$ rpki-client -vvf rpki.apnic.net/member_repository/A91AE9F7/379EC742544A11E9A350C127C4F9AE02/1585570A544C11E9BDFF2B2DC4F9AE02.roa File: 1585570A544C11E9BDFF2B2DC4F9AE02.roa (raw, json) Hash identifier: +rFBkVlxJctk1V7KCpdnceZUOBrtZEVgxAJI9xv2x48= Subject key identifier: 4B:CC:46:E5:DF:D6:B8:37:01:2D:DA:A3:4F:B9:0A:E3:1B:66:FB:0C Certificate issuer: /CN=A91AE9F7/serialNumber=0170B0E0D06E31473CAC164E4B0B6D21BDF4D237 Certificate serial: 0EB5 Authority key identifier: 01:70:B0:E0:D0:6E:31:47:3C:AC:16:4E:4B:0B:6D:21:BD:F4:D2:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AXCw4NBuMUc8rBZOSwttIb300jc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91AE9F7/379EC742544A11E9A350C127C4F9AE02/1585570A544C11E9BDFF2B2DC4F9AE02.roa Signing time: Sat 04 Nov 2023 18:05:48 +0000 ROA not before: Sat 04 Nov 2023 18:05:48 +0000 ROA not after: Mon 30 Dec 2024 00:00:00 +0000 asID: 138191 IP address blocks: 58.84.32.0/24 maxlen: 24 103.129.200.0/24 maxlen: 24 103.129.201.0/24 maxlen: 24 103.129.202.0/24 maxlen: 24 103.129.203.0/24 maxlen: 24 103.197.48.0/24 maxlen: 24 2403:8540::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91AE9F7/379EC742544A11E9A350C127C4F9AE02/AXCw4NBuMUc8rBZOSwttIb300jc.crl rsync://rpki.apnic.net/member_repository/A91AE9F7/379EC742544A11E9A350C127C4F9AE02/AXCw4NBuMUc8rBZOSwttIb300jc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AXCw4NBuMUc8rBZOSwttIb300jc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 23 May 2024 18:22:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3765 (0xeb5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91AE9F7/serialNumber=0170B0E0D06E31473CAC164E4B0B6D21BDF4D237 Validity Not Before: Nov 4 18:05:48 2023 GMT Not After : Dec 30 00:00:00 2024 GMT Subject: CN=654687fc-48a3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:43:15:76:2b:04:59:f2:12:fc:14:03:a5:93: fc:7f:27:5c:e1:a4:49:a6:4e:a3:d8:f0:dd:e3:d0: fa:66:b5:fc:4c:8f:41:92:08:28:95:6b:65:11:68: e8:39:62:e9:98:46:61:1c:94:a6:a1:5a:04:3e:eb: ca:a9:28:b8:71:7c:ab:3e:15:45:68:1d:0c:53:9e: 5e:53:91:bf:b6:c7:d9:4b:54:c9:e6:74:1a:d5:6a: 5a:06:f1:67:ee:e3:12:b3:97:ba:46:00:6d:9a:0b: 48:c6:fa:74:ec:bf:fd:43:6c:cb:cd:88:e0:2b:66: da:a5:88:71:37:a3:4a:f5:a5:fc:79:f9:e6:66:37: 25:7f:95:9b:cd:39:26:66:e9:b3:f5:c2:54:1c:07: 85:9d:fb:d8:d9:2b:e5:85:d7:12:6c:d0:54:1e:2c: 5c:d5:f6:17:82:a3:69:77:ad:e4:a5:e0:2a:ae:70: 10:5c:5e:1c:ec:be:57:d8:49:31:d3:37:49:38:fd: 27:66:4c:87:06:e5:c5:8c:df:9b:e4:be:6c:3d:08: 79:b3:3d:04:e7:3c:96:ca:88:23:d0:7a:e2:78:64: c6:7d:7a:b2:2a:34:db:a2:26:dd:ec:e8:09:fd:29: 0e:fa:05:53:03:b3:10:4b:9b:c5:fb:8d:85:55:06: 84:d3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4B:CC:46:E5:DF:D6:B8:37:01:2D:DA:A3:4F:B9:0A:E3:1B:66:FB:0C X509v3 Authority Key Identifier: keyid:01:70:B0:E0:D0:6E:31:47:3C:AC:16:4E:4B:0B:6D:21:BD:F4:D2:37 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91AE9F7/379EC742544A11E9A350C127C4F9AE02/AXCw4NBuMUc8rBZOSwttIb300jc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AXCw4NBuMUc8rBZOSwttIb300jc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AE9F7/379EC742544A11E9A350C127C4F9AE02/1585570A544C11E9BDFF2B2DC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 58.84.32.0/24 103.129.200.0/22 103.197.48.0/24 IPv6: 2403:8540::/32 Signature Algorithm: sha256WithRSAEncryption 98:34:aa:a1:d5:bf:c5:7c:a1:b6:98:3a:8d:c3:c7:43:2d:3f: 1c:d1:38:19:53:19:29:ef:96:a6:6c:4c:15:0e:5c:70:0f:93: 53:94:55:c1:27:a2:d1:6c:2d:53:69:99:c8:b6:00:a2:a9:ce: 75:ea:f0:f5:35:44:90:7e:8e:f4:46:84:8a:79:fc:1c:a9:9b: 5c:21:4e:8e:5a:06:47:43:41:bf:41:1d:2a:cb:32:0a:0b:29: 8d:7c:4b:55:bc:3e:bc:af:cb:e1:8f:af:01:40:99:01:18:51: 56:01:85:b0:6a:f9:63:79:3f:55:77:2c:bb:57:aa:fb:7b:06: cb:28:75:c0:cf:b4:61:7e:74:10:10:cf:a9:d8:8b:09:bd:1e: 07:f2:e0:38:fc:c9:ad:0d:95:47:89:97:be:2d:85:e8:ef:9a: d2:93:e0:f2:0b:d1:0d:92:ed:4f:71:11:f6:47:91:b9:ad:c7: 0a:aa:48:48:09:2a:8d:f0:7d:6b:25:4b:26:07:7c:0e:78:28: 48:af:63:90:a9:67:73:25:d1:fa:4a:d0:4d:63:19:fd:76:28: 90:6f:c0:d2:da:74:c9:83:90:73:5a:da:2d:e0:20:c4:6e:63: cf:c1:8c:b0:e5:64:9d:6b:07:9c:30:6a:26:a9:ff:af:54:36: 1e:27:ce:82 -----BEGIN CERTIFICATE----- MIIFjDCCBHSgAwIBAgICDrUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QUU5RjcxMTAvBgNVBAUTKDAxNzBCMEUwRDA2RTMxNDczQ0FDMTY0RTRCMEI2RDIx QkRGNEQyMzcwHhcNMjMxMTA0MTgwNTQ4WhcNMjQxMjMwMDAwMDAwWjAYMRYwFAYD VQQDEw02NTQ2ODdmYy00OGEzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtUMVdisEWfIS/BQDpZP8fydc4aRJpk6j2PDd49D6ZrX8TI9BkggolWtlEWjo OWLpmEZhHJSmoVoEPuvKqSi4cXyrPhVFaB0MU55eU5G/tsfZS1TJ5nQa1WpaBvFn 7uMSs5e6RgBtmgtIxvp07L/9Q2zLzYjgK2bapYhxN6NK9aX8efnmZjclf5WbzTkm Zumz9cJUHAeFnfvY2SvlhdcSbNBUHixc1fYXgqNpd63kpeAqrnAQXF4c7L5X2Ekx 0zdJOP0nZkyHBuXFjN+b5L5sPQh5sz0E5zyWyogj0HrieGTGfXqyKjTboibd7OgJ /SkO+gVTA7MQS5vF+42FVQaE0wIDAQABo4ICsDCCAqwwHQYDVR0OBBYEFEvMRuXf 1rg3AS3ao0+5CuMbZvsMMB8GA1UdIwQYMBaAFAFwsODQbjFHPKwWTksLbSG99NI3 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBRTlGNy8zNzlFQzc0MjU0 NEExMUU5QTM1MEMxMjdDNEY5QUUwMi9BWEN3NE5CdU1VYzhyQlpPU3d0dEliMzAw amMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0FYQ3c0TkJ1TVVjOHJCWk9Td3R0SWIzMDBqYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QUU5RjcvMzc5RUM3NDI1NDRBMTFFOUEzNTBDMTI3QzRGOUFFMDIvMTU4NTU3MEE1 NDRDMTFFOUJERkYyQjJEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOgYIKwYBBQUHAQcBAf8E KzApMBgEAgABMBIDBAA6VCADBAJngcgDBABnxTAwDQQCAAIwBwMFACQDhUAwDQYJ KoZIhvcNAQELBQADggEBAJg0qqHVv8V8obaYOo3Dx0MtPxzROBlTGSnvlqZsTBUO XHAPk1OUVcEnotFsLVNpmci2AKKpznXq8PU1RJB+jvRGhIp5/Bypm1whTo5aBkdD Qb9BHSrLMgoLKY18S1W8Pryvy+GPrwFAmQEYUVYBhbBq+WN5P1V3LLtXqvt7Bsso dcDPtGF+dBAQz6nYiwm9Hgfy4Dj8ya0NlUeJl74thejvmtKT4PIL0Q2S7U9xEfZH kbmtxwqqSEgJKo3wfWslSyYHfA54KEivY5CpZ3Ml0fpK0E1jGf12KJBvwNLadMmD kHNa2i3gIMRuY8/BjLDlZJ1rB5wwaiap/69UNh4nzoI= -----END CERTIFICATE-----Generated at Thu May 16 20:25:50 2024 by rpki-client on console-ams.rpki-client.org