$ rpki-client -vvf rpki.apnic.net/member_repository/A91A0432/F5BF699CA4CA11ECAC4E5744C4F9AE02/CC410D6461AC11EEBFE3B41AC4F9AE02.roa File: CC410D6461AC11EEBFE3B41AC4F9AE02.roa (raw, json) Hash identifier: xz7+1DeBQWjckVJvQZKwNZWeGHOnO8ig32UfOfQKRhc= Subject key identifier: 3D:37:D2:FE:07:55:18:26:80:12:82:59:11:2C:93:EE:0D:18:8C:9A Certificate issuer: /CN=A91A0432/serialNumber=91F3DC59CD0FA1D241CB78757D1DAA92C2AC9F60 Certificate serial: 02C6 Authority key identifier: 91:F3:DC:59:CD:0F:A1:D2:41:CB:78:75:7D:1D:AA:92:C2:AC:9F:60 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kfPcWc0PodJBy3h1fR2qksKsn2A.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A0432/F5BF699CA4CA11ECAC4E5744C4F9AE02/CC410D6461AC11EEBFE3B41AC4F9AE02.roa Signing time: Tue 07 May 2024 03:36:27 +0000 ROA not before: Tue 07 May 2024 03:36:27 +0000 ROA not after: Wed 30 Jul 2025 00:00:00 +0000 asID: 140599 IP address blocks: 45.115.224.0/22 maxlen: 22 45.115.224.0/24 maxlen: 24 45.115.225.0/24 maxlen: 24 45.115.226.0/24 maxlen: 24 45.115.227.0/24 maxlen: 24 103.56.4.0/22 maxlen: 22 103.150.220.0/24 maxlen: 24 103.150.221.0/24 maxlen: 24 2001:df3:8e80::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A0432/F5BF699CA4CA11ECAC4E5744C4F9AE02/kfPcWc0PodJBy3h1fR2qksKsn2A.crl rsync://rpki.apnic.net/member_repository/A91A0432/F5BF699CA4CA11ECAC4E5744C4F9AE02/kfPcWc0PodJBy3h1fR2qksKsn2A.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kfPcWc0PodJBy3h1fR2qksKsn2A.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 26 May 2024 02:50:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 710 (0x2c6) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A0432/serialNumber=91F3DC59CD0FA1D241CB78757D1DAA92C2AC9F60 Validity Not Before: May 7 03:36:27 2024 GMT Not After : Jul 30 00:00:00 2025 GMT Subject: CN=6639a1bb-a47b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:8e:df:1b:1c:78:6b:ab:8f:d7:8c:79:35:50: 72:fb:af:95:b2:71:10:f4:c4:62:d6:a7:b3:a4:06: bc:2a:6c:ee:53:49:49:a0:4a:32:2c:ba:bd:00:18: 26:c2:f4:ea:fe:e3:5c:3d:d3:fa:fc:6a:ac:dd:9d: 95:4e:56:ee:93:a5:07:aa:02:7d:15:bc:00:67:02: 6c:80:cf:8b:5f:5a:d7:ad:28:15:47:e1:ef:9a:0c: ff:9b:0a:10:f1:73:7b:3e:8b:79:b4:e4:a1:73:e3: 8e:75:01:88:d3:3e:45:12:2e:b7:4a:62:c2:1e:ae: a1:3d:46:8f:45:28:b0:1c:7f:23:ba:58:8d:8a:bd: 01:b5:73:f6:43:b7:95:c3:59:26:ac:1d:77:a9:e0: e5:15:61:cf:74:9d:ef:71:77:a2:71:52:0e:5b:90: 8c:2b:1b:e5:42:a9:ca:8b:c0:3b:40:ef:cd:f1:29: f6:99:08:d0:f0:56:cc:7a:72:1f:19:62:98:5e:ad: 7a:7f:46:fe:54:9c:09:49:7a:60:27:cf:5d:8b:62: 4e:19:ce:e3:17:43:6d:4a:95:39:2b:fa:71:a4:74: 53:32:aa:3e:85:ca:27:8c:8a:81:97:a0:41:fc:e3: 0c:dd:60:3f:26:ca:8e:a5:45:42:97:4b:89:db:09: fa:bd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3D:37:D2:FE:07:55:18:26:80:12:82:59:11:2C:93:EE:0D:18:8C:9A X509v3 Authority Key Identifier: keyid:91:F3:DC:59:CD:0F:A1:D2:41:CB:78:75:7D:1D:AA:92:C2:AC:9F:60 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A0432/F5BF699CA4CA11ECAC4E5744C4F9AE02/kfPcWc0PodJBy3h1fR2qksKsn2A.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kfPcWc0PodJBy3h1fR2qksKsn2A.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A0432/F5BF699CA4CA11ECAC4E5744C4F9AE02/CC410D6461AC11EEBFE3B41AC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 45.115.224.0/22 103.56.4.0/22 103.150.220.0/23 IPv6: 2001:df3:8e80::/48 Signature Algorithm: sha256WithRSAEncryption 77:2c:a6:08:92:8d:52:92:55:59:c2:a1:b1:82:94:75:ae:31: f6:6f:40:c3:3f:b8:1e:da:9c:2d:a6:8f:9e:f0:d4:8f:c2:58: 0a:4f:5e:be:43:41:71:d8:76:d1:3a:5f:13:a6:11:f6:24:57: 1d:be:31:d6:84:bb:e4:6b:b4:07:91:6f:91:4a:3a:64:62:9b: a5:e5:35:a6:f3:cf:7f:33:fa:ab:14:00:59:90:10:cf:00:46: 25:88:2e:2d:7f:c9:09:a3:91:54:a8:18:0c:10:83:58:a0:39: 1c:f6:b5:16:f5:90:39:bc:ea:04:4d:e9:74:54:f6:b0:21:e4: 7b:ea:83:a7:05:c2:22:2e:cf:18:19:59:e7:4a:7d:07:2b:de: 57:0f:1a:31:f0:1d:43:3f:8b:cd:86:a4:0e:ab:d2:df:68:95: 4b:25:d7:92:5d:b5:5b:a6:a7:90:78:1d:c5:be:b2:62:61:16: b8:3a:bf:ad:e6:5e:a5:f7:1f:b6:87:a1:83:bc:37:78:f2:96: 26:85:c4:b9:7e:1d:cc:62:4f:62:aa:11:44:e9:40:d1:c1:a3: f3:60:06:89:5c:81:aa:54:12:71:28:f5:5a:30:33:91:12:52: 8e:5a:45:65:f2:ca:65:54:95:ce:ce:3f:e6:75:83:da:2e:be: 84:42:c1:f5 -----BEGIN CERTIFICATE----- MIIFjjCCBHagAwIBAgICAsYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTA0MzIxMTAvBgNVBAUTKDkxRjNEQzU5Q0QwRkExRDI0MUNCNzg3NTdEMURBQTky QzJBQzlGNjAwHhcNMjQwNTA3MDMzNjI3WhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD VQQDEw02NjM5YTFiYi1hNDdiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxo7fGxx4a6uP14x5NVBy+6+VsnEQ9MRi1qezpAa8KmzuU0lJoEoyLLq9ABgm wvTq/uNcPdP6/Gqs3Z2VTlbuk6UHqgJ9FbwAZwJsgM+LX1rXrSgVR+Hvmgz/mwoQ 8XN7Pot5tOShc+OOdQGI0z5FEi63SmLCHq6hPUaPRSiwHH8juliNir0BtXP2Q7eV w1kmrB13qeDlFWHPdJ3vcXeicVIOW5CMKxvlQqnKi8A7QO/N8Sn2mQjQ8FbMenIf GWKYXq16f0b+VJwJSXpgJ89di2JOGc7jF0NtSpU5K/pxpHRTMqo+hconjIqBl6BB /OMM3WA/JsqOpUVCl0uJ2wn6vQIDAQABo4ICsjCCAq4wHQYDVR0OBBYEFD030v4H VRgmgBKCWREsk+4NGIyaMB8GA1UdIwQYMBaAFJHz3FnND6HSQct4dX0dqpLCrJ9g MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBMDQzMi9GNUJGNjk5Q0E0 Q0ExMUVDQUM0RTU3NDRDNEY5QUUwMi9rZlBjV2MwUG9kSkJ5M2gxZlIycWtzS3Nu MkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2tmUGNXYzBQb2RKQnkzaDFmUjJxa3NLc24yQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QTA0MzIvRjVCRjY5OUNBNENBMTFFQ0FDNEU1NzQ0QzRGOUFFMDIvQ0M0MTBENjQ2 MUFDMTFFRUJGRTNCNDFBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwPAYIKwYBBQUHAQcBAf8E LTArMBgEAgABMBIDBAItc+ADBAJnOAQDBAFnltwwDwQCAAIwCQMHACABDfOOgDAN BgkqhkiG9w0BAQsFAAOCAQEAdyymCJKNUpJVWcKhsYKUda4x9m9Awz+4HtqcLaaP nvDUj8JYCk9evkNBcdh20TpfE6YR9iRXHb4x1oS75Gu0B5FvkUo6ZGKbpeU1pvPP fzP6qxQAWZAQzwBGJYguLX/JCaORVKgYDBCDWKA5HPa1FvWQObzqBE3pdFT2sCHk e+qDpwXCIi7PGBlZ50p9ByveVw8aMfAdQz+LzYakDqvS32iVSyXXkl21W6ankHgd xb6yYmEWuDq/reZepfcftoehg7w3ePKWJoXEuX4dzGJPYqoRROlA0cGj82AGiVyB qlQScSj1WjAzkRJSjlpFZfLKZVSVzs4/5nWD2i6+hELB9Q== -----END CERTIFICATE-----Generated at Sun May 19 04:20:43 2024 by rpki-client on console-ams.rpki-client.org