$ rpki-client -vvf rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/91CA42BC681511EE880F7E85C4F9AE02.roa File: 91CA42BC681511EE880F7E85C4F9AE02.roa (raw, json) Hash identifier: dvG68TlPOJqtQg5az4o0k2GV9qtf3lUx+CHrRzFlh/I= Subject key identifier: 9D:92:19:C5:4F:B6:FD:61:CE:0F:4C:8A:75:F8:BB:AC:CA:C0:5E:58 Certificate issuer: /CN=A911B412/serialNumber=873D595AF5569C20239F53DD80EB1177D80B0934 Certificate serial: 0535 Authority key identifier: 87:3D:59:5A:F5:56:9C:20:23:9F:53:DD:80:EB:11:77:D8:0B:09:34 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/91CA42BC681511EE880F7E85C4F9AE02.roa Signing time: Fri 13 Oct 2023 00:53:07 +0000 ROA not before: Fri 13 Oct 2023 00:53:07 +0000 ROA not after: Mon 30 Dec 2024 00:00:00 +0000 asID: 40065 IP address blocks: 43.229.154.0/24 maxlen: 24 103.20.222.0/24 maxlen: 24 103.20.223.0/24 maxlen: 24 103.48.169.0/24 maxlen: 24 103.225.199.0/24 maxlen: 24 150.129.41.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.crl rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 10 May 2024 00:26:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1333 (0x535) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A911B412/serialNumber=873D595AF5569C20239F53DD80EB1177D80B0934 Validity Not Before: Oct 13 00:53:07 2023 GMT Not After : Dec 30 00:00:00 2024 GMT Subject: CN=652894f2-7191 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:24:f2:9e:17:8c:00:b4:4e:20:ce:5e:69:31: c3:60:54:0d:c0:f4:99:9a:d6:61:78:6a:07:c9:d4: f1:ad:cd:28:54:1d:92:20:b2:0b:f1:a3:35:16:c3: 25:84:e6:b9:42:93:58:ba:b0:60:19:a4:f1:87:c5: 67:5a:29:e1:30:0e:82:26:68:f6:8b:fc:9c:0e:69: b0:d6:19:9a:73:c4:f3:83:2b:c9:db:26:e6:d1:ea: 8a:b1:bf:02:4c:b4:0b:38:fa:c8:91:36:da:47:86: 95:06:97:19:d5:f1:c4:07:1d:4c:9b:c6:3f:99:4e: 61:95:01:81:c3:6d:6d:2e:8b:43:fa:1d:eb:62:09: 07:61:a4:0d:01:b9:40:c0:e2:c3:97:05:c8:c0:f9: 12:02:6c:d1:96:99:f3:de:71:dd:20:ba:4e:71:9e: d1:05:46:9d:a3:97:97:aa:a2:e4:45:4c:7a:77:c8: ab:14:57:9d:ff:ae:50:a7:b7:4e:c9:41:d2:8a:2e: 72:0f:ae:8f:fd:f4:9e:d0:0d:c1:7c:87:c7:df:8b: 65:82:ae:02:38:23:f0:b0:71:9f:e8:4d:a5:e3:90: ed:38:71:1f:bf:41:51:91:73:e1:ba:28:64:04:77: 03:f9:20:5d:01:5c:15:4a:ee:e8:a0:47:e3:4b:62: dd:d5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9D:92:19:C5:4F:B6:FD:61:CE:0F:4C:8A:75:F8:BB:AC:CA:C0:5E:58 X509v3 Authority Key Identifier: keyid:87:3D:59:5A:F5:56:9C:20:23:9F:53:DD:80:EB:11:77:D8:0B:09:34 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/91CA42BC681511EE880F7E85C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.229.154.0/24 103.20.222.0/23 103.48.169.0/24 103.225.199.0/24 150.129.41.0/24 Signature Algorithm: sha256WithRSAEncryption 2a:53:5e:18:4f:b5:a0:af:ab:e8:cd:a8:a7:94:4a:49:3d:b5: 17:4e:40:b4:6c:d8:02:2a:59:40:91:2f:0d:87:36:ba:f2:42: 91:d9:9a:77:99:c4:70:f4:21:da:86:fb:e8:9e:4f:74:db:f6: f4:08:18:14:ec:c5:d6:e9:5d:26:0f:4e:f4:8a:85:c4:3d:2f: c8:db:b3:54:d5:f8:ca:51:24:ea:bd:4c:d5:ee:f4:d2:36:97: 3c:c8:2e:ff:66:10:83:69:f7:54:53:c5:69:c7:fe:93:82:f5: 7c:19:08:aa:3c:32:86:f2:25:98:e0:9a:85:97:e6:da:05:80: bc:ae:25:6d:c2:53:be:c4:b1:2c:eb:d8:45:bf:96:d4:24:72: 98:42:f7:dc:29:a3:38:7b:82:2c:46:80:a8:c3:5c:ac:1f:03: f0:e6:fc:19:b1:03:c2:43:84:23:c8:82:19:28:44:b5:01:3e: d0:1f:62:9f:6c:e8:2b:72:67:df:ff:2c:f3:60:76:d6:05:cb: 1d:ff:91:bb:0f:d2:d6:d9:8f:c3:40:dc:93:10:5d:43:7b:a6: 1b:86:c5:f2:38:d4:40:d0:2d:c8:02:25:88:0a:f2:85:3d:24: 65:bb:45:e4:e9:2b:0d:99:6d:68:58:ad:75:1a:a9:91:86:0b: 7c:f7:23:0b -----BEGIN CERTIFICATE----- MIIFiTCCBHGgAwIBAgICBTUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MUI0MTIxMTAvBgNVBAUTKDg3M0Q1OTVBRjU1NjlDMjAyMzlGNTNERDgwRUIxMTc3 RDgwQjA5MzQwHhcNMjMxMDEzMDA1MzA3WhcNMjQxMjMwMDAwMDAwWjAYMRYwFAYD VQQDEw02NTI4OTRmMi03MTkxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAsSTynheMALROIM5eaTHDYFQNwPSZmtZheGoHydTxrc0oVB2SILIL8aM1FsMl hOa5QpNYurBgGaTxh8VnWinhMA6CJmj2i/ycDmmw1hmac8TzgyvJ2ybm0eqKsb8C TLQLOPrIkTbaR4aVBpcZ1fHEBx1Mm8Y/mU5hlQGBw21tLotD+h3rYgkHYaQNAblA wOLDlwXIwPkSAmzRlpnz3nHdILpOcZ7RBUado5eXqqLkRUx6d8irFFed/65Qp7dO yUHSii5yD66P/fSe0A3BfIfH34tlgq4COCPwsHGf6E2l45DtOHEfv0FRkXPhuihk BHcD+SBdAVwVSu7ooEfjS2Ld1QIDAQABo4ICrTCCAqkwHQYDVR0OBBYEFJ2SGcVP tv1hzg9MinX4u6zKwF5YMB8GA1UdIwQYMBaAFIc9WVr1VpwgI59T3YDrEXfYCwk0 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQjQxMi9DMUVBMDMzQ0Qy RUExMUVCQTIwNkIxNzhDNEY5QUUwMi9oejFaV3ZWV25DQWpuMVBkZ09zUmQ5Z0xD VFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2h6MVpXdlZXbkNBam4xUGRnT3NSZDlnTENUUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MUI0MTIvQzFFQTAzM0NEMkVBMTFFQkEyMDZCMTc4QzRGOUFFMDIvOTFDQTQyQkM2 ODE1MTFFRTg4MEY3RTg1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNwYIKwYBBQUHAQcBAf8E KDAmMCQEAgABMB4DBAAr5ZoDBAFnFN4DBABnMKkDBABn4ccDBACWgSkwDQYJKoZI hvcNAQELBQADggEBACpTXhhPtaCvq+jNqKeUSkk9tRdOQLRs2AIqWUCRLw2HNrry QpHZmneZxHD0IdqG++ieT3Tb9vQIGBTsxdbpXSYPTvSKhcQ9L8jbs1TV+MpRJOq9 TNXu9NI2lzzILv9mEINp91RTxWnH/pOC9XwZCKo8MobyJZjgmoWX5toFgLyuJW3C U77EsSzr2EW/ltQkcphC99wpozh7gixGgKjDXKwfA/Dm/BmxA8JDhCPIghkoRLUB PtAfYp9s6CtyZ9//LPNgdtYFyx3/kbsP0tbZj8NA3JMQXUN7phuGxfI41EDQLcgC JYgK8oU9JGW7ReTpKw2ZbWhYrXUaqZGGC3z3Iws= -----END CERTIFICATE-----Generated at Fri May 3 03:10:45 2024 by rpki-client on console-ams.rpki-client.org