$ rpki-client -vvf rpki.apnic.net/member_repository/A91C0BDE/7E5AC3E0897111EA92402A0AC4F9AE02/4FD095F0045611EEAABA8378C4F9AE02.roa File: 4FD095F0045611EEAABA8378C4F9AE02.roa (raw, json) Hash identifier: +/SzCtEOMQC5pGREx7F0Fub8xKrFPpn8zWuV4zffDTo= Subject key identifier: 0B:71:1D:96:0E:1A:B9:1F:43:D2:4F:6A:28:05:FB:85:23:6B:E3:07 Certificate issuer: /CN=A91C0BDE/serialNumber=A4B50BECD8BBA285587128D5919283DBE1690918 Certificate serial: 0835 Authority key identifier: A4:B5:0B:EC:D8:BB:A2:85:58:71:28:D5:91:92:83:DB:E1:69:09:18 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pLUL7Ni7ooVYcSjVkZKD2-FpCRg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C0BDE/7E5AC3E0897111EA92402A0AC4F9AE02/4FD095F0045611EEAABA8378C4F9AE02.roa Signing time: Fri 31 May 2024 22:09:32 +0000 ROA not before: Fri 31 May 2024 22:09:32 +0000 ROA not after: Tue 01 Oct 2024 00:00:00 +0000 asID: 38138 IP address blocks: 114.129.8.0/21 maxlen: 21 114.129.8.0/24 maxlen: 24 114.129.9.0/24 maxlen: 24 114.129.10.0/24 maxlen: 24 114.129.11.0/24 maxlen: 24 114.129.12.0/24 maxlen: 24 114.129.13.0/24 maxlen: 24 114.129.14.0/24 maxlen: 24 114.129.15.0/24 maxlen: 24 2405:eec0::/32 maxlen: 32 2405:eec0:1::/48 maxlen: 48 2405:eec0:2::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C0BDE/7E5AC3E0897111EA92402A0AC4F9AE02/pLUL7Ni7ooVYcSjVkZKD2-FpCRg.crl rsync://rpki.apnic.net/member_repository/A91C0BDE/7E5AC3E0897111EA92402A0AC4F9AE02/pLUL7Ni7ooVYcSjVkZKD2-FpCRg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pLUL7Ni7ooVYcSjVkZKD2-FpCRg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 07 Jun 2024 22:09:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2101 (0x835) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C0BDE/serialNumber=A4B50BECD8BBA285587128D5919283DBE1690918 Validity Not Before: May 31 22:09:32 2024 GMT Not After : Oct 1 00:00:00 2024 GMT Subject: CN=665a4a9b-2510 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9f:65:47:79:cb:85:24:a1:f3:98:f6:23:d0:60: 04:42:a5:64:7b:ae:45:84:99:a1:b4:97:a0:ea:ee: 07:ba:de:97:6a:ba:5e:07:4e:66:0b:e3:a9:d8:73: 09:f3:4e:21:27:ef:2a:69:15:0b:7e:f3:48:3a:8c: 77:13:e8:2a:16:e6:ea:a4:ce:03:13:1c:1f:cf:85: 68:e7:43:34:d9:56:3d:7b:eb:11:6c:bb:6e:0d:af: 96:38:6b:bd:2b:b8:8f:f9:b1:19:8c:9a:60:ce:f1: 58:34:fd:a9:60:31:f7:74:7b:4f:8a:d8:4c:03:c8: 0b:1b:c5:59:21:7e:22:f9:d8:df:4f:78:66:0f:92: ab:64:78:8d:cd:0c:1b:32:ca:a1:2b:d3:18:75:e5: 55:cd:75:7c:d8:95:ac:9a:ae:23:07:e2:42:7a:eb: 4f:bf:f0:8e:bb:0c:a5:f2:04:c6:31:9c:60:c9:99: c8:6d:b1:ae:a2:49:df:e0:cd:dc:aa:c5:04:cf:99: ba:3f:bb:98:d0:f9:ec:68:7f:2a:7e:d3:e9:65:30: 16:a4:53:a9:0a:74:98:5a:52:52:a1:da:0f:38:51: 5c:18:f9:9e:82:49:6e:fd:ce:fb:d1:4e:b6:cf:c9: 05:8d:93:ee:68:96:18:1e:82:5f:8e:11:c5:0d:10: a2:4d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0B:71:1D:96:0E:1A:B9:1F:43:D2:4F:6A:28:05:FB:85:23:6B:E3:07 X509v3 Authority Key Identifier: keyid:A4:B5:0B:EC:D8:BB:A2:85:58:71:28:D5:91:92:83:DB:E1:69:09:18 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C0BDE/7E5AC3E0897111EA92402A0AC4F9AE02/pLUL7Ni7ooVYcSjVkZKD2-FpCRg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pLUL7Ni7ooVYcSjVkZKD2-FpCRg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C0BDE/7E5AC3E0897111EA92402A0AC4F9AE02/4FD095F0045611EEAABA8378C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 114.129.8.0/21 IPv6: 2405:eec0::/32 Signature Algorithm: sha256WithRSAEncryption 81:4e:58:44:e7:55:1f:72:14:96:be:8f:22:25:28:c6:57:00: 12:7a:41:35:84:49:3c:db:17:de:0b:0d:1f:c0:d5:62:19:31: 53:94:bc:49:0f:02:7a:b9:03:ee:9d:dc:3a:6f:cc:e2:e6:b4: dd:f5:d7:da:a0:6a:00:87:c5:84:2b:bd:9d:83:93:4e:0f:cf: a5:9b:35:a0:eb:43:f1:91:b3:d8:e1:65:31:9b:6a:cb:e4:88: be:0a:33:bd:c2:78:f9:bd:1c:98:66:44:44:8d:10:33:2a:50: 30:06:a9:08:5c:08:fa:41:31:25:4c:92:60:01:e7:c3:4f:18: 21:dd:4d:dc:78:99:09:73:a6:af:5b:bf:89:df:f2:38:75:86: 2c:e4:1c:6f:fc:df:ea:f6:16:70:64:e7:c4:ad:08:0d:69:12: 93:1f:13:4d:e8:22:e3:a8:a7:4d:16:ce:5d:c2:3e:07:e1:d3: bf:29:fb:b7:ba:96:c1:de:9d:2c:bd:17:04:3a:a5:5d:72:67: 43:3a:a6:3f:40:cb:3b:10:63:de:10:db:f5:fb:5a:55:9e:db: 34:27:09:b5:49:80:f8:b7:d9:a2:21:c0:47:33:c3:c9:f0:86: 82:56:b2:9a:53:58:05:13:2f:22:72:d1:fa:b0:60:27:51:63: ad:67:ec:e1 -----BEGIN CERTIFICATE----- MIIFgDCCBGigAwIBAgICCDUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QzBCREUxMTAvBgNVBAUTKEE0QjUwQkVDRDhCQkEyODU1ODcxMjhENTkxOTI4M0RC RTE2OTA5MTgwHhcNMjQwNTMxMjIwOTMyWhcNMjQxMDAxMDAwMDAwWjAYMRYwFAYD VQQDEw02NjVhNGE5Yi0yNTEwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAn2VHecuFJKHzmPYj0GAEQqVke65FhJmhtJeg6u4Hut6XarpeB05mC+Op2HMJ 804hJ+8qaRULfvNIOox3E+gqFubqpM4DExwfz4Vo50M02VY9e+sRbLtuDa+WOGu9 K7iP+bEZjJpgzvFYNP2pYDH3dHtPithMA8gLG8VZIX4i+djfT3hmD5KrZHiNzQwb MsqhK9MYdeVVzXV82JWsmq4jB+JCeutPv/COuwyl8gTGMZxgyZnIbbGuoknf4M3c qsUEz5m6P7uY0PnsaH8qftPpZTAWpFOpCnSYWlJSodoPOFFcGPmegklu/c770U62 z8kFjZPuaJYYHoJfjhHFDRCiTQIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFAtxHZYO GrkfQ9JPaigF+4Uja+MHMB8GA1UdIwQYMBaAFKS1C+zYu6KFWHEo1ZGSg9vhaQkY MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDMEJERS83RTVBQzNFMDg5 NzExMUVBOTI0MDJBMEFDNEY5QUUwMi9wTFVMN05pN29vVlljU2pWa1pLRDItRnBD UmcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3BMVUw3Tmk3b29WWWNTalZrWktEMi1GcENSZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QzBCREUvN0U1QUMzRTA4OTcxMTFFQTkyNDAyQTBBQzRGOUFFMDIvNEZEMDk1RjAw NDU2MTFFRUFBQkE4Mzc4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E HzAdMAwEAgABMAYDBANygQgwDQQCAAIwBwMFACQF7sAwDQYJKoZIhvcNAQELBQAD ggEBAIFOWETnVR9yFJa+jyIlKMZXABJ6QTWESTzbF94LDR/A1WIZMVOUvEkPAnq5 A+6d3DpvzOLmtN3119qgagCHxYQrvZ2Dk04Pz6WbNaDrQ/GRs9jhZTGbasvkiL4K M73CePm9HJhmRESNEDMqUDAGqQhcCPpBMSVMkmAB58NPGCHdTdx4mQlzpq9bv4nf 8jh1hizkHG/83+r2FnBk58StCA1pEpMfE03oIuOop00Wzl3CPgfh078p+7e6lsHe nSy9FwQ6pV1yZ0M6pj9AyzsQY94Q2/X7WlWe2zQnCbVJgPi32aIhwEczw8nwhoJW sppTWAUTLyJy0fqwYCdRY61n7OE= -----END CERTIFICATE-----Generated at Sat Jun 1 00:13:27 2024 by rpki-client on console-ams.rpki-client.org