$ rpki-client -vvf rpki.apnic.net/member_repository/A91BC269/BA676E30CFE511EC94BBC75AC4F9AE02/FF651336509D11EEA33AE874C4F9AE02.roa File: FF651336509D11EEA33AE874C4F9AE02.roa (raw, json) Hash identifier: SiNF4aV1FOd4JwMqdQ7rIdI0wqB/uKVlCxOZznKXsW4= Subject key identifier: 54:58:4C:BD:8D:C5:D4:72:FA:1D:F9:FB:1D:4E:5E:07:FD:58:17:F2 Certificate issuer: /CN=A91BC269/serialNumber=30E2061F7C20BD843BEE5372C1321C35FBB1D3EF Certificate serial: 0222 Authority key identifier: 30:E2:06:1F:7C:20:BD:84:3B:EE:53:72:C1:32:1C:35:FB:B1:D3:EF Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MOIGH3wgvYQ77lNywTIcNfux0-8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91BC269/BA676E30CFE511EC94BBC75AC4F9AE02/FF651336509D11EEA33AE874C4F9AE02.roa Signing time: Fri 03 Nov 2023 03:54:07 +0000 ROA not before: Fri 03 Nov 2023 03:54:07 +0000 ROA not after: Mon 30 Dec 2024 00:00:00 +0000 asID: 55850 IP address blocks: 14.137.0.0/19 maxlen: 19 101.53.192.0/19 maxlen: 19 101.53.220.0/22 maxlen: 22 103.26.202.0/24 maxlen: 24 103.241.56.0/22 maxlen: 22 115.69.160.0/19 maxlen: 19 116.251.128.0/18 maxlen: 18 116.251.192.0/21 maxlen: 21 116.251.200.0/22 maxlen: 22 124.155.224.0/20 maxlen: 20 150.107.172.0/22 maxlen: 22 180.148.96.0/19 maxlen: 19 202.74.33.0/24 maxlen: 24 203.94.32.0/19 maxlen: 19 203.124.16.0/21 maxlen: 21 2406:5a00::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91BC269/BA676E30CFE511EC94BBC75AC4F9AE02/MOIGH3wgvYQ77lNywTIcNfux0-8.crl rsync://rpki.apnic.net/member_repository/A91BC269/BA676E30CFE511EC94BBC75AC4F9AE02/MOIGH3wgvYQ77lNywTIcNfux0-8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MOIGH3wgvYQ77lNywTIcNfux0-8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 08 Jun 2024 05:02:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 546 (0x222) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91BC269/serialNumber=30E2061F7C20BD843BEE5372C1321C35FBB1D3EF Validity Not Before: Nov 3 03:54:07 2023 GMT Not After : Dec 30 00:00:00 2024 GMT Subject: CN=65446ede-8eb1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:52:9c:80:e3:16:9a:a2:b4:36:54:a3:82:45: 2a:48:5d:88:0e:b7:3e:79:fb:aa:7b:bc:35:df:12: 81:a2:a0:da:fc:ba:d0:7b:a0:60:ab:53:cd:b3:86: 08:c8:53:26:19:7c:c7:c7:0c:f9:24:9e:2d:8b:60: 3d:36:26:50:9d:53:85:14:ef:49:64:bc:0d:d8:08: cd:97:b6:fe:e5:62:f4:ee:d4:33:8d:a8:f5:d3:6c: fa:81:cd:62:41:31:1e:c6:09:ba:3a:f9:4f:98:fb: bd:8b:53:b7:f8:35:6a:ba:55:73:93:4d:dc:0b:6c: 88:30:ac:cc:aa:a4:2a:c2:6a:a3:26:00:7a:e9:6c: 82:c1:89:26:81:de:76:51:30:35:dd:71:7f:14:c6: 88:35:73:90:93:cd:49:7c:4a:3c:e2:8d:28:3c:ee: c7:77:bd:59:8c:e0:90:21:7e:f2:b5:f0:07:3b:96: 7b:b8:34:7e:0e:6e:9f:25:b1:f9:1b:2f:a1:34:fd: ad:45:36:06:4b:09:14:26:b3:79:af:94:22:9c:88: ba:b3:dd:d9:28:d1:15:ea:9b:f8:aa:51:99:d9:c2: f2:24:7c:ce:b1:7a:d5:a3:e6:79:ea:d6:12:ae:d7: ee:93:2c:1c:03:8f:95:8f:c7:62:29:77:85:6c:72: d2:53 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 54:58:4C:BD:8D:C5:D4:72:FA:1D:F9:FB:1D:4E:5E:07:FD:58:17:F2 X509v3 Authority Key Identifier: keyid:30:E2:06:1F:7C:20:BD:84:3B:EE:53:72:C1:32:1C:35:FB:B1:D3:EF X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91BC269/BA676E30CFE511EC94BBC75AC4F9AE02/MOIGH3wgvYQ77lNywTIcNfux0-8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MOIGH3wgvYQ77lNywTIcNfux0-8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BC269/BA676E30CFE511EC94BBC75AC4F9AE02/FF651336509D11EEA33AE874C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 14.137.0.0/19 101.53.192.0/19 103.26.202.0/24 103.241.56.0/22 115.69.160.0/19 116.251.128.0-116.251.203.255 124.155.224.0/20 150.107.172.0/22 180.148.96.0/19 202.74.33.0/24 203.94.32.0/19 203.124.16.0/21 IPv6: 2406:5a00::/32 Signature Algorithm: sha256WithRSAEncryption ba:5b:97:5f:c2:6d:74:9d:8f:ec:5f:ad:57:00:16:08:cb:21: 2b:d0:90:7d:6f:f0:92:92:21:1c:a9:0a:05:61:98:da:c4:78: bf:e0:1c:c6:f4:5e:76:e9:97:20:81:b1:2c:00:69:1d:c1:f9: 87:2a:ca:60:36:da:90:a9:59:b5:87:3a:d8:a8:d9:dc:50:71: d1:6d:0e:52:c9:9e:28:c0:ef:7a:7b:26:4a:08:a7:55:e8:d7: 96:93:79:16:f9:4b:06:3d:c8:cc:9b:ec:f0:dc:7a:ee:fc:2e: d1:d7:20:b6:14:7b:e0:63:fd:56:0a:f4:f4:7e:ca:45:61:77: 2a:a1:23:95:46:34:e0:7a:c9:e6:ee:d6:e1:16:c3:0c:59:7b: ae:ca:aa:45:5a:e4:62:b9:89:ef:bf:6c:24:2b:e3:5f:0b:93: 34:3a:ba:44:7a:9e:84:4a:34:7e:32:76:7f:8e:1c:61:d1:47: a2:fe:1c:1a:b5:41:9d:90:17:56:46:e8:c6:49:ad:7e:37:7b: b9:be:2f:cb:bc:4a:dc:91:bf:48:df:e5:4b:89:70:90:36:dc: d4:4f:36:a5:af:7a:9d:b2:4e:92:01:19:e9:b5:80:27:96:93: 6b:27:75:dd:c6:c0:c6:e0:d4:80:f1:72:66:a4:3d:ea:43:5c: 2b:20:4a:0d -----BEGIN CERTIFICATE----- MIIFyjCCBLKgAwIBAgICAiIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QkMyNjkxMTAvBgNVBAUTKDMwRTIwNjFGN0MyMEJEODQzQkVFNTM3MkMxMzIxQzM1 RkJCMUQzRUYwHhcNMjMxMTAzMDM1NDA3WhcNMjQxMjMwMDAwMDAwWjAYMRYwFAYD VQQDEw02NTQ0NmVkZS04ZWIxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxVKcgOMWmqK0NlSjgkUqSF2IDrc+efuqe7w13xKBoqDa/LrQe6Bgq1PNs4YI yFMmGXzHxwz5JJ4ti2A9NiZQnVOFFO9JZLwN2AjNl7b+5WL07tQzjaj102z6gc1i QTEexgm6OvlPmPu9i1O3+DVqulVzk03cC2yIMKzMqqQqwmqjJgB66WyCwYkmgd52 UTA13XF/FMaINXOQk81JfEo84o0oPO7Hd71ZjOCQIX7ytfAHO5Z7uDR+Dm6fJbH5 Gy+hNP2tRTYGSwkUJrN5r5QinIi6s93ZKNEV6pv4qlGZ2cLyJHzOsXrVo+Z56tYS rtfukywcA4+Vj8diKXeFbHLSUwIDAQABo4IC7jCCAuowHQYDVR0OBBYEFFRYTL2N xdRy+h35+x1OXgf9WBfyMB8GA1UdIwQYMBaAFDDiBh98IL2EO+5TcsEyHDX7sdPv MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCQzI2OS9CQTY3NkUzMENG RTUxMUVDOTRCQkM3NUFDNEY5QUUwMi9NT0lHSDN3Z3ZZUTc3bE55d1RJY05mdXgw LTguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL01PSUdIM3dndllRNzdsTnl3VEljTmZ1eDAtOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QkMyNjkvQkE2NzZFMzBDRkU1MTFFQzk0QkJDNzVBQzRGOUFFMDIvRkY2NTEzMzY1 MDlEMTFFRUEzM0FFODc0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwweAYIKwYBBQUHAQcBAf8E aTBnMFYEAgABMFADBAUOiQADBAVlNcADBABnGsoDBAJn8TgDBAVzRaAwDAMEB3T7 gAMEAnT7yAMEBHyb4AMEApZrrAMEBbSUYAMEAMpKIQMEBcteIAMEA8t8EDANBAIA AjAHAwUAJAZaADANBgkqhkiG9w0BAQsFAAOCAQEAuluXX8JtdJ2P7F+tVwAWCMsh K9CQfW/wkpIhHKkKBWGY2sR4v+AcxvRedumXIIGxLABpHcH5hyrKYDbakKlZtYc6 2KjZ3FBx0W0OUsmeKMDvensmSginVejXlpN5FvlLBj3IzJvs8Nx67vwu0dcgthR7 4GP9Vgr09H7KRWF3KqEjlUY04HrJ5u7W4RbDDFl7rsqqRVrkYrmJ779sJCvjXwuT NDq6RHqehEo0fjJ2f44cYdFHov4cGrVBnZAXVkboxkmtfjd7ub4vy7xK3JG/SN/l S4lwkDbc1E82pa96nbJOkgEZ6bWAJ5aTayd13cbAxuDUgPFyZqQ96kNcKyBKDQ== -----END CERTIFICATE-----Generated at Sat Jun 1 07:08:25 2024 by rpki-client on console-ams.rpki-client.org