$ rpki-client -vvf rpki.apnic.net/member_repository/A911FAC3/7B868C089DF511E8957AB416C4F9AE02/4338FC5CFB5611EBB7032080C4F9AE02.roa File: 4338FC5CFB5611EBB7032080C4F9AE02.roa (raw, json) Hash identifier: yTrOtmywvW48OIc6HGH9ZHXytNnFplJFX28JD2SXZzI= Subject key identifier: 5C:DA:2F:A9:4A:12:B2:BE:58:F3:C6:35:97:C1:C6:D5:B4:C6:57:43 Certificate issuer: /CN=A911FAC3/serialNumber=7762AA8277020D0BB5C75997DE5F7D8A5142DF14 Certificate serial: 1278 Authority key identifier: 77:62:AA:82:77:02:0D:0B:B5:C7:59:97:DE:5F:7D:8A:51:42:DF:14 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/d2KqgncCDQu1x1mX3l99ilFC3xQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A911FAC3/7B868C089DF511E8957AB416C4F9AE02/4338FC5CFB5611EBB7032080C4F9AE02.roa Signing time: Tue 28 Nov 2023 17:44:54 +0000 ROA not before: Tue 28 Nov 2023 17:44:53 +0000 ROA not after: Fri 31 Jan 2025 00:00:00 +0000 asID: 63932 IP address blocks: 43.229.12.0/22 maxlen: 22 43.229.12.0/24 maxlen: 24 43.229.13.0/24 maxlen: 24 43.229.15.0/24 maxlen: 24 103.48.16.0/22 maxlen: 22 114.130.240.0/21 maxlen: 21 114.130.252.0/22 maxlen: 22 2401:ed80::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A911FAC3/7B868C089DF511E8957AB416C4F9AE02/d2KqgncCDQu1x1mX3l99ilFC3xQ.crl rsync://rpki.apnic.net/member_repository/A911FAC3/7B868C089DF511E8957AB416C4F9AE02/d2KqgncCDQu1x1mX3l99ilFC3xQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/d2KqgncCDQu1x1mX3l99ilFC3xQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Jun 2024 17:49:24 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4728 (0x1278) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A911FAC3/serialNumber=7762AA8277020D0BB5C75997DE5F7D8A5142DF14 Validity Not Before: Nov 28 17:44:53 2023 GMT Not After : Jan 31 00:00:00 2025 GMT Subject: CN=65662715-4a83 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:06:0e:7e:32:85:08:d9:a1:52:0c:4b:96:8e: b4:ed:44:a3:6a:6a:d7:56:71:82:90:09:64:c5:e7: aa:54:88:3b:23:4e:87:0d:d1:db:7b:1e:d9:34:e5: 09:74:6c:1c:8d:7f:94:d2:f6:1d:0d:f6:69:f9:9f: 43:ac:8a:8f:a9:6d:af:30:3d:db:5d:95:68:a2:a2: 70:8f:de:b3:8b:56:74:50:a4:4e:1b:b0:59:92:00: b5:bf:e4:36:f8:e0:2d:c1:8e:a2:9c:29:9f:2b:ff: ed:35:8e:d6:ba:c5:b9:40:f0:90:85:58:18:2b:df: 7b:14:71:5a:db:97:2a:53:0f:d5:73:f5:d2:58:fb: ef:25:22:fa:f3:3c:32:bf:2b:b3:e9:5b:ae:c0:af: 5c:e7:8f:17:77:26:a0:92:10:d2:c2:a0:23:32:26: e4:4d:11:c6:5d:5c:ad:e9:17:f8:71:70:a8:38:17: f1:46:7c:f5:29:5b:64:92:1b:10:de:ae:5f:b1:29: 54:91:11:01:be:c4:cf:a7:b9:be:5d:e2:29:d2:74: 4c:b0:69:24:5b:35:4f:08:62:f2:18:e4:dc:59:e2: 9f:a2:9f:9e:3e:49:6c:fc:a5:9e:8b:0c:04:c4:6f: f4:4c:86:5a:46:ea:72:ff:9f:67:59:f9:4b:0a:c3: 2f:3f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5C:DA:2F:A9:4A:12:B2:BE:58:F3:C6:35:97:C1:C6:D5:B4:C6:57:43 X509v3 Authority Key Identifier: keyid:77:62:AA:82:77:02:0D:0B:B5:C7:59:97:DE:5F:7D:8A:51:42:DF:14 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A911FAC3/7B868C089DF511E8957AB416C4F9AE02/d2KqgncCDQu1x1mX3l99ilFC3xQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/d2KqgncCDQu1x1mX3l99ilFC3xQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911FAC3/7B868C089DF511E8957AB416C4F9AE02/4338FC5CFB5611EBB7032080C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.229.12.0/22 103.48.16.0/22 114.130.240.0/21 114.130.252.0/22 IPv6: 2401:ed80::/32 Signature Algorithm: sha256WithRSAEncryption 85:fd:89:07:78:fc:57:fd:7e:71:14:79:67:52:84:01:d7:53: b1:57:ef:24:7a:3a:e8:56:b7:18:02:b5:16:5e:c1:5e:66:c3: 4a:ae:00:08:9f:fd:5d:5f:35:e1:2c:ba:f5:03:73:eb:d6:df: bd:e6:1e:bd:75:9c:01:a1:30:66:84:88:85:e6:15:98:bb:c8: 59:3d:be:80:fb:3b:d7:a5:dc:d5:8f:46:78:40:18:da:06:8e: cd:c8:4c:44:fa:8f:ee:53:90:bc:04:74:e7:27:3e:9d:47:8d: ce:9b:ee:64:96:24:39:f2:36:e6:58:ac:4b:b1:07:16:ba:92: 54:95:f5:a3:28:88:53:f5:e3:0d:28:d2:ce:92:bf:27:a6:f2: 13:19:b7:6c:52:ac:3e:8b:3f:72:c9:8d:a5:ee:25:90:22:82: c9:7d:e9:6b:35:2a:98:1a:76:33:e9:ae:f2:f5:31:dd:e1:68: 2f:39:c8:99:cd:6a:54:d7:f6:54:28:47:14:08:4e:13:71:ed: 0c:83:2f:e0:e6:40:e5:b8:a9:2a:e9:2d:c3:d6:c2:17:4d:c0: d4:03:86:59:cb:00:ad:30:5a:69:96:b5:c7:34:f5:38:28:47: 18:e1:f7:cd:63:00:17:f2:75:11:af:6a:f8:83:f4:c8:10:da: 32:53:54:f4 -----BEGIN CERTIFICATE----- MIIFkjCCBHqgAwIBAgICEngwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MUZBQzMxMTAvBgNVBAUTKDc3NjJBQTgyNzcwMjBEMEJCNUM3NTk5N0RFNUY3RDhB NTE0MkRGMTQwHhcNMjMxMTI4MTc0NDUzWhcNMjUwMTMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NTY2MjcxNS00YTgzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA1AYOfjKFCNmhUgxLlo607USjamrXVnGCkAlkxeeqVIg7I06HDdHbex7ZNOUJ dGwcjX+U0vYdDfZp+Z9DrIqPqW2vMD3bXZVooqJwj96zi1Z0UKROG7BZkgC1v+Q2 +OAtwY6inCmfK//tNY7WusW5QPCQhVgYK997FHFa25cqUw/Vc/XSWPvvJSL68zwy vyuz6VuuwK9c548XdyagkhDSwqAjMibkTRHGXVyt6Rf4cXCoOBfxRnz1KVtkkhsQ 3q5fsSlUkREBvsTPp7m+XeIp0nRMsGkkWzVPCGLyGOTcWeKfop+ePkls/KWeiwwE xG/0TIZaRupy/59nWflLCsMvPwIDAQABo4ICtjCCArIwHQYDVR0OBBYEFFzaL6lK ErK+WPPGNZfBxtW0xldDMB8GA1UdIwQYMBaAFHdiqoJ3Ag0LtcdZl95ffYpRQt8U MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExRkFDMy83Qjg2OEMwODlE RjUxMUU4OTU3QUI0MTZDNEY5QUUwMi9kMktxZ25jQ0RRdTF4MW1YM2w5OWlsRkMz eFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2QyS3FnbmNDRFF1MXgxbVgzbDk5aWxGQzN4US5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MUZBQzMvN0I4NjhDMDg5REY1MTFFODk1N0FCNDE2QzRGOUFFMDIvNDMzOEZDNUNG QjU2MTFFQkI3MDMyMDgwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQAYIKwYBBQUHAQcBAf8E MTAvMB4EAgABMBgDBAIr5QwDBAJnMBADBANygvADBAJygvwwDQQCAAIwBwMFACQB 7YAwDQYJKoZIhvcNAQELBQADggEBAIX9iQd4/Ff9fnEUeWdShAHXU7FX7yR6OuhW txgCtRZewV5mw0quAAif/V1fNeEsuvUDc+vW373mHr11nAGhMGaEiIXmFZi7yFk9 voD7O9el3NWPRnhAGNoGjs3ITET6j+5TkLwEdOcnPp1Hjc6b7mSWJDnyNuZYrEux Bxa6klSV9aMoiFP14w0o0s6Svyem8hMZt2xSrD6LP3LJjaXuJZAigsl96Ws1Kpga djPprvL1Md3haC85yJnNalTX9lQoRxQIThNx7QyDL+DmQOW4qSrpLcPWwhdNwNQD hlnLAK0wWmmWtcc09TgoRxjh981jABfydRGvaviD9MgQ2jJTVPQ= -----END CERTIFICATE-----Generated at Sun Jun 2 18:40:06 2024 by rpki-client on console-fra.rpki-client.org