$ rpki-client -vvf rpki.apnic.net/member_repository/A917B520/161D4C0AE4CA11EDA414E259C4F9AE02/766A344489DC11EEA5F50782C4F9AE02.roa File: 766A344489DC11EEA5F50782C4F9AE02.roa (raw, json) Hash identifier: xD1ahEkh70RjJXK8AbB8J4cy1u9l2qQBLxqu+mrLTEw= Subject key identifier: 91:BD:DA:CB:5B:0F:33:DE:9A:DC:6E:8E:F8:C7:82:DB:5E:A5:3B:07 Certificate issuer: /CN=A917B520/serialNumber=542B94D8625CF711964FD13741295D27AD7A9004 Certificate serial: 76 Authority key identifier: 54:2B:94:D8:62:5C:F7:11:96:4F:D1:37:41:29:5D:27:AD:7A:90:04 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VCuU2GJc9xGWT9E3QSldJ616kAQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917B520/161D4C0AE4CA11EDA414E259C4F9AE02/766A344489DC11EEA5F50782C4F9AE02.roa Signing time: Thu 23 Nov 2023 08:44:07 +0000 ROA not before: Thu 23 Nov 2023 08:44:07 +0000 ROA not after: Tue 30 Jul 2024 00:00:00 +0000 asID: 150436 IP address blocks: 101.47.0.0/18 maxlen: 24 101.47.64.0/20 maxlen: 24 101.47.80.0/20 maxlen: 24 2401:4c20::/40 maxlen: 44 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917B520/161D4C0AE4CA11EDA414E259C4F9AE02/VCuU2GJc9xGWT9E3QSldJ616kAQ.crl rsync://rpki.apnic.net/member_repository/A917B520/161D4C0AE4CA11EDA414E259C4F9AE02/VCuU2GJc9xGWT9E3QSldJ616kAQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VCuU2GJc9xGWT9E3QSldJ616kAQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 May 2024 06:22:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 118 (0x76) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917B520/serialNumber=542B94D8625CF711964FD13741295D27AD7A9004 Validity Not Before: Nov 23 08:44:07 2023 GMT Not After : Jul 30 00:00:00 2024 GMT Subject: CN=655f10d7-acee Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e5:d1:76:a1:0a:5d:68:03:01:21:0d:b7:09:5f: d6:41:75:83:11:c9:59:e4:87:75:11:27:a0:04:20: 28:85:a0:7d:53:62:bc:77:67:31:a1:99:ee:ef:49: 58:00:70:92:b6:f8:76:72:b3:2e:b8:05:89:7a:cb: 30:e2:4e:cf:0c:20:b6:09:70:71:70:08:31:9b:1d: 9b:7c:61:a9:56:ae:64:59:eb:8c:41:c6:a2:f4:78: 14:cc:00:a7:3f:4d:19:89:9c:f8:9c:c3:a1:85:c4: bb:74:d9:51:ed:f1:71:3d:51:69:be:2f:4e:f4:9f: 90:c0:6c:54:7a:fb:a8:c1:40:c3:38:02:27:7a:27: 23:d0:8a:97:84:2d:49:d9:4d:ec:cc:62:ee:1b:28: f3:96:cb:46:68:0c:2f:c1:b9:b5:1c:d4:02:7a:40: 57:6c:20:0e:aa:6e:f4:ae:e0:65:b0:e8:b5:1b:ca: 41:01:12:d1:c9:a2:75:fb:15:6f:72:ec:14:b9:f6: 8d:41:86:cb:d3:00:7a:a4:84:8b:cf:75:6a:b5:5b: 0d:7c:ba:18:2c:ac:09:e7:92:c8:92:ea:15:8a:92: 05:55:6a:b4:84:83:9f:3e:ea:8b:b7:33:d5:8d:24: 14:aa:ae:0e:bd:b3:d4:d8:56:f4:92:c3:f2:00:7e: 6e:4f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 91:BD:DA:CB:5B:0F:33:DE:9A:DC:6E:8E:F8:C7:82:DB:5E:A5:3B:07 X509v3 Authority Key Identifier: keyid:54:2B:94:D8:62:5C:F7:11:96:4F:D1:37:41:29:5D:27:AD:7A:90:04 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917B520/161D4C0AE4CA11EDA414E259C4F9AE02/VCuU2GJc9xGWT9E3QSldJ616kAQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VCuU2GJc9xGWT9E3QSldJ616kAQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917B520/161D4C0AE4CA11EDA414E259C4F9AE02/766A344489DC11EEA5F50782C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 101.47.0.0-101.47.95.255 IPv6: 2401:4c20::/40 Signature Algorithm: sha256WithRSAEncryption 33:92:be:e8:ad:cc:07:18:5b:8a:f2:08:fa:e1:36:d9:51:0f: 7e:bb:b0:7c:ff:db:c7:91:1b:e7:be:1d:fe:3f:d3:ef:d3:64: a4:af:0c:f4:d0:96:62:de:e5:11:63:3a:fe:5a:3e:15:08:d1: 14:e0:1a:45:16:a4:3f:5b:33:a5:c0:53:0d:b2:ae:69:35:3d: aa:ac:21:53:c0:af:7b:02:25:a7:f6:80:a4:de:51:cf:34:b8: 57:26:22:ac:9a:2f:a2:e1:8e:6b:81:4c:da:dd:6c:e0:48:48: 47:65:57:76:be:83:5c:c2:1d:0c:2d:48:35:c9:18:9a:16:0a: 72:7c:0c:18:66:60:bb:34:2f:c8:95:d1:93:3d:ee:f8:38:47: 7d:24:82:e8:1c:cd:85:03:88:36:a8:f2:7b:84:ed:99:c8:6a: 65:f6:9e:9a:68:a8:cf:8c:4d:f0:c6:8a:95:f8:19:eb:18:b8: 64:b1:48:dd:61:27:2d:4a:7f:2a:15:24:59:54:aa:f4:25:0a: 24:f1:95:c2:c5:cb:73:97:28:fc:f3:b6:42:86:5a:ca:1f:aa: 79:c7:f4:61:d8:21:eb:b3:e1:0f:eb:a5:28:dc:b3:7f:fb:a0: 39:a7:52:db:37:d3:bc:79:f7:44:c6:3c:39:09:29:de:86:82: bb:68:6b:17 -----BEGIN CERTIFICATE----- MIIFhzCCBG+gAwIBAgIBdjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE3 QjUyMDExMC8GA1UEBRMoNTQyQjk0RDg2MjVDRjcxMTk2NEZEMTM3NDEyOTVEMjdB RDdBOTAwNDAeFw0yMzExMjMwODQ0MDdaFw0yNDA3MzAwMDAwMDBaMBgxFjAUBgNV BAMTDTY1NWYxMGQ3LWFjZWUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDl0XahCl1oAwEhDbcJX9ZBdYMRyVnkh3URJ6AEICiFoH1TYrx3ZzGhme7vSVgA cJK2+HZysy64BYl6yzDiTs8MILYJcHFwCDGbHZt8YalWrmRZ64xBxqL0eBTMAKc/ TRmJnPicw6GFxLt02VHt8XE9UWm+L070n5DAbFR6+6jBQMM4Aid6JyPQipeELUnZ TezMYu4bKPOWy0ZoDC/BubUc1AJ6QFdsIA6qbvSu4GWw6LUbykEBEtHJonX7FW9y 7BS59o1BhsvTAHqkhIvPdWq1Ww18uhgsrAnnksiS6hWKkgVVarSEg58+6ou3M9WN JBSqrg69s9TYVvSSw/IAfm5PAgMBAAGjggKsMIICqDAdBgNVHQ4EFgQUkb3ay1sP M96a3G6O+MeC216lOwcwHwYDVR0jBBgwFoAUVCuU2GJc9xGWT9E3QSldJ616kAQw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTdCNTIwLzE2MUQ0QzBBRTRD QTExRURBNDE0RTI1OUM0RjlBRTAyL1ZDdVUyR0pjOXhHV1Q5RTNRU2xkSjYxNmtB US5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvVkN1VTJHSmM5eEdXVDlFM1FTbGRKNjE2a0FRLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 QjUyMC8xNjFENEMwQUU0Q0ExMUVEQTQxNEUyNTlDNEY5QUUwMi83NjZBMzQ0NDg5 REMxMUVFQTVGNTA3ODJDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDA2BggrBgEFBQcBBwEB/wQn MCUwEwQCAAEwDTALAwMAZS8DBAVlL0AwDgQCAAIwCAMGACQBTCAAMA0GCSqGSIb3 DQEBCwUAA4IBAQAzkr7orcwHGFuK8gj64TbZUQ9+u7B8/9vHkRvnvh3+P9Pv02Sk rwz00JZi3uURYzr+Wj4VCNEU4BpFFqQ/WzOlwFMNsq5pNT2qrCFTwK97AiWn9oCk 3lHPNLhXJiKsmi+i4Y5rgUza3WzgSEhHZVd2voNcwh0MLUg1yRiaFgpyfAwYZmC7 NC/IldGTPe74OEd9JILoHM2FA4g2qPJ7hO2ZyGpl9p6aaKjPjE3wxoqV+BnrGLhk sUjdYSctSn8qFSRZVKr0JQok8ZXCxctzlyj887ZChlrKH6p5x/Rh2CHrs+EP66Uo 3LN/+6A5p1LbN9O8efdExjw5CSnehoK7aGsX -----END CERTIFICATE-----Generated at Fri May 17 08:13:51 2024 by rpki-client on console-fra.rpki-client.org