$ rpki-client -vvf rpki.apnic.net/member_repository/A91406AA/8F5BB4F886C111EBBAB3184BC4F9AE02/E0125116A69711ED9DFF0870C4F9AE02.roa File: E0125116A69711ED9DFF0870C4F9AE02.roa (raw, json) Hash identifier: 43V8A8FZ79WX0xWq7N+VlWjorSdmJm0W+/h+2+Vpsvc= Subject key identifier: 08:D1:25:12:71:93:B3:3B:0F:34:57:77:76:32:63:06:86:3F:F2:70 Certificate issuer: /CN=A91406AA/serialNumber=315513E54AB0C99B8BCA84042E38358B60DB1B2C Certificate serial: 05BA Authority key identifier: 31:55:13:E5:4A:B0:C9:9B:8B:CA:84:04:2E:38:35:8B:60:DB:1B:2C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MVUT5UqwyZuLyoQELjg1i2DbGyw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91406AA/8F5BB4F886C111EBBAB3184BC4F9AE02/E0125116A69711ED9DFF0870C4F9AE02.roa Signing time: Wed 04 Oct 2023 23:41:34 +0000 ROA not before: Wed 04 Oct 2023 23:41:34 +0000 ROA not after: Sun 01 Dec 2024 00:00:00 +0000 asID: 55561 IP address blocks: 43.243.60.0/22 maxlen: 24 103.38.164.0/22 maxlen: 24 202.180.99.0/24 maxlen: 24 202.180.101.0/24 maxlen: 24 202.180.102.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91406AA/8F5BB4F886C111EBBAB3184BC4F9AE02/MVUT5UqwyZuLyoQELjg1i2DbGyw.crl rsync://rpki.apnic.net/member_repository/A91406AA/8F5BB4F886C111EBBAB3184BC4F9AE02/MVUT5UqwyZuLyoQELjg1i2DbGyw.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MVUT5UqwyZuLyoQELjg1i2DbGyw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 May 2024 00:34:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1466 (0x5ba) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91406AA/serialNumber=315513E54AB0C99B8BCA84042E38358B60DB1B2C Validity Not Before: Oct 4 23:41:34 2023 GMT Not After : Dec 1 00:00:00 2024 GMT Subject: CN=651df82d-5cac Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:de:c4:8b:22:24:32:fc:b4:67:ad:b7:8d:8a:0d: f7:3b:19:ae:ce:9b:37:66:1a:07:f0:5c:bf:88:fc: 9e:a9:62:f5:0e:70:02:3f:26:fb:c7:82:4c:0f:e8: 33:97:41:c5:0e:7f:58:d7:03:69:dd:7c:1e:cb:e1: 34:43:b0:54:08:eb:04:40:29:aa:69:ee:17:fb:04: 75:a9:07:81:79:32:a7:2d:01:a8:cc:b9:e4:ee:17: 3e:b4:5e:60:47:0f:50:22:db:00:15:c5:d6:b7:cf: 10:d7:06:3e:55:1b:35:5b:77:4e:42:2d:11:b8:ba: da:ba:2f:d2:3f:05:1a:49:0e:10:e6:f9:c0:40:69: d8:68:f1:8b:8a:0c:08:33:a8:61:93:df:be:9d:99: 96:71:c9:dd:36:23:14:d3:26:71:39:01:23:b9:29: 22:cd:d8:ef:a9:53:fa:52:7f:ca:fb:c8:bd:b0:3e: c0:a9:ba:6f:d8:82:33:c4:e4:df:53:53:01:e9:6c: 7b:5f:81:87:1c:ab:eb:1c:45:d1:7d:a2:de:3a:6d: 6f:23:19:0b:e5:5f:bf:4a:75:1b:e1:bd:bc:d3:af: 61:f6:9c:d1:2a:cf:04:ce:b7:68:9c:6a:60:53:b7: 86:d2:e8:fd:54:0c:74:ae:72:5d:18:59:36:92:cf: 9a:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 08:D1:25:12:71:93:B3:3B:0F:34:57:77:76:32:63:06:86:3F:F2:70 X509v3 Authority Key Identifier: keyid:31:55:13:E5:4A:B0:C9:9B:8B:CA:84:04:2E:38:35:8B:60:DB:1B:2C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91406AA/8F5BB4F886C111EBBAB3184BC4F9AE02/MVUT5UqwyZuLyoQELjg1i2DbGyw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MVUT5UqwyZuLyoQELjg1i2DbGyw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91406AA/8F5BB4F886C111EBBAB3184BC4F9AE02/E0125116A69711ED9DFF0870C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.243.60.0/22 103.38.164.0/22 202.180.99.0/24 202.180.101.0-202.180.102.255 Signature Algorithm: sha256WithRSAEncryption ce:2f:42:3d:2b:98:ec:18:a4:3b:a4:7e:10:f3:05:00:85:e3: e2:63:38:fa:b8:28:4c:ce:00:b2:26:8e:33:e7:2d:f2:81:41: d3:cb:86:55:c1:1e:28:e5:95:7d:27:4e:00:b3:b0:1c:82:f0: 65:55:5d:75:05:19:5f:7e:f2:14:c5:49:59:f4:d4:37:a3:21: 35:b9:5c:dd:03:38:48:c9:dd:13:5b:8f:6c:49:dc:af:8f:5e: 9f:56:ac:0f:c9:d6:23:dc:80:ae:9f:33:88:73:85:62:95:f4: 20:40:d5:7d:3f:5d:e7:7a:0c:bf:ad:ff:18:57:ae:48:d8:df: 2a:34:8c:8b:9a:83:89:c5:fb:cb:09:92:e9:f5:61:9a:aa:ec: 08:a4:75:06:38:87:a6:cc:ad:31:21:2f:b6:c3:e8:15:d4:c5: 79:a2:cf:ea:ff:c3:06:1f:17:12:a6:2b:fe:5e:bf:c6:f8:43: df:73:f1:54:33:6a:37:cf:26:3b:b4:d3:d7:a2:ef:21:59:0e: 49:f8:05:ca:f1:ce:04:cd:0e:bf:68:6d:04:03:1e:84:b9:2b: 5e:d1:c0:e3:10:33:80:2f:be:53:a2:e8:c2:c7:3e:f7:f0:a7: 2a:c7:3f:93:30:a0:ab:d4:08:1e:37:19:81:2f:fd:06:01:b4: 91:c5:6b:17 -----BEGIN CERTIFICATE----- MIIFizCCBHOgAwIBAgICBbowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDA2QUExMTAvBgNVBAUTKDMxNTUxM0U1NEFCMEM5OUI4QkNBODQwNDJFMzgzNThC NjBEQjFCMkMwHhcNMjMxMDA0MjM0MTM0WhcNMjQxMjAxMDAwMDAwWjAYMRYwFAYD VQQDEw02NTFkZjgyZC01Y2FjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA3sSLIiQy/LRnrbeNig33Oxmuzps3ZhoH8Fy/iPyeqWL1DnACPyb7x4JMD+gz l0HFDn9Y1wNp3Xwey+E0Q7BUCOsEQCmqae4X+wR1qQeBeTKnLQGozLnk7hc+tF5g Rw9QItsAFcXWt88Q1wY+VRs1W3dOQi0RuLraui/SPwUaSQ4Q5vnAQGnYaPGLigwI M6hhk9++nZmWccndNiMU0yZxOQEjuSkizdjvqVP6Un/K+8i9sD7Aqbpv2IIzxOTf U1MB6Wx7X4GHHKvrHEXRfaLeOm1vIxkL5V+/SnUb4b28069h9pzRKs8EzrdonGpg U7eG0uj9VAx0rnJdGFk2ks+auwIDAQABo4ICrzCCAqswHQYDVR0OBBYEFAjRJRJx k7M7DzRXd3YyYwaGP/JwMB8GA1UdIwQYMBaAFDFVE+VKsMmbi8qEBC44NYtg2xss MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0MDZBQS84RjVCQjRGODg2 QzExMUVCQkFCMzE4NEJDNEY5QUUwMi9NVlVUNVVxd3ladUx5b1FFTGpnMWkyRGJH eXcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL01WVVQ1VXF3eVp1THlvUUVMamcxaTJEYkd5dy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NDA2QUEvOEY1QkI0Rjg4NkMxMTFFQkJBQjMxODRCQzRGOUFFMDIvRTAxMjUxMTZB Njk3MTFFRDlERkYwODcwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOQYIKwYBBQUHAQcBAf8E KjAoMCYEAgABMCADBAIr8zwDBAJnJqQDBADKtGMwDAMEAMq0ZQMEAMq0ZjANBgkq hkiG9w0BAQsFAAOCAQEAzi9CPSuY7BikO6R+EPMFAIXj4mM4+rgoTM4AsiaOM+ct 8oFB08uGVcEeKOWVfSdOALOwHILwZVVddQUZX37yFMVJWfTUN6MhNblc3QM4SMnd E1uPbEncr49en1asD8nWI9yArp8ziHOFYpX0IEDVfT9d53oMv63/GFeuSNjfKjSM i5qDicX7ywmS6fVhmqrsCKR1BjiHpsytMSEvtsPoFdTFeaLP6v/DBh8XEqYr/l6/ xvhD33PxVDNqN88mO7TT16LvIVkOSfgFyvHOBM0Ov2htBAMehLkrXtHA4xAzgC++ U6Lowsc+9/CnKsc/kzCgq9QIHjcZgS/9BgG0kcVrFw== -----END CERTIFICATE-----Generated at Fri May 17 02:01:40 2024 by rpki-client on console-ams.rpki-client.org