$ rpki-client -vvf rpki.apnic.net/member_repository/A91A4A13/BB6C9B54B98011EDA37B1B65C4F9AE02/A8D327E4BBC711ED8DF23C40C4F9AE02.roa File: A8D327E4BBC711ED8DF23C40C4F9AE02.roa (raw, json) Hash identifier: xtZobSpVadX58ZzyO31O4JKq8FMyE70P6iRmsiuP7EE= Subject key identifier: C7:10:5C:80:42:70:57:5E:10:50:52:3F:00:70:99:1E:89:F0:4B:A2 Certificate issuer: /CN=A91A4A13/serialNumber=A5FB31D4D5125F7C9AAE500335A480FC77908F15 Certificate serial: 80 Authority key identifier: A5:FB:31:D4:D5:12:5F:7C:9A:AE:50:03:35:A4:80:FC:77:90:8F:15 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pfsx1NUSX3yarlADNaSA_HeQjxU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A4A13/BB6C9B54B98011EDA37B1B65C4F9AE02/A8D327E4BBC711ED8DF23C40C4F9AE02.roa Signing time: Fri 27 Oct 2023 04:56:00 +0000 ROA not before: Fri 27 Oct 2023 04:56:00 +0000 ROA not after: Mon 30 Dec 2024 00:00:00 +0000 asID: 136000 IP address blocks: 103.79.104.0/22 maxlen: 22 103.156.156.0/23 maxlen: 23 202.91.44.0/22 maxlen: 22 2400:3740::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A4A13/BB6C9B54B98011EDA37B1B65C4F9AE02/pfsx1NUSX3yarlADNaSA_HeQjxU.crl rsync://rpki.apnic.net/member_repository/A91A4A13/BB6C9B54B98011EDA37B1B65C4F9AE02/pfsx1NUSX3yarlADNaSA_HeQjxU.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pfsx1NUSX3yarlADNaSA_HeQjxU.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 28 May 2024 05:33:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 128 (0x80) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A4A13/serialNumber=A5FB31D4D5125F7C9AAE500335A480FC77908F15 Validity Not Before: Oct 27 04:56:00 2023 GMT Not After : Dec 30 00:00:00 2024 GMT Subject: CN=653b42e0-5315 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e4:b1:d9:a9:60:7c:96:c3:ad:c9:31:ce:ae:16: 17:8a:5c:16:26:b1:44:a8:87:9e:46:f7:97:a0:a7: ff:20:15:bb:42:ea:81:78:0d:e1:42:d2:db:ce:93: 89:38:ea:76:db:34:b2:a9:bd:69:ba:57:ee:e1:e5: 21:de:42:6b:8b:ed:95:00:ad:ae:fd:48:09:e3:fe: e1:eb:03:1c:0c:f4:1b:b7:38:81:f7:b5:04:db:00: a2:f4:48:6a:36:8b:99:1a:e3:45:3c:13:b0:e9:34: 26:c8:af:37:53:12:4b:5c:aa:06:b5:58:a7:98:b0: 75:45:30:01:a9:3f:f5:df:44:9a:8e:87:ac:4e:17: 3b:0b:18:68:ff:ae:74:a7:d5:b1:d1:50:dd:cf:0d: a0:3a:e9:43:8e:fd:7c:36:ff:8c:e9:60:b8:e5:72: 65:e2:bf:ad:9d:47:1c:75:5b:bf:4e:f2:99:2a:53: d6:00:d6:6d:b3:7f:54:da:bd:e3:4a:36:b0:05:fe: fd:3f:a0:8c:33:53:46:61:17:34:c0:3f:72:65:34: ae:d2:ea:06:7d:fb:5e:63:0d:08:0b:1d:d9:65:62: 6a:bd:72:95:27:68:04:72:1a:81:5a:ed:38:b0:a6: 20:69:ed:26:17:ed:a0:32:78:ea:e7:02:ec:b5:84: a2:ab Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C7:10:5C:80:42:70:57:5E:10:50:52:3F:00:70:99:1E:89:F0:4B:A2 X509v3 Authority Key Identifier: keyid:A5:FB:31:D4:D5:12:5F:7C:9A:AE:50:03:35:A4:80:FC:77:90:8F:15 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A4A13/BB6C9B54B98011EDA37B1B65C4F9AE02/pfsx1NUSX3yarlADNaSA_HeQjxU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pfsx1NUSX3yarlADNaSA_HeQjxU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A4A13/BB6C9B54B98011EDA37B1B65C4F9AE02/A8D327E4BBC711ED8DF23C40C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.79.104.0/22 103.156.156.0/23 202.91.44.0/22 IPv6: 2400:3740::/32 Signature Algorithm: sha256WithRSAEncryption 4e:9a:93:44:fb:a4:d2:6a:22:18:fd:64:4c:73:47:7b:c2:58: c9:6e:cf:6b:80:5f:9f:b3:b7:63:1c:69:e5:00:81:1a:77:32: 64:1e:39:94:df:de:7f:bf:87:04:d1:a2:b8:32:9c:4b:ad:d1: 75:08:18:95:8f:ab:f4:e1:ef:37:2c:17:d1:22:59:2f:48:60: c6:b9:aa:11:91:84:48:c3:7a:7d:09:19:99:f1:57:50:1a:c3: 60:c1:84:d2:d6:27:9c:2a:ad:f8:4c:62:32:b8:34:12:51:73: 71:af:0e:c2:07:0d:ee:c0:9b:18:70:fb:40:64:b1:8a:90:a1: 61:fd:1e:93:2b:aa:6e:a8:eb:94:9d:44:99:5c:ba:05:19:8e: e8:22:ec:a1:ec:ba:65:36:95:99:47:52:53:3d:7a:91:45:85: cc:f9:a0:1e:d4:fe:22:d0:41:8c:3e:6c:0e:4e:9f:ba:5e:fd: 17:be:02:71:86:47:6c:09:60:2b:1d:22:b8:6d:d7:19:7e:a5: b6:ba:a5:4f:83:53:a0:81:27:04:76:dc:9b:ac:3d:7f:93:6f: 09:d7:af:7c:43:01:38:50:8f:12:df:54:45:32:64:04:fb:39: b7:2a:12:c3:ab:ae:88:00:f5:df:6f:29:28:b3:6b:60:68:8f: 1d:dd:ab:78 -----BEGIN CERTIFICATE----- MIIFjDCCBHSgAwIBAgICAIAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTRBMTMxMTAvBgNVBAUTKEE1RkIzMUQ0RDUxMjVGN0M5QUFFNTAwMzM1QTQ4MEZD Nzc5MDhGMTUwHhcNMjMxMDI3MDQ1NjAwWhcNMjQxMjMwMDAwMDAwWjAYMRYwFAYD VQQDEw02NTNiNDJlMC01MzE1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA5LHZqWB8lsOtyTHOrhYXilwWJrFEqIeeRveXoKf/IBW7QuqBeA3hQtLbzpOJ OOp22zSyqb1pulfu4eUh3kJri+2VAK2u/UgJ4/7h6wMcDPQbtziB97UE2wCi9Ehq NouZGuNFPBOw6TQmyK83UxJLXKoGtVinmLB1RTABqT/130SajoesThc7Cxho/650 p9Wx0VDdzw2gOulDjv18Nv+M6WC45XJl4r+tnUccdVu/TvKZKlPWANZts39U2r3j SjawBf79P6CMM1NGYRc0wD9yZTSu0uoGffteYw0ICx3ZZWJqvXKVJ2gEchqBWu04 sKYgae0mF+2gMnjq5wLstYSiqwIDAQABo4ICsDCCAqwwHQYDVR0OBBYEFMcQXIBC cFdeEFBSPwBwmR6J8EuiMB8GA1UdIwQYMBaAFKX7MdTVEl98mq5QAzWkgPx3kI8V MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNEExMy9CQjZDOUI1NEI5 ODAxMUVEQTM3QjFCNjVDNEY5QUUwMi9wZnN4MU5VU1gzeWFybEFETmFTQV9IZVFq eFUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3Bmc3gxTlVTWDN5YXJsQUROYVNBX0hlUWp4VS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QTRBMTMvQkI2QzlCNTRCOTgwMTFFREEzN0IxQjY1QzRGOUFFMDIvQThEMzI3RTRC QkM3MTFFRDhERjIzQzQwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOgYIKwYBBQUHAQcBAf8E KzApMBgEAgABMBIDBAJnT2gDBAFnnJwDBALKWywwDQQCAAIwBwMFACQAN0AwDQYJ KoZIhvcNAQELBQADggEBAE6ak0T7pNJqIhj9ZExzR3vCWMluz2uAX5+zt2McaeUA gRp3MmQeOZTf3n+/hwTRorgynEut0XUIGJWPq/Th7zcsF9EiWS9IYMa5qhGRhEjD en0JGZnxV1Aaw2DBhNLWJ5wqrfhMYjK4NBJRc3GvDsIHDe7Amxhw+0BksYqQoWH9 HpMrqm6o65SdRJlcugUZjugi7KHsumU2lZlHUlM9epFFhcz5oB7U/iLQQYw+bA5O n7pe/Re+AnGGR2wJYCsdIrht1xl+pba6pU+DU6CBJwR23JusPX+TbwnXr3xDAThQ jxLfVEUyZAT7ObcqEsOrrogA9d9vKSiza2Bojx3dq3g= -----END CERTIFICATE-----Generated at Tue May 21 06:39:47 2024 by rpki-client on console-fra.rpki-client.org