$ rpki-client -vvf rpki.apnic.net/member_repository/A918919A/0490909A431B11EAB019772CC4F9AE02/1629BA5A414311EE8E969116C4F9AE02.roa File: 1629BA5A414311EE8E969116C4F9AE02.roa (raw, json) Hash identifier: 9ledy2dve/mr+pwVipRe4cF3icBu7oY4zySNaCiPWEQ= Subject key identifier: A0:36:57:17:66:20:4E:C2:F0:D7:01:38:D5:64:19:55:23:4B:D3:DB Certificate issuer: /CN=A918919A/serialNumber=2E5BCBC661AFF1FED58B0FF4B583DCF5EC1A374A Certificate serial: 09F2 Authority key identifier: 2E:5B:CB:C6:61:AF:F1:FE:D5:8B:0F:F4:B5:83:DC:F5:EC:1A:37:4A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LlvLxmGv8f7Viw_0tYPc9ewaN0o.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918919A/0490909A431B11EAB019772CC4F9AE02/1629BA5A414311EE8E969116C4F9AE02.roa Signing time: Tue 22 Aug 2023 23:24:49 +0000 ROA not before: Tue 22 Aug 2023 23:24:49 +0000 ROA not after: Mon 01 Jul 2024 00:00:00 +0000 asID: 17918 IP address blocks: 117.53.160.0/20 maxlen: 24 119.77.0.0/18 maxlen: 24 202.44.98.0/23 maxlen: 24 202.129.128.0/19 maxlen: 24 203.22.104.0/23 maxlen: 24 2404:8600::/32 maxlen: 37 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918919A/0490909A431B11EAB019772CC4F9AE02/LlvLxmGv8f7Viw_0tYPc9ewaN0o.crl rsync://rpki.apnic.net/member_repository/A918919A/0490909A431B11EAB019772CC4F9AE02/LlvLxmGv8f7Viw_0tYPc9ewaN0o.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LlvLxmGv8f7Viw_0tYPc9ewaN0o.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 11 May 2024 19:44:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2546 (0x9f2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918919A/serialNumber=2E5BCBC661AFF1FED58B0FF4B583DCF5EC1A374A Validity Not Before: Aug 22 23:24:49 2023 GMT Not After : Jul 1 00:00:00 2024 GMT Subject: CN=64e543c0-b7d6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:65:33:2a:54:66:36:5d:05:62:46:2b:8f:0f: aa:36:f6:b8:ec:c5:4e:f6:95:cb:e1:b5:f4:3a:08: 2f:05:56:bb:6b:a7:f4:9f:54:9e:6b:ab:02:94:a8: 09:81:ed:f6:c8:c0:48:6e:b9:6a:3f:a9:6a:df:f0: 14:be:86:89:87:9c:56:df:df:ef:9c:47:f2:5a:2b: c1:69:56:53:30:df:c3:6b:cb:9f:79:65:28:4c:c4: 5b:75:d4:b6:73:75:f2:be:0c:cf:fa:81:a9:de:eb: 39:22:61:1c:ba:f6:3d:da:b6:ed:ab:b5:f8:1f:7f: 84:fb:a7:dc:78:74:cf:32:41:c1:26:0b:83:0f:c6: 25:4a:b4:15:37:dd:a0:f8:7d:3d:6a:4b:b5:57:60: 31:4d:52:e4:23:9a:7b:49:1c:89:59:99:70:f8:8f: de:59:b7:f0:58:a2:92:53:26:de:77:95:d8:a6:ac: 99:f5:ab:f6:4c:54:8b:b3:f4:50:15:79:14:9c:75: 6e:41:91:78:7d:93:cb:13:72:e1:ea:2b:f8:11:c4: 15:52:90:42:8c:3a:5c:47:52:7c:ed:95:0c:ea:85: d8:af:10:b8:dd:8f:80:63:73:19:0c:cd:67:bc:6d: f0:02:c8:78:3a:f1:4b:06:1b:9d:18:8e:4b:cd:6d: 05:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A0:36:57:17:66:20:4E:C2:F0:D7:01:38:D5:64:19:55:23:4B:D3:DB X509v3 Authority Key Identifier: keyid:2E:5B:CB:C6:61:AF:F1:FE:D5:8B:0F:F4:B5:83:DC:F5:EC:1A:37:4A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918919A/0490909A431B11EAB019772CC4F9AE02/LlvLxmGv8f7Viw_0tYPc9ewaN0o.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LlvLxmGv8f7Viw_0tYPc9ewaN0o.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918919A/0490909A431B11EAB019772CC4F9AE02/1629BA5A414311EE8E969116C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 117.53.160.0/20 119.77.0.0/18 202.44.98.0/23 202.129.128.0/19 203.22.104.0/23 IPv6: 2404:8600::/32 Signature Algorithm: sha256WithRSAEncryption 20:6b:67:f7:97:fb:24:47:be:4f:fd:5b:56:61:0a:e2:8d:51: 10:9f:bf:e8:3f:ba:e1:fd:56:04:ca:1c:f8:37:bf:c7:5e:d2: be:91:b4:16:41:bb:e8:1d:cd:98:a4:9e:19:1e:27:dc:12:7a: 6b:e3:60:78:c9:e3:5f:4c:96:ab:f9:43:32:b1:04:6b:e0:43: cd:99:16:00:bc:88:3a:ea:23:13:fb:45:3c:91:de:c2:85:24: 8b:d9:22:0b:75:92:cc:df:1b:73:d6:c2:0d:76:a0:54:9d:73: 1d:f9:38:d5:9b:fe:52:e7:e4:a7:ba:20:f0:d0:2d:d0:14:e7: 02:3f:03:eb:95:dc:ef:6d:78:2d:50:2d:f5:3a:73:45:1c:3e: 8e:a8:ca:8a:00:52:69:ab:e3:e1:fe:40:3b:bf:85:5e:a6:0e: 16:a9:bb:a6:96:66:58:22:88:94:c6:93:95:86:92:07:a4:05: 91:1d:ee:b1:7d:00:08:15:5d:74:9b:cc:a4:1b:90:c7:b7:c8: 00:7b:06:5a:35:e6:4d:1d:8e:82:ea:ca:58:df:93:a6:36:0f: 16:44:3c:f4:4e:d3:2f:e6:f3:50:eb:21:ad:4c:d7:eb:69:8f: 1c:97:38:13:64:58:76:5a:88:ea:8f:ca:ef:5e:21:37:43:d0: f5:83:39:00 -----BEGIN CERTIFICATE----- MIIFmDCCBICgAwIBAgICCfIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx ODkxOUExMTAvBgNVBAUTKDJFNUJDQkM2NjFBRkYxRkVENThCMEZGNEI1ODNEQ0Y1 RUMxQTM3NEEwHhcNMjMwODIyMjMyNDQ5WhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD VQQDEw02NGU1NDNjMC1iN2Q2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAoGUzKlRmNl0FYkYrjw+qNva47MVO9pXL4bX0OggvBVa7a6f0n1Sea6sClKgJ ge32yMBIbrlqP6lq3/AUvoaJh5xW39/vnEfyWivBaVZTMN/Da8ufeWUoTMRbddS2 c3XyvgzP+oGp3us5ImEcuvY92rbtq7X4H3+E+6fceHTPMkHBJguDD8YlSrQVN92g +H09aku1V2AxTVLkI5p7SRyJWZlw+I/eWbfwWKKSUybed5XYpqyZ9av2TFSLs/RQ FXkUnHVuQZF4fZPLE3Lh6iv4EcQVUpBCjDpcR1J87ZUM6oXYrxC43Y+AY3MZDM1n vG3wAsh4OvFLBhudGI5LzW0F2QIDAQABo4ICvDCCArgwHQYDVR0OBBYEFKA2Vxdm IE7C8NcBONVkGVUjS9PbMB8GA1UdIwQYMBaAFC5by8Zhr/H+1YsP9LWD3PXsGjdK MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4OTE5QS8wNDkwOTA5QTQz MUIxMUVBQjAxOTc3MkNDNEY5QUUwMi9MbHZMeG1HdjhmN1Zpd18wdFlQYzlld2FO MG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0xsdkx4bUd2OGY3Vml3XzB0WVBjOWV3YU4wby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx ODkxOUEvMDQ5MDkwOUE0MzFCMTFFQUIwMTk3NzJDQzRGOUFFMDIvMTYyOUJBNUE0 MTQzMTFFRThFOTY5MTE2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwRgYIKwYBBQUHAQcBAf8E NzA1MCQEAgABMB4DBAR1NaADBAZ3TQADBAHKLGIDBAXKgYADBAHLFmgwDQQCAAIw BwMFACQEhgAwDQYJKoZIhvcNAQELBQADggEBACBrZ/eX+yRHvk/9W1ZhCuKNURCf v+g/uuH9VgTKHPg3v8de0r6RtBZBu+gdzZiknhkeJ9wSemvjYHjJ419Mlqv5QzKx BGvgQ82ZFgC8iDrqIxP7RTyR3sKFJIvZIgt1kszfG3PWwg12oFSdcx35ONWb/lLn 5Ke6IPDQLdAU5wI/A+uV3O9teC1QLfU6c0UcPo6oyooAUmmr4+H+QDu/hV6mDhap u6aWZlgiiJTGk5WGkgekBZEd7rF9AAgVXXSbzKQbkMe3yAB7Blo15k0djoLqyljf k6Y2DxZEPPRO0y/m81DrIa1M1+tpjxyXOBNkWHZaiOqPyu9eITdD0PWDOQA= -----END CERTIFICATE-----Generated at Sat May 4 21:19:29 2024 by rpki-client on console-ams.rpki-client.org