$ rpki-client -vvf rpki.apnic.net/member_repository/A919B3BC/381244FE8F9B11E6BEC5CB25C4F9AE02/E326ADB0293611EB9DE16C62C4F9AE02.roa File: E326ADB0293611EB9DE16C62C4F9AE02.roa (raw, json) Hash identifier: yso9R2xlBlKlk8GAlPN59e+FH++NnM8uw3XV+dH9NhQ= Subject key identifier: 77:B9:AB:E7:4C:6C:19:20:D7:2E:8B:25:FE:7B:7E:B1:CE:D6:AF:F5 Certificate issuer: /CN=A919B3BC/serialNumber=C4FB91813E7BA099D91E9C48172094B9905C0F11 Certificate serial: 1CD7 Authority key identifier: C4:FB:91:81:3E:7B:A0:99:D9:1E:9C:48:17:20:94:B9:90:5C:0F:11 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xPuRgT57oJnZHpxIFyCUuZBcDxE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A919B3BC/381244FE8F9B11E6BEC5CB25C4F9AE02/E326ADB0293611EB9DE16C62C4F9AE02.roa Signing time: Tue 10 Oct 2023 16:43:21 +0000 ROA not before: Tue 10 Oct 2023 16:43:21 +0000 ROA not after: Mon 30 Dec 2024 00:00:00 +0000 asID: 58424 IP address blocks: 43.255.112.0/22 maxlen: 24 103.5.124.0/22 maxlen: 24 103.206.200.0/22 maxlen: 24 103.227.172.0/22 maxlen: 24 116.214.24.0/21 maxlen: 24 2407:8180::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A919B3BC/381244FE8F9B11E6BEC5CB25C4F9AE02/xPuRgT57oJnZHpxIFyCUuZBcDxE.crl rsync://rpki.apnic.net/member_repository/A919B3BC/381244FE8F9B11E6BEC5CB25C4F9AE02/xPuRgT57oJnZHpxIFyCUuZBcDxE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xPuRgT57oJnZHpxIFyCUuZBcDxE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 29 May 2024 16:33:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7383 (0x1cd7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A919B3BC/serialNumber=C4FB91813E7BA099D91E9C48172094B9905C0F11 Validity Not Before: Oct 10 16:43:21 2023 GMT Not After : Dec 30 00:00:00 2024 GMT Subject: CN=65257f29-1c5a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:45:08:5c:21:58:71:1d:f9:ce:35:b1:33:62: f6:39:0a:27:2b:72:e9:8a:1b:8b:8b:69:5c:ff:2a: 0e:31:83:fa:cc:b0:2e:ea:3e:0f:5d:ce:49:5c:7f: 85:2c:b9:99:18:1d:16:b8:a1:2a:dc:3b:07:3e:6d: 32:96:f3:ac:3e:cb:75:c6:24:84:e4:aa:c9:7c:cf: 72:c6:55:0c:ae:75:25:87:2a:48:a1:29:2e:74:d5: 51:93:1f:f5:c3:e4:52:3a:56:bf:82:a6:a5:72:0e: 75:5a:db:35:1b:28:d9:a9:a4:a7:d0:f8:38:a6:1d: a1:3c:19:21:67:fb:f1:da:bb:d0:73:6c:de:b3:bf: 09:f7:4c:65:54:46:4c:0c:b4:49:e1:ad:c4:a0:6f: a7:a5:44:ac:37:f1:be:f2:f3:f3:4e:7a:2e:9a:7f: 9b:da:30:93:63:84:14:ed:34:db:f7:c8:88:ff:94: 05:02:24:a2:c9:b6:4b:a8:ce:73:1d:19:06:9d:8d: da:2f:dd:35:7d:62:1f:33:ee:73:e0:ca:a3:ec:69: 13:dd:91:aa:33:22:db:83:c5:5b:b5:a3:d1:b9:75: 0a:63:fb:aa:49:30:6c:4c:64:e3:de:c9:a8:97:d8: 3c:b3:e5:9e:51:8d:de:db:7d:38:c4:5e:7e:ca:60: cc:fb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 77:B9:AB:E7:4C:6C:19:20:D7:2E:8B:25:FE:7B:7E:B1:CE:D6:AF:F5 X509v3 Authority Key Identifier: keyid:C4:FB:91:81:3E:7B:A0:99:D9:1E:9C:48:17:20:94:B9:90:5C:0F:11 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A919B3BC/381244FE8F9B11E6BEC5CB25C4F9AE02/xPuRgT57oJnZHpxIFyCUuZBcDxE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xPuRgT57oJnZHpxIFyCUuZBcDxE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919B3BC/381244FE8F9B11E6BEC5CB25C4F9AE02/E326ADB0293611EB9DE16C62C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.255.112.0/22 103.5.124.0/22 103.206.200.0/22 103.227.172.0/22 116.214.24.0/21 IPv6: 2407:8180::/32 Signature Algorithm: sha256WithRSAEncryption 63:c2:63:00:a4:82:eb:a9:49:77:37:10:e6:9d:76:f6:b1:06: 79:ae:26:18:21:29:e6:30:05:b2:31:42:d9:29:7d:b6:00:8c: 4b:08:87:c0:3a:77:1d:5a:eb:ca:47:6c:b6:61:a5:d3:48:28: 53:11:3f:ec:93:92:c0:07:e8:57:0f:e4:72:56:f2:86:7b:e2: 59:a1:31:8c:3c:a3:3c:31:3a:92:88:28:10:13:96:f0:17:63: 15:a0:f0:96:11:a3:be:d5:4c:45:1f:1b:38:7b:81:c5:33:4f: 9a:5b:17:ba:0c:8c:cc:0b:d8:ab:12:5a:b4:f9:c1:ea:c1:8e: b4:81:71:ca:c9:16:30:08:f5:82:98:60:a5:04:e1:db:3d:e4: ba:6b:06:c8:0d:a4:0b:e9:0d:83:4c:68:8e:03:36:8a:8c:d0: 8c:9a:01:de:91:2f:e3:82:cc:f2:57:19:a1:47:33:74:80:0b: 1c:0d:72:1b:3c:cd:51:61:4f:fa:88:98:81:2d:12:ec:79:c9: f0:47:7b:c0:0f:ec:c8:f2:bf:e7:05:02:80:4e:00:c5:db:6e: a8:c1:68:a5:60:dd:20:d5:ee:d9:3c:4d:2d:46:02:93:eb:ea: c5:8f:d1:23:8f:8d:fa:51:1f:a8:51:31:25:13:e1:3a:d6:d7: 2b:25:6c:21 -----BEGIN CERTIFICATE----- MIIFmDCCBICgAwIBAgICHNcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OUIzQkMxMTAvBgNVBAUTKEM0RkI5MTgxM0U3QkEwOTlEOTFFOUM0ODE3MjA5NEI5 OTA1QzBGMTEwHhcNMjMxMDEwMTY0MzIxWhcNMjQxMjMwMDAwMDAwWjAYMRYwFAYD VQQDEw02NTI1N2YyOS0xYzVhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwEUIXCFYcR35zjWxM2L2OQonK3LpihuLi2lc/yoOMYP6zLAu6j4PXc5JXH+F LLmZGB0WuKEq3DsHPm0ylvOsPst1xiSE5KrJfM9yxlUMrnUlhypIoSkudNVRkx/1 w+RSOla/gqalcg51Wts1GyjZqaSn0Pg4ph2hPBkhZ/vx2rvQc2zes78J90xlVEZM DLRJ4a3EoG+npUSsN/G+8vPzTnoumn+b2jCTY4QU7TTb98iI/5QFAiSiybZLqM5z HRkGnY3aL901fWIfM+5z4Mqj7GkT3ZGqMyLbg8VbtaPRuXUKY/uqSTBsTGTj3smo l9g8s+WeUY3e2304xF5+ymDM+wIDAQABo4ICvDCCArgwHQYDVR0OBBYEFHe5q+dM bBkg1y6LJf57frHO1q/1MB8GA1UdIwQYMBaAFMT7kYE+e6CZ2R6cSBcglLmQXA8R MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5QjNCQy8zODEyNDRGRThG OUIxMUU2QkVDNUNCMjVDNEY5QUUwMi94UHVSZ1Q1N29KblpIcHhJRnlDVXVaQmNE eEUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3hQdVJnVDU3b0puWkhweElGeUNVdVpCY0R4RS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx OUIzQkMvMzgxMjQ0RkU4RjlCMTFFNkJFQzVDQjI1QzRGOUFFMDIvRTMyNkFEQjAy OTM2MTFFQjlERTE2QzYyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwRgYIKwYBBQUHAQcBAf8E NzA1MCQEAgABMB4DBAIr/3ADBAJnBXwDBAJnzsgDBAJn46wDBAN01hgwDQQCAAIw BwMFACQHgYAwDQYJKoZIhvcNAQELBQADggEBAGPCYwCkguupSXc3EOaddvaxBnmu JhghKeYwBbIxQtkpfbYAjEsIh8A6dx1a68pHbLZhpdNIKFMRP+yTksAH6FcP5HJW 8oZ74lmhMYw8ozwxOpKIKBATlvAXYxWg8JYRo77VTEUfGzh7gcUzT5pbF7oMjMwL 2KsSWrT5werBjrSBccrJFjAI9YKYYKUE4ds95LprBsgNpAvpDYNMaI4DNoqM0Iya Ad6RL+OCzPJXGaFHM3SACxwNchs8zVFhT/qImIEtEux5yfBHe8AP7Mjyv+cFAoBO AMXbbqjBaKVg3SDV7tk8TS1GApPr6sWP0SOPjfpRH6hRMSUT4TrW1yslbCE= -----END CERTIFICATE-----Generated at Wed May 22 20:09:01 2024 by rpki-client on console-ams.rpki-client.org