$ rpki-client -vvf rpki.apnic.net/member_repository/A9137ABC/713D9FB01D7811E282868DC408B02CD2/5218D5921E0111E9A590C837C4F9AE02.roa File: 5218D5921E0111E9A590C837C4F9AE02.roa (raw, json) Hash identifier: K5XufDlubQqmdMBKzdw22RMy0v0hmzfkcxnKKIGyTbM= Subject key identifier: 6A:7B:05:E2:4E:4B:6A:C0:9B:0D:1D:A2:AC:AF:3B:9D:B8:B4:4C:D1 Certificate issuer: /CN=A9137ABC/serialNumber=61BF3ED4C3BFBC0916EF9480AAFF222A437AF02C Certificate serial: 36C6 Authority key identifier: 61:BF:3E:D4:C3:BF:BC:09:16:EF:94:80:AA:FF:22:2A:43:7A:F0:2C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Yb8-1MO_vAkW75SAqv8iKkN68Cw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9137ABC/713D9FB01D7811E282868DC408B02CD2/5218D5921E0111E9A590C837C4F9AE02.roa Signing time: Sat 08 Jul 2023 14:31:20 +0000 ROA not before: Sat 08 Jul 2023 14:31:20 +0000 ROA not after: Mon 30 Sep 2024 00:00:00 +0000 asID: 55476 IP address blocks: 110.170.246.0/24 maxlen: 24 203.144.129.0/24 maxlen: 24 2001:fb0:101c::/48 maxlen: 48 2001:fb0:109e::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9137ABC/713D9FB01D7811E282868DC408B02CD2/Yb8-1MO_vAkW75SAqv8iKkN68Cw.crl rsync://rpki.apnic.net/member_repository/A9137ABC/713D9FB01D7811E282868DC408B02CD2/Yb8-1MO_vAkW75SAqv8iKkN68Cw.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Yb8-1MO_vAkW75SAqv8iKkN68Cw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 25 May 2024 14:21:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 14022 (0x36c6) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9137ABC/serialNumber=61BF3ED4C3BFBC0916EF9480AAFF222A437AF02C Validity Not Before: Jul 8 14:31:20 2023 GMT Not After : Sep 30 00:00:00 2024 GMT Subject: CN=64a97337-833b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:7f:36:c7:d8:47:30:95:89:e5:f2:92:1b:a2: 12:99:a1:5a:82:69:6e:1e:37:a3:60:3e:15:a9:70: be:3a:d8:91:59:7e:8c:91:10:82:72:a3:b4:7a:23: a9:38:6c:22:39:19:a2:c0:4f:98:45:f8:35:d4:64: 39:4b:56:90:08:b1:e9:5d:e7:e0:dc:d0:1c:9a:18: 7f:f8:63:52:1b:6f:5a:7e:db:d1:83:ba:ac:94:a7: 2a:d4:82:2a:04:fa:0e:d3:0d:e0:ff:7b:de:a3:39: 6c:62:7a:04:38:56:54:c0:a3:1d:c4:22:31:a3:b6: 15:c9:cc:cc:f1:d2:cf:a5:9c:44:e1:af:bc:ba:fa: 62:1d:a3:b5:18:f8:86:cb:e6:1a:b8:39:ef:8a:80: eb:76:aa:a5:84:88:18:6b:a0:e8:46:30:2c:8f:7d: 4d:79:d8:fc:8a:f8:4c:0e:93:fb:b4:79:a2:0b:37: b3:a0:52:cd:e5:6e:66:58:9c:96:46:a8:34:de:d8: c4:04:33:44:0a:16:95:e3:da:a7:8e:68:de:ab:2e: c7:d0:d7:22:ca:12:2c:9e:62:a8:a0:3b:28:46:72: 9d:e6:67:74:8f:4e:79:1c:85:f3:7a:95:b2:33:85: 33:43:0a:11:37:7f:0d:83:b3:77:82:08:6e:78:96: d5:99 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6A:7B:05:E2:4E:4B:6A:C0:9B:0D:1D:A2:AC:AF:3B:9D:B8:B4:4C:D1 X509v3 Authority Key Identifier: keyid:61:BF:3E:D4:C3:BF:BC:09:16:EF:94:80:AA:FF:22:2A:43:7A:F0:2C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9137ABC/713D9FB01D7811E282868DC408B02CD2/Yb8-1MO_vAkW75SAqv8iKkN68Cw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Yb8-1MO_vAkW75SAqv8iKkN68Cw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9137ABC/713D9FB01D7811E282868DC408B02CD2/5218D5921E0111E9A590C837C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 110.170.246.0/24 203.144.129.0/24 IPv6: 2001:fb0:101c::/48 2001:fb0:109e::/48 Signature Algorithm: sha256WithRSAEncryption 94:a3:f9:fa:f5:20:2e:50:24:b3:a1:a0:9b:0b:f1:e3:28:6c: 2d:fb:00:a1:0c:d9:6a:50:a6:0a:94:8c:8e:d5:05:cc:49:db: 5b:b7:87:9a:45:86:42:6e:f2:cc:b4:f2:b3:41:54:33:1b:4e: c2:1d:25:dd:31:4b:50:5e:cb:aa:14:c4:8b:78:60:9f:e9:db: f9:9a:7c:1a:5f:bf:fe:88:22:5c:e0:9e:b4:46:19:4f:88:9f: 87:76:3a:1e:02:5f:1e:cc:06:79:2e:a5:30:54:83:aa:4a:5a: 41:79:0a:14:90:ef:1d:49:ee:3f:72:95:4d:cd:50:31:75:2b: ee:45:04:52:fd:67:11:1c:15:70:e6:fb:c1:50:7f:f9:f4:22: 7c:43:34:ec:db:84:b3:da:a8:0a:4d:1b:4d:8a:1e:cd:02:7f: a6:2f:c4:49:bd:02:23:1d:3e:22:69:80:be:c4:b0:22:68:5c: 30:6f:5e:67:02:68:06:27:29:5f:49:78:cc:f6:4e:41:73:ee: 25:b3:94:51:dc:43:3f:35:0b:7c:79:4b:ae:5c:f1:1f:cd:24: 8b:71:82:8b:32:43:3e:9f:36:8e:cd:12:74:97:ed:dc:5e:08: 6a:06:3d:e4:54:11:bd:1d:40:0e:fe:1c:b2:c8:9d:2b:bf:ba: 3f:20:6b:f7 -----BEGIN CERTIFICATE----- MIIFkTCCBHmgAwIBAgICNsYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MzdBQkMxMTAvBgNVBAUTKDYxQkYzRUQ0QzNCRkJDMDkxNkVGOTQ4MEFBRkYyMjJB NDM3QUYwMkMwHhcNMjMwNzA4MTQzMTIwWhcNMjQwOTMwMDAwMDAwWjAYMRYwFAYD VQQDEw02NGE5NzMzNy04MzNiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAt382x9hHMJWJ5fKSG6ISmaFagmluHjejYD4VqXC+OtiRWX6MkRCCcqO0eiOp OGwiORmiwE+YRfg11GQ5S1aQCLHpXefg3NAcmhh/+GNSG29aftvRg7qslKcq1IIq BPoO0w3g/3veozlsYnoEOFZUwKMdxCIxo7YVyczM8dLPpZxE4a+8uvpiHaO1GPiG y+YauDnvioDrdqqlhIgYa6DoRjAsj31Nedj8ivhMDpP7tHmiCzezoFLN5W5mWJyW Rqg03tjEBDNEChaV49qnjmjeqy7H0NciyhIsnmKooDsoRnKd5md0j055HIXzepWy M4UzQwoRN38Ng7N3gghueJbVmQIDAQABo4ICtTCCArEwHQYDVR0OBBYEFGp7BeJO S2rAmw0doqyvO524tEzRMB8GA1UdIwQYMBaAFGG/PtTDv7wJFu+UgKr/IipDevAs MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzN0FCQy83MTNEOUZCMDFE NzgxMUUyODI4NjhEQzQwOEIwMkNEMi9ZYjgtMU1PX3ZBa1c3NVNBcXY4aUtrTjY4 Q3cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1liOC0xTU9fdkFrVzc1U0FxdjhpS2tONjhDdy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MzdBQkMvNzEzRDlGQjAxRDc4MTFFMjgyODY4REM0MDhCMDJDRDIvNTIxOEQ1OTIx RTAxMTFFOUE1OTBDODM3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwPwYIKwYBBQUHAQcBAf8E MDAuMBIEAgABMAwDBABuqvYDBADLkIEwGAQCAAIwEgMHACABD7AQHAMHACABD7AQ njANBgkqhkiG9w0BAQsFAAOCAQEAlKP5+vUgLlAks6Ggmwvx4yhsLfsAoQzZalCm CpSMjtUFzEnbW7eHmkWGQm7yzLTys0FUMxtOwh0l3TFLUF7LqhTEi3hgn+nb+Zp8 Gl+//ogiXOCetEYZT4ifh3Y6HgJfHswGeS6lMFSDqkpaQXkKFJDvHUnuP3KVTc1Q MXUr7kUEUv1nERwVcOb7wVB/+fQifEM07NuEs9qoCk0bTYoezQJ/pi/ESb0CIx0+ ImmAvsSwImhcMG9eZwJoBicpX0l4zPZOQXPuJbOUUdxDPzULfHlLrlzxH80ki3GC izJDPp82js0SdJft3F4IagY95FQRvR1ADv4cssidK7+6PyBr9w== -----END CERTIFICATE-----Generated at Sat May 18 15:58:21 2024 by rpki-client on console-ams.rpki-client.org