$ rpki-client -vvf rpki.apnic.net/member_repository/A91E9467/770B4F1A526F11ECBC50EB17C4F9AE02/F63AA888900F11ED8B4CB41DC4F9AE02.roa File: F63AA888900F11ED8B4CB41DC4F9AE02.roa (raw, json) Hash identifier: mFMTPO5IaTAPptfeQB3r0wMHpppKofoqnM7ZJFMZlAY= Subject key identifier: 38:6A:84:17:6B:38:1C:01:D9:CA:FC:3D:8F:35:AB:DC:9B:E1:FB:20 Certificate issuer: /CN=A91E9467/serialNumber=52BE9DDE9568FE4ADCA0F345B3617A63C3075845 Certificate serial: 0315 Authority key identifier: 52:BE:9D:DE:95:68:FE:4A:DC:A0:F3:45:B3:61:7A:63:C3:07:58:45 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ur6d3pVo_krcoPNFs2F6Y8MHWEU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E9467/770B4F1A526F11ECBC50EB17C4F9AE02/F63AA888900F11ED8B4CB41DC4F9AE02.roa Signing time: Fri 21 Jul 2023 04:26:39 +0000 ROA not before: Fri 21 Jul 2023 04:26:39 +0000 ROA not after: Tue 30 Jul 2024 00:00:00 +0000 asID: 133660 IP address blocks: 45.112.200.0/22 maxlen: 22 45.112.200.0/23 maxlen: 23 45.112.200.0/24 maxlen: 24 45.112.201.0/24 maxlen: 24 45.112.202.0/23 maxlen: 23 45.112.202.0/24 maxlen: 24 45.112.203.0/24 maxlen: 24 103.42.84.0/22 maxlen: 22 103.42.84.0/23 maxlen: 23 103.42.84.0/24 maxlen: 24 103.42.85.0/24 maxlen: 24 103.42.86.0/23 maxlen: 23 103.42.86.0/24 maxlen: 24 103.42.87.0/24 maxlen: 24 2406:640::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E9467/770B4F1A526F11ECBC50EB17C4F9AE02/Ur6d3pVo_krcoPNFs2F6Y8MHWEU.crl rsync://rpki.apnic.net/member_repository/A91E9467/770B4F1A526F11ECBC50EB17C4F9AE02/Ur6d3pVo_krcoPNFs2F6Y8MHWEU.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ur6d3pVo_krcoPNFs2F6Y8MHWEU.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 08 Jun 2024 03:41:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 789 (0x315) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E9467/serialNumber=52BE9DDE9568FE4ADCA0F345B3617A63C3075845 Validity Not Before: Jul 21 04:26:39 2023 GMT Not After : Jul 30 00:00:00 2024 GMT Subject: CN=64ba08fe-1173 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d1:2d:58:cd:56:4b:db:a5:f0:c3:9f:9c:e4:3e: 79:a5:21:bd:a2:d8:97:77:d2:ff:c9:4f:68:de:d9: 58:c0:51:ff:e0:9b:18:e2:47:8b:96:55:38:85:cd: 2a:d2:7c:37:da:f5:dd:a0:0e:82:ae:ae:e8:a5:55: 66:ba:d4:13:2c:82:62:a3:01:73:cd:6c:33:2d:32: 7e:3f:d2:9a:7a:4f:d3:c9:f1:1c:c2:97:35:a5:83: 3b:1c:2b:d3:a8:4c:9a:cd:cf:8c:c2:89:e8:3a:a7: a8:d9:1f:11:e1:f2:93:1f:e6:98:e1:29:f3:aa:cb: ca:39:98:97:d8:29:01:79:c0:c3:53:34:0d:28:ed: fd:5e:5c:b6:16:75:ef:48:f2:7e:1f:b8:32:b8:91: 00:52:b3:a3:54:c8:24:9f:49:58:fd:6d:72:0c:1c: f0:66:53:26:e6:e1:d8:a8:dd:2e:c1:30:21:8b:07: 17:44:ad:cb:ae:59:aa:83:93:b9:8a:27:4e:d6:b8: 4e:33:85:99:29:7d:e9:7b:62:9f:88:27:3b:e5:4a: 30:34:a7:d9:92:9f:1f:f7:2b:80:a4:f9:7f:41:a5: 71:d4:4d:0f:78:b1:d2:27:c0:3f:ae:d8:90:9a:1f: b1:6d:bd:63:4a:3d:15:6c:3a:87:05:60:ba:93:c3: bd:23 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 38:6A:84:17:6B:38:1C:01:D9:CA:FC:3D:8F:35:AB:DC:9B:E1:FB:20 X509v3 Authority Key Identifier: keyid:52:BE:9D:DE:95:68:FE:4A:DC:A0:F3:45:B3:61:7A:63:C3:07:58:45 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E9467/770B4F1A526F11ECBC50EB17C4F9AE02/Ur6d3pVo_krcoPNFs2F6Y8MHWEU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ur6d3pVo_krcoPNFs2F6Y8MHWEU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E9467/770B4F1A526F11ECBC50EB17C4F9AE02/F63AA888900F11ED8B4CB41DC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 45.112.200.0/22 103.42.84.0/22 IPv6: 2406:640::/32 Signature Algorithm: sha256WithRSAEncryption 7f:c6:99:c3:20:36:45:ac:a2:06:e7:02:56:8b:04:48:65:16: 4e:75:31:ec:b2:2c:9c:9a:69:4a:7c:88:02:fc:01:8f:53:cc: be:f6:e3:3e:ed:61:ab:79:eb:4f:10:42:52:a9:d9:13:d8:bc: f1:4f:28:cc:3b:f1:d0:9c:d7:bb:af:a7:06:24:c3:6f:fe:4d: 51:3c:d1:8c:d6:e4:66:6d:ad:4e:50:2f:ef:ed:15:0b:85:b2: e7:15:f6:10:0d:8f:e8:a5:f1:a5:f2:47:57:be:78:9d:ce:ad: f6:72:52:8f:18:8e:5d:7b:da:3e:db:79:e2:cc:52:60:81:5e: 61:87:89:93:d8:bc:43:34:26:81:c4:2b:94:f7:93:62:dd:e6: 36:4b:6e:7d:94:21:09:6f:5b:5f:6d:96:c5:42:1f:d5:e9:72: 3a:43:6d:01:2b:13:9b:b6:39:2a:a3:a8:b6:b5:14:9c:a8:ad: 9f:5b:30:90:05:bd:c6:0d:87:30:ad:9b:42:54:07:d6:6e:02: 86:92:4d:a4:fb:6c:f1:b4:4b:f9:fa:c4:0d:58:33:e3:d3:6c: c6:00:f3:be:f4:a0:eb:66:d6:23:02:10:e7:a3:2e:64:58:55: 0c:dd:d9:31:2f:f0:b2:9c:8f:e8:95:b9:d8:3e:3c:ea:05:29: e7:d9:f1:df -----BEGIN CERTIFICATE----- MIIFhjCCBG6gAwIBAgICAxUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTk0NjcxMTAvBgNVBAUTKDUyQkU5RERFOTU2OEZFNEFEQ0EwRjM0NUIzNjE3QTYz QzMwNzU4NDUwHhcNMjMwNzIxMDQyNjM5WhcNMjQwNzMwMDAwMDAwWjAYMRYwFAYD VQQDEw02NGJhMDhmZS0xMTczMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA0S1YzVZL26Xww5+c5D55pSG9otiXd9L/yU9o3tlYwFH/4JsY4keLllU4hc0q 0nw32vXdoA6Crq7opVVmutQTLIJiowFzzWwzLTJ+P9Kaek/TyfEcwpc1pYM7HCvT qEyazc+MwonoOqeo2R8R4fKTH+aY4SnzqsvKOZiX2CkBecDDUzQNKO39Xly2FnXv SPJ+H7gyuJEAUrOjVMgkn0lY/W1yDBzwZlMm5uHYqN0uwTAhiwcXRK3Lrlmqg5O5 iidO1rhOM4WZKX3pe2KfiCc75UowNKfZkp8f9yuApPl/QaVx1E0PeLHSJ8A/rtiQ mh+xbb1jSj0VbDqHBWC6k8O9IwIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFDhqhBdr OBwB2cr8PY81q9yb4fsgMB8GA1UdIwQYMBaAFFK+nd6VaP5K3KDzRbNhemPDB1hF MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFOTQ2Ny83NzBCNEYxQTUy NkYxMUVDQkM1MEVCMTdDNEY5QUUwMi9VcjZkM3BWb19rcmNvUE5GczJGNlk4TUhX RVUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1VyNmQzcFZvX2tyY29QTkZzMkY2WThNSFdFVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RTk0NjcvNzcwQjRGMUE1MjZGMTFFQ0JDNTBFQjE3QzRGOUFFMDIvRjYzQUE4ODg5 MDBGMTFFRDhCNENCNDFEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E JTAjMBIEAgABMAwDBAItcMgDBAJnKlQwDQQCAAIwBwMFACQGBkAwDQYJKoZIhvcN AQELBQADggEBAH/GmcMgNkWsogbnAlaLBEhlFk51MeyyLJyaaUp8iAL8AY9TzL72 4z7tYat5608QQlKp2RPYvPFPKMw78dCc17uvpwYkw2/+TVE80YzW5GZtrU5QL+/t FQuFsucV9hANj+il8aXyR1e+eJ3OrfZyUo8Yjl172j7beeLMUmCBXmGHiZPYvEM0 JoHEK5T3k2Ld5jZLbn2UIQlvW19tlsVCH9XpcjpDbQErE5u2OSqjqLa1FJyorZ9b MJAFvcYNhzCtm0JUB9ZuAoaSTaT7bPG0S/n6xA1YM+PTbMYA8770oOtm1iMCEOej LmRYVQzd2TEv8LKcj+iVudg+POoFKefZ8d8= -----END CERTIFICATE-----Generated at Sat Jun 1 07:08:30 2024 by rpki-client on console-ams.rpki-client.org