$ rpki-client -vvf rpki.apnic.net/member_repository/A91452AC/A48D5966BB3E11EAA29EE321C4F9AE02/72E60DEA3CC911EDA5EBD21DC4F9AE02.roa File: 72E60DEA3CC911EDA5EBD21DC4F9AE02.roa (raw, json) Hash identifier: 84+SX+WZRBLF23SmV8Z4wZ3c8jqDkimTM0kIMMPP+Kg= Subject key identifier: A4:90:9F:C3:D9:9F:CF:65:F6:1B:B0:E5:2D:60:8A:EC:FA:16:D1:BE Certificate issuer: /CN=A91452AC/serialNumber=36D77E9243ABBA2FD5496A291830B7D38B0BCBC4 Certificate serial: 079D Authority key identifier: 36:D7:7E:92:43:AB:BA:2F:D5:49:6A:29:18:30:B7:D3:8B:0B:CB:C4 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ntd-kkOrui_VSWopGDC304sLy8Q.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91452AC/A48D5966BB3E11EAA29EE321C4F9AE02/72E60DEA3CC911EDA5EBD21DC4F9AE02.roa Signing time: Thu 02 Nov 2023 22:09:29 +0000 ROA not before: Thu 02 Nov 2023 22:09:29 +0000 ROA not after: Fri 31 Jan 2025 00:00:00 +0000 asID: 133115 IP address blocks: 43.249.28.0/24 maxlen: 24 43.249.29.0/24 maxlen: 24 43.249.30.0/24 maxlen: 24 43.249.31.0/24 maxlen: 24 103.43.160.0/24 maxlen: 24 103.43.161.0/24 maxlen: 24 103.243.180.0/24 maxlen: 24 103.243.181.0/24 maxlen: 24 103.243.182.0/24 maxlen: 24 103.243.183.0/24 maxlen: 24 202.43.238.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91452AC/A48D5966BB3E11EAA29EE321C4F9AE02/Ntd-kkOrui_VSWopGDC304sLy8Q.crl rsync://rpki.apnic.net/member_repository/A91452AC/A48D5966BB3E11EAA29EE321C4F9AE02/Ntd-kkOrui_VSWopGDC304sLy8Q.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ntd-kkOrui_VSWopGDC304sLy8Q.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 01 May 2024 21:46:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1949 (0x79d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91452AC/serialNumber=36D77E9243ABBA2FD5496A291830B7D38B0BCBC4 Validity Not Before: Nov 2 22:09:29 2023 GMT Not After : Jan 31 00:00:00 2025 GMT Subject: CN=65441e19-35b1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e0:cb:9d:b0:47:71:9c:a6:b9:66:47:b8:66:05: c0:0f:d3:41:53:b1:88:47:33:f8:94:52:f7:5f:ce: 8e:a1:1c:ba:27:47:78:a7:02:d0:85:99:c5:a2:c2: 1c:dc:c2:31:86:44:df:a4:31:82:fb:bc:22:d7:06: f2:c9:fd:7f:15:a2:1d:73:2d:e4:5b:50:13:dd:89: 21:be:bb:51:16:f6:31:e6:e5:8a:1b:f1:8d:5e:0f: e7:77:d9:07:48:a8:7e:b8:ec:49:e1:11:27:45:9b: fe:83:c0:96:d9:9a:a6:7e:38:db:00:d1:99:96:13: 79:96:17:7a:39:c5:68:b2:f1:48:99:90:1c:ed:b1: 6b:36:e2:77:8e:0d:9b:75:f6:b0:ab:74:bc:f9:3c: 9d:07:ac:3e:60:fe:a4:9d:be:99:4d:43:19:f3:74: dc:46:d5:3f:90:0e:16:e6:53:0a:e0:24:2c:a0:e3: 5e:50:ee:c0:71:5b:27:13:02:99:25:2f:27:92:fc: 2a:06:a3:d3:37:50:92:5f:96:80:e8:de:3b:a7:22: b8:94:f5:93:65:fc:b2:7b:41:eb:94:71:c8:bb:1d: e9:22:9d:f4:85:cc:6b:00:e3:33:51:64:84:ad:8e: d1:1a:79:a2:ae:35:68:5c:80:e7:f6:c3:94:c5:2c: 31:c3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A4:90:9F:C3:D9:9F:CF:65:F6:1B:B0:E5:2D:60:8A:EC:FA:16:D1:BE X509v3 Authority Key Identifier: keyid:36:D7:7E:92:43:AB:BA:2F:D5:49:6A:29:18:30:B7:D3:8B:0B:CB:C4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91452AC/A48D5966BB3E11EAA29EE321C4F9AE02/Ntd-kkOrui_VSWopGDC304sLy8Q.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ntd-kkOrui_VSWopGDC304sLy8Q.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91452AC/A48D5966BB3E11EAA29EE321C4F9AE02/72E60DEA3CC911EDA5EBD21DC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.249.28.0/22 103.43.160.0/23 103.243.180.0/22 202.43.238.0/24 Signature Algorithm: sha256WithRSAEncryption 1d:38:96:f7:17:9f:0d:8f:e7:0c:09:8d:db:9f:91:b3:ec:72: d4:5c:32:3b:63:3d:ae:91:4a:47:57:af:d9:4a:58:9b:f4:c0: d9:bb:ef:6a:99:f5:c3:9e:1c:c9:65:d0:ad:d7:53:51:8b:ff: 73:fa:b9:c2:3b:4b:dc:7c:ae:33:95:67:8f:0e:f4:01:5a:1f: 40:b7:48:5a:ca:70:70:65:30:86:18:f4:25:98:4c:2d:45:4f: c1:52:d7:b6:14:3e:13:0c:e2:3c:23:8f:f2:99:8d:35:de:79: 1a:7a:cb:ec:1b:50:81:3c:4b:55:b7:35:34:2f:20:bc:99:43: 75:e8:a8:5f:83:5c:08:9f:7b:ef:ed:cb:b4:d6:7e:8d:2a:04: c7:44:42:02:7b:6e:27:7d:13:a9:bb:30:48:57:7b:e2:ad:4f: 0b:8c:84:dc:d2:cc:e4:1a:13:3a:75:85:be:f5:eb:5e:77:59: 26:c8:0f:ef:c4:11:90:a5:af:b1:2a:1a:91:09:18:8f:a1:7c: 6b:9f:cd:04:28:94:60:47:c7:e3:9c:7d:da:b7:39:b5:d0:71: c9:a0:c1:a7:24:20:07:f6:4a:3d:63:54:27:2b:47:5e:ee:28: a6:7f:9f:e2:27:8d:61:95:7d:07:6b:35:13:e3:6c:22:ca:73: 7d:38:cc:4e -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgICB50wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDUyQUMxMTAvBgNVBAUTKDM2RDc3RTkyNDNBQkJBMkZENTQ5NkEyOTE4MzBCN0Qz OEIwQkNCQzQwHhcNMjMxMTAyMjIwOTI5WhcNMjUwMTMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NTQ0MWUxOS0zNWIxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA4MudsEdxnKa5Zke4ZgXAD9NBU7GIRzP4lFL3X86OoRy6J0d4pwLQhZnFosIc 3MIxhkTfpDGC+7wi1wbyyf1/FaIdcy3kW1AT3YkhvrtRFvYx5uWKG/GNXg/nd9kH SKh+uOxJ4REnRZv+g8CW2ZqmfjjbANGZlhN5lhd6OcVosvFImZAc7bFrNuJ3jg2b dfawq3S8+TydB6w+YP6knb6ZTUMZ83TcRtU/kA4W5lMK4CQsoONeUO7AcVsnEwKZ JS8nkvwqBqPTN1CSX5aA6N47pyK4lPWTZfyye0HrlHHIux3pIp30hcxrAOMzUWSE rY7RGnmirjVoXIDn9sOUxSwxwwIDAQABo4ICpzCCAqMwHQYDVR0OBBYEFKSQn8PZ n89l9huw5S1giuz6FtG+MB8GA1UdIwQYMBaAFDbXfpJDq7ov1UlqKRgwt9OLC8vE MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0NTJBQy9BNDhENTk2NkJC M0UxMUVBQTI5RUUzMjFDNEY5QUUwMi9OdGQta2tPcnVpX1ZTV29wR0RDMzA0c0x5 OFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL050ZC1ra09ydWlfVlNXb3BHREMzMDRzTHk4US5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NDUyQUMvQTQ4RDU5NjZCQjNFMTFFQUEyOUVFMzIxQzRGOUFFMDIvNzJFNjBERUEz Q0M5MTFFREE1RUJEMjFEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMQYIKwYBBQUHAQcBAf8E IjAgMB4EAgABMBgDBAIr+RwDBAFnK6ADBAJn87QDBADKK+4wDQYJKoZIhvcNAQEL BQADggEBAB04lvcXnw2P5wwJjdufkbPsctRcMjtjPa6RSkdXr9lKWJv0wNm772qZ 9cOeHMll0K3XU1GL/3P6ucI7S9x8rjOVZ48O9AFaH0C3SFrKcHBlMIYY9CWYTC1F T8FS17YUPhMM4jwjj/KZjTXeeRp6y+wbUIE8S1W3NTQvILyZQ3XoqF+DXAife+/t y7TWfo0qBMdEQgJ7bid9E6m7MEhXe+KtTwuMhNzSzOQaEzp1hb716153WSbID+/E EZClr7EqGpEJGI+hfGufzQQolGBHx+Ocfdq3ObXQccmgwackIAf2Sj1jVCcrR17u KKZ/n+InjWGVfQdrNRPjbCLKc304zE4= -----END CERTIFICATE-----Generated at Wed Apr 24 23:34:23 2024 by rpki-client on console-ams.rpki-client.org