$ rpki-client -vvf rpki.apnic.net/member_repository/A91A3E3F/305EB8767CDB11EDAB844C19C4F9AE02/9ADB02A27F4E11EDB22F3582C4F9AE02.roa File: 9ADB02A27F4E11EDB22F3582C4F9AE02.roa (raw, json) Hash identifier: r3mUtBdwag6olHlYfKRDMQSNAcBTLfcG9i0EIZDFqpU= Subject key identifier: 72:A1:6F:82:F0:C7:07:D6:2C:16:AA:1F:F2:D0:BF:57:C3:C7:92:45 Certificate issuer: /CN=A91A3E3F/serialNumber=943D3E10B8BBE138B47734554B69053110D45BE3 Certificate serial: C7 Authority key identifier: 94:3D:3E:10:B8:BB:E1:38:B4:77:34:55:4B:69:05:31:10:D4:5B:E3 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/lD0-ELi74Ti0dzRVS2kFMRDUW-M.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A3E3F/305EB8767CDB11EDAB844C19C4F9AE02/9ADB02A27F4E11EDB22F3582C4F9AE02.roa Signing time: Tue 05 Dec 2023 04:55:11 +0000 ROA not before: Tue 05 Dec 2023 04:55:11 +0000 ROA not after: Fri 31 Jan 2025 00:00:00 +0000 asID: 3598 IP address blocks: 167.220.224.0/20 maxlen: 20 167.220.236.0/22 maxlen: 24 167.220.248.0/21 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A3E3F/305EB8767CDB11EDAB844C19C4F9AE02/lD0-ELi74Ti0dzRVS2kFMRDUW-M.crl rsync://rpki.apnic.net/member_repository/A91A3E3F/305EB8767CDB11EDAB844C19C4F9AE02/lD0-ELi74Ti0dzRVS2kFMRDUW-M.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/lD0-ELi74Ti0dzRVS2kFMRDUW-M.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 05 Jun 2024 04:52:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 199 (0xc7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A3E3F/serialNumber=943D3E10B8BBE138B47734554B69053110D45BE3 Validity Not Before: Dec 5 04:55:11 2023 GMT Not After : Jan 31 00:00:00 2025 GMT Subject: CN=656ead2f-f9ac Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:97:2e:34:4b:3e:cf:87:ab:34:b3:ae:72:2e:f7: b6:0a:a9:2c:66:77:da:00:86:76:0b:bf:2f:97:7e: 93:d1:f6:75:9a:9f:18:d6:ad:b1:9e:0a:71:bd:ee: e5:39:c8:d6:69:6f:64:5b:d5:e0:10:ea:5d:2d:a8: 68:d0:07:53:a6:0c:b9:ee:9e:53:c7:90:7a:87:5b: 9a:81:30:af:d7:44:5b:58:04:c9:b0:29:08:dc:74: 53:36:fb:08:75:69:aa:73:71:08:7b:d3:22:2a:60: c5:e3:a6:f1:e7:37:00:be:a0:c8:c0:cb:d3:89:25: d9:a2:d8:e3:11:93:25:82:32:83:05:1f:00:fe:b3: ef:1f:81:ad:37:a8:a4:26:23:de:a1:f8:72:13:1d: ee:22:3e:e3:64:a8:2c:ef:db:8f:f5:02:48:50:49: c6:3b:2c:90:5c:0c:3b:ef:18:6f:45:8e:3c:ab:0a: cd:d2:40:8f:42:21:df:55:ea:fb:1c:08:4c:52:e3: b1:84:1c:1c:57:39:d4:ee:17:4e:4d:80:93:5b:22: 49:95:0f:8b:b1:97:6c:0d:86:3c:34:e5:c0:51:d4: f8:18:6f:6e:bf:0e:5e:82:07:ce:e8:46:84:c9:5c: 7c:c7:0a:c5:24:0b:1e:6d:3b:d7:30:05:6e:b1:2f: e3:e1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 72:A1:6F:82:F0:C7:07:D6:2C:16:AA:1F:F2:D0:BF:57:C3:C7:92:45 X509v3 Authority Key Identifier: keyid:94:3D:3E:10:B8:BB:E1:38:B4:77:34:55:4B:69:05:31:10:D4:5B:E3 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A3E3F/305EB8767CDB11EDAB844C19C4F9AE02/lD0-ELi74Ti0dzRVS2kFMRDUW-M.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/lD0-ELi74Ti0dzRVS2kFMRDUW-M.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A3E3F/305EB8767CDB11EDAB844C19C4F9AE02/9ADB02A27F4E11EDB22F3582C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 167.220.224.0/20 167.220.248.0/21 Signature Algorithm: sha256WithRSAEncryption 8b:ee:7b:44:07:01:43:87:c2:05:57:9e:fb:0a:12:a8:4e:4b: 83:25:43:88:2a:cd:07:57:2b:6e:99:f6:2e:ae:fe:20:a0:df: 1d:20:e7:0a:a4:ba:f3:12:e3:bb:e8:a2:79:67:87:b8:64:49: 0a:2f:b6:1b:83:1f:37:50:13:7e:d8:c0:b4:19:17:c2:ab:af: 69:85:3c:a2:f8:75:5b:54:42:e8:3a:10:eb:7b:13:b4:9c:69: c1:f6:67:3b:7c:17:4d:c2:21:aa:75:9c:9c:9f:61:fd:e6:20: 86:53:17:7b:51:ae:12:a0:23:e4:5e:ee:08:27:1b:5f:77:01: 26:a0:ea:d9:49:a5:cc:dc:d5:95:a5:bc:21:96:b1:9b:36:58: 08:0a:78:8e:a9:c4:e0:5c:1b:2f:7a:65:6d:94:67:05:f6:be: 05:80:fb:b1:4b:dc:a1:63:c8:49:3f:77:c2:f6:24:b1:51:e3: da:8b:7e:d6:6d:22:79:aa:7a:05:12:99:12:f0:54:af:cd:42: 6b:76:94:2b:0f:b1:9d:58:17:01:12:11:55:5e:9d:ca:f6:d5: ac:65:54:fc:a9:94:24:8e:91:32:45:6c:d5:74:d3:fa:09:fc: f1:c3:90:82:82:df:1d:63:dd:0f:74:e7:f5:a6:7c:d5:32:57: 5d:e2:5b:c1 -----BEGIN CERTIFICATE----- MIIFdzCCBF+gAwIBAgICAMcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTNFM0YxMTAvBgNVBAUTKDk0M0QzRTEwQjhCQkUxMzhCNDc3MzQ1NTRCNjkwNTMx MTBENDVCRTMwHhcNMjMxMjA1MDQ1NTExWhcNMjUwMTMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NTZlYWQyZi1mOWFjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAly40Sz7Ph6s0s65yLve2CqksZnfaAIZ2C78vl36T0fZ1mp8Y1q2xngpxve7l OcjWaW9kW9XgEOpdLaho0AdTpgy57p5Tx5B6h1uagTCv10RbWATJsCkI3HRTNvsI dWmqc3EIe9MiKmDF46bx5zcAvqDIwMvTiSXZotjjEZMlgjKDBR8A/rPvH4GtN6ik JiPeofhyEx3uIj7jZKgs79uP9QJIUEnGOyyQXAw77xhvRY48qwrN0kCPQiHfVer7 HAhMUuOxhBwcVznU7hdOTYCTWyJJlQ+LsZdsDYY8NOXAUdT4GG9uvw5eggfO6EaE yVx8xwrFJAsebTvXMAVusS/j4QIDAQABo4ICmzCCApcwHQYDVR0OBBYEFHKhb4Lw xwfWLBaqH/LQv1fDx5JFMB8GA1UdIwQYMBaAFJQ9PhC4u+E4tHc0VUtpBTEQ1Fvj MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBM0UzRi8zMDVFQjg3NjdD REIxMUVEQUI4NDRDMTlDNEY5QUUwMi9sRDAtRUxpNzRUaTBkelJWUzJrRk1SRFVX LU0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL2xEMC1FTGk3NFRpMGR6UlZTMmtGTVJEVVctTS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QTNFM0YvMzA1RUI4NzY3Q0RCMTFFREFCODQ0QzE5QzRGOUFFMDIvOUFEQjAyQTI3 RjRFMTFFREIyMkYzNTgyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E FjAUMBIEAgABMAwDBASn3OADBAOn3PgwDQYJKoZIhvcNAQELBQADggEBAIvue0QH AUOHwgVXnvsKEqhOS4MlQ4gqzQdXK26Z9i6u/iCg3x0g5wqkuvMS47voonlnh7hk SQovthuDHzdQE37YwLQZF8Krr2mFPKL4dVtUQug6EOt7E7ScacH2Zzt8F03CIap1 nJyfYf3mIIZTF3tRrhKgI+Re7ggnG193ASag6tlJpczc1ZWlvCGWsZs2WAgKeI6p xOBcGy96ZW2UZwX2vgWA+7FL3KFjyEk/d8L2JLFR49qLftZtInmqegUSmRLwVK/N Qmt2lCsPsZ1YFwESEVVencr21axlVPyplCSOkTJFbNV00/oJ/PHDkIKC3x1j3Q90 5/WmfNUyV13iW8E= -----END CERTIFICATE-----Generated at Wed May 29 06:39:00 2024 by rpki-client on console-fra.rpki-client.org