$ rpki-client -vvf rpki.apnic.net/member_repository/A91498A4/ECF30A9E905311EB9CA8721DC4F9AE02/A7A77B96911111EBA69D2641C4F9AE02.roa File: A7A77B96911111EBA69D2641C4F9AE02.roa (raw, json) Hash identifier: 98tnilsCcCPTdGUbVCm8JaIV3qIL34Ije66PD0PoN30= Subject key identifier: 55:20:EA:A2:6E:47:93:8D:C7:1C:F9:D8:03:81:3F:61:F5:75:92:45 Certificate issuer: /CN=A91498A4/serialNumber=3A33A5DADC373726417DDD56E46790FF84BBCED1 Certificate serial: 04EA Authority key identifier: 3A:33:A5:DA:DC:37:37:26:41:7D:DD:56:E4:67:90:FF:84:BB:CE:D1 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OjOl2tw3NyZBfd1W5GeQ_4S7ztE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91498A4/ECF30A9E905311EB9CA8721DC4F9AE02/A7A77B96911111EBA69D2641C4F9AE02.roa Signing time: Tue 01 Aug 2023 00:21:30 +0000 ROA not before: Tue 01 Aug 2023 00:21:30 +0000 ROA not after: Mon 30 Sep 2024 00:00:00 +0000 asID: 9723 IP address blocks: 203.31.82.0/24 maxlen: 24 210.56.152.0/24 maxlen: 24 210.56.153.0/24 maxlen: 24 210.56.154.0/24 maxlen: 24 210.56.155.0/24 maxlen: 24 210.56.156.0/24 maxlen: 24 210.56.157.0/24 maxlen: 24 210.56.158.0/24 maxlen: 24 210.56.159.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91498A4/ECF30A9E905311EB9CA8721DC4F9AE02/OjOl2tw3NyZBfd1W5GeQ_4S7ztE.crl rsync://rpki.apnic.net/member_repository/A91498A4/ECF30A9E905311EB9CA8721DC4F9AE02/OjOl2tw3NyZBfd1W5GeQ_4S7ztE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OjOl2tw3NyZBfd1W5GeQ_4S7ztE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 01 Jun 2024 00:44:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1258 (0x4ea) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91498A4/serialNumber=3A33A5DADC373726417DDD56E46790FF84BBCED1 Validity Not Before: Aug 1 00:21:30 2023 GMT Not After : Sep 30 00:00:00 2024 GMT Subject: CN=64c8500a-ee27 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:18:9e:19:7e:07:27:52:b8:fc:f6:ee:6f:39: d6:bb:d3:db:25:f8:12:3d:30:a2:34:af:bf:57:34: 8f:4a:48:cc:fc:f6:61:9e:d0:12:de:86:a0:16:00: 47:b1:4c:59:e5:ac:ae:7a:2e:bb:db:28:82:a8:f3: 5a:34:a9:5e:dc:99:a7:47:1f:bb:cd:80:23:5b:39: 89:e1:67:10:f1:b6:da:6d:6d:75:28:e0:5b:86:99: 7a:97:ee:d6:97:fe:9a:eb:89:6c:f1:19:12:7f:17: 2b:6f:19:01:cc:f5:32:d6:09:28:9f:3c:cf:75:9e: 62:39:c6:b1:03:ca:3d:ba:73:54:f8:a9:4e:b9:ce: 1b:b0:bb:ac:4e:b5:00:84:e9:ad:00:87:6b:93:0f: d0:45:b2:06:a3:f0:21:b4:5d:5d:38:52:18:c0:fc: de:69:44:77:2d:19:5d:62:70:b3:ad:90:7b:c4:0b: cb:5f:e1:d1:64:bb:50:31:ec:0e:19:78:09:1f:fb: 93:58:0a:1c:29:a9:07:a3:48:d6:80:8d:25:32:0e: a6:92:70:9e:5d:51:a4:ae:e9:54:fa:53:ce:da:27: 68:e1:77:c5:99:c3:6b:eb:8e:a9:4c:b5:ae:a0:be: 50:cb:d0:2b:63:fd:3d:b0:fb:95:86:48:8f:7a:cc: 4b:0b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 55:20:EA:A2:6E:47:93:8D:C7:1C:F9:D8:03:81:3F:61:F5:75:92:45 X509v3 Authority Key Identifier: keyid:3A:33:A5:DA:DC:37:37:26:41:7D:DD:56:E4:67:90:FF:84:BB:CE:D1 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91498A4/ECF30A9E905311EB9CA8721DC4F9AE02/OjOl2tw3NyZBfd1W5GeQ_4S7ztE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OjOl2tw3NyZBfd1W5GeQ_4S7ztE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91498A4/ECF30A9E905311EB9CA8721DC4F9AE02/A7A77B96911111EBA69D2641C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 203.31.82.0/24 210.56.152.0/21 Signature Algorithm: sha256WithRSAEncryption 5e:77:76:88:73:cb:51:43:aa:ba:be:6a:ae:64:1c:8d:95:27: fe:f6:f8:38:53:e3:5f:73:3f:8c:35:3b:dc:ca:3c:fe:eb:e7: e0:52:0b:76:f6:7a:d5:4d:c5:cd:a8:f8:23:2f:8d:32:e9:98: cc:1e:b4:7d:4f:5f:a5:83:91:e6:af:53:c3:bf:08:1c:fc:fe: 49:ff:4a:ce:ef:2b:01:4b:7c:b2:55:b2:65:bf:02:bd:0f:22: 43:eb:1e:8d:81:07:6a:2d:aa:5d:4f:4a:94:43:f0:5d:bc:08: db:8a:77:85:48:1a:4b:3a:86:c8:e5:78:a2:15:85:f5:c2:14: 6e:b9:b3:2d:f2:e8:ed:5b:cc:9b:5b:83:13:0e:04:47:e3:53: 5a:e4:c0:cc:9d:43:f2:73:10:8b:bc:07:3b:d3:c4:5a:c9:97: 71:67:ef:d7:6b:61:22:7d:dc:12:75:33:63:35:4d:1e:ad:db: 65:b8:01:44:93:04:78:ba:6f:2d:58:5e:b2:39:45:77:f2:a6: ea:70:37:1e:e7:04:a7:06:a6:70:d2:f4:ab:30:03:7a:d2:10: ea:b4:ac:4b:a3:83:60:af:cf:98:13:a7:28:a7:b0:59:0e:e5: 0f:53:d5:b9:31:6b:0d:0c:d5:53:08:70:ef:da:b1:f6:8f:98: 5e:f5:3e:ee -----BEGIN CERTIFICATE----- MIIFdzCCBF+gAwIBAgICBOowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDk4QTQxMTAvBgNVBAUTKDNBMzNBNURBREMzNzM3MjY0MTdEREQ1NkU0Njc5MEZG ODRCQkNFRDEwHhcNMjMwODAxMDAyMTMwWhcNMjQwOTMwMDAwMDAwWjAYMRYwFAYD VQQDEw02NGM4NTAwYS1lZTI3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtBieGX4HJ1K4/PbubznWu9PbJfgSPTCiNK+/VzSPSkjM/PZhntAS3oagFgBH sUxZ5ayuei672yiCqPNaNKle3JmnRx+7zYAjWzmJ4WcQ8bbabW11KOBbhpl6l+7W l/6a64ls8RkSfxcrbxkBzPUy1gkonzzPdZ5iOcaxA8o9unNU+KlOuc4bsLusTrUA hOmtAIdrkw/QRbIGo/AhtF1dOFIYwPzeaUR3LRldYnCzrZB7xAvLX+HRZLtQMewO GXgJH/uTWAocKakHo0jWgI0lMg6mknCeXVGkrulU+lPO2ido4XfFmcNr646pTLWu oL5Qy9ArY/09sPuVhkiPesxLCwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFFUg6qJu R5ONxxz52AOBP2H1dZJFMB8GA1UdIwQYMBaAFDozpdrcNzcmQX3dVuRnkP+Eu87R MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0OThBNC9FQ0YzMEE5RTkw NTMxMUVCOUNBODcyMURDNEY5QUUwMi9Pak9sMnR3M055WkJmZDFXNUdlUV80Uzd6 dEUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL09qT2wydHczTnlaQmZkMVc1R2VRXzRTN3p0RS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NDk4QTQvRUNGMzBBOUU5MDUzMTFFQjlDQTg3MjFEQzRGOUFFMDIvQTdBNzdCOTY5 MTExMTFFQkE2OUQyNjQxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E FjAUMBIEAgABMAwDBADLH1IDBAPSOJgwDQYJKoZIhvcNAQELBQADggEBAF53dohz y1FDqrq+aq5kHI2VJ/72+DhT419zP4w1O9zKPP7r5+BSC3b2etVNxc2o+CMvjTLp mMwetH1PX6WDkeavU8O/CBz8/kn/Ss7vKwFLfLJVsmW/Ar0PIkPrHo2BB2otql1P SpRD8F28CNuKd4VIGks6hsjleKIVhfXCFG65sy3y6O1bzJtbgxMOBEfjU1rkwMyd Q/JzEIu8BzvTxFrJl3Fn79drYSJ93BJ1M2M1TR6t22W4AUSTBHi6by1YXrI5RXfy pupwNx7nBKcGpnDS9KswA3rSEOq0rEujg2Cvz5gTpyinsFkO5Q9T1bkxaw0M1VMI cO/asfaPmF71Pu4= -----END CERTIFICATE-----Generated at Sat May 25 04:35:06 2024 by rpki-client on console-ams.rpki-client.org