$ rpki-client -vvf rpki.apnic.net/member_repository/A917BB51/25ACF5C0C4B811EEBD71C446C4F9AE02/A9C5C1CAC4B811EE8A03D547C4F9AE02.roa File: A9C5C1CAC4B811EE8A03D547C4F9AE02.roa (raw, json) Hash identifier: aHzpUCZxvitp6ra+qOqDl8Tj2DHYKM5Yv+ZqnbUASaQ= Subject key identifier: 8D:8E:89:BA:CF:B0:9D:1B:1C:8F:02:90:D0:5E:7A:78:65:0A:C7:E8 Certificate issuer: /CN=A917BB51/serialNumber=3EA4347D2D9FD6EB6A01B44E5571F88B08ACC25B Certificate serial: 0B Authority key identifier: 3E:A4:34:7D:2D:9F:D6:EB:6A:01:B4:4E:55:71:F8:8B:08:AC:C2:5B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PqQ0fS2f1utqAbROVXH4iwiswls.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917BB51/25ACF5C0C4B811EEBD71C446C4F9AE02/A9C5C1CAC4B811EE8A03D547C4F9AE02.roa Signing time: Tue 06 Feb 2024 07:34:30 +0000 ROA not before: Tue 06 Feb 2024 07:34:30 +0000 ROA not after: Mon 30 Sep 2024 00:00:00 +0000 asID: 134375 IP address blocks: 43.230.64.0/22 maxlen: 24 45.122.120.0/22 maxlen: 24 103.62.236.0/22 maxlen: 24 103.77.0.0/22 maxlen: 22 103.77.0.0/23 maxlen: 23 103.77.0.0/24 maxlen: 24 103.77.1.0/24 maxlen: 24 103.77.2.0/23 maxlen: 23 103.77.2.0/24 maxlen: 24 103.77.3.0/24 maxlen: 24 103.251.140.0/22 maxlen: 24 116.206.156.0/22 maxlen: 24 203.189.252.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917BB51/25ACF5C0C4B811EEBD71C446C4F9AE02/PqQ0fS2f1utqAbROVXH4iwiswls.crl rsync://rpki.apnic.net/member_repository/A917BB51/25ACF5C0C4B811EEBD71C446C4F9AE02/PqQ0fS2f1utqAbROVXH4iwiswls.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PqQ0fS2f1utqAbROVXH4iwiswls.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 08 Jun 2024 08:57:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 11 (0xb) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917BB51/serialNumber=3EA4347D2D9FD6EB6A01B44E5571F88B08ACC25B Validity Not Before: Feb 6 07:34:30 2024 GMT Not After : Sep 30 00:00:00 2024 GMT Subject: CN=65c1e105-0e36 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:ee:a0:94:24:d9:49:2f:a6:31:23:74:91:d3: 58:d4:c9:3c:ae:94:c9:55:af:21:df:58:fb:12:31: 1e:d0:26:30:26:4c:26:bd:4d:65:93:5b:18:7d:72: db:96:eb:7d:52:db:38:da:76:6e:62:0f:15:bc:84: 79:9a:c0:45:06:00:4f:0f:c4:f2:9c:a0:ee:af:ca: 2e:e4:f3:f9:b6:a1:ce:f9:e9:29:b6:40:4f:77:4a: 44:9c:fd:5b:a6:7e:ed:1c:5b:02:be:51:5e:f2:50: 03:0e:a1:cd:0b:92:1e:cb:4b:35:9d:52:0d:f4:ed: 1c:9d:ed:4e:0e:72:37:30:d7:a0:2f:d5:5b:3a:cd: 59:b2:58:a3:e0:6f:ca:35:c3:8a:2f:34:48:1d:c8: 45:fd:99:69:ed:03:6e:81:36:6c:ed:48:d5:36:74: 1f:5f:6b:92:03:51:bc:64:57:6f:06:04:39:c8:00: 4d:fb:49:39:33:f0:a7:1f:87:82:8a:44:77:20:1d: d0:df:ac:d5:83:90:d9:7d:96:ff:7c:f0:ca:c9:a4: 44:21:7f:4d:a0:e2:a6:55:5d:73:5c:7f:aa:08:d2: f8:3c:86:fe:5a:be:11:3d:91:d0:ce:48:9c:e3:68: 4e:55:bd:6e:b7:85:68:36:8f:13:ce:d9:f9:b8:11: 54:a7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8D:8E:89:BA:CF:B0:9D:1B:1C:8F:02:90:D0:5E:7A:78:65:0A:C7:E8 X509v3 Authority Key Identifier: keyid:3E:A4:34:7D:2D:9F:D6:EB:6A:01:B4:4E:55:71:F8:8B:08:AC:C2:5B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917BB51/25ACF5C0C4B811EEBD71C446C4F9AE02/PqQ0fS2f1utqAbROVXH4iwiswls.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PqQ0fS2f1utqAbROVXH4iwiswls.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917BB51/25ACF5C0C4B811EEBD71C446C4F9AE02/A9C5C1CAC4B811EE8A03D547C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.230.64.0/22 45.122.120.0/22 103.62.236.0/22 103.77.0.0/22 103.251.140.0/22 116.206.156.0/22 203.189.252.0/22 Signature Algorithm: sha256WithRSAEncryption b1:47:85:90:ac:0b:f6:3d:50:0a:45:8f:9e:f0:a7:a7:5e:fd: ec:88:60:7d:e6:da:a2:3a:6d:87:d9:e0:fc:ef:33:26:4d:fa: 4b:6d:7a:7d:73:67:bc:9d:ed:e1:6f:4d:2b:3a:9f:ce:dd:eb: 5e:bb:ca:51:7a:e0:99:ee:e6:7f:61:c8:72:3c:51:47:6a:3e: 43:fc:55:89:52:20:1a:a5:02:9e:d4:c5:71:10:fd:da:f7:86: ba:34:b6:0d:b8:8c:48:6e:0f:7c:d0:60:12:8e:27:83:c1:0f: d4:32:c7:27:29:88:24:35:a6:92:db:3f:6b:d2:28:5c:41:77: 6e:78:5d:38:1d:e7:25:e6:04:f0:5c:99:0e:5a:fe:84:9c:dc: 89:f6:9f:e9:63:df:e6:1b:f9:a9:ee:34:c4:83:e0:8b:bd:cd: b9:bf:49:ed:58:99:00:93:f6:30:fd:d6:f6:8b:99:09:39:df: 5a:6c:69:8f:95:0c:54:fa:c2:7b:77:da:f6:b9:84:f6:af:19: b8:ad:7c:64:05:fb:3a:c0:87:54:96:fa:b3:85:31:34:bf:ee: 05:6f:6a:b3:77:38:d1:3c:8e:25:22:97:c2:fb:d7:2d:ed:bb: aa:9e:a0:7d:50:55:24:50:02:26:9c:c0:5b:d9:c6:65:3f:a7: ce:51:08:d4 -----BEGIN CERTIFICATE----- MIIFlDCCBHygAwIBAgIBCzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE3 QkI1MTExMC8GA1UEBRMoM0VBNDM0N0QyRDlGRDZFQjZBMDFCNDRFNTU3MUY4OEIw OEFDQzI1QjAeFw0yNDAyMDYwNzM0MzBaFw0yNDA5MzAwMDAwMDBaMBgxFjAUBgNV BAMTDTY1YzFlMTA1LTBlMzYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCj7qCUJNlJL6YxI3SR01jUyTyulMlVryHfWPsSMR7QJjAmTCa9TWWTWxh9ctuW 631S2zjadm5iDxW8hHmawEUGAE8PxPKcoO6vyi7k8/m2oc756Sm2QE93SkSc/Vum fu0cWwK+UV7yUAMOoc0Lkh7LSzWdUg307Ryd7U4Ocjcw16Av1Vs6zVmyWKPgb8o1 w4ovNEgdyEX9mWntA26BNmztSNU2dB9fa5IDUbxkV28GBDnIAE37STkz8Kcfh4KK RHcgHdDfrNWDkNl9lv988MrJpEQhf02g4qZVXXNcf6oI0vg8hv5avhE9kdDOSJzj aE5VvW63hWg2jxPO2fm4EVSnAgMBAAGjggK5MIICtTAdBgNVHQ4EFgQUjY6Jus+w nRscjwKQ0F56eGUKx+gwHwYDVR0jBBgwFoAUPqQ0fS2f1utqAbROVXH4iwiswlsw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTdCQjUxLzI1QUNGNUMwQzRC ODExRUVCRDcxQzQ0NkM0RjlBRTAyL1BxUTBmUzJmMXV0cUFiUk9WWEg0aXdpc3ds cy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvUHFRMGZTMmYxdXRxQWJST1ZYSDRpd2lzd2xzLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 QkI1MS8yNUFDRjVDMEM0QjgxMUVFQkQ3MUM0NDZDNEY5QUUwMi9BOUM1QzFDQUM0 QjgxMUVFOEEwM0Q1NDdDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDBDBggrBgEFBQcBBwEB/wQ0 MDIwMAQCAAEwKgMEAivmQAMEAi16eAMEAmc+7AMEAmdNAAMEAmf7jAMEAnTOnAME Asu9/DANBgkqhkiG9w0BAQsFAAOCAQEAsUeFkKwL9j1QCkWPnvCnp1797Ihgfeba ojpth9ng/O8zJk36S216fXNnvJ3t4W9NKzqfzt3rXrvKUXrgme7mf2HIcjxRR2o+ Q/xViVIgGqUCntTFcRD92veGujS2DbiMSG4PfNBgEo4ng8EP1DLHJymIJDWmkts/ a9IoXEF3bnhdOB3nJeYE8FyZDlr+hJzcifaf6WPf5hv5qe40xIPgi73Nub9J7ViZ AJP2MP3W9ouZCTnfWmxpj5UMVPrCe3fa9rmE9q8ZuK18ZAX7OsCHVJb6s4UxNL/u BW9qs3c40TyOJSKXwvvXLe27qp6gfVBVJFACJpzAW9nGZT+nzlEI1A== -----END CERTIFICATE-----Generated at Sat Jun 1 11:47:18 2024 by rpki-client on console-ams.rpki-client.org