$ rpki-client -vvf rpki.apnic.net/member_repository/A91975CC/1EA343E2AFE311ECA2CB066DC4F9AE02/1CF68346F0BF11EEA1A0B559C4F9AE02.roa File: 1CF68346F0BF11EEA1A0B559C4F9AE02.roa (raw, json) Hash identifier: q7k8vtsnev9F7+Ho8/fd8jCEWJOMIVwqbf9Kh6+nprs= Subject key identifier: 25:AB:87:66:83:9C:77:6B:AD:81:DD:BB:C3:0F:D3:26:99:90:3C:5E Certificate issuer: /CN=A91975CC/serialNumber=0BAC42986E9ABDB7CEE2CDFB2A9FE8D6D02AAB5C Certificate serial: 02A9 Authority key identifier: 0B:AC:42:98:6E:9A:BD:B7:CE:E2:CD:FB:2A:9F:E8:D6:D0:2A:AB:5C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/C6xCmG6avbfO4s37Kp_o1tAqq1w.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91975CC/1EA343E2AFE311ECA2CB066DC4F9AE02/1CF68346F0BF11EEA1A0B559C4F9AE02.roa Signing time: Tue 02 Apr 2024 07:05:24 +0000 ROA not before: Tue 02 Apr 2024 07:05:24 +0000 ROA not after: Mon 31 Mar 2025 00:00:00 +0000 asID: 134697 IP address blocks: 45.248.48.0/22 maxlen: 24 103.205.28.0/23 maxlen: 24 103.214.220.0/22 maxlen: 24 103.216.190.0/23 maxlen: 24 203.12.0.0/23 maxlen: 24 203.12.2.0/23 maxlen: 24 203.12.4.0/23 maxlen: 24 203.12.6.0/23 maxlen: 23 203.12.6.0/24 maxlen: 24 203.12.7.0/24 maxlen: 24 203.12.8.0/23 maxlen: 24 203.12.10.0/23 maxlen: 24 203.12.12.0/23 maxlen: 24 203.12.14.0/23 maxlen: 24 2404:e80::/32 maxlen: 36 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91975CC/1EA343E2AFE311ECA2CB066DC4F9AE02/C6xCmG6avbfO4s37Kp_o1tAqq1w.crl rsync://rpki.apnic.net/member_repository/A91975CC/1EA343E2AFE311ECA2CB066DC4F9AE02/C6xCmG6avbfO4s37Kp_o1tAqq1w.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/C6xCmG6avbfO4s37Kp_o1tAqq1w.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 08 Jun 2024 04:42:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 681 (0x2a9) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91975CC/serialNumber=0BAC42986E9ABDB7CEE2CDFB2A9FE8D6D02AAB5C Validity Not Before: Apr 2 07:05:24 2024 GMT Not After : Mar 31 00:00:00 2025 GMT Subject: CN=660bae33-7a38 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:ca:a0:02:64:07:03:9b:58:76:b8:09:52:ac: a9:52:90:09:02:66:16:e9:00:13:17:88:ca:4e:b6: e7:02:0f:3b:c5:4a:a5:4a:9f:93:7d:f1:2a:b3:33: 7e:6d:c4:0f:9e:a5:06:af:f6:55:e2:fa:8a:71:d0: 2f:41:aa:aa:61:d7:6c:a0:d8:53:d4:d4:ac:05:6a: da:39:3f:7f:6b:d0:7c:6c:6e:ca:c7:72:93:9a:1e: 81:ed:e7:a5:6c:93:f0:92:4b:4a:f7:08:c9:2d:11: 97:2c:6e:a4:58:aa:42:55:c7:33:87:d8:c1:80:66: 06:5a:53:dc:9c:2e:f3:3c:8e:97:50:c6:33:03:17: 4d:6d:41:22:99:8f:9f:b4:5f:92:75:6b:a5:38:7f: 68:82:c3:d8:2c:ab:2a:29:3e:61:71:7b:34:d7:52: b1:00:29:93:5a:c0:7d:54:de:86:23:17:7a:53:4e: 29:0a:f2:e4:6a:6f:5b:17:0e:55:6c:cd:ca:8c:48: ac:8b:a1:3a:4a:c8:64:5b:d9:6b:9f:fe:fd:8f:df: a9:72:ee:89:d8:2c:df:5d:63:49:e7:da:64:91:bd: 92:34:00:c9:0c:32:24:9f:f4:de:ba:d3:74:b6:20: 24:20:13:ca:50:28:e8:5f:68:f2:5d:e7:81:a6:2b: 7f:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 25:AB:87:66:83:9C:77:6B:AD:81:DD:BB:C3:0F:D3:26:99:90:3C:5E X509v3 Authority Key Identifier: keyid:0B:AC:42:98:6E:9A:BD:B7:CE:E2:CD:FB:2A:9F:E8:D6:D0:2A:AB:5C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91975CC/1EA343E2AFE311ECA2CB066DC4F9AE02/C6xCmG6avbfO4s37Kp_o1tAqq1w.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/C6xCmG6avbfO4s37Kp_o1tAqq1w.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91975CC/1EA343E2AFE311ECA2CB066DC4F9AE02/1CF68346F0BF11EEA1A0B559C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 45.248.48.0/22 103.205.28.0/23 103.214.220.0/22 103.216.190.0/23 203.12.0.0/20 IPv6: 2404:e80::/32 Signature Algorithm: sha256WithRSAEncryption 2c:6b:2e:33:a4:b5:11:ea:a3:ad:e2:01:a4:06:93:f5:5b:bf: b1:95:f6:27:3e:32:33:87:b2:d4:1d:96:fb:3a:6d:4a:35:8e: de:ac:c2:e7:1b:ca:82:ab:e3:f7:7a:fc:77:8e:9f:2a:c7:95: 94:37:b1:36:20:89:7f:0a:79:1e:c6:57:90:33:d8:1c:71:c0: 58:ce:00:d7:9d:45:d6:41:76:14:49:77:6c:35:28:00:40:78: df:70:24:58:f0:2d:8e:61:be:0f:fb:10:7b:1e:e7:73:f0:5d: d6:f5:f7:1a:fa:db:92:5a:d4:7a:33:5e:60:1a:1b:84:f8:41: 2d:5f:c6:a8:d8:48:ba:f6:eb:49:fe:f7:63:5f:24:f0:29:dd: 40:45:99:3e:7c:ef:61:07:84:b8:02:8b:3d:0e:bd:41:84:2c: 3f:2c:67:27:1d:6a:ae:92:63:1a:2a:13:a6:31:ec:ae:95:90: 65:1d:0e:4f:b7:61:8d:4e:28:e2:1c:40:3a:ae:80:d9:11:32: 1d:59:44:51:ce:b1:fb:b6:ea:f1:10:78:ad:cd:36:ed:db:0d: 51:14:d3:b6:52:4e:9e:12:56:15:f8:db:fa:82:c1:00:23:f9: b8:ed:6d:dd:e4:79:bb:f9:ec:cf:b6:11:ce:35:f9:ae:f3:58: 92:a1:48:0e -----BEGIN CERTIFICATE----- MIIFmDCCBICgAwIBAgICAqkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OTc1Q0MxMTAvBgNVBAUTKDBCQUM0Mjk4NkU5QUJEQjdDRUUyQ0RGQjJBOUZFOEQ2 RDAyQUFCNUMwHhcNMjQwNDAyMDcwNTI0WhcNMjUwMzMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NjBiYWUzMy03YTM4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvsqgAmQHA5tYdrgJUqypUpAJAmYW6QATF4jKTrbnAg87xUqlSp+TffEqszN+ bcQPnqUGr/ZV4vqKcdAvQaqqYddsoNhT1NSsBWraOT9/a9B8bG7Kx3KTmh6B7eel bJPwkktK9wjJLRGXLG6kWKpCVcczh9jBgGYGWlPcnC7zPI6XUMYzAxdNbUEimY+f tF+SdWulOH9ogsPYLKsqKT5hcXs011KxACmTWsB9VN6GIxd6U04pCvLkam9bFw5V bM3KjEisi6E6SshkW9lrn/79j9+pcu6J2CzfXWNJ59pkkb2SNADJDDIkn/TeutN0 tiAkIBPKUCjoX2jyXeeBpit/RQIDAQABo4ICvDCCArgwHQYDVR0OBBYEFCWrh2aD nHdrrYHdu8MP0yaZkDxeMB8GA1UdIwQYMBaAFAusQphumr23zuLN+yqf6NbQKqtc MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5NzVDQy8xRUEzNDNFMkFG RTMxMUVDQTJDQjA2NkRDNEY5QUUwMi9DNnhDbUc2YXZiZk80czM3S3BfbzF0QXFx MXcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0M2eENtRzZhdmJmTzRzMzdLcF9vMXRBcXExdy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx OTc1Q0MvMUVBMzQzRTJBRkUzMTFFQ0EyQ0IwNjZEQzRGOUFFMDIvMUNGNjgzNDZG MEJGMTFFRUExQTBCNTU5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwRgYIKwYBBQUHAQcBAf8E NzA1MCQEAgABMB4DBAIt+DADBAFnzRwDBAJn1twDBAFn2L4DBATLDAAwDQQCAAIw BwMFACQEDoAwDQYJKoZIhvcNAQELBQADggEBACxrLjOktRHqo63iAaQGk/Vbv7GV 9ic+MjOHstQdlvs6bUo1jt6swucbyoKr4/d6/HeOnyrHlZQ3sTYgiX8KeR7GV5Az 2BxxwFjOANedRdZBdhRJd2w1KABAeN9wJFjwLY5hvg/7EHse53PwXdb19xr625Ja 1HozXmAaG4T4QS1fxqjYSLr260n+92NfJPAp3UBFmT5872EHhLgCiz0OvUGELD8s Zycdaq6SYxoqE6Yx7K6VkGUdDk+3YY1OKOIcQDqugNkRMh1ZRFHOsfu26vEQeK3N Nu3bDVEU07ZSTp4SVhX42/qCwQAj+bjtbd3kebv57M+2Ec41+a7zWJKhSA4= -----END CERTIFICATE-----Generated at Sat Jun 1 05:48:43 2024 by rpki-client on console-fra.rpki-client.org