$ rpki-client -vvf rpki.apnic.net/member_repository/A9199E3F/D8C51ACA5CF311E992FD622AC4F9AE02/4DF4371066B111E98B2CD954C4F9AE02.roa File: 4DF4371066B111E98B2CD954C4F9AE02.roa (raw, json) Hash identifier: wnwOcdr/H0vin2k8D2HczrFn5eNuey06OLgo+xwiEHw= Subject key identifier: E3:1E:15:20:E4:81:D5:D4:0C:77:8D:E2:C5:B7:2A:8E:CD:87:F4:43 Certificate issuer: /CN=A9199E3F/serialNumber=6691ABEC1A46FDBCD2607C4DF17A54CE3334C212 Certificate serial: 0ED7 Authority key identifier: 66:91:AB:EC:1A:46:FD:BC:D2:60:7C:4D:F1:7A:54:CE:33:34:C2:12 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZpGr7BpG_bzSYHxN8XpUzjM0whI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9199E3F/D8C51ACA5CF311E992FD622AC4F9AE02/4DF4371066B111E98B2CD954C4F9AE02.roa Signing time: Tue 02 Apr 2024 18:56:36 +0000 ROA not before: Tue 02 Apr 2024 18:56:36 +0000 ROA not after: Wed 28 May 2025 00:00:00 +0000 asID: 131259 IP address blocks: 36.255.124.0/24 maxlen: 24 36.255.125.0/24 maxlen: 24 36.255.126.0/24 maxlen: 24 36.255.127.0/24 maxlen: 24 43.249.12.0/24 maxlen: 24 43.249.13.0/24 maxlen: 24 43.249.14.0/24 maxlen: 24 43.249.15.0/24 maxlen: 24 103.23.76.0/22 maxlen: 24 103.209.120.0/24 maxlen: 24 103.209.121.0/24 maxlen: 24 103.209.122.0/24 maxlen: 24 103.209.123.0/24 maxlen: 24 103.250.64.0/24 maxlen: 24 103.250.65.0/24 maxlen: 24 103.250.66.0/24 maxlen: 24 103.250.67.0/24 maxlen: 24 2407:1a80::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9199E3F/D8C51ACA5CF311E992FD622AC4F9AE02/ZpGr7BpG_bzSYHxN8XpUzjM0whI.crl rsync://rpki.apnic.net/member_repository/A9199E3F/D8C51ACA5CF311E992FD622AC4F9AE02/ZpGr7BpG_bzSYHxN8XpUzjM0whI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZpGr7BpG_bzSYHxN8XpUzjM0whI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 07 Jun 2024 18:45:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3799 (0xed7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9199E3F/serialNumber=6691ABEC1A46FDBCD2607C4DF17A54CE3334C212 Validity Not Before: Apr 2 18:56:36 2024 GMT Not After : May 28 00:00:00 2025 GMT Subject: CN=660c54e4-0448 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:5a:2a:9f:26:dd:16:49:75:f1:94:5d:58:de: aa:ae:ba:a7:7f:29:b4:2a:b1:89:6c:cf:71:e0:68: 18:53:b6:99:08:27:ca:be:9d:2b:b6:df:b9:5a:1c: 65:67:03:ad:2c:ad:a5:f5:e1:23:ba:e3:e7:1a:d4: a4:22:d5:18:db:50:ea:13:e3:e9:07:93:2f:56:9c: 54:cc:27:bb:b2:9c:6d:1d:64:e4:7e:bb:ae:08:69: 25:df:46:01:60:56:98:a8:34:a9:b1:52:f0:92:9f: f7:67:d1:c1:04:fa:ca:05:13:86:d1:24:5c:70:07: 73:b0:ce:af:37:77:6a:6f:aa:00:3a:1e:be:9c:20: 2c:b1:4d:d9:f0:38:ae:3d:3b:15:fc:46:cb:31:44: 84:97:4a:c4:30:fe:38:d6:92:cc:f3:ff:45:66:68: 36:66:86:1d:e9:8c:86:c2:3c:74:91:e3:25:d4:48: 38:5e:37:78:3c:fe:49:5e:9a:c9:8d:4f:d4:fb:11: 09:16:e8:67:34:ba:ad:d8:24:c6:e9:89:a1:46:53: fb:8c:f5:5f:b7:d9:18:bb:55:d0:87:7c:e5:75:e6: 95:7f:ae:b9:66:3a:fb:af:4e:81:60:5d:3c:c6:3e: 9b:64:ce:51:63:5f:26:90:0b:3c:e0:32:98:f4:1d: af:9d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E3:1E:15:20:E4:81:D5:D4:0C:77:8D:E2:C5:B7:2A:8E:CD:87:F4:43 X509v3 Authority Key Identifier: keyid:66:91:AB:EC:1A:46:FD:BC:D2:60:7C:4D:F1:7A:54:CE:33:34:C2:12 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9199E3F/D8C51ACA5CF311E992FD622AC4F9AE02/ZpGr7BpG_bzSYHxN8XpUzjM0whI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZpGr7BpG_bzSYHxN8XpUzjM0whI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9199E3F/D8C51ACA5CF311E992FD622AC4F9AE02/4DF4371066B111E98B2CD954C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 36.255.124.0/22 43.249.12.0/22 103.23.76.0/22 103.209.120.0/22 103.250.64.0/22 IPv6: 2407:1a80::/32 Signature Algorithm: sha256WithRSAEncryption 94:a6:e7:1a:3e:3a:84:2a:a5:8a:f3:55:71:3b:5b:1f:6a:0d: 3d:7d:11:49:6c:25:24:fd:38:ce:c6:3c:13:5d:fe:ef:14:83: 5c:04:66:70:be:46:cd:a8:2b:3e:37:94:ad:9b:10:2f:dc:fe: 6b:32:d2:eb:ff:41:96:9f:12:1b:0d:09:a5:0c:e6:8e:b0:66: be:fd:47:ad:85:6c:bd:6c:dd:34:86:8d:86:08:d2:9b:75:f0: 89:88:eb:99:a5:72:67:0a:e4:01:b2:6a:4f:78:1a:3c:b5:9c: 8e:06:44:20:3c:b5:b3:81:41:24:87:f9:03:b6:04:12:07:3f: 33:77:ae:de:76:8f:13:d6:84:e5:bd:d0:ea:90:75:81:85:6e: f8:70:0f:de:c3:ea:f8:09:b3:09:44:4c:ef:67:29:51:08:ed: 06:f5:77:86:48:ed:75:c4:1a:90:4e:f5:e8:b3:13:37:ce:df: 97:38:a1:bb:a0:68:68:f3:35:ad:5a:9b:21:ab:f3:81:51:ed: 48:be:96:8b:03:93:35:4f:ba:18:91:01:a8:79:f7:6c:ab:1f: d3:c7:22:31:d6:61:44:57:6f:d3:8e:b8:83:2e:20:cf:fb:5a: 01:09:7c:66:72:ff:a4:54:b4:7f:a0:03:83:30:62:31:ff:99: e9:ba:91:f5 -----BEGIN CERTIFICATE----- MIIFmDCCBICgAwIBAgICDtcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OTlFM0YxMTAvBgNVBAUTKDY2OTFBQkVDMUE0NkZEQkNEMjYwN0M0REYxN0E1NENF MzMzNEMyMTIwHhcNMjQwNDAyMTg1NjM2WhcNMjUwNTI4MDAwMDAwWjAYMRYwFAYD VQQDEw02NjBjNTRlNC0wNDQ4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA11oqnybdFkl18ZRdWN6qrrqnfym0KrGJbM9x4GgYU7aZCCfKvp0rtt+5Whxl ZwOtLK2l9eEjuuPnGtSkItUY21DqE+PpB5MvVpxUzCe7spxtHWTkfruuCGkl30YB YFaYqDSpsVLwkp/3Z9HBBPrKBROG0SRccAdzsM6vN3dqb6oAOh6+nCAssU3Z8Diu PTsV/EbLMUSEl0rEMP441pLM8/9FZmg2ZoYd6YyGwjx0keMl1Eg4Xjd4PP5JXprJ jU/U+xEJFuhnNLqt2CTG6YmhRlP7jPVft9kYu1XQh3zldeaVf665Zjr7r06BYF08 xj6bZM5RY18mkAs84DKY9B2vnQIDAQABo4ICvDCCArgwHQYDVR0OBBYEFOMeFSDk gdXUDHeN4sW3Ko7Nh/RDMB8GA1UdIwQYMBaAFGaRq+waRv280mB8TfF6VM4zNMIS MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5OUUzRi9EOEM1MUFDQTVD RjMxMUU5OTJGRDYyMkFDNEY5QUUwMi9acEdyN0JwR19ielNZSHhOOFhwVXpqTTB3 aEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1pwR3I3QnBHX2J6U1lIeE44WHBVempNMHdoSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx OTlFM0YvRDhDNTFBQ0E1Q0YzMTFFOTkyRkQ2MjJBQzRGOUFFMDIvNERGNDM3MTA2 NkIxMTFFOThCMkNEOTU0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwRgYIKwYBBQUHAQcBAf8E NzA1MCQEAgABMB4DBAIk/3wDBAIr+QwDBAJnF0wDBAJn0XgDBAJn+kAwDQQCAAIw BwMFACQHGoAwDQYJKoZIhvcNAQELBQADggEBAJSm5xo+OoQqpYrzVXE7Wx9qDT19 EUlsJST9OM7GPBNd/u8Ug1wEZnC+Rs2oKz43lK2bEC/c/msy0uv/QZafEhsNCaUM 5o6wZr79R62FbL1s3TSGjYYI0pt18ImI65mlcmcK5AGyak94Gjy1nI4GRCA8tbOB QSSH+QO2BBIHPzN3rt52jxPWhOW90OqQdYGFbvhwD97D6vgJswlETO9nKVEI7Qb1 d4ZI7XXEGpBO9eizEzfO35c4obugaGjzNa1amyGr84FR7Ui+losDkzVPuhiRAah5 92yrH9PHIjHWYURXb9OOuIMuIM/7WgEJfGZy/6RUtH+gA4MwYjH/mem6kfU= -----END CERTIFICATE-----Generated at Fri May 31 19:47:51 2024 by rpki-client on console-fra.rpki-client.org