$ rpki-client -vvf rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/AF0CF752FE6511EE93D6CC3AC4F9AE02.roa File: AF0CF752FE6511EE93D6CC3AC4F9AE02.roa (raw, json) Hash identifier: G7hy4Pp0PxR9n7rVQQS482ygJNVwwwD+qZkaIk7mrg0= Subject key identifier: B1:B4:72:F0:FA:91:58:65:6F:A0:17:06:A3:1C:4E:FA:31:39:75:D7 Certificate issuer: /CN=A91A560A/serialNumber=167C3B221775FEC05039468150CE814756AC6F0A Certificate serial: 4644 Authority key identifier: 16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/AF0CF752FE6511EE93D6CC3AC4F9AE02.roa Signing time: Thu 05 Sep 2024 03:35:44 +0000 ROA not before: Thu 05 Sep 2024 03:35:44 +0000 ROA not after: Fri 31 Oct 2025 00:00:00 +0000 asID: 24176 IP address blocks: 101.53.0.0/18 maxlen: 24 119.15.176.0/20 maxlen: 24 119.17.224.0/19 maxlen: 24 202.151.168.0/21 maxlen: 24 210.86.232.0/21 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.crl rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 06 Dec 2024 04:20:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 17988 (0x4644) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A560A/serialNumber=167C3B221775FEC05039468150CE814756AC6F0A Validity Not Before: Sep 5 03:35:44 2024 GMT Not After : Oct 31 00:00:00 2025 GMT Subject: CN=66d9270f-e477 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ea:be:69:a4:09:6b:85:cf:29:48:4a:13:fc:13: e8:36:85:95:cf:56:6e:7c:83:0b:4c:ae:47:4c:fc: 54:a9:46:2a:f8:18:da:11:76:80:3c:41:c1:da:97: 9f:5c:05:e7:ce:f5:42:de:41:02:7a:5c:1e:d1:21: 05:07:bc:b6:89:81:40:3e:42:a5:11:e9:b2:c6:09: f0:5d:ae:83:cf:43:dc:d8:0d:6f:40:9d:a6:82:97: 8c:f7:f5:cd:43:0a:91:44:75:86:4d:cc:d7:90:62: 5a:c5:96:90:94:40:70:ec:1a:06:8e:41:45:33:29: af:26:8f:c8:4f:ee:26:35:fd:9a:b5:e3:11:a8:53: 45:5c:c3:07:00:d0:97:b0:23:71:88:c2:6b:de:bf: 9a:56:4c:03:65:92:23:af:84:ec:1e:c0:bb:e8:31: 79:5d:1a:73:5d:1f:c7:b1:01:a5:84:c0:a1:c7:30: 18:94:a1:09:a3:d0:c8:4f:25:04:6e:e0:89:4d:bd: ef:ac:1e:36:1e:f8:1a:c7:7c:e7:cb:50:f6:b5:47: f7:0e:70:f2:61:f4:99:ad:e7:21:bb:a5:39:23:45: 5d:77:dc:0b:65:5c:14:e7:33:92:38:1f:87:36:21: 0a:6c:fc:f7:3e:7b:03:f3:5f:7e:ae:b5:c5:d5:d7: 86:d7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B1:B4:72:F0:FA:91:58:65:6F:A0:17:06:A3:1C:4E:FA:31:39:75:D7 X509v3 Authority Key Identifier: keyid:16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/AF0CF752FE6511EE93D6CC3AC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 101.53.0.0/18 119.15.176.0/20 119.17.224.0/19 202.151.168.0/21 210.86.232.0/21 Signature Algorithm: sha256WithRSAEncryption 2b:bf:3d:e1:6d:d4:1f:2e:8d:63:6c:31:ee:aa:a4:50:00:31: 6f:1f:b6:5f:24:07:fa:2e:68:4b:0c:d6:ae:3f:d9:bc:11:cd: 85:e2:df:b3:2b:fa:f6:19:c2:eb:eb:55:00:6f:9a:20:06:8d: 99:ed:15:ca:2f:83:1e:b7:83:74:6f:b3:e7:30:20:24:98:65: 6a:db:57:aa:c7:79:f3:ab:4f:6a:6e:bf:ba:dd:bc:31:b0:b1: 56:31:c5:36:12:55:07:8a:a0:b1:98:73:ec:5c:1f:f4:a1:d0: ec:1f:bd:04:41:18:10:18:7e:ac:23:0d:9d:03:71:be:da:97: 22:57:48:5d:92:72:74:3b:07:90:12:73:a8:17:1a:97:b7:4e: 77:5c:31:8d:62:27:fc:07:5a:46:b0:87:a4:94:84:3e:a2:13: 48:c3:01:4a:ec:ca:6f:3c:23:2d:55:3f:a4:9a:34:35:6f:da: ed:d9:e5:7c:dd:59:8e:a0:64:e2:13:b9:37:d5:38:2c:53:b4: 51:37:ee:1c:b7:d0:18:e0:7a:5e:4a:c5:12:fa:01:81:2c:49: c1:ea:63:b8:c0:19:00:e3:22:c6:6c:50:73:88:ba:3a:f9:e4: 78:07:ad:bf:85:c4:b5:6d:14:c3:6a:d5:60:91:bc:ac:ed:35: b2:8f:d6:80 -----BEGIN CERTIFICATE----- MIIFiTCCBHGgAwIBAgICRkQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTU2MEExMTAvBgNVBAUTKDE2N0MzQjIyMTc3NUZFQzA1MDM5NDY4MTUwQ0U4MTQ3 NTZBQzZGMEEwHhcNMjQwOTA1MDMzNTQ0WhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NmQ5MjcwZi1lNDc3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA6r5ppAlrhc8pSEoT/BPoNoWVz1ZufIMLTK5HTPxUqUYq+BjaEXaAPEHB2pef XAXnzvVC3kECelwe0SEFB7y2iYFAPkKlEemyxgnwXa6Dz0Pc2A1vQJ2mgpeM9/XN QwqRRHWGTczXkGJaxZaQlEBw7BoGjkFFMymvJo/IT+4mNf2ateMRqFNFXMMHANCX sCNxiMJr3r+aVkwDZZIjr4TsHsC76DF5XRpzXR/HsQGlhMChxzAYlKEJo9DITyUE buCJTb3vrB42Hvgax3zny1D2tUf3DnDyYfSZrechu6U5I0Vdd9wLZVwU5zOSOB+H NiEKbPz3PnsD819+rrXF1deG1wIDAQABo4ICrTCCAqkwHQYDVR0OBBYEFLG0cvD6 kVhlb6AXBqMcTvoxOXXXMB8GA1UdIwQYMBaAFBZ8OyIXdf7AUDlGgVDOgUdWrG8K MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTYwQS9BQUVCMTkxQTFE OEExMUUyQTM4N0QwRTQwOEIwMkNEMi9Gbnc3SWhkMV9zQlFPVWFCVU02QlIxYXNi d28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0ZudzdJaGQxX3NCUU9VYUJVTTZCUjFhc2J3by5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QTU2MEEvQUFFQjE5MUExRDhBMTFFMkEzODdEMEU0MDhCMDJDRDIvQUYwQ0Y3NTJG RTY1MTFFRTkzRDZDQzNBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNwYIKwYBBQUHAQcBAf8E KDAmMCQEAgABMB4DBAZlNQADBAR3D7ADBAV3EeADBAPKl6gDBAPSVugwDQYJKoZI hvcNAQELBQADggEBACu/PeFt1B8ujWNsMe6qpFAAMW8ftl8kB/ouaEsM1q4/2bwR zYXi37Mr+vYZwuvrVQBvmiAGjZntFcovgx63g3Rvs+cwICSYZWrbV6rHefOrT2pu v7rdvDGwsVYxxTYSVQeKoLGYc+xcH/Sh0OwfvQRBGBAYfqwjDZ0Dcb7alyJXSF2S cnQ7B5ASc6gXGpe3TndcMY1iJ/wHWkawh6SUhD6iE0jDAUrsym88Iy1VP6SaNDVv 2u3Z5XzdWY6gZOITuTfVOCxTtFE37hy30Bjgel5KxRL6AYEsScHqY7jAGQDjIsZs UHOIujr55HgHrb+FxLVtFMNq1WCRvKztNbKP1oA= -----END CERTIFICATE-----Generated at Fri Nov 29 05:58:40 2024 by rpki-client on console-fra.rpki-client.org