$ rpki-client -vvf rpki.apnic.net/member_repository/A91A57F8/34509400B97511ED8040DE22C4F9AE02/A508D320BBC711ED8DF23C40C4F9AE02.roa File: A508D320BBC711ED8DF23C40C4F9AE02.roa (raw, json) Hash identifier: L1wngMa+M4+pohh5cLExIiwcIS0yfGRYYvO2OZ5X45A= Subject key identifier: 89:1C:AE:49:E9:33:B9:A4:22:17:EF:0C:AC:C5:EE:5C:92:10:DD:D8 Certificate issuer: /CN=A91A57F8/serialNumber=9F64FE50992537FB0B40E52F9CFAC310CA271918 Certificate serial: E6 Authority key identifier: 9F:64:FE:50:99:25:37:FB:0B:40:E5:2F:9C:FA:C3:10:CA:27:19:18 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/n2T-UJklN_sLQOUvnPrDEMonGRg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A57F8/34509400B97511ED8040DE22C4F9AE02/A508D320BBC711ED8DF23C40C4F9AE02.roa Signing time: Fri 29 Mar 2024 05:58:08 +0000 ROA not before: Fri 29 Mar 2024 05:58:08 +0000 ROA not after: Wed 28 May 2025 00:00:00 +0000 asID: 136000 IP address blocks: 103.117.166.0/23 maxlen: 23 103.134.20.0/22 maxlen: 22 103.209.12.0/22 maxlen: 22 202.14.177.0/24 maxlen: 24 202.62.240.0/22 maxlen: 22 202.73.30.0/23 maxlen: 23 203.14.201.0/24 maxlen: 24 203.18.242.0/23 maxlen: 23 203.23.53.0/24 maxlen: 24 203.28.160.0/24 maxlen: 24 203.29.91.0/24 maxlen: 24 203.32.98.0/23 maxlen: 23 203.55.150.0/24 maxlen: 24 203.56.119.0/24 maxlen: 24 203.57.252.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A57F8/34509400B97511ED8040DE22C4F9AE02/n2T-UJklN_sLQOUvnPrDEMonGRg.crl rsync://rpki.apnic.net/member_repository/A91A57F8/34509400B97511ED8040DE22C4F9AE02/n2T-UJklN_sLQOUvnPrDEMonGRg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/n2T-UJklN_sLQOUvnPrDEMonGRg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 26 May 2024 02:50:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 230 (0xe6) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A57F8/serialNumber=9F64FE50992537FB0B40E52F9CFAC310CA271918 Validity Not Before: Mar 29 05:58:08 2024 GMT Not After : May 28 00:00:00 2025 GMT Subject: CN=66065870-88ab Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:7a:28:fe:ff:3b:5a:49:ad:bc:cd:8e:e2:88: ab:28:94:88:db:dd:48:ba:65:fc:18:c8:ed:81:5e: 21:c7:d7:ef:69:96:77:4d:0c:9d:45:42:db:1f:19: e2:0b:52:e2:54:f2:58:eb:ea:c8:18:31:8c:e1:bf: f1:3d:5a:40:f2:aa:13:2c:83:c7:d0:b9:a6:f1:fc: bd:7f:89:4f:bd:ff:6b:c4:6c:23:d8:23:44:96:4e: 65:e8:71:37:49:df:8f:9d:10:5f:81:ec:89:e0:7a: 74:3a:02:ac:40:16:83:d6:1f:6f:9c:70:fe:65:94: b9:aa:9c:ca:1f:9a:46:9a:a9:3c:c8:7d:55:a2:0f: f4:c0:46:11:e8:da:24:76:cc:1d:f0:55:32:b1:99: ec:7a:c5:3c:24:e6:4f:69:02:72:ec:67:dd:37:06: 68:4e:a7:7b:8d:57:bb:0e:f3:22:8a:f8:76:45:7f: af:d1:67:3c:b5:30:4b:43:61:08:40:2a:f4:b5:9b: 38:13:fe:7a:96:21:97:5a:1a:84:80:39:b4:bf:14: d2:19:ec:ea:3a:63:df:f4:76:55:4b:08:50:1a:b1: a4:96:de:29:30:87:69:da:ad:fa:52:7d:fe:80:f8: 15:99:db:0d:4a:10:1d:e3:a6:31:06:13:da:54:8d: 7c:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 89:1C:AE:49:E9:33:B9:A4:22:17:EF:0C:AC:C5:EE:5C:92:10:DD:D8 X509v3 Authority Key Identifier: keyid:9F:64:FE:50:99:25:37:FB:0B:40:E5:2F:9C:FA:C3:10:CA:27:19:18 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A57F8/34509400B97511ED8040DE22C4F9AE02/n2T-UJklN_sLQOUvnPrDEMonGRg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/n2T-UJklN_sLQOUvnPrDEMonGRg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A57F8/34509400B97511ED8040DE22C4F9AE02/A508D320BBC711ED8DF23C40C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.117.166.0/23 103.134.20.0/22 103.209.12.0/22 202.14.177.0/24 202.62.240.0/22 202.73.30.0/23 203.14.201.0/24 203.18.242.0/23 203.23.53.0/24 203.28.160.0/24 203.29.91.0/24 203.32.98.0/23 203.55.150.0/24 203.56.119.0/24 203.57.252.0/24 Signature Algorithm: sha256WithRSAEncryption 10:9a:9c:8c:ea:f7:0b:9e:06:3e:d0:1e:b2:78:f7:3a:04:0f: cf:ce:6e:ff:e8:dd:50:35:3f:04:b6:f1:0b:5c:9e:27:14:21: ae:26:1c:54:ee:6e:ac:9c:0e:b4:26:f9:ba:ea:2c:9c:84:f9: 6c:24:ed:dd:91:d2:cd:d6:16:bc:90:fa:6d:09:4d:c5:de:29: b8:60:7a:bb:cf:f9:92:41:f2:74:70:35:49:2d:30:66:74:f2: 37:0b:c7:27:a4:25:a3:c0:5a:00:26:75:67:75:62:90:14:10: 35:98:4f:77:18:da:29:25:48:66:8a:06:a4:2b:4d:cd:5f:90: 3a:52:65:45:11:fb:bf:cd:f4:01:a0:c8:5c:8f:49:fa:39:9d: 24:82:e3:0a:a2:0f:38:ef:ec:46:57:ba:8d:ca:fc:93:52:f0: 1a:2b:7a:a6:b1:f7:6f:73:62:54:95:3a:b0:3c:3e:d7:fb:c9: 34:82:90:c8:eb:8a:42:de:df:6b:31:01:4c:e6:f5:42:2f:2d: 38:69:53:10:6e:9b:50:d4:dd:f2:04:62:e1:45:54:c1:33:e1: 17:c5:c7:e2:3e:a5:a6:c7:4f:f0:96:4c:20:90:f2:99:74:1c: b1:54:bb:53:27:60:c0:aa:05:6d:5d:c8:99:84:5c:b0:4c:07: ae:96:21:a0 -----BEGIN CERTIFICATE----- MIIFxTCCBK2gAwIBAgICAOYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTU3RjgxMTAvBgNVBAUTKDlGNjRGRTUwOTkyNTM3RkIwQjQwRTUyRjlDRkFDMzEw Q0EyNzE5MTgwHhcNMjQwMzI5MDU1ODA4WhcNMjUwNTI4MDAwMDAwWjAYMRYwFAYD VQQDEw02NjA2NTg3MC04OGFiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAsXoo/v87WkmtvM2O4oirKJSI291IumX8GMjtgV4hx9fvaZZ3TQydRULbHxni C1LiVPJY6+rIGDGM4b/xPVpA8qoTLIPH0Lmm8fy9f4lPvf9rxGwj2CNElk5l6HE3 Sd+PnRBfgeyJ4Hp0OgKsQBaD1h9vnHD+ZZS5qpzKH5pGmqk8yH1Vog/0wEYR6Nok dswd8FUysZnsesU8JOZPaQJy7GfdNwZoTqd7jVe7DvMiivh2RX+v0Wc8tTBLQ2EI QCr0tZs4E/56liGXWhqEgDm0vxTSGezqOmPf9HZVSwhQGrGklt4pMIdp2q36Un3+ gPgVmdsNShAd46YxBhPaVI182QIDAQABo4IC6TCCAuUwHQYDVR0OBBYEFIkcrknp M7mkIhfvDKzF7lySEN3YMB8GA1UdIwQYMBaAFJ9k/lCZJTf7C0DlL5z6wxDKJxkY MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTdGOC8zNDUwOTQwMEI5 NzUxMUVEODA0MERFMjJDNEY5QUUwMi9uMlQtVUprbE5fc0xRT1V2blByREVNb25H UmcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL24yVC1VSmtsTl9zTFFPVXZuUHJERU1vbkdSZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QTU3RjgvMzQ1MDk0MDBCOTc1MTFFRDgwNDBERTIyQzRGOUFFMDIvQTUwOEQzMjBC QkM3MTFFRDhERjIzQzQwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwcwYIKwYBBQUHAQcBAf8E ZDBiMGAEAgABMFoDBAFndaYDBAJnhhQDBAJn0QwDBADKDrEDBALKPvADBAHKSR4D BADLDskDBAHLEvIDBADLFzUDBADLHKADBADLHVsDBAHLIGIDBADLN5YDBADLOHcD BADLOfwwDQYJKoZIhvcNAQELBQADggEBABCanIzq9wueBj7QHrJ49zoED8/Obv/o 3VA1PwS28QtcnicUIa4mHFTubqycDrQm+brqLJyE+Wwk7d2R0s3WFryQ+m0JTcXe KbhgervP+ZJB8nRwNUktMGZ08jcLxyekJaPAWgAmdWd1YpAUEDWYT3cY2iklSGaK BqQrTc1fkDpSZUUR+7/N9AGgyFyPSfo5nSSC4wqiDzjv7EZXuo3K/JNS8Boreqax 929zYlSVOrA8Ptf7yTSCkMjrikLe32sxAUzm9UIvLThpUxBum1DU3fIEYuFFVMEz 4RfFx+I+pabHT/CWTCCQ8pl0HLFUu1MnYMCqBW1dyJmEXLBMB66WIaA= -----END CERTIFICATE-----Generated at Sun May 19 07:40:44 2024 by rpki-client on console-fra.rpki-client.org