$ rpki-client -vvf rpki.apnic.net/member_repository/A91F67BB/C9DB89EE0E3E11E9836F4014C4F9AE02/FB675E140F0311E997412A4EC4F9AE02.roa File: FB675E140F0311E997412A4EC4F9AE02.roa (raw, json) Hash identifier: Gf+bv3uHiT7vriKDC0F8LA615sNUkJxRAdXI9q2xpKE= Subject key identifier: F8:34:E8:59:DA:81:38:32:9F:2D:43:91:85:E5:92:33:D0:27:41:84 Certificate issuer: /CN=A91F67BB/serialNumber=1BF5A8D94CE06CE301FC35D869F70D740D709752 Certificate serial: 103A Authority key identifier: 1B:F5:A8:D9:4C:E0:6C:E3:01:FC:35:D8:69:F7:0D:74:0D:70:97:52 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/G_Wo2UzgbOMB_DXYafcNdA1wl1I.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F67BB/C9DB89EE0E3E11E9836F4014C4F9AE02/FB675E140F0311E997412A4EC4F9AE02.roa Signing time: Tue 28 Nov 2023 18:05:44 +0000 ROA not before: Tue 28 Nov 2023 18:05:44 +0000 ROA not after: Fri 31 Jan 2025 00:00:00 +0000 asID: 133136 IP address blocks: 45.119.156.0/24 maxlen: 24 103.6.149.0/24 maxlen: 24 103.7.202.0/24 maxlen: 24 223.25.88.0/24 maxlen: 24 223.25.89.0/24 maxlen: 24 223.25.93.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F67BB/C9DB89EE0E3E11E9836F4014C4F9AE02/G_Wo2UzgbOMB_DXYafcNdA1wl1I.crl rsync://rpki.apnic.net/member_repository/A91F67BB/C9DB89EE0E3E11E9836F4014C4F9AE02/G_Wo2UzgbOMB_DXYafcNdA1wl1I.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/G_Wo2UzgbOMB_DXYafcNdA1wl1I.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 13 Jun 2024 17:22:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4154 (0x103a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F67BB/serialNumber=1BF5A8D94CE06CE301FC35D869F70D740D709752 Validity Not Before: Nov 28 18:05:44 2023 GMT Not After : Jan 31 00:00:00 2025 GMT Subject: CN=65662bf7-0eed Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:83:72:5c:53:7e:77:f9:70:25:3c:32:45:21: d0:07:48:fa:1b:d4:42:cf:29:64:12:d1:fb:bb:ae: b0:60:76:00:65:34:b5:ba:33:9d:2d:81:52:54:0e: 71:a1:6e:cd:0f:bd:d9:4b:d4:a4:a7:78:37:43:48: 7f:cf:f5:36:23:91:b2:46:f0:fb:8e:6d:59:6a:54: 93:bd:34:3f:fe:d8:b6:fa:e4:9c:ac:d5:64:ad:fb: 9d:d6:43:47:46:2f:58:28:5c:18:b4:51:57:3f:b5: c1:5d:60:93:1a:9d:fe:ad:1e:8f:4a:42:17:28:b0: 39:b1:3b:0f:a3:76:e6:94:cc:f7:78:ea:a3:50:16: fe:79:ea:43:b3:7f:11:81:74:e9:05:4b:d5:40:5a: 90:a9:87:a4:72:2a:31:a4:fe:cf:a2:57:b9:7c:7a: 74:f8:08:27:27:bb:4d:9d:51:03:9f:7b:06:18:e7: 2a:70:04:44:db:cc:07:b4:2f:8b:50:b9:7e:f8:e6: 42:7c:4e:db:e6:3d:2e:92:0e:37:af:10:4d:c1:0e: 02:55:82:9e:bf:5f:e5:a0:9f:5b:e2:f7:b8:ea:c6: b1:65:41:27:85:f2:1c:5a:13:a6:6f:d2:12:d5:d4: 20:48:66:f5:95:65:f0:62:65:76:6d:b8:09:4c:39: 69:d5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F8:34:E8:59:DA:81:38:32:9F:2D:43:91:85:E5:92:33:D0:27:41:84 X509v3 Authority Key Identifier: keyid:1B:F5:A8:D9:4C:E0:6C:E3:01:FC:35:D8:69:F7:0D:74:0D:70:97:52 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F67BB/C9DB89EE0E3E11E9836F4014C4F9AE02/G_Wo2UzgbOMB_DXYafcNdA1wl1I.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/G_Wo2UzgbOMB_DXYafcNdA1wl1I.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F67BB/C9DB89EE0E3E11E9836F4014C4F9AE02/FB675E140F0311E997412A4EC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 45.119.156.0/24 103.6.149.0/24 103.7.202.0/24 223.25.88.0/23 223.25.93.0/24 Signature Algorithm: sha256WithRSAEncryption 82:5e:c8:db:c5:45:c0:33:21:f2:84:8a:c9:c1:28:71:d0:ed: 00:75:b2:4a:b0:e4:da:4d:c2:48:60:f7:c3:73:d8:ef:24:f9: db:f8:47:36:ca:a2:51:a6:47:92:74:b1:91:cf:ea:4d:42:d0: b1:42:7f:69:4b:07:63:22:a2:f4:a4:c5:fa:74:f9:11:3d:dc: 5d:0d:54:69:f4:26:18:b0:bc:b8:78:63:51:74:74:db:d5:bb: 5a:95:bf:be:ec:47:aa:8b:cd:ee:a1:c1:64:b5:fe:7f:98:ef: 57:d4:55:e3:0f:4a:e6:1c:b8:0b:f2:67:9c:6d:aa:58:26:52: 1a:8a:54:6f:f7:ba:9d:ff:65:43:5d:64:f7:82:05:e9:d9:ea: fa:0c:c3:30:98:eb:4e:79:27:7f:1b:8c:90:bc:4a:fd:f9:83: 19:41:ee:1a:d2:58:af:48:95:4f:a5:01:da:ac:02:5f:5a:37: 5b:c7:ae:45:6e:27:fe:d6:34:e1:2c:a5:f6:ec:f6:c7:3c:94: b2:f5:de:ec:cd:af:18:22:66:f3:31:29:16:9c:cd:75:1c:50: be:d8:c9:08:a3:6f:eb:c6:7f:11:4b:f0:dd:5e:17:bc:22:8a: 5b:ed:d4:e9:88:88:ca:f2:c9:35:12:a5:9f:66:79:8c:b8:e0: 89:32:b4:23 -----BEGIN CERTIFICATE----- MIIFiTCCBHGgAwIBAgICEDowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjY3QkIxMTAvBgNVBAUTKDFCRjVBOEQ5NENFMDZDRTMwMUZDMzVEODY5RjcwRDc0 MEQ3MDk3NTIwHhcNMjMxMTI4MTgwNTQ0WhcNMjUwMTMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NTY2MmJmNy0wZWVkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvoNyXFN+d/lwJTwyRSHQB0j6G9RCzylkEtH7u66wYHYAZTS1ujOdLYFSVA5x oW7ND73ZS9Skp3g3Q0h/z/U2I5GyRvD7jm1ZalSTvTQ//ti2+uScrNVkrfud1kNH Ri9YKFwYtFFXP7XBXWCTGp3+rR6PSkIXKLA5sTsPo3bmlMz3eOqjUBb+eepDs38R gXTpBUvVQFqQqYekcioxpP7Pole5fHp0+AgnJ7tNnVEDn3sGGOcqcARE28wHtC+L ULl++OZCfE7b5j0ukg43rxBNwQ4CVYKev1/loJ9b4ve46saxZUEnhfIcWhOmb9IS 1dQgSGb1lWXwYmV2bbgJTDlp1QIDAQABo4ICrTCCAqkwHQYDVR0OBBYEFPg06Fna gTgyny1DkYXlkjPQJ0GEMB8GA1UdIwQYMBaAFBv1qNlM4GzjAfw12Gn3DXQNcJdS MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGNjdCQi9DOURCODlFRTBF M0UxMUU5ODM2RjQwMTRDNEY5QUUwMi9HX1dvMlV6Z2JPTUJfRFhZYWZjTmRBMXds MUkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0dfV28yVXpnYk9NQl9EWFlhZmNOZEExd2wxSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RjY3QkIvQzlEQjg5RUUwRTNFMTFFOTgzNkY0MDE0QzRGOUFFMDIvRkI2NzVFMTQw RjAzMTFFOTk3NDEyQTRFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNwYIKwYBBQUHAQcBAf8E KDAmMCQEAgABMB4DBAAtd5wDBABnBpUDBABnB8oDBAHfGVgDBADfGV0wDQYJKoZI hvcNAQELBQADggEBAIJeyNvFRcAzIfKEisnBKHHQ7QB1skqw5NpNwkhg98Nz2O8k +dv4RzbKolGmR5J0sZHP6k1C0LFCf2lLB2MiovSkxfp0+RE93F0NVGn0JhiwvLh4 Y1F0dNvVu1qVv77sR6qLze6hwWS1/n+Y71fUVeMPSuYcuAvyZ5xtqlgmUhqKVG/3 up3/ZUNdZPeCBenZ6voMwzCY6055J38bjJC8Sv35gxlB7hrSWK9IlU+lAdqsAl9a N1vHrkVuJ/7WNOEspfbs9sc8lLL13uzNrxgiZvMxKRaczXUcUL7YyQijb+vGfxFL 8N1eF7wiilvt1OmIiMryyTUSpZ9meYy44IkytCM= -----END CERTIFICATE-----Generated at Thu Jun 6 18:48:22 2024 by rpki-client on console-fra.rpki-client.org