$ rpki-client -vvf rpki.apnic.net/member_repository/A91A395C/BB3417C01D9611E2B8BB827F08B02CD2/991EB004BE8511EE960E5082C4F9AE02.roa File: 991EB004BE8511EE960E5082C4F9AE02.roa (raw, json) Hash identifier: tJ0I3njDNNj1MOdVtw2PWgGZQ4nFahmGgvYP/ROLIJ0= Subject key identifier: 1F:51:FC:FA:58:87:9E:1D:73:6D:71:AB:C8:22:A3:30:04:97:10:7D Certificate issuer: /CN=A91A395C/serialNumber=0D8B71D86B5E202933BCB02A5B6D74092A52A17C Certificate serial: 33C9 Authority key identifier: 0D:8B:71:D8:6B:5E:20:29:33:BC:B0:2A:5B:6D:74:09:2A:52:A1:7C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DYtx2GteICkzvLAqW210CSpSoXw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A395C/BB3417C01D9611E2B8BB827F08B02CD2/991EB004BE8511EE960E5082C4F9AE02.roa Signing time: Mon 29 Jan 2024 09:05:50 +0000 ROA not before: Mon 29 Jan 2024 09:05:50 +0000 ROA not after: Sun 02 Mar 2025 00:00:00 +0000 asID: 9304 IP address blocks: 103.247.231.0/24 maxlen: 24 112.137.16.0/24 maxlen: 24 114.134.80.0/21 maxlen: 22 114.134.80.0/22 maxlen: 24 114.134.84.0/23 maxlen: 23 114.134.84.0/24 maxlen: 24 114.134.86.0/24 maxlen: 24 175.100.192.0/20 maxlen: 20 175.100.192.0/24 maxlen: 24 175.100.193.0/24 maxlen: 24 175.100.194.0/24 maxlen: 24 175.100.195.0/24 maxlen: 24 175.100.196.0/24 maxlen: 24 175.100.197.0/24 maxlen: 24 175.100.198.0/24 maxlen: 24 175.100.199.0/24 maxlen: 24 175.100.200.0/24 maxlen: 24 175.100.206.0/24 maxlen: 24 2403:5000::/32 maxlen: 32 2403:5000:165::/48 maxlen: 48 2403:5000:171::/48 maxlen: 48 2403:5000:188::/48 maxlen: 48 2403:5000:ffff::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A395C/BB3417C01D9611E2B8BB827F08B02CD2/DYtx2GteICkzvLAqW210CSpSoXw.crl rsync://rpki.apnic.net/member_repository/A91A395C/BB3417C01D9611E2B8BB827F08B02CD2/DYtx2GteICkzvLAqW210CSpSoXw.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DYtx2GteICkzvLAqW210CSpSoXw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 13 Jun 2024 15:00:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13257 (0x33c9) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A395C/serialNumber=0D8B71D86B5E202933BCB02A5B6D74092A52A17C Validity Not Before: Jan 29 09:05:50 2024 GMT Not After : Mar 2 00:00:00 2025 GMT Subject: CN=65b76a6e-ee5f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:ff:99:55:6d:86:97:13:13:6a:c6:49:ba:47: 38:74:af:d7:c0:f1:ad:90:c9:28:1c:cb:46:45:38: 79:88:15:60:97:67:af:52:15:42:23:c5:10:09:d6: 3a:6f:3c:f1:10:5a:ea:37:36:ad:4a:62:e5:46:81: 0f:44:66:d6:5f:c3:b8:3d:9f:2c:d0:f8:c5:87:2b: 3d:07:f0:6c:cb:88:15:c2:cb:7a:e7:94:13:63:39: e9:db:5c:88:3d:6a:b6:23:21:41:50:0b:47:e2:f4: 77:b8:3c:2f:a1:8f:36:84:6b:a5:c6:d7:3f:64:0f: 34:e9:d6:f6:67:b6:2e:85:9d:e3:aa:c8:e0:6c:5c: 03:71:e7:0e:ff:b3:c7:2f:e5:ef:43:64:c2:f4:51: d6:48:e6:c5:42:16:36:2f:4b:3b:01:20:03:1d:99: 1d:5f:10:34:40:64:4e:92:80:02:b5:5a:8c:76:bf: 4c:f6:1e:8d:d2:c0:9f:ed:bf:f0:ce:fe:70:df:c7: 38:30:b4:66:cf:f0:60:86:4d:7f:bc:96:cd:40:9f: 32:a7:61:ed:83:ae:f8:b6:ef:44:f1:c1:cc:5e:01: ba:27:3c:3f:36:a0:b9:87:1d:a3:81:db:67:ff:85: 92:ea:30:7a:d6:f4:c5:c6:d5:24:cd:cc:72:54:31: ed:d1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1F:51:FC:FA:58:87:9E:1D:73:6D:71:AB:C8:22:A3:30:04:97:10:7D X509v3 Authority Key Identifier: keyid:0D:8B:71:D8:6B:5E:20:29:33:BC:B0:2A:5B:6D:74:09:2A:52:A1:7C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A395C/BB3417C01D9611E2B8BB827F08B02CD2/DYtx2GteICkzvLAqW210CSpSoXw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DYtx2GteICkzvLAqW210CSpSoXw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A395C/BB3417C01D9611E2B8BB827F08B02CD2/991EB004BE8511EE960E5082C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.247.231.0/24 112.137.16.0/24 114.134.80.0/21 175.100.192.0/20 IPv6: 2403:5000::/32 Signature Algorithm: sha256WithRSAEncryption 6c:05:57:11:e1:c3:a7:70:d8:b9:b5:66:04:52:cd:46:86:e6: 44:7d:d7:ff:87:bc:8c:b5:79:34:e8:23:81:b1:59:6a:da:7d: 1b:62:37:d8:0f:19:d7:d6:c0:4b:82:fd:91:48:71:e6:ac:9d: 98:c5:8a:56:9f:88:f2:41:ab:9b:dd:dd:92:5a:a9:85:db:5e: cd:97:9e:41:10:d2:3d:39:6a:45:d6:9c:0e:e9:a8:63:01:19: ed:3f:9c:bc:a5:a9:d4:3b:f8:ca:cd:50:73:d6:8c:ae:0c:97: 2a:bc:a9:93:b1:f0:22:c0:11:8c:43:3f:29:cf:1d:d5:b2:43: a1:ec:b4:2d:f7:25:0a:0a:02:c6:74:6c:3e:a9:89:33:e3:d5: 7f:be:ee:8a:ef:3f:e3:d2:30:a2:09:69:99:b9:7c:3c:b6:d1: e2:a5:7b:ec:fc:e5:99:d9:69:86:1c:b6:bf:b1:1b:e0:0a:86: c5:7d:a1:51:2c:10:b0:48:42:01:37:1c:ee:46:f4:c6:15:c1: d5:de:46:17:8c:d6:b6:ef:a7:fc:cf:f1:e7:12:7a:aa:51:4e: 58:45:3b:28:90:3c:89:a7:a3:af:bb:6d:c1:71:f2:04:28:09: 34:eb:5c:27:0b:e4:16:84:74:9d:4c:bc:db:b0:6e:58:dd:18: eb:58:b0:a4 -----BEGIN CERTIFICATE----- MIIFkjCCBHqgAwIBAgICM8kwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTM5NUMxMTAvBgNVBAUTKDBEOEI3MUQ4NkI1RTIwMjkzM0JDQjAyQTVCNkQ3NDA5 MkE1MkExN0MwHhcNMjQwMTI5MDkwNTUwWhcNMjUwMzAyMDAwMDAwWjAYMRYwFAYD VQQDEw02NWI3NmE2ZS1lZTVmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA2P+ZVW2GlxMTasZJukc4dK/XwPGtkMkoHMtGRTh5iBVgl2evUhVCI8UQCdY6 bzzxEFrqNzatSmLlRoEPRGbWX8O4PZ8s0PjFhys9B/Bsy4gVwst655QTYznp21yI PWq2IyFBUAtH4vR3uDwvoY82hGulxtc/ZA806db2Z7YuhZ3jqsjgbFwDcecO/7PH L+XvQ2TC9FHWSObFQhY2L0s7ASADHZkdXxA0QGROkoACtVqMdr9M9h6N0sCf7b/w zv5w38c4MLRmz/Bghk1/vJbNQJ8yp2Htg674tu9E8cHMXgG6Jzw/NqC5hx2jgdtn /4WS6jB61vTFxtUkzcxyVDHt0QIDAQABo4ICtjCCArIwHQYDVR0OBBYEFB9R/PpY h54dc21xq8giozAElxB9MB8GA1UdIwQYMBaAFA2LcdhrXiApM7ywKlttdAkqUqF8 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBMzk1Qy9CQjM0MTdDMDFE OTYxMUUyQjhCQjgyN0YwOEIwMkNEMi9EWXR4Mkd0ZUlDa3p2TEFxVzIxMENTcFNv WHcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0RZdHgyR3RlSUNrenZMQXFXMjEwQ1NwU29Ydy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QTM5NUMvQkIzNDE3QzAxRDk2MTFFMkI4QkI4MjdGMDhCMDJDRDIvOTkxRUIwMDRC RTg1MTFFRTk2MEU1MDgyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQAYIKwYBBQUHAQcBAf8E MTAvMB4EAgABMBgDBABn9+cDBABwiRADBANyhlADBASvZMAwDQQCAAIwBwMFACQD UAAwDQYJKoZIhvcNAQELBQADggEBAGwFVxHhw6dw2Lm1ZgRSzUaG5kR91/+HvIy1 eTToI4GxWWrafRtiN9gPGdfWwEuC/ZFIceasnZjFilafiPJBq5vd3ZJaqYXbXs2X nkEQ0j05akXWnA7pqGMBGe0/nLylqdQ7+MrNUHPWjK4Mlyq8qZOx8CLAEYxDPynP HdWyQ6HstC33JQoKAsZ0bD6piTPj1X++7orvP+PSMKIJaZm5fDy20eKle+z85ZnZ aYYctr+xG+AKhsV9oVEsELBIQgE3HO5G9MYVwdXeRheM1rbvp/zP8ecSeqpRTlhF OyiQPImno6+7bcFx8gQoCTTrXCcL5BaEdJ1MvNuwbljdGOtYsKQ= -----END CERTIFICATE-----Generated at Thu Jun 6 18:48:17 2024 by rpki-client on console-fra.rpki-client.org