$ rpki-client -vvf rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/C901C56C88FD11EE8616C748C4F9AE02.roa File: C901C56C88FD11EE8616C748C4F9AE02.roa (raw, json) Hash identifier: Cly01sbuvLEA3FGQ23CslXfy3MFnXpH8eOz7M8zUp9s= Subject key identifier: B3:01:3A:07:05:FC:03:7C:30:0D:2B:F2:D2:5E:3F:D7:EC:DA:E6:A1 Certificate issuer: /CN=A911B412/serialNumber=873D595AF5569C20239F53DD80EB1177D80B0934 Certificate serial: 05CC Authority key identifier: 87:3D:59:5A:F5:56:9C:20:23:9F:53:DD:80:EB:11:77:D8:0B:09:34 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/C901C56C88FD11EE8616C748C4F9AE02.roa Signing time: Fri 19 Apr 2024 11:51:02 +0000 ROA not before: Fri 19 Apr 2024 11:51:02 +0000 ROA not after: Mon 30 Dec 2024 00:00:00 +0000 asID: 64021 IP address blocks: 43.229.152.0/24 maxlen: 24 43.252.208.0/24 maxlen: 24 43.252.209.0/24 maxlen: 24 43.252.210.0/24 maxlen: 24 103.209.235.0/24 maxlen: 24 103.228.64.0/24 maxlen: 24 103.228.66.0/23 maxlen: 23 103.234.52.0/24 maxlen: 24 103.234.54.0/24 maxlen: 24 150.107.0.0/24 maxlen: 24 150.107.1.0/24 maxlen: 24 150.107.2.0/24 maxlen: 24 150.107.3.0/24 maxlen: 24 150.129.42.0/24 maxlen: 24 163.53.16.0/24 maxlen: 24 163.53.19.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.crl rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 04 May 2024 01:21:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1484 (0x5cc) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A911B412/serialNumber=873D595AF5569C20239F53DD80EB1177D80B0934 Validity Not Before: Apr 19 11:51:02 2024 GMT Not After : Dec 30 00:00:00 2024 GMT Subject: CN=66225aa5-0578 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:44:2f:54:73:ad:66:2e:5d:ff:89:c5:86:ee: b1:9d:7c:db:87:8b:4f:89:a3:29:55:2e:06:6e:07: a3:c2:09:49:2e:8b:57:e5:3c:ba:4e:a6:2f:d0:6b: ed:85:49:00:58:77:21:76:5f:b2:89:ab:27:5b:71: 0f:e8:63:29:f3:8d:0d:0e:2c:00:20:18:40:ad:93: 83:a4:e5:38:f5:b5:26:79:ef:f5:1c:3f:8e:b0:2c: c1:31:a2:89:14:aa:57:29:bc:28:3f:64:79:c1:25: a7:35:64:0c:29:51:5f:e9:5e:1e:15:67:12:70:27: c7:18:be:84:d4:f4:14:03:9a:e6:08:5b:f6:72:ac: 02:d4:cf:b9:3f:60:67:8d:82:88:04:f5:b9:f0:62: a2:61:f7:cf:a1:9b:54:25:0c:e4:30:d7:25:8e:fa: 8d:69:63:eb:4a:b9:9c:f5:e5:8a:40:a0:97:cd:46: f8:53:ad:b6:ca:eb:67:95:12:be:56:74:65:65:6b: 51:d1:91:c3:82:02:f5:d2:5b:9c:55:44:68:3e:60: f0:73:12:17:71:bc:fc:04:81:40:69:07:df:11:51: 2d:cd:c2:d4:53:b8:7c:47:32:6a:cc:a1:7a:b5:77: 8c:6e:f9:be:22:aa:84:16:ee:28:a0:2a:d3:ff:a4: 74:59 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B3:01:3A:07:05:FC:03:7C:30:0D:2B:F2:D2:5E:3F:D7:EC:DA:E6:A1 X509v3 Authority Key Identifier: keyid:87:3D:59:5A:F5:56:9C:20:23:9F:53:DD:80:EB:11:77:D8:0B:09:34 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/C901C56C88FD11EE8616C748C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.229.152.0/24 43.252.208.0-43.252.210.255 103.209.235.0/24 103.228.64.0/24 103.228.66.0/23 103.234.52.0/24 103.234.54.0/24 150.107.0.0/22 150.129.42.0/24 163.53.16.0/24 163.53.19.0/24 Signature Algorithm: sha256WithRSAEncryption 77:14:2f:e9:2a:b9:36:2b:f2:41:8a:70:28:c5:35:e1:7d:e6: bf:6b:3d:6f:85:2a:57:98:d2:f2:04:dc:aa:ef:10:78:67:f1: 34:c6:f1:30:47:00:cb:57:c2:ed:d3:3d:30:5c:7c:b9:4c:3a: fa:eb:6c:7a:34:40:89:9d:42:df:48:c8:77:9c:e2:6d:39:d5: e8:39:88:21:b7:55:09:55:c8:3e:94:42:2f:d3:55:1b:6f:d7: df:8e:73:6c:55:ea:e8:0d:88:d0:88:b3:93:71:7b:ff:44:92: d3:66:94:10:ba:0e:cc:4f:e4:40:86:2e:0e:6c:0b:09:ce:8b: db:27:e2:50:b2:5a:1a:3f:98:0e:90:40:44:1a:81:4e:9d:ef: 37:76:6a:23:27:01:1d:cf:ef:41:24:f3:18:b5:57:da:15:b9: d3:ac:b7:51:c2:aa:32:84:81:8c:05:4a:df:ab:b9:10:60:ae: c5:88:a3:04:b0:d4:f3:4c:6c:57:c5:1c:34:d9:67:db:8a:2b: 99:84:db:66:88:78:6b:c4:d1:bd:f0:7c:a9:a5:6e:5d:ea:40: df:47:3f:9b:25:6f:2a:49:c2:e5:4f:40:8f:af:b4:68:fc:34: 6b:aa:0c:d4:7d:9b:8f:10:90:ad:d8:e5:64:08:16:78:a7:34: af:19:7a:0d -----BEGIN CERTIFICATE----- MIIFtTCCBJ2gAwIBAgICBcwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MUI0MTIxMTAvBgNVBAUTKDg3M0Q1OTVBRjU1NjlDMjAyMzlGNTNERDgwRUIxMTc3 RDgwQjA5MzQwHhcNMjQwNDE5MTE1MTAyWhcNMjQxMjMwMDAwMDAwWjAYMRYwFAYD VQQDEw02NjIyNWFhNS0wNTc4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvUQvVHOtZi5d/4nFhu6xnXzbh4tPiaMpVS4GbgejwglJLotX5Ty6TqYv0Gvt hUkAWHchdl+yiasnW3EP6GMp840NDiwAIBhArZODpOU49bUmee/1HD+OsCzBMaKJ FKpXKbwoP2R5wSWnNWQMKVFf6V4eFWcScCfHGL6E1PQUA5rmCFv2cqwC1M+5P2Bn jYKIBPW58GKiYffPoZtUJQzkMNcljvqNaWPrSrmc9eWKQKCXzUb4U622yutnlRK+ VnRlZWtR0ZHDggL10lucVURoPmDwcxIXcbz8BIFAaQffEVEtzcLUU7h8RzJqzKF6 tXeMbvm+IqqEFu4ooCrT/6R0WQIDAQABo4IC2TCCAtUwHQYDVR0OBBYEFLMBOgcF /AN8MA0r8tJeP9fs2uahMB8GA1UdIwQYMBaAFIc9WVr1VpwgI59T3YDrEXfYCwk0 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQjQxMi9DMUVBMDMzQ0Qy RUExMUVCQTIwNkIxNzhDNEY5QUUwMi9oejFaV3ZWV25DQWpuMVBkZ09zUmQ5Z0xD VFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2h6MVpXdlZXbkNBam4xUGRnT3NSZDlnTENUUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MUI0MTIvQzFFQTAzM0NEMkVBMTFFQkEyMDZCMTc4QzRGOUFFMDIvQzkwMUM1NkM4 OEZEMTFFRTg2MTZDNzQ4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwYwYIKwYBBQUHAQcBAf8E VDBSMFAEAgABMEoDBAAr5ZgwDAMEBCv80AMEACv80gMEAGfR6wMEAGfkQAMEAWfk QgMEAGfqNAMEAGfqNgMEApZrAAMEAJaBKgMEAKM1EAMEAKM1EzANBgkqhkiG9w0B AQsFAAOCAQEAdxQv6Sq5NivyQYpwKMU14X3mv2s9b4UqV5jS8gTcqu8QeGfxNMbx MEcAy1fC7dM9MFx8uUw6+utsejRAiZ1C30jId5zibTnV6DmIIbdVCVXIPpRCL9NV G2/X345zbFXq6A2I0Iizk3F7/0SS02aUELoOzE/kQIYuDmwLCc6L2yfiULJaGj+Y DpBARBqBTp3vN3ZqIycBHc/vQSTzGLVX2hW506y3UcKqMoSBjAVK36u5EGCuxYij BLDU80xsV8UcNNln24ormYTbZoh4a8TRvfB8qaVuXepA30c/myVvKknC5U9Aj6+0 aPw0a6oM1H2bjxCQrdjlZAgWeKc0rxl6DQ== -----END CERTIFICATE-----Generated at Sat Apr 27 10:18:27 2024 by rpki-client on console-ams.rpki-client.org