$ rpki-client -vvf rpki.apnic.net/member_repository/A91A86D0/FA78B0446FCE11E988C44B3EC4F9AE02/CC99502E382F11EEAB87A63EC4F9AE02.roa File: CC99502E382F11EEAB87A63EC4F9AE02.roa (raw, json) Hash identifier: APGJePjTilMex4SPcgOdmfK/+kmeAF3oXuads6UGce8= Subject key identifier: D5:27:34:C2:30:C7:7B:FD:92:C6:C3:66:0A:AA:69:2A:2A:F8:0C:D6 Certificate issuer: /CN=A91A86D0/serialNumber=D8AF37712D56B1B693EF6D03E346C00CF3F0493E Certificate serial: 0E36 Authority key identifier: D8:AF:37:71:2D:56:B1:B6:93:EF:6D:03:E3:46:C0:0C:F3:F0:49:3E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2K83cS1WsbaT720D40bADPPwST4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A86D0/FA78B0446FCE11E988C44B3EC4F9AE02/CC99502E382F11EEAB87A63EC4F9AE02.roa Signing time: Tue 28 Nov 2023 18:26:01 +0000 ROA not before: Tue 28 Nov 2023 18:26:01 +0000 ROA not after: Fri 31 Jan 2025 00:00:00 +0000 asID: 134739 IP address blocks: 103.200.132.0/22 maxlen: 22 103.200.132.0/24 maxlen: 24 103.200.133.0/24 maxlen: 24 103.200.134.0/24 maxlen: 24 103.200.135.0/24 maxlen: 24 121.54.164.0/22 maxlen: 22 121.54.164.0/24 maxlen: 24 121.54.165.0/24 maxlen: 24 121.54.166.0/24 maxlen: 24 121.54.167.0/24 maxlen: 24 2403:8e80::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A86D0/FA78B0446FCE11E988C44B3EC4F9AE02/2K83cS1WsbaT720D40bADPPwST4.crl rsync://rpki.apnic.net/member_repository/A91A86D0/FA78B0446FCE11E988C44B3EC4F9AE02/2K83cS1WsbaT720D40bADPPwST4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2K83cS1WsbaT720D40bADPPwST4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 02 Jun 2024 18:24:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3638 (0xe36) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A86D0/serialNumber=D8AF37712D56B1B693EF6D03E346C00CF3F0493E Validity Not Before: Nov 28 18:26:01 2023 GMT Not After : Jan 31 00:00:00 2025 GMT Subject: CN=656630b9-44a7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:a3:c8:63:05:30:fc:74:2d:85:c9:e0:9c:a3: e4:b9:58:d5:28:6e:b1:9e:f7:fd:bb:af:fc:8e:27: cc:c3:3c:a9:8a:13:b8:83:d5:15:95:23:01:21:ad: 1a:6f:01:df:8f:57:6a:49:2f:5c:eb:d0:f0:ea:18: 10:c6:26:4b:66:30:a6:85:e2:dc:09:9f:0f:4a:c8: 09:c3:10:4f:dd:d6:6a:0b:af:c8:92:47:1e:99:e2: 0c:63:d3:89:65:85:a0:33:f9:06:fd:3d:72:40:05: ba:39:7f:6d:27:3b:a3:22:2e:a2:6e:2d:a3:0b:21: ca:b4:74:34:32:e6:4d:5b:93:74:55:db:7f:cc:30: 47:f9:c0:e7:7a:54:3b:7f:d3:e8:4c:72:5c:bb:62: 82:60:b5:62:88:a4:2e:f2:c7:07:e8:dc:1a:95:48: a8:53:1c:8a:a5:fd:8a:da:e8:c3:66:13:9c:15:5b: dc:d7:df:99:19:80:e8:55:23:16:04:4b:8c:33:bf: c5:bd:b8:53:a3:62:2a:91:44:f6:c5:91:af:6e:33: 66:ec:7d:a4:31:b6:e7:70:57:14:44:75:05:0c:de: 40:4f:dc:de:3f:17:ee:5f:3a:07:b3:59:1d:54:c0: b8:5f:97:ed:a8:b7:03:07:6b:02:d7:8e:58:95:b1: cd:7d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D5:27:34:C2:30:C7:7B:FD:92:C6:C3:66:0A:AA:69:2A:2A:F8:0C:D6 X509v3 Authority Key Identifier: keyid:D8:AF:37:71:2D:56:B1:B6:93:EF:6D:03:E3:46:C0:0C:F3:F0:49:3E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A86D0/FA78B0446FCE11E988C44B3EC4F9AE02/2K83cS1WsbaT720D40bADPPwST4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2K83cS1WsbaT720D40bADPPwST4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A86D0/FA78B0446FCE11E988C44B3EC4F9AE02/CC99502E382F11EEAB87A63EC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.200.132.0/22 121.54.164.0/22 IPv6: 2403:8e80::/32 Signature Algorithm: sha256WithRSAEncryption 30:e9:96:49:dc:f1:cf:8e:3d:e2:b3:7a:e8:14:ae:e5:0f:a5: 76:f9:a5:79:ba:fc:c9:0b:fd:84:32:ff:c5:37:ab:e1:8f:f4: 69:c2:20:bc:30:d5:2c:5d:cd:9a:6b:31:e9:a9:f6:9f:69:fe: d2:be:69:b7:b5:92:13:21:12:7b:fc:6e:bc:1f:15:43:e4:09: 1b:27:40:0b:b0:f8:14:e5:d7:47:6b:45:5d:1e:31:55:10:46: 03:a5:8f:c7:ba:de:fe:6c:69:5a:df:58:1b:bf:e8:bc:f8:40: 89:cc:26:b9:66:48:e5:6b:31:90:1d:df:52:fc:c4:95:c8:5e: 2a:92:97:6c:bd:58:f1:cc:9b:aa:ce:5c:dd:02:8f:63:e2:34: 82:db:2a:af:55:dc:49:9b:4f:1d:a2:df:39:b2:d5:f8:99:b5: 1e:85:cf:18:83:eb:b3:b0:5d:40:3b:dc:e4:71:d0:6c:28:2c: 2a:48:41:b7:b4:92:ce:e7:2a:79:32:a6:83:a1:1f:0c:a5:d9: d3:08:1d:65:bd:ba:2b:99:ce:93:0d:fb:34:de:3b:b6:9c:7a: c8:ec:cf:8f:96:f3:55:a3:93:fd:5f:14:de:33:40:e7:b6:58: af:6f:47:d3:a3:f4:a7:65:ec:ac:f7:f3:31:ff:ad:fe:20:8f: 19:52:14:2d -----BEGIN CERTIFICATE----- MIIFhjCCBG6gAwIBAgICDjYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTg2RDAxMTAvBgNVBAUTKEQ4QUYzNzcxMkQ1NkIxQjY5M0VGNkQwM0UzNDZDMDBD RjNGMDQ5M0UwHhcNMjMxMTI4MTgyNjAxWhcNMjUwMTMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NTY2MzBiOS00NGE3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAy6PIYwUw/HQthcngnKPkuVjVKG6xnvf9u6/8jifMwzypihO4g9UVlSMBIa0a bwHfj1dqSS9c69Dw6hgQxiZLZjCmheLcCZ8PSsgJwxBP3dZqC6/IkkcemeIMY9OJ ZYWgM/kG/T1yQAW6OX9tJzujIi6ibi2jCyHKtHQ0MuZNW5N0Vdt/zDBH+cDnelQ7 f9PoTHJcu2KCYLViiKQu8scH6NwalUioUxyKpf2K2ujDZhOcFVvc19+ZGYDoVSMW BEuMM7/FvbhTo2IqkUT2xZGvbjNm7H2kMbbncFcURHUFDN5AT9zePxfuXzoHs1kd VMC4X5ftqLcDB2sC145YlbHNfQIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFNUnNMIw x3v9ksbDZgqqaSoq+AzWMB8GA1UdIwQYMBaAFNivN3EtVrG2k+9tA+NGwAzz8Ek+ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBODZEMC9GQTc4QjA0NDZG Q0UxMUU5ODhDNDRCM0VDNEY5QUUwMi8ySzgzY1MxV3NiYVQ3MjBENDBiQURQUHdT VDQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzJLODNjUzFXc2JhVDcyMEQ0MGJBRFBQd1NUNC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QTg2RDAvRkE3OEIwNDQ2RkNFMTFFOTg4QzQ0QjNFQzRGOUFFMDIvQ0M5OTUwMkUz ODJGMTFFRUFCODdBNjNFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E JTAjMBIEAgABMAwDBAJnyIQDBAJ5NqQwDQQCAAIwBwMFACQDjoAwDQYJKoZIhvcN AQELBQADggEBADDplknc8c+OPeKzeugUruUPpXb5pXm6/MkL/YQy/8U3q+GP9GnC ILww1SxdzZprMemp9p9p/tK+abe1khMhEnv8brwfFUPkCRsnQAuw+BTl10drRV0e MVUQRgOlj8e63v5saVrfWBu/6Lz4QInMJrlmSOVrMZAd31L8xJXIXiqSl2y9WPHM m6rOXN0Cj2PiNILbKq9V3EmbTx2i3zmy1fiZtR6FzxiD67OwXUA73ORx0GwoLCpI Qbe0ks7nKnkypoOhHwyl2dMIHWW9uiuZzpMN+zTeO7acesjsz4+W81Wjk/1fFN4z QOe2WK9vR9Oj9Kdl7Kz38zH/rf4gjxlSFC0= -----END CERTIFICATE-----Generated at Sun May 26 23:05:37 2024 by rpki-client on console-ams.rpki-client.org