$ rpki-client -vvf rpki.apnic.net/member_repository/A9149F3E/AC52B7481D8211E2BC6417D708B02CD2/D34236BE7D0511EEB381D02CC4F9AE02.roa File: D34236BE7D0511EEB381D02CC4F9AE02.roa (raw, json) Hash identifier: NZHysE8nVCbq7fbvHXB0K2e7+2zAZI6Mnwfdz06Ko40= Subject key identifier: 54:6B:2B:F3:81:9F:62:84:8A:70:FC:F9:A7:EC:97:C0:CA:FF:06:8E Certificate issuer: /CN=A9149F3E/serialNumber=EB389FB339B3908D549A65390C92E15F9DF7C54B Certificate serial: 355A Authority key identifier: EB:38:9F:B3:39:B3:90:8D:54:9A:65:39:0C:92:E1:5F:9D:F7:C5:4B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6zifszmzkI1UmmU5DJLhX533xUs.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9149F3E/AC52B7481D8211E2BC6417D708B02CD2/D34236BE7D0511EEB381D02CC4F9AE02.roa Signing time: Mon 04 Mar 2024 01:46:27 +0000 ROA not before: Mon 04 Mar 2024 01:46:27 +0000 ROA not after: Sat 31 Aug 2024 00:00:00 +0000 asID: 21859 IP address blocks: 49.128.198.0/24 maxlen: 24 101.55.23.0/24 maxlen: 24 112.196.194.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9149F3E/AC52B7481D8211E2BC6417D708B02CD2/6zifszmzkI1UmmU5DJLhX533xUs.crl rsync://rpki.apnic.net/member_repository/A9149F3E/AC52B7481D8211E2BC6417D708B02CD2/6zifszmzkI1UmmU5DJLhX533xUs.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6zifszmzkI1UmmU5DJLhX533xUs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 09 May 2024 14:23:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13658 (0x355a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9149F3E/serialNumber=EB389FB339B3908D549A65390C92E15F9DF7C54B Validity Not Before: Mar 4 01:46:27 2024 GMT Not After : Aug 31 00:00:00 2024 GMT Subject: CN=65e527f3-4fc2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:c2:58:98:d4:a3:07:f9:f8:d1:d5:76:bf:14: 96:1d:df:ee:d9:04:71:67:67:a5:c0:ff:68:0a:19: a4:9e:f3:d3:9e:93:78:cc:62:53:e9:1d:ee:91:b6: 17:87:92:60:19:2b:3b:ba:c8:6e:88:76:2a:1d:43: 78:28:14:f2:de:49:c5:b1:55:76:d0:02:29:38:a9: 82:fe:1c:e0:fb:9b:59:80:24:3d:25:bd:df:0f:dc: 79:c0:05:b9:65:5d:33:af:14:ba:58:48:0f:8e:de: 87:a3:0f:88:dc:ad:4f:20:59:ab:7f:e8:35:1b:7e: 5e:28:4c:ba:af:d5:13:c3:5f:80:17:32:1e:28:b8: 1b:25:4f:88:03:b9:4f:e4:c6:e9:3a:e3:b6:8b:f0: 22:71:3f:67:87:d1:b9:21:ee:5b:3b:42:ff:0b:da: 4a:d9:f1:4f:88:8d:09:bd:bb:99:c9:b7:5a:74:7c: 6c:f8:0d:bd:59:20:1f:04:b5:fc:5d:eb:ee:a8:c4: 16:c2:91:cd:a1:9a:8f:66:89:90:86:8a:dc:4d:a1: 81:a7:2e:db:ee:8e:4d:3a:d0:eb:de:65:7d:37:f4: 1b:2a:19:cd:e3:39:1b:0b:84:1e:1b:09:80:1e:ab: 9b:50:bd:91:91:4b:00:aa:de:0c:16:a6:6e:48:97: 89:29 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 54:6B:2B:F3:81:9F:62:84:8A:70:FC:F9:A7:EC:97:C0:CA:FF:06:8E X509v3 Authority Key Identifier: keyid:EB:38:9F:B3:39:B3:90:8D:54:9A:65:39:0C:92:E1:5F:9D:F7:C5:4B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9149F3E/AC52B7481D8211E2BC6417D708B02CD2/6zifszmzkI1UmmU5DJLhX533xUs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6zifszmzkI1UmmU5DJLhX533xUs.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9149F3E/AC52B7481D8211E2BC6417D708B02CD2/D34236BE7D0511EEB381D02CC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 49.128.198.0/24 101.55.23.0/24 112.196.194.0/24 Signature Algorithm: sha256WithRSAEncryption 38:b2:99:35:00:fd:88:7c:08:27:c3:08:e7:cb:e9:31:1b:46: d1:50:b3:c9:5c:f8:fb:5d:84:04:bb:7e:0a:ef:38:a8:8d:70: 26:00:96:64:64:c3:f7:b4:5f:e1:b7:8f:52:07:b2:28:58:d4: 16:f3:72:c2:2e:9b:a5:d5:66:a6:a4:1c:21:e0:f7:4d:e7:32: 34:b6:03:7c:f0:2a:d7:0c:b4:81:4b:ad:ec:26:3e:3a:89:6e: 88:2a:ed:e4:37:7b:01:5b:e2:24:5d:a8:d5:5c:f8:03:db:52: 49:f0:56:1c:97:21:49:7e:c6:76:e7:7c:04:fd:1d:24:6d:40: 71:1a:a6:94:06:0f:e5:18:e2:2b:c1:b6:da:7d:70:7c:16:f8: 2d:37:0f:bb:7b:5f:0a:c6:e8:7e:30:15:72:96:66:d7:49:ab: 38:5b:63:aa:8a:15:10:d6:fc:5e:4b:c2:41:da:e5:58:1c:74: 9e:bb:ee:4c:8a:8a:5d:e7:1d:06:eb:42:45:ce:81:04:4a:1a: cb:34:3b:b2:50:d5:07:9d:b7:bb:2d:85:f6:61:b3:b8:01:f6: 54:48:64:d2:a0:31:f4:5d:3d:be:e1:e7:14:97:c9:6c:ae:01: 1f:6d:e2:44:e9:72:be:a6:fe:e6:0d:c0:68:35:83:78:89:28: 70:e8:6b:b4 -----BEGIN CERTIFICATE----- MIIFfTCCBGWgAwIBAgICNVowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDlGM0UxMTAvBgNVBAUTKEVCMzg5RkIzMzlCMzkwOEQ1NDlBNjUzOTBDOTJFMTVG OURGN0M1NEIwHhcNMjQwMzA0MDE0NjI3WhcNMjQwODMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NWU1MjdmMy00ZmMyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA0MJYmNSjB/n40dV2vxSWHd/u2QRxZ2elwP9oChmknvPTnpN4zGJT6R3ukbYX h5JgGSs7ushuiHYqHUN4KBTy3knFsVV20AIpOKmC/hzg+5tZgCQ9Jb3fD9x5wAW5 ZV0zrxS6WEgPjt6How+I3K1PIFmrf+g1G35eKEy6r9UTw1+AFzIeKLgbJU+IA7lP 5MbpOuO2i/AicT9nh9G5Ie5bO0L/C9pK2fFPiI0JvbuZybdadHxs+A29WSAfBLX8 XevuqMQWwpHNoZqPZomQhorcTaGBpy7b7o5NOtDr3mV9N/QbKhnN4zkbC4QeGwmA HqubUL2RkUsAqt4MFqZuSJeJKQIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFFRrK/OB n2KEinD8+afsl8DK/waOMB8GA1UdIwQYMBaAFOs4n7M5s5CNVJplOQyS4V+d98VL MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0OUYzRS9BQzUyQjc0ODFE ODIxMUUyQkM2NDE3RDcwOEIwMkNEMi82emlmc3ptemtJMVVtbVU1REpMaFg1MzN4 VXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzZ6aWZzem16a0kxVW1tVTVESkxoWDUzM3hVcy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NDlGM0UvQUM1MkI3NDgxRDgyMTFFMkJDNjQxN0Q3MDhCMDJDRDIvRDM0MjM2QkU3 RDA1MTFFRUIzODFEMDJDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E HDAaMBgEAgABMBIDBAAxgMYDBABlNxcDBABwxMIwDQYJKoZIhvcNAQELBQADggEB ADiymTUA/Yh8CCfDCOfL6TEbRtFQs8lc+PtdhAS7fgrvOKiNcCYAlmRkw/e0X+G3 j1IHsihY1BbzcsIum6XVZqakHCHg903nMjS2A3zwKtcMtIFLrewmPjqJbogq7eQ3 ewFb4iRdqNVc+APbUknwVhyXIUl+xnbnfAT9HSRtQHEappQGD+UY4ivBttp9cHwW +C03D7t7XwrG6H4wFXKWZtdJqzhbY6qKFRDW/F5LwkHa5VgcdJ677kyKil3nHQbr QkXOgQRKGss0O7JQ1Qedt7sthfZhs7gB9lRIZNKgMfRdPb7h5xSXyWyuAR9t4kTp cr6m/uYNwGg1g3iJKHDoa7Q= -----END CERTIFICATE-----Generated at Thu May 2 17:18:28 2024 by rpki-client on console-ams.rpki-client.org