$ rpki-client -vvf rpki.apnic.net/member_repository/A91560A3/E4DF96AAFDF811E8AD2C1262C4F9AE02/2245CE0A606811EB80E3D531C4F9AE02.roa File: 2245CE0A606811EB80E3D531C4F9AE02.roa (raw, json) Hash identifier: n0eE4w1ioXiku75wdXVIUXgqTRR1ty++Snk078GZCnM= Subject key identifier: 20:2C:A4:0F:71:12:9F:1E:EA:B8:16:9D:9A:18:A3:51:25:D7:AC:AA Certificate issuer: /CN=A91560A3/serialNumber=0E2DEA14FD7CFFD0D0A9EA3E37437B91E454B236 Certificate serial: 1086 Authority key identifier: 0E:2D:EA:14:FD:7C:FF:D0:D0:A9:EA:3E:37:43:7B:91:E4:54:B2:36 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Di3qFP18_9DQqeo-N0N7keRUsjY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91560A3/E4DF96AAFDF811E8AD2C1262C4F9AE02/2245CE0A606811EB80E3D531C4F9AE02.roa Signing time: Fri 02 Feb 2024 18:06:11 +0000 ROA not before: Fri 02 Feb 2024 18:06:11 +0000 ROA not after: Mon 31 Mar 2025 00:00:00 +0000 asID: 135025 IP address blocks: 14.102.168.0/22 maxlen: 22 14.102.168.0/24 maxlen: 24 14.102.169.0/24 maxlen: 24 14.102.170.0/24 maxlen: 24 14.102.171.0/24 maxlen: 24 103.206.80.0/22 maxlen: 22 103.206.80.0/24 maxlen: 24 103.206.81.0/24 maxlen: 24 103.206.82.0/24 maxlen: 24 103.206.83.0/24 maxlen: 24 2404:2380::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91560A3/E4DF96AAFDF811E8AD2C1262C4F9AE02/Di3qFP18_9DQqeo-N0N7keRUsjY.crl rsync://rpki.apnic.net/member_repository/A91560A3/E4DF96AAFDF811E8AD2C1262C4F9AE02/Di3qFP18_9DQqeo-N0N7keRUsjY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Di3qFP18_9DQqeo-N0N7keRUsjY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 15 May 2024 02:42:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4230 (0x1086) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91560A3/serialNumber=0E2DEA14FD7CFFD0D0A9EA3E37437B91E454B236 Validity Not Before: Feb 2 18:06:11 2024 GMT Not After : Mar 31 00:00:00 2025 GMT Subject: CN=65bd2f13-8a38 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:d3:5f:f1:aa:80:16:40:16:cd:c6:06:ee:4f: e0:41:d8:ec:f9:2c:70:44:d5:8e:37:df:5a:fe:e7: 2a:74:11:03:e5:6f:57:10:57:14:59:fe:df:be:79: 42:a2:5d:88:a8:4f:7d:fd:99:36:cd:dc:ee:c1:07: 78:18:16:3c:78:b9:df:72:46:1a:43:88:c8:6d:6c: a9:32:78:c9:5a:bc:a5:fe:48:5f:d0:72:61:4a:3b: 25:0d:46:c0:88:72:38:d6:1c:82:e0:1b:f7:bc:93: 57:33:99:c7:2b:7f:9f:93:62:95:74:aa:bb:eb:b2: 17:92:15:27:28:5a:98:47:08:c7:37:00:88:e1:44: 5a:56:0f:6d:85:93:17:38:27:48:e0:0d:24:23:d9: bb:23:b4:77:47:ff:4c:3e:8c:1f:97:3a:35:e2:de: 09:24:89:57:c2:a8:c7:22:0e:c2:bd:2a:73:19:39: ad:85:27:ed:80:5b:ca:20:b8:57:b0:7a:dd:8b:5f: e9:cb:d5:0f:2e:04:1d:3a:67:1a:0f:8b:12:b7:8d: 30:61:df:23:2d:6f:ab:a1:e7:ec:7f:0c:47:24:ac: bd:28:fc:83:0e:65:44:70:1a:db:12:41:1b:63:26: b1:2f:27:f9:99:87:6a:88:2c:fa:79:57:2c:cb:58: 1c:b1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 20:2C:A4:0F:71:12:9F:1E:EA:B8:16:9D:9A:18:A3:51:25:D7:AC:AA X509v3 Authority Key Identifier: keyid:0E:2D:EA:14:FD:7C:FF:D0:D0:A9:EA:3E:37:43:7B:91:E4:54:B2:36 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91560A3/E4DF96AAFDF811E8AD2C1262C4F9AE02/Di3qFP18_9DQqeo-N0N7keRUsjY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Di3qFP18_9DQqeo-N0N7keRUsjY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91560A3/E4DF96AAFDF811E8AD2C1262C4F9AE02/2245CE0A606811EB80E3D531C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 14.102.168.0/22 103.206.80.0/22 IPv6: 2404:2380::/32 Signature Algorithm: sha256WithRSAEncryption df:5d:3f:0c:6b:09:86:87:4c:a1:ee:a2:91:d6:33:04:78:02: a4:3b:d9:c5:c5:4a:b0:ba:b4:b3:9f:5b:5a:0f:a2:45:34:f0: ad:39:19:f8:f3:ed:a2:88:ba:0a:d2:0b:27:f5:2b:b3:03:d2: 38:56:a5:d2:f2:49:24:f8:6c:b2:fb:8b:be:f9:d4:c2:ee:48: 69:df:86:3a:43:ab:6a:a2:ab:d6:8e:4e:67:14:a6:24:f8:4e: 20:56:83:26:a5:73:d6:5b:6e:6d:b4:be:44:0f:4a:e1:c0:fd: 9b:ad:85:c6:fb:f7:3e:e1:98:4c:3d:bf:eb:5c:1e:44:ab:a8: e1:4b:86:38:32:96:74:eb:b4:10:b5:66:54:e1:77:6d:81:e8: 2c:12:b4:88:a5:7e:b6:31:0f:03:a8:3a:43:b8:1d:66:20:29: de:0c:3e:5f:57:3e:16:9f:73:d1:48:65:2f:1b:f1:65:7c:33: 96:0a:74:19:96:00:9a:27:e7:19:29:4b:14:24:48:fa:49:02: e6:f1:dc:ab:cb:2d:fa:de:0f:32:ef:f1:20:b0:81:bb:2f:ab: e6:18:25:5b:fd:b8:29:12:5e:fd:6d:8f:e0:dd:3c:8c:88:ec: d2:1d:c3:44:b4:0a:ae:2e:60:38:bf:0e:d4:66:e7:00:a8:c9: a6:92:54:fa -----BEGIN CERTIFICATE----- MIIFhjCCBG6gAwIBAgICEIYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTYwQTMxMTAvBgNVBAUTKDBFMkRFQTE0RkQ3Q0ZGRDBEMEE5RUEzRTM3NDM3Qjkx RTQ1NEIyMzYwHhcNMjQwMjAyMTgwNjExWhcNMjUwMzMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NWJkMmYxMy04YTM4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAt9Nf8aqAFkAWzcYG7k/gQdjs+SxwRNWON99a/ucqdBED5W9XEFcUWf7fvnlC ol2IqE99/Zk2zdzuwQd4GBY8eLnfckYaQ4jIbWypMnjJWryl/khf0HJhSjslDUbA iHI41hyC4Bv3vJNXM5nHK3+fk2KVdKq767IXkhUnKFqYRwjHNwCI4URaVg9thZMX OCdI4A0kI9m7I7R3R/9MPowflzo14t4JJIlXwqjHIg7CvSpzGTmthSftgFvKILhX sHrdi1/py9UPLgQdOmcaD4sSt40wYd8jLW+roefsfwxHJKy9KPyDDmVEcBrbEkEb YyaxLyf5mYdqiCz6eVcsy1gcsQIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFCAspA9x Ep8e6rgWnZoYo1El16yqMB8GA1UdIwQYMBaAFA4t6hT9fP/Q0KnqPjdDe5HkVLI2 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1NjBBMy9FNERGOTZBQUZE RjgxMUU4QUQyQzEyNjJDNEY5QUUwMi9EaTNxRlAxOF85RFFxZW8tTjBON2tlUlVz alkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0RpM3FGUDE4XzlEUXFlby1OME43a2VSVXNqWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NTYwQTMvRTRERjk2QUFGREY4MTFFOEFEMkMxMjYyQzRGOUFFMDIvMjI0NUNFMEE2 MDY4MTFFQjgwRTNENTMxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E JTAjMBIEAgABMAwDBAIOZqgDBAJnzlAwDQQCAAIwBwMFACQEI4AwDQYJKoZIhvcN AQELBQADggEBAN9dPwxrCYaHTKHuopHWMwR4AqQ72cXFSrC6tLOfW1oPokU08K05 Gfjz7aKIugrSCyf1K7MD0jhWpdLySST4bLL7i7751MLuSGnfhjpDq2qiq9aOTmcU piT4TiBWgyalc9Zbbm20vkQPSuHA/Zuthcb79z7hmEw9v+tcHkSrqOFLhjgylnTr tBC1ZlThd22B6CwStIilfrYxDwOoOkO4HWYgKd4MPl9XPhafc9FIZS8b8WV8M5YK dBmWAJon5xkpSxQkSPpJAubx3KvLLfreDzLv8SCwgbsvq+YYJVv9uCkSXv1tj+Dd PIyI7NIdw0S0Cq4uYDi/DtRm5wCoyaaSVPo= -----END CERTIFICATE-----Generated at Wed May 8 20:35:51 2024 by rpki-client on console-ams.rpki-client.org