$ rpki-client -vvf rpki.apnic.net/member_repository/A911C676/CD38AB16DDD911E8AF451F0AC4F9AE02/68E5014A355C11EC96291331C4F9AE02.roa File: 68E5014A355C11EC96291331C4F9AE02.roa (raw, json) Hash identifier: KxPY2GSftqdJFzgDeoNVtONYbEatx62Ixetc0d07l0M= Subject key identifier: 3D:8D:B2:83:E9:3F:CB:08:EE:8B:47:7E:6F:EB:76:03:59:29:3E:78 Certificate issuer: /CN=A911C676/serialNumber=A9E95A416BCCEEFD86EA2FA019C25E4D76B8E9D9 Certificate serial: 1129 Authority key identifier: A9:E9:5A:41:6B:CC:EE:FD:86:EA:2F:A0:19:C2:5E:4D:76:B8:E9:D9 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qelaQWvM7v2G6i-gGcJeTXa46dk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A911C676/CD38AB16DDD911E8AF451F0AC4F9AE02/68E5014A355C11EC96291331C4F9AE02.roa Signing time: Mon 20 Nov 2023 17:55:16 +0000 ROA not before: Mon 20 Nov 2023 17:55:16 +0000 ROA not after: Fri 31 Jan 2025 00:00:00 +0000 asID: 134094 IP address blocks: 45.123.116.0/24 maxlen: 24 45.123.117.0/24 maxlen: 24 45.123.118.0/24 maxlen: 24 45.123.119.0/24 maxlen: 24 103.51.140.0/24 maxlen: 24 103.51.141.0/24 maxlen: 24 103.51.142.0/24 maxlen: 24 103.51.143.0/24 maxlen: 24 103.103.128.0/24 maxlen: 24 103.103.129.0/24 maxlen: 24 103.103.130.0/24 maxlen: 24 103.103.131.0/24 maxlen: 24 203.15.150.0/24 maxlen: 24 2401:f540::/48 maxlen: 48 2401:f540:1::/48 maxlen: 48 2401:f540:2::/48 maxlen: 48 2401:f540:3::/48 maxlen: 48 2401:f540:4::/48 maxlen: 48 2401:f540:5::/48 maxlen: 48 2401:f540:6::/48 maxlen: 48 2401:f540:7::/48 maxlen: 48 2401:f540:10::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A911C676/CD38AB16DDD911E8AF451F0AC4F9AE02/qelaQWvM7v2G6i-gGcJeTXa46dk.crl rsync://rpki.apnic.net/member_repository/A911C676/CD38AB16DDD911E8AF451F0AC4F9AE02/qelaQWvM7v2G6i-gGcJeTXa46dk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qelaQWvM7v2G6i-gGcJeTXa46dk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 25 May 2024 14:50:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4393 (0x1129) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A911C676/serialNumber=A9E95A416BCCEEFD86EA2FA019C25E4D76B8E9D9 Validity Not Before: Nov 20 17:55:16 2023 GMT Not After : Jan 31 00:00:00 2025 GMT Subject: CN=655b9d84-6105 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:b3:73:d9:33:3e:0b:e6:b1:6a:97:7b:76:88: db:20:b4:bc:46:29:13:90:7d:d7:ff:53:d8:9b:7f: 54:ed:9d:f9:ad:e8:b4:69:89:fd:ea:a7:01:a6:6e: db:d2:d0:39:4d:32:67:74:3b:42:18:09:60:aa:e0: e0:5f:72:aa:5a:05:97:18:87:77:8e:7c:ee:b6:09: fa:3e:a9:91:ba:33:07:f1:b7:9b:51:53:1e:5e:0a: 63:4d:9c:5a:fe:5a:89:4a:4d:cd:a1:e9:f3:9d:a2: b0:4f:98:e8:64:8d:45:c9:73:71:0d:dc:65:6a:2f: bb:fe:06:0d:03:25:e8:f9:2a:6d:11:32:89:6d:eb: e3:58:05:89:c3:2f:66:7a:be:59:c3:e9:4f:50:75: 7e:8f:8c:dd:1b:fe:9a:ab:6c:0b:a9:9e:7b:fc:09: 5d:38:21:6d:18:bc:29:97:e0:02:51:2d:f3:c4:5c: 57:94:0d:0c:0c:4a:10:28:5b:f2:f1:7d:5b:44:45: 61:4f:a3:1e:2e:6d:ac:9a:f4:40:9e:1d:1f:40:ac: eb:45:2a:9c:10:3a:1e:9c:09:97:a5:98:60:7f:79: d5:63:16:cc:dd:c1:45:28:52:16:7f:76:4d:aa:cb: b9:1c:5d:51:97:9d:bd:02:fa:df:ca:64:ab:f7:7b: 2b:81 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3D:8D:B2:83:E9:3F:CB:08:EE:8B:47:7E:6F:EB:76:03:59:29:3E:78 X509v3 Authority Key Identifier: keyid:A9:E9:5A:41:6B:CC:EE:FD:86:EA:2F:A0:19:C2:5E:4D:76:B8:E9:D9 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A911C676/CD38AB16DDD911E8AF451F0AC4F9AE02/qelaQWvM7v2G6i-gGcJeTXa46dk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qelaQWvM7v2G6i-gGcJeTXa46dk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911C676/CD38AB16DDD911E8AF451F0AC4F9AE02/68E5014A355C11EC96291331C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 45.123.116.0/22 103.51.140.0/22 103.103.128.0/22 203.15.150.0/24 IPv6: 2401:f540::/45 2401:f540:10::/48 Signature Algorithm: sha256WithRSAEncryption 93:e7:4f:09:3e:ae:1e:9b:ff:ad:5a:af:37:51:7c:7c:38:f3: 25:4a:98:0c:1d:ba:66:17:40:52:92:1a:0a:74:55:e5:5a:5e: a4:eb:59:9a:b9:b7:ac:6e:17:03:b7:0b:2a:47:62:9f:2a:26: 82:f6:d8:49:22:af:7b:cf:3e:7a:95:d4:08:9e:ab:21:72:da: 89:30:41:cd:c6:56:b4:62:06:09:8c:cb:97:47:bf:30:33:75: 3d:8a:78:a3:3e:e8:5b:89:02:ec:d5:1d:20:38:2c:09:43:eb: 64:dc:94:79:55:29:7d:ad:42:33:1a:72:f3:6a:fa:f2:c4:fc: 28:92:be:de:71:7e:1d:db:b7:06:31:69:56:d9:82:7f:0c:9f: 71:d5:66:48:cf:44:53:d1:07:f6:c3:8b:60:de:a2:78:9d:dc: 43:4d:5a:a1:17:f1:1e:1a:8c:cf:12:01:0e:3a:60:d7:01:84: f4:3c:4a:a3:87:28:06:02:10:33:27:99:5c:75:0f:6b:8c:a2: b6:18:f9:ca:9b:8e:94:e6:4a:4e:c7:b9:62:4c:0f:23:69:65: fa:f2:d6:21:ae:f1:ee:7a:df:ea:ae:13:2f:d1:9c:da:cd:e5: ac:4b:2d:4c:f5:60:52:12:ad:dd:fd:c3:5c:e1:6f:92:64:ad: 08:aa:b4:d5 -----BEGIN CERTIFICATE----- MIIFnTCCBIWgAwIBAgICESkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MUM2NzYxMTAvBgNVBAUTKEE5RTk1QTQxNkJDQ0VFRkQ4NkVBMkZBMDE5QzI1RTRE NzZCOEU5RDkwHhcNMjMxMTIwMTc1NTE2WhcNMjUwMTMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NTViOWQ4NC02MTA1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxrNz2TM+C+axapd7dojbILS8RikTkH3X/1PYm39U7Z35rei0aYn96qcBpm7b 0tA5TTJndDtCGAlgquDgX3KqWgWXGId3jnzutgn6PqmRujMH8bebUVMeXgpjTZxa /lqJSk3NoenznaKwT5joZI1FyXNxDdxlai+7/gYNAyXo+SptETKJbevjWAWJwy9m er5Zw+lPUHV+j4zdG/6aq2wLqZ57/AldOCFtGLwpl+ACUS3zxFxXlA0MDEoQKFvy 8X1bREVhT6MeLm2smvRAnh0fQKzrRSqcEDoenAmXpZhgf3nVYxbM3cFFKFIWf3ZN qsu5HF1Rl529AvrfymSr93srgQIDAQABo4ICwTCCAr0wHQYDVR0OBBYEFD2NsoPp P8sI7otHfm/rdgNZKT54MB8GA1UdIwQYMBaAFKnpWkFrzO79huovoBnCXk12uOnZ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQzY3Ni9DRDM4QUIxNkRE RDkxMUU4QUY0NTFGMEFDNEY5QUUwMi9xZWxhUVd2TTd2Mkc2aS1nR2NKZVRYYTQ2 ZGsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3FlbGFRV3ZNN3YyRzZpLWdHY0plVFhhNDZkay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MUM2NzYvQ0QzOEFCMTZEREQ5MTFFOEFGNDUxRjBBQzRGOUFFMDIvNjhFNTAxNEEz NTVDMTFFQzk2MjkxMzMxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwSwYIKwYBBQUHAQcBAf8E PDA6MB4EAgABMBgDBAIte3QDBAJnM4wDBAJnZ4ADBADLD5YwGAQCAAIwEgMHAyQB 9UAAAAMHACQB9UAAEDANBgkqhkiG9w0BAQsFAAOCAQEAk+dPCT6uHpv/rVqvN1F8 fDjzJUqYDB26ZhdAUpIaCnRV5VpepOtZmrm3rG4XA7cLKkdinyomgvbYSSKve88+ epXUCJ6rIXLaiTBBzcZWtGIGCYzLl0e/MDN1PYp4oz7oW4kC7NUdIDgsCUPrZNyU eVUpfa1CMxpy82r68sT8KJK+3nF+Hdu3BjFpVtmCfwyfcdVmSM9EU9EH9sOLYN6i eJ3cQ01aoRfxHhqMzxIBDjpg1wGE9DxKo4coBgIQMyeZXHUPa4yithj5ypuOlOZK Tse5YkwPI2ll+vLWIa7x7nrf6q4TL9Gc2s3lrEstTPVgUhKt3f3DXOFvkmStCKq0 1Q== -----END CERTIFICATE-----Generated at Sat May 18 18:12:31 2024 by rpki-client on console-fra.rpki-client.org