$ rpki-client -vvf rpki.apnic.net/member_repository/A91A7B94/CC741BB6377011EE8DC8BB34C4F9AE02/268DF20A940C11EE9B034255C4F9AE02.roa File: 268DF20A940C11EE9B034255C4F9AE02.roa (raw, json) Hash identifier: h0QB44dJJWpkUB5Nn8bPiyK2eYO401b5CN+amBjtxwk= Subject key identifier: D5:EB:A2:51:83:E5:6B:7F:A4:41:5A:CD:50:01:2E:0E:6C:2C:36:3A Certificate issuer: /CN=A91A7B94/serialNumber=3126F4EF05E3AE75A09144B667D39347D4DAA890 Certificate serial: 41 Authority key identifier: 31:26:F4:EF:05:E3:AE:75:A0:91:44:B6:67:D3:93:47:D4:DA:A8:90 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MSb07wXjrnWgkUS2Z9OTR9TaqJA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A7B94/CC741BB6377011EE8DC8BB34C4F9AE02/268DF20A940C11EE9B034255C4F9AE02.roa Signing time: Wed 06 Dec 2023 07:50:41 +0000 ROA not before: Wed 06 Dec 2023 07:50:40 +0000 ROA not after: Mon 30 Sep 2024 00:00:00 +0000 asID: 136897 IP address blocks: 116.204.232.0/24 maxlen: 24 116.204.233.0/24 maxlen: 24 116.204.234.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A7B94/CC741BB6377011EE8DC8BB34C4F9AE02/MSb07wXjrnWgkUS2Z9OTR9TaqJA.crl rsync://rpki.apnic.net/member_repository/A91A7B94/CC741BB6377011EE8DC8BB34C4F9AE02/MSb07wXjrnWgkUS2Z9OTR9TaqJA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MSb07wXjrnWgkUS2Z9OTR9TaqJA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 28 May 2024 06:54:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 65 (0x41) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A7B94/serialNumber=3126F4EF05E3AE75A09144B667D39347D4DAA890 Validity Not Before: Dec 6 07:50:40 2023 GMT Not After : Sep 30 00:00:00 2024 GMT Subject: CN=657027d0-407c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:21:e1:58:6a:4f:e9:44:b4:5e:f1:68:28:ab: cb:e9:2a:16:71:b8:d4:c8:ef:76:b4:74:75:6b:45: 9c:fa:c2:70:de:79:3a:90:6d:fe:60:13:64:4b:6b: 5e:6b:8d:07:9e:7b:50:0e:b9:3b:4c:89:6e:45:ed: 14:4c:26:73:c1:d8:fc:1c:61:22:d8:41:b7:ae:a5: a9:d8:cf:81:f7:f9:e2:b3:78:b2:26:6f:48:5f:40: 19:a9:18:1d:6c:36:5f:84:9e:a3:4d:69:f9:af:51: eb:4a:69:94:af:85:aa:77:da:5c:e1:1f:d8:65:7d: a0:c4:e7:ef:cc:49:b7:18:4c:72:06:84:e2:35:39: ef:dd:f1:ae:13:78:51:ab:a6:f1:f1:22:e6:65:65: 31:b5:44:16:8c:8b:cf:56:78:bf:c0:f0:af:23:59: 17:73:5c:4e:10:90:30:a2:6f:7e:56:93:e1:92:7b: 59:52:c6:ba:ea:e0:3c:7e:2d:d4:2f:b9:83:de:cc: e2:aa:ba:a5:af:ac:ad:45:f6:70:5f:9f:e8:7c:8c: 7e:2f:97:45:2f:ef:4f:cd:68:e4:b7:13:55:94:ec: a0:ab:8e:8d:64:a3:5e:5c:ae:b7:fb:e0:22:d5:77: ac:f5:7a:da:f5:a5:b8:58:a5:cc:8e:29:2c:00:77: d5:09 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D5:EB:A2:51:83:E5:6B:7F:A4:41:5A:CD:50:01:2E:0E:6C:2C:36:3A X509v3 Authority Key Identifier: keyid:31:26:F4:EF:05:E3:AE:75:A0:91:44:B6:67:D3:93:47:D4:DA:A8:90 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A7B94/CC741BB6377011EE8DC8BB34C4F9AE02/MSb07wXjrnWgkUS2Z9OTR9TaqJA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MSb07wXjrnWgkUS2Z9OTR9TaqJA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A7B94/CC741BB6377011EE8DC8BB34C4F9AE02/268DF20A940C11EE9B034255C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 116.204.232.0-116.204.234.255 Signature Algorithm: sha256WithRSAEncryption bf:9b:6d:de:e7:50:7e:5d:39:4b:ce:25:2b:fd:cf:c1:fe:fc: bf:24:38:9a:df:e6:17:86:c8:da:89:07:80:e0:71:a6:a6:fc: ed:31:e5:6a:a8:f7:18:6e:fa:e6:6b:ee:5c:66:a2:21:97:14: 14:a2:85:ff:cc:01:af:11:89:b6:a3:13:7e:31:1c:86:81:0c: 7d:7c:08:27:05:cd:d6:a2:42:6c:78:cd:93:24:12:7d:5e:73: b0:1c:76:5e:94:a0:20:1d:0b:01:60:6f:6a:cb:28:42:8b:24: f5:2b:35:29:07:9a:e6:5e:bf:cf:55:83:60:74:41:83:3b:f1: 7c:d3:81:63:17:a5:c7:69:0e:40:c9:ef:16:c2:84:31:15:b8: 95:99:0f:9e:a9:1b:c2:0e:3e:13:c4:66:b6:7f:c3:6e:36:18: d4:da:a5:d9:94:6f:c2:28:63:0b:17:e9:e8:24:f6:c2:4b:ab: 8b:be:d4:f6:97:fe:a2:60:84:43:11:66:e7:c9:f7:8f:0e:7b: 5d:95:b2:47:75:6a:30:6c:60:07:0c:97:99:c5:5c:7b:9f:e3: 09:22:f8:7a:eb:58:59:d7:4b:06:e8:fd:a9:6b:eb:fe:73:a9: e0:a4:46:e0:5f:db:98:49:9b:8a:b3:b5:55:90:3b:24:8f:2c: d1:8a:7c:b7 -----BEGIN CERTIFICATE----- MIIFeDCCBGCgAwIBAgIBQTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFB N0I5NDExMC8GA1UEBRMoMzEyNkY0RUYwNUUzQUU3NUEwOTE0NEI2NjdEMzkzNDdE NERBQTg5MDAeFw0yMzEyMDYwNzUwNDBaFw0yNDA5MzAwMDAwMDBaMBgxFjAUBgNV BAMTDTY1NzAyN2QwLTQwN2MwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDJIeFYak/pRLRe8Wgoq8vpKhZxuNTI73a0dHVrRZz6wnDeeTqQbf5gE2RLa15r jQeee1AOuTtMiW5F7RRMJnPB2PwcYSLYQbeupanYz4H3+eKzeLImb0hfQBmpGB1s Nl+EnqNNafmvUetKaZSvhap32lzhH9hlfaDE5+/MSbcYTHIGhOI1Oe/d8a4TeFGr pvHxIuZlZTG1RBaMi89WeL/A8K8jWRdzXE4QkDCib35Wk+GSe1lSxrrq4Dx+LdQv uYPezOKquqWvrK1F9nBfn+h8jH4vl0Uv70/NaOS3E1WU7KCrjo1ko15crrf74CLV d6z1etr1pbhYpcyOKSwAd9UJAgMBAAGjggKdMIICmTAdBgNVHQ4EFgQU1euiUYPl a3+kQVrNUAEuDmwsNjowHwYDVR0jBBgwFoAUMSb07wXjrnWgkUS2Z9OTR9TaqJAw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUE3Qjk0L0NDNzQxQkI2Mzc3 MDExRUU4REM4QkIzNEM0RjlBRTAyL01TYjA3d1hqcm5XZ2tVUzJaOU9UUjlUYXFK QS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvTVNiMDd3WGpybldna1VTMlo5T1RSOVRhcUpBLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB N0I5NC9DQzc0MUJCNjM3NzAxMUVFOERDOEJCMzRDNEY5QUUwMi8yNjhERjIwQTk0 MEMxMUVFOUIwMzQyNTVDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAnBggrBgEFBQcBBwEB/wQY MBYwFAQCAAEwDjAMAwQDdMzoAwQAdMzqMA0GCSqGSIb3DQEBCwUAA4IBAQC/m23e 51B+XTlLziUr/c/B/vy/JDia3+YXhsjaiQeA4HGmpvztMeVqqPcYbvrma+5cZqIh lxQUooX/zAGvEYm2oxN+MRyGgQx9fAgnBc3WokJseM2TJBJ9XnOwHHZelKAgHQsB YG9qyyhCiyT1KzUpB5rmXr/PVYNgdEGDO/F804FjF6XHaQ5Aye8WwoQxFbiVmQ+e qRvCDj4TxGa2f8NuNhjU2qXZlG/CKGMLF+noJPbCS6uLvtT2l/6iYIRDEWbnyfeP DntdlbJHdWowbGAHDJeZxVx7n+MJIvh661hZ10sG6P2pa+v+c6ngpEbgX9uYSZuK s7VVkDskjyzRiny3 -----END CERTIFICATE-----Generated at Tue May 21 10:12:53 2024 by rpki-client on console-ams.rpki-client.org