$ rpki-client -vvf rpki.apnic.net/member_repository/A91DEF41/C75DA132F2FB11EE9FCF764CC4F9AE02/1698D0A4F3C511EEA51BD730C4F9AE02.roa File: 1698D0A4F3C511EEA51BD730C4F9AE02.roa (raw, json) Hash identifier: 4QxfcSzL20wlHccDIuyJTCp3h7Gtt89PLx10tCKRmWQ= Subject key identifier: 37:85:80:DB:9F:21:38:BC:38:0C:7C:5A:FB:BA:2E:45:42:EF:E3:51 Certificate issuer: /CN=A91DEF41/serialNumber=336DDE7EC3280499964371CAEE2620FBFCACDC98 Certificate serial: 0B Authority key identifier: 33:6D:DE:7E:C3:28:04:99:96:43:71:CA:EE:26:20:FB:FC:AC:DC:98 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/M23efsMoBJmWQ3HK7iYg-_ys3Jg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91DEF41/C75DA132F2FB11EE9FCF764CC4F9AE02/1698D0A4F3C511EEA51BD730C4F9AE02.roa Signing time: Sat 06 Apr 2024 03:30:35 +0000 ROA not before: Sat 06 Apr 2024 03:30:35 +0000 ROA not after: Tue 01 Jul 2025 00:00:00 +0000 asID: 147295 IP address blocks: 203.170.90.0/23 maxlen: 24 2001:df3:a2c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91DEF41/C75DA132F2FB11EE9FCF764CC4F9AE02/M23efsMoBJmWQ3HK7iYg-_ys3Jg.crl rsync://rpki.apnic.net/member_repository/A91DEF41/C75DA132F2FB11EE9FCF764CC4F9AE02/M23efsMoBJmWQ3HK7iYg-_ys3Jg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/M23efsMoBJmWQ3HK7iYg-_ys3Jg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 08 Jun 2024 08:57:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 11 (0xb) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91DEF41/serialNumber=336DDE7EC3280499964371CAEE2620FBFCACDC98 Validity Not Before: Apr 6 03:30:35 2024 GMT Not After : Jul 1 00:00:00 2025 GMT Subject: CN=6610c1db-ec0a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:1c:09:a3:49:ba:40:83:f1:db:09:dd:98:45: 65:fb:8d:55:c6:12:f1:30:d2:85:ef:7c:63:3e:e9: 28:dd:33:b4:3e:43:03:a4:e1:88:91:12:74:e6:82: 9e:e5:c4:38:c2:eb:bb:e8:8e:ba:84:65:af:49:04: fa:87:48:56:aa:3e:6e:00:28:88:45:4e:89:6c:06: 8f:5f:b2:54:46:ac:95:3b:da:e4:69:fb:3f:f6:de: ec:c1:dc:fd:84:06:3f:aa:ff:69:f4:c0:1f:c0:5d: fa:9f:b6:62:cd:f8:eb:a0:6d:6c:18:11:a4:d5:2f: 6c:b2:fe:92:8f:58:84:79:da:54:9d:9b:a8:97:8b: c6:6b:da:c7:cf:f4:0a:56:61:95:81:59:80:14:d9: de:18:cf:4e:30:9a:c1:24:bc:b7:a1:17:73:5a:f9: a4:4f:e5:65:d2:72:24:7a:1e:9e:49:16:e9:f3:b3: 9c:40:09:0b:04:4d:6b:a4:01:c2:45:a9:93:26:fd: cc:2f:04:3a:44:10:7f:95:13:65:aa:dd:70:5a:d0: e3:22:d4:5b:ce:7c:83:e6:4e:c6:8b:47:1b:30:f6: 59:0b:b7:27:39:e4:c1:84:62:06:ef:8a:e5:b6:6e: 4b:82:19:4e:b3:a7:02:7b:09:ff:59:f3:92:90:8e: 58:59 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 37:85:80:DB:9F:21:38:BC:38:0C:7C:5A:FB:BA:2E:45:42:EF:E3:51 X509v3 Authority Key Identifier: keyid:33:6D:DE:7E:C3:28:04:99:96:43:71:CA:EE:26:20:FB:FC:AC:DC:98 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91DEF41/C75DA132F2FB11EE9FCF764CC4F9AE02/M23efsMoBJmWQ3HK7iYg-_ys3Jg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/M23efsMoBJmWQ3HK7iYg-_ys3Jg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DEF41/C75DA132F2FB11EE9FCF764CC4F9AE02/1698D0A4F3C511EEA51BD730C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 203.170.90.0/23 IPv6: 2001:df3:a2c0::/48 Signature Algorithm: sha256WithRSAEncryption 37:b6:e5:46:b5:15:22:3a:6b:e0:a8:fc:73:91:a6:59:a4:51: 60:d7:8a:55:7d:9a:97:2c:fb:ce:b6:9c:b8:f1:ed:cb:0e:82: 84:5e:ec:bb:a8:b3:6d:cc:89:0c:22:f2:15:3f:71:94:16:16: d0:b9:8a:41:c8:5d:9f:61:6d:d4:94:ff:06:d4:51:be:f6:fc: f1:93:5b:c3:3a:62:bf:25:94:08:d7:aa:7d:19:9d:c0:4b:fa: d2:e8:2c:db:e8:4e:52:5a:f8:5b:86:aa:e1:8b:6e:34:ef:57: 69:70:b8:9b:01:bb:60:10:1c:e4:74:57:45:f9:b4:8d:4c:83: a9:7f:32:d2:8f:8d:d8:0b:26:2b:dc:fa:c6:dc:6a:95:63:62: af:c6:81:0a:88:1d:c7:a1:23:f6:a6:97:41:fb:f8:4a:1c:ca: 20:74:7a:b1:32:c2:dc:5c:f1:e0:88:75:a6:c2:04:6c:cf:bf: a2:d9:b2:b7:d2:8c:e7:ea:ea:01:8b:b8:d7:d1:fe:ba:62:27: d5:0d:dc:5b:5a:55:ce:d6:70:29:2f:c7:45:1b:6f:93:03:38: c2:f4:d4:9c:41:f2:ca:d0:e0:9c:0c:9c:c2:d3:c2:9b:59:1a: 8b:b6:b3:f8:ff:b0:e6:09:33:30:7f:30:b0:98:af:20:bc:23: 1b:8d:a8:2e -----BEGIN CERTIFICATE----- MIIFgTCCBGmgAwIBAgIBCzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFE RUY0MTExMC8GA1UEBRMoMzM2RERFN0VDMzI4MDQ5OTk2NDM3MUNBRUUyNjIwRkJG Q0FDREM5ODAeFw0yNDA0MDYwMzMwMzVaFw0yNTA3MDEwMDAwMDBaMBgxFjAUBgNV BAMTDTY2MTBjMWRiLWVjMGEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQC9HAmjSbpAg/HbCd2YRWX7jVXGEvEw0oXvfGM+6SjdM7Q+QwOk4YiREnTmgp7l xDjC67vojrqEZa9JBPqHSFaqPm4AKIhFTolsBo9fslRGrJU72uRp+z/23uzB3P2E Bj+q/2n0wB/AXfqftmLN+OugbWwYEaTVL2yy/pKPWIR52lSdm6iXi8Zr2sfP9ApW YZWBWYAU2d4Yz04wmsEkvLehF3Na+aRP5WXSciR6Hp5JFunzs5xACQsETWukAcJF qZMm/cwvBDpEEH+VE2Wq3XBa0OMi1FvOfIPmTsaLRxsw9lkLtyc55MGEYgbviuW2 bkuCGU6zpwJ7Cf9Z85KQjlhZAgMBAAGjggKmMIICojAdBgNVHQ4EFgQUN4WA258h OLw4DHxa+7ouRULv41EwHwYDVR0jBBgwFoAUM23efsMoBJmWQ3HK7iYg+/ys3Jgw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MURFRjQxL0M3NURBMTMyRjJG QjExRUU5RkNGNzY0Q0M0RjlBRTAyL00yM2Vmc01vQkptV1EzSEs3aVlnLV95czNK Zy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvTTIzZWZzTW9CSm1XUTNISzdpWWctX3lzM0pnLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE RUY0MS9DNzVEQTEzMkYyRkIxMUVFOUZDRjc2NENDNEY5QUUwMi8xNjk4RDBBNEYz QzUxMUVFQTUxQkQ3MzBDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAwBggrBgEFBQcBBwEB/wQh MB8wDAQCAAEwBgMEAcuqWjAPBAIAAjAJAwcAIAEN86LAMA0GCSqGSIb3DQEBCwUA A4IBAQA3tuVGtRUiOmvgqPxzkaZZpFFg14pVfZqXLPvOtpy48e3LDoKEXuy7qLNt zIkMIvIVP3GUFhbQuYpByF2fYW3UlP8G1FG+9vzxk1vDOmK/JZQI16p9GZ3AS/rS 6Czb6E5SWvhbhqrhi24071dpcLibAbtgEBzkdFdF+bSNTIOpfzLSj43YCyYr3PrG 3GqVY2KvxoEKiB3HoSP2ppdB+/hKHMogdHqxMsLcXPHgiHWmwgRsz7+i2bK30ozn 6uoBi7jX0f66YifVDdxbWlXO1nApL8dFG2+TAzjC9NScQfLK0OCcDJzC08KbWRqL trP4/7DmCTMwfzCwmK8gvCMbjagu -----END CERTIFICATE-----Generated at Sat Jun 1 11:47:34 2024 by rpki-client on console-ams.rpki-client.org