$ rpki-client -vvf rpki.apnic.net/member_repository/A918F20B/19E4DBF6960F11EC890A446DC4F9AE02/FC5AFF000BE011ED9E3AA135C4F9AE02.roa File: FC5AFF000BE011ED9E3AA135C4F9AE02.roa (raw, json) Hash identifier: Y95Ni0g3l7/8tisSt7S1J1Br0BC1KHqfH6u9RqUysuw= Subject key identifier: 21:C0:5A:E6:E4:1C:95:1D:2D:45:94:B5:51:66:48:BE:A6:B3:5B:39 Certificate issuer: /CN=A918F20B/serialNumber=7703A6D56C718021BD9C89EB3C4BED817ED56AE5 Certificate serial: 026E Authority key identifier: 77:03:A6:D5:6C:71:80:21:BD:9C:89:EB:3C:4B:ED:81:7E:D5:6A:E5 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dwOm1WxxgCG9nInrPEvtgX7VauU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918F20B/19E4DBF6960F11EC890A446DC4F9AE02/FC5AFF000BE011ED9E3AA135C4F9AE02.roa Signing time: Thu 31 Aug 2023 02:33:22 +0000 ROA not before: Thu 31 Aug 2023 02:33:22 +0000 ROA not after: Thu 31 Oct 2024 00:00:00 +0000 asID: 133861 IP address blocks: 43.242.128.0/24 maxlen: 24 43.242.129.0/24 maxlen: 24 43.242.130.0/24 maxlen: 24 43.242.131.0/24 maxlen: 24 103.251.88.0/24 maxlen: 24 103.251.89.0/24 maxlen: 24 103.251.90.0/24 maxlen: 24 103.251.91.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918F20B/19E4DBF6960F11EC890A446DC4F9AE02/dwOm1WxxgCG9nInrPEvtgX7VauU.crl rsync://rpki.apnic.net/member_repository/A918F20B/19E4DBF6960F11EC890A446DC4F9AE02/dwOm1WxxgCG9nInrPEvtgX7VauU.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dwOm1WxxgCG9nInrPEvtgX7VauU.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 May 2024 03:17:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 622 (0x26e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918F20B/serialNumber=7703A6D56C718021BD9C89EB3C4BED817ED56AE5 Validity Not Before: Aug 31 02:33:22 2023 GMT Not After : Oct 31 00:00:00 2024 GMT Subject: CN=64effbf2-88d3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:4f:3d:b2:56:60:fb:ba:68:5f:52:d9:92:36: 37:9b:2b:60:9c:68:fb:57:7a:aa:91:ec:eb:74:9b: e6:1a:3c:8e:26:58:4e:b0:14:22:a1:6e:6a:5a:c8: 0c:16:fd:2f:df:8d:01:0e:93:1c:1e:8a:3b:69:07: 3a:19:2d:6d:eb:a1:3a:fe:90:ac:43:d1:20:45:f3: f2:6d:31:aa:36:29:be:34:01:9f:f0:3f:9d:6e:a4: 44:7a:18:64:04:5e:16:b9:51:92:aa:0f:ae:1f:71: 95:13:33:b5:bb:ec:aa:a2:6d:d0:a6:9b:4d:cc:fe: d8:80:89:82:66:72:9a:9d:02:69:41:20:98:86:ff: 36:18:e8:92:b7:87:fe:c8:87:9c:a3:62:65:68:2a: cb:90:93:23:65:70:93:9c:d4:8f:3e:53:4b:99:4c: 9d:0a:19:65:e9:53:2e:a3:ca:5d:87:df:9c:fc:de: 2d:42:53:74:4e:ed:36:6c:8b:ef:4b:53:e0:88:61: 99:b6:b5:f6:f1:23:58:32:1b:a2:0b:d7:ab:55:4c: f2:c8:da:23:16:ac:5f:d6:bf:3a:92:cd:2c:2d:7b: 66:4c:fa:12:38:dd:20:11:61:cf:bd:33:46:59:1b: 4c:a9:7c:80:90:40:6d:10:92:8f:95:6d:ab:42:6e: 9b:91 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 21:C0:5A:E6:E4:1C:95:1D:2D:45:94:B5:51:66:48:BE:A6:B3:5B:39 X509v3 Authority Key Identifier: keyid:77:03:A6:D5:6C:71:80:21:BD:9C:89:EB:3C:4B:ED:81:7E:D5:6A:E5 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918F20B/19E4DBF6960F11EC890A446DC4F9AE02/dwOm1WxxgCG9nInrPEvtgX7VauU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dwOm1WxxgCG9nInrPEvtgX7VauU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918F20B/19E4DBF6960F11EC890A446DC4F9AE02/FC5AFF000BE011ED9E3AA135C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.242.128.0/22 103.251.88.0/22 Signature Algorithm: sha256WithRSAEncryption af:61:74:8d:b2:23:d1:92:1f:2b:ac:c0:f1:aa:60:de:02:ac: c8:cb:b2:42:87:fe:c7:e7:20:30:fb:3d:59:59:3f:2d:71:8a: 4a:48:99:44:03:37:d5:70:fc:fc:ad:9e:0a:f5:19:38:bb:e3: 14:11:e7:64:32:50:b0:23:60:fa:73:ef:aa:63:dc:d0:f1:f4: ea:32:18:4d:ac:45:b3:dd:af:e6:9f:fb:cc:51:49:b7:e4:df: 42:de:61:ca:a9:25:7f:26:92:e2:ec:28:ea:5e:a6:e7:0b:81: 4f:84:6c:4b:12:be:03:eb:5c:43:51:cb:64:48:61:18:d8:28: 3a:7e:d6:31:bf:4e:a7:09:72:cd:08:ca:31:c2:ce:d9:b8:d1: 5a:b0:b4:0a:23:2e:28:8b:ca:ea:f0:25:97:7b:04:ae:9e:7b: 48:77:41:47:d5:25:4d:19:75:68:44:f5:fc:29:7a:64:93:6a: fc:f9:3d:65:e5:ef:71:ca:26:e3:18:0b:e9:9f:44:e2:30:cf: 9f:a8:f0:f6:76:2b:51:5b:4b:10:09:06:39:ad:f5:f9:03:38: b8:2d:fa:fc:5c:78:d2:2f:1d:e3:bf:9f:e4:af:14:69:15:b8: a8:29:71:56:f1:ac:9b:d5:5b:33:31:40:85:56:27:69:19:81: 29:d0:cf:f7 -----BEGIN CERTIFICATE----- MIIFdzCCBF+gAwIBAgICAm4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OEYyMEIxMTAvBgNVBAUTKDc3MDNBNkQ1NkM3MTgwMjFCRDlDODlFQjNDNEJFRDgx N0VENTZBRTUwHhcNMjMwODMxMDIzMzIyWhcNMjQxMDMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NGVmZmJmMi04OGQzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEArE89slZg+7poX1LZkjY3mytgnGj7V3qqkezrdJvmGjyOJlhOsBQioW5qWsgM Fv0v340BDpMcHoo7aQc6GS1t66E6/pCsQ9EgRfPybTGqNim+NAGf8D+dbqREehhk BF4WuVGSqg+uH3GVEzO1u+yqom3QpptNzP7YgImCZnKanQJpQSCYhv82GOiSt4f+ yIeco2JlaCrLkJMjZXCTnNSPPlNLmUydChll6VMuo8pdh9+c/N4tQlN0Tu02bIvv S1PgiGGZtrX28SNYMhuiC9erVUzyyNojFqxf1r86ks0sLXtmTPoSON0gEWHPvTNG WRtMqXyAkEBtEJKPlW2rQm6bkQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFCHAWubk HJUdLUWUtVFmSL6ms1s5MB8GA1UdIwQYMBaAFHcDptVscYAhvZyJ6zxL7YF+1Wrl MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RjIwQi8xOUU0REJGNjk2 MEYxMUVDODkwQTQ0NkRDNEY5QUUwMi9kd09tMVd4eGdDRzluSW5yUEV2dGdYN1Zh dVUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2R3T20xV3h4Z0NHOW5JbnJQRXZ0Z1g3VmF1VS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx OEYyMEIvMTlFNERCRjY5NjBGMTFFQzg5MEE0NDZEQzRGOUFFMDIvRkM1QUZGMDAw QkUwMTFFRDlFM0FBMTM1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E FjAUMBIEAgABMAwDBAIr8oADBAJn+1gwDQYJKoZIhvcNAQELBQADggEBAK9hdI2y I9GSHyuswPGqYN4CrMjLskKH/sfnIDD7PVlZPy1xikpImUQDN9Vw/Pytngr1GTi7 4xQR52QyULAjYPpz76pj3NDx9OoyGE2sRbPdr+af+8xRSbfk30LeYcqpJX8mkuLs KOpepucLgU+EbEsSvgPrXENRy2RIYRjYKDp+1jG/TqcJcs0IyjHCztm40VqwtAoj LiiLyurwJZd7BK6ee0h3QUfVJU0ZdWhE9fwpemSTavz5PWXl73HKJuMYC+mfROIw z5+o8PZ2K1FbSxAJBjmt9fkDOLgt+vxceNIvHeO/n+SvFGkVuKgpcVbxrJvVWzMx QIVWJ2kZgSnQz/c= -----END CERTIFICATE-----Generated at Mon May 13 04:21:02 2024 by rpki-client on console-ams.rpki-client.org