p4tA1Q3e+4sdRiXEtGrchNyEHC+XszuC ZxMP1Nk+E9QKXFcpsFCk5sAxkpIPp8Tn7t3pAqflF+RcYG/bQ4U= -----END CERTIFICATE-----Generated at Sat Jun 1 02:01:12 2024 by rpki-client on console-ams.rpki-client.org