$ rpki-client -vvf rpki.apnic.net/member_repository/A91477C3/5DA48C20E76E11EA8142A839C4F9AE02/5FB89FD4DA8511EEBD7AF854C4F9AE02.roa File: 5FB89FD4DA8511EEBD7AF854C4F9AE02.roa (raw, json) Hash identifier: 3Te1vIUdcBfUiTjg2jSQekRCRNgufeHrSrzG1gtWpZ0= Subject key identifier: 75:D8:3D:8A:9D:D4:8A:1B:18:DD:E4:59:33:B0:B4:53:92:00:4F:A1 Certificate issuer: /CN=A91477C3/serialNumber=B20E9FE64AF3CE8C982725D012A142927263CEF0 Certificate serial: 0738 Authority key identifier: B2:0E:9F:E6:4A:F3:CE:8C:98:27:25:D0:12:A1:42:92:72:63:CE:F0 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sg6f5krzzoyYJyXQEqFCknJjzvA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91477C3/5DA48C20E76E11EA8142A839C4F9AE02/5FB89FD4DA8511EEBD7AF854C4F9AE02.roa Signing time: Mon 22 Apr 2024 08:44:08 +0000 ROA not before: Mon 22 Apr 2024 08:44:08 +0000 ROA not after: Sun 01 Dec 2024 00:00:00 +0000 asID: 45270 IP address blocks: 43.252.0.0/22 maxlen: 22 101.234.192.0/24 maxlen: 24 101.234.193.0/24 maxlen: 24 101.234.194.0/24 maxlen: 24 101.234.195.0/24 maxlen: 24 101.234.196.0/24 maxlen: 24 101.234.200.0/24 maxlen: 24 101.234.201.0/24 maxlen: 24 103.233.16.0/22 maxlen: 22 223.25.228.0/23 maxlen: 23 223.25.231.0/24 maxlen: 24 2407:ab00::/48 maxlen: 48 2407:ab00:2::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91477C3/5DA48C20E76E11EA8142A839C4F9AE02/sg6f5krzzoyYJyXQEqFCknJjzvA.crl rsync://rpki.apnic.net/member_repository/A91477C3/5DA48C20E76E11EA8142A839C4F9AE02/sg6f5krzzoyYJyXQEqFCknJjzvA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sg6f5krzzoyYJyXQEqFCknJjzvA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 04 Jun 2024 22:41:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1848 (0x738) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91477C3/serialNumber=B20E9FE64AF3CE8C982725D012A142927263CEF0 Validity Not Before: Apr 22 08:44:08 2024 GMT Not After : Dec 1 00:00:00 2024 GMT Subject: CN=66262357-420e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:33:d0:29:d5:03:e4:34:fe:45:c8:b8:db:22: ff:85:3d:8f:4b:4c:4f:56:6e:2c:a1:8d:0b:b5:11: 04:22:41:e1:66:98:9e:14:2b:54:9f:50:19:0e:26: eb:4f:97:1b:76:85:5b:34:4b:37:f1:52:93:7c:51: e8:35:a2:1f:e6:7e:70:15:40:70:cd:23:3b:78:8b: 6c:db:fb:86:8e:5f:cd:df:ff:a2:77:77:c6:97:7b: 07:7f:91:a6:b5:6a:70:8c:8c:2b:18:c5:ee:73:48: 0d:a6:5b:97:a7:89:c8:7f:8f:60:ba:a0:83:8a:10: 63:cf:34:2c:40:15:4f:7c:51:e9:c6:02:44:e6:b8: 01:51:3a:03:70:75:bc:53:31:e4:9d:48:a7:9b:a5: a6:cc:25:f6:6e:6b:e5:36:b9:8c:da:1e:bc:c7:e0: c3:74:a3:23:ef:4c:1a:75:dd:18:0e:10:e5:12:d5: 53:44:fe:52:3c:2f:38:65:f7:e9:89:21:85:bc:bf: ee:bb:69:c9:e0:5c:53:43:3f:db:b1:83:bd:74:38: 8f:f5:7d:55:3e:92:b7:63:31:9a:5d:3d:0b:bb:67: b6:03:fe:e1:a9:5d:b5:e7:6a:63:49:c5:96:a1:69: 55:a4:06:f4:e9:14:e8:1d:49:cf:85:1f:17:be:c5: 07:8b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 75:D8:3D:8A:9D:D4:8A:1B:18:DD:E4:59:33:B0:B4:53:92:00:4F:A1 X509v3 Authority Key Identifier: keyid:B2:0E:9F:E6:4A:F3:CE:8C:98:27:25:D0:12:A1:42:92:72:63:CE:F0 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91477C3/5DA48C20E76E11EA8142A839C4F9AE02/sg6f5krzzoyYJyXQEqFCknJjzvA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sg6f5krzzoyYJyXQEqFCknJjzvA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91477C3/5DA48C20E76E11EA8142A839C4F9AE02/5FB89FD4DA8511EEBD7AF854C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.252.0.0/22 101.234.192.0-101.234.196.255 101.234.200.0/23 103.233.16.0/22 223.25.228.0/23 223.25.231.0/24 IPv6: 2407:ab00::/48 2407:ab00:2::/48 Signature Algorithm: sha256WithRSAEncryption 1e:31:8e:bf:7f:10:a8:9c:ac:95:b8:0b:4d:7f:c1:21:66:68: e8:5e:12:4a:d3:82:a0:43:7e:54:17:24:6e:f8:04:e7:b8:87: b3:dd:0b:82:1e:6a:ad:bf:d0:e1:fa:a5:c4:d3:70:39:85:bb: d9:cc:02:c8:c6:2c:01:a6:4a:29:f8:a2:de:72:83:ac:ec:2a: 4f:b5:4a:0c:24:13:9d:04:82:82:b2:ae:34:bb:6b:fd:e3:b6: fb:1e:c9:b9:7a:06:3f:91:8f:49:bd:e6:51:64:13:2d:6a:41: fe:ec:77:84:ef:77:da:11:57:ce:b5:2c:6e:19:42:c6:70:53: 51:a8:b5:19:10:91:15:55:ee:8a:f6:1d:8c:ae:1c:78:ea:27: 47:c1:0d:c7:dc:ff:12:b1:23:17:c5:ca:6c:5c:1e:f1:a7:6c: a0:ba:59:ec:0e:77:c4:2d:21:66:e5:99:14:07:d1:60:96:21: 4d:51:6a:2e:38:b3:4d:f1:0c:60:12:68:98:43:85:50:55:13: 9e:e5:42:30:97:1a:8c:8b:7c:57:74:79:07:1e:5d:35:70:50: 3f:6a:82:02:a9:01:0a:4d:85:dd:f0:ac:d7:c5:cb:13:7e:42: 26:3d:3f:f6:f7:84:5e:e1:ee:2c:a7:96:94:e3:ca:b6:c3:c1: ae:b4:8d:d6 -----BEGIN CERTIFICATE----- MIIFsTCCBJmgAwIBAgICBzgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDc3QzMxMTAvBgNVBAUTKEIyMEU5RkU2NEFGM0NFOEM5ODI3MjVEMDEyQTE0Mjky NzI2M0NFRjAwHhcNMjQwNDIyMDg0NDA4WhcNMjQxMjAxMDAwMDAwWjAYMRYwFAYD VQQDEw02NjI2MjM1Ny00MjBlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA0jPQKdUD5DT+Rci42yL/hT2PS0xPVm4soY0LtREEIkHhZpieFCtUn1AZDibr T5cbdoVbNEs38VKTfFHoNaIf5n5wFUBwzSM7eIts2/uGjl/N3/+id3fGl3sHf5Gm tWpwjIwrGMXuc0gNpluXp4nIf49guqCDihBjzzQsQBVPfFHpxgJE5rgBUToDcHW8 UzHknUinm6WmzCX2bmvlNrmM2h68x+DDdKMj70wadd0YDhDlEtVTRP5SPC84Zffp iSGFvL/uu2nJ4FxTQz/bsYO9dDiP9X1VPpK3YzGaXT0Lu2e2A/7hqV2152pjScWW oWlVpAb06RToHUnPhR8XvsUHiwIDAQABo4IC1TCCAtEwHQYDVR0OBBYEFHXYPYqd 1IobGN3kWTOwtFOSAE+hMB8GA1UdIwQYMBaAFLIOn+ZK886MmCcl0BKhQpJyY87w MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0NzdDMy81REE0OEMyMEU3 NkUxMUVBODE0MkE4MzlDNEY5QUUwMi9zZzZmNWtyenpveVlKeVhRRXFGQ2tuSmp6 dkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3NnNmY1a3J6em95WUp5WFFFcUZDa25Kanp2QS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NDc3QzMvNURBNDhDMjBFNzZFMTFFQTgxNDJBODM5QzRGOUFFMDIvNUZCODlGRDRE QTg1MTFFRUJEN0FGODU0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwXwYIKwYBBQUHAQcBAf8E UDBOMDIEAgABMCwDBAIr/AAwDAMEBmXqwAMEAGXqxAMEAWXqyAMEAmfpEAMEAd8Z 5AMEAN8Z5zAYBAIAAjASAwcAJAerAAAAAwcAJAerAAACMA0GCSqGSIb3DQEBCwUA A4IBAQAeMY6/fxConKyVuAtNf8EhZmjoXhJK04KgQ35UFyRu+ATnuIez3QuCHmqt v9Dh+qXE03A5hbvZzALIxiwBpkop+KLecoOs7CpPtUoMJBOdBIKCsq40u2v947b7 Hsm5egY/kY9JveZRZBMtakH+7HeE73faEVfOtSxuGULGcFNRqLUZEJEVVe6K9h2M rhx46idHwQ3H3P8SsSMXxcpsXB7xp2ygulnsDnfELSFm5ZkUB9FgliFNUWouOLNN 8QxgEmiYQ4VQVROe5UIwlxqMi3xXdHkHHl01cFA/aoICqQEKTYXd8KzXxcsTfkIm PT/294Re4e4sp5aU48q2w8GutI3W -----END CERTIFICATE-----Generated at Wed May 29 00:29:05 2024 by rpki-client on console-fra.rpki-client.org