$ rpki-client -vvf rpki.apnic.net/member_repository/A91D3834/8BC2EDB03A4111EB83B57F14C4F9AE02/C7DC98823AFA11EBB1D9CD42C4F9AE02.roa File: C7DC98823AFA11EBB1D9CD42C4F9AE02.roa (raw, json) Hash identifier: 4m5cge3vfBFRAwJq9ZsEfSZsFRQypbWUNuMKaTOKg1o= Subject key identifier: CD:A6:16:BC:76:80:D8:53:0B:66:DE:4C:A0:85:52:5C:36:79:1D:E6 Certificate issuer: /CN=A91D3834/serialNumber=1A0D0BFA191911F855B5BABDFA03B9C07FDD2282 Certificate serial: 060F Authority key identifier: 1A:0D:0B:FA:19:19:11:F8:55:B5:BA:BD:FA:03:B9:C0:7F:DD:22:82 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Gg0L-hkZEfhVtbq9-gO5wH_dIoI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D3834/8BC2EDB03A4111EB83B57F14C4F9AE02/C7DC98823AFA11EBB1D9CD42C4F9AE02.roa Signing time: Wed 06 Dec 2023 23:31:04 +0000 ROA not before: Wed 06 Dec 2023 23:31:04 +0000 ROA not after: Fri 31 Jan 2025 00:00:00 +0000 asID: 24323 IP address blocks: 45.64.132.0/22 maxlen: 24 103.4.64.0/22 maxlen: 22 103.4.64.0/24 maxlen: 24 103.4.65.0/24 maxlen: 24 103.4.66.0/24 maxlen: 24 103.4.67.0/24 maxlen: 24 182.160.96.0/19 maxlen: 24 202.74.240.0/21 maxlen: 24 203.202.240.0/20 maxlen: 24 2401:c000::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D3834/8BC2EDB03A4111EB83B57F14C4F9AE02/Gg0L-hkZEfhVtbq9-gO5wH_dIoI.crl rsync://rpki.apnic.net/member_repository/A91D3834/8BC2EDB03A4111EB83B57F14C4F9AE02/Gg0L-hkZEfhVtbq9-gO5wH_dIoI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Gg0L-hkZEfhVtbq9-gO5wH_dIoI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 08 Jun 2024 00:25:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1551 (0x60f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D3834/serialNumber=1A0D0BFA191911F855B5BABDFA03B9C07FDD2282 Validity Not Before: Dec 6 23:31:04 2023 GMT Not After : Jan 31 00:00:00 2025 GMT Subject: CN=65710438-454f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:67:8d:34:d4:76:d0:bf:2d:9f:bf:ac:61:fa: ca:9e:65:6a:cb:6b:6b:a2:d5:af:aa:6c:87:9e:6c: 70:c1:39:23:bd:0b:ad:32:27:d5:37:a2:c4:cf:b2: 51:44:ad:a7:38:47:91:5a:8f:71:b3:bc:55:8d:6a: 2c:a0:9e:e6:a1:38:46:ba:8a:2e:37:6b:da:1b:a0: 18:01:1e:c6:e2:f2:11:bf:ae:32:79:3f:6b:fb:76: a6:87:fe:e9:94:f2:7b:d6:5a:cc:59:31:11:d4:5f: ad:59:18:58:7c:fb:dd:66:a1:43:3a:8b:7a:e7:52: 57:d9:01:93:91:6b:60:38:2b:6b:32:51:e2:ce:78: 3a:5b:2e:d4:84:d4:c4:2b:b3:cf:3e:a9:a5:36:14: 59:35:29:ec:b7:f0:94:f3:97:0e:a8:2b:1b:c3:a6: e1:15:77:39:9b:ff:4a:5c:18:07:e5:29:f9:c9:cb: ac:64:1a:57:16:70:56:db:f5:4b:87:63:50:4b:ff: 5d:0f:ba:65:41:6f:8b:38:66:be:da:87:69:74:bc: c5:32:76:69:24:40:07:3f:9e:3a:bf:93:26:60:79: 11:65:aa:09:b2:77:7e:b9:e7:2d:83:07:61:0f:1b: 67:ca:d3:19:66:81:38:f3:7f:fe:dd:f0:83:80:c7: 67:d5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CD:A6:16:BC:76:80:D8:53:0B:66:DE:4C:A0:85:52:5C:36:79:1D:E6 X509v3 Authority Key Identifier: keyid:1A:0D:0B:FA:19:19:11:F8:55:B5:BA:BD:FA:03:B9:C0:7F:DD:22:82 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D3834/8BC2EDB03A4111EB83B57F14C4F9AE02/Gg0L-hkZEfhVtbq9-gO5wH_dIoI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Gg0L-hkZEfhVtbq9-gO5wH_dIoI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D3834/8BC2EDB03A4111EB83B57F14C4F9AE02/C7DC98823AFA11EBB1D9CD42C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 45.64.132.0/22 103.4.64.0/22 182.160.96.0/19 202.74.240.0/21 203.202.240.0/20 IPv6: 2401:c000::/32 Signature Algorithm: sha256WithRSAEncryption c6:3a:c1:d2:b2:c8:89:c1:9c:c5:18:08:9c:07:7a:5e:96:dd: e3:e1:dd:b9:d8:4b:38:ad:4d:c2:4b:99:f5:3c:6a:08:2a:29: 04:af:a8:ad:3e:8e:5a:6a:ca:96:56:34:24:c7:ba:fa:32:47: 62:eb:8a:94:a0:dc:5a:84:9c:67:8b:b8:82:e3:4a:67:d0:98: 07:57:a1:28:0b:6f:13:94:a7:d3:07:ac:f9:8a:c7:6e:e1:52: 10:9a:8e:51:ce:67:b7:e8:e1:ae:eb:03:0b:61:a8:98:35:63: 0e:e8:5d:f1:21:1f:cb:c7:85:9e:a4:2d:fb:f9:04:77:92:97: e5:4b:01:43:ce:bd:d9:7a:ff:42:2c:e0:f8:b6:20:46:29:2e: e1:b2:5b:ee:6f:b5:b1:56:25:ab:f5:5e:e3:7d:5f:4d:41:66: 97:9f:c1:8f:fc:4d:42:16:ee:64:83:aa:14:11:d1:34:cd:57: 40:78:f4:fd:68:3e:70:f8:63:b2:d1:d6:e5:65:80:ab:1b:b7: 13:95:1a:82:87:3a:68:87:10:fe:08:b0:9f:63:bd:83:00:ff: 38:30:07:a7:53:b5:5d:96:6c:55:2a:88:7e:3e:6b:bf:88:44: 8f:e1:20:9f:ce:39:83:ff:cb:0b:fd:dc:eb:47:68:43:e3:d5: 28:04:af:de -----BEGIN CERTIFICATE----- MIIFmDCCBICgAwIBAgICBg8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDM4MzQxMTAvBgNVBAUTKDFBMEQwQkZBMTkxOTExRjg1NUI1QkFCREZBMDNCOUMw N0ZERDIyODIwHhcNMjMxMjA2MjMzMTA0WhcNMjUwMTMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NTcxMDQzOC00NTRmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAoGeNNNR20L8tn7+sYfrKnmVqy2trotWvqmyHnmxwwTkjvQutMifVN6LEz7JR RK2nOEeRWo9xs7xVjWosoJ7moThGuoouN2vaG6AYAR7G4vIRv64yeT9r+3amh/7p lPJ71lrMWTER1F+tWRhYfPvdZqFDOot651JX2QGTkWtgOCtrMlHizng6Wy7UhNTE K7PPPqmlNhRZNSnst/CU85cOqCsbw6bhFXc5m/9KXBgH5Sn5ycusZBpXFnBW2/VL h2NQS/9dD7plQW+LOGa+2odpdLzFMnZpJEAHP546v5MmYHkRZaoJsnd+uectgwdh DxtnytMZZoE483/+3fCDgMdn1QIDAQABo4ICvDCCArgwHQYDVR0OBBYEFM2mFrx2 gNhTC2beTKCFUlw2eR3mMB8GA1UdIwQYMBaAFBoNC/oZGRH4VbW6vfoDucB/3SKC MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEMzgzNC84QkMyRURCMDNB NDExMUVCODNCNTdGMTRDNEY5QUUwMi9HZzBMLWhrWkVmaFZ0YnE5LWdPNXdIX2RJ b0kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0dnMEwtaGtaRWZoVnRicTktZ081d0hfZElvSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RDM4MzQvOEJDMkVEQjAzQTQxMTFFQjgzQjU3RjE0QzRGOUFFMDIvQzdEQzk4ODIz QUZBMTFFQkIxRDlDRDQyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwRgYIKwYBBQUHAQcBAf8E NzA1MCQEAgABMB4DBAItQIQDBAJnBEADBAW2oGADBAPKSvADBATLyvAwDQQCAAIw BwMFACQBwAAwDQYJKoZIhvcNAQELBQADggEBAMY6wdKyyInBnMUYCJwHel6W3ePh 3bnYSzitTcJLmfU8aggqKQSvqK0+jlpqypZWNCTHuvoyR2LripSg3FqEnGeLuILj SmfQmAdXoSgLbxOUp9MHrPmKx27hUhCajlHOZ7fo4a7rAwthqJg1Yw7oXfEhH8vH hZ6kLfv5BHeSl+VLAUPOvdl6/0Is4Pi2IEYpLuGyW+5vtbFWJav1XuN9X01BZpef wY/8TUIW7mSDqhQR0TTNV0B49P1oPnD4Y7LR1uVlgKsbtxOVGoKHOmiHEP4IsJ9j vYMA/zgwB6dTtV2WbFUqiH4+a7+IRI/hIJ/OOYP/ywv93OtHaEPj1SgEr94= -----END CERTIFICATE-----Generated at Sat Jun 1 01:41:46 2024 by rpki-client on console-fra.rpki-client.org