$ rpki-client -vvf rpki.apnic.net/member_repository/A91B01C7/97CF20FA332311E4A6E74911C4F9AE02/37C9EE28F10611EE96681A3CC4F9AE02.roa File: 37C9EE28F10611EE96681A3CC4F9AE02.roa (raw, json) Hash identifier: Rpc77Bk6UyOQJWmFgc3mVMpOhVuGvlHfa0zdVP+Cj8g= Subject key identifier: E6:19:AB:16:FE:95:A4:0C:3A:B9:CE:38:51:E9:88:80:48:CA:49:41 Certificate issuer: /CN=A91B01C7/serialNumber=E8DF8D5E4C84DA87D729A73C1C4E8611381AB2C1 Certificate serial: 2944 Authority key identifier: E8:DF:8D:5E:4C:84:DA:87:D7:29:A7:3C:1C:4E:86:11:38:1A:B2:C1 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6N-NXkyE2ofXKac8HE6GETgassE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B01C7/97CF20FA332311E4A6E74911C4F9AE02/37C9EE28F10611EE96681A3CC4F9AE02.roa Signing time: Tue 02 Apr 2024 15:32:30 +0000 ROA not before: Tue 02 Apr 2024 15:32:30 +0000 ROA not after: Tue 30 Jul 2024 00:00:00 +0000 asID: 58601 IP address blocks: 43.245.192.0/24 maxlen: 24 43.245.195.0/24 maxlen: 24 103.9.112.0/22 maxlen: 22 103.9.112.0/24 maxlen: 24 103.9.113.0/24 maxlen: 24 103.9.114.0/24 maxlen: 24 103.9.115.0/24 maxlen: 24 2403:e100::/32 maxlen: 32 2403:e100:1000::/48 maxlen: 48 2403:e100:1000:4::/64 maxlen: 64 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B01C7/97CF20FA332311E4A6E74911C4F9AE02/6N-NXkyE2ofXKac8HE6GETgassE.crl rsync://rpki.apnic.net/member_repository/A91B01C7/97CF20FA332311E4A6E74911C4F9AE02/6N-NXkyE2ofXKac8HE6GETgassE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6N-NXkyE2ofXKac8HE6GETgassE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 02 Jun 2024 15:53:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 10564 (0x2944) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B01C7/serialNumber=E8DF8D5E4C84DA87D729A73C1C4E8611381AB2C1 Validity Not Before: Apr 2 15:32:30 2024 GMT Not After : Jul 30 00:00:00 2024 GMT Subject: CN=660c250e-083a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:81:eb:93:1f:cc:40:91:d6:f8:ad:7c:c1:2e: 5e:ac:c8:05:6d:d2:02:6d:84:8f:90:1d:83:20:e2: fd:50:9c:27:0e:85:f9:a4:d7:e9:43:ae:57:bf:fd: e6:b3:0f:87:2b:9a:2d:06:81:d5:87:e8:d1:28:e4: 22:32:00:bd:6a:39:03:91:94:a9:e5:d0:6d:df:f5: 0f:4c:60:04:54:10:20:84:14:5f:22:e2:63:27:21: 3c:cb:79:f9:34:5e:1f:24:cb:d1:c6:ce:5c:ad:8d: 1c:02:97:6c:1e:c8:7f:1e:e6:b8:20:95:eb:4a:4d: d2:44:eb:ba:fd:44:c1:f3:38:cb:10:14:3c:ea:8e: f9:17:c3:f0:54:96:37:d1:90:b7:13:69:2b:75:3c: 1d:29:73:f3:b6:96:56:03:33:31:88:1a:16:0c:64: 07:8b:68:32:43:81:30:6a:85:7d:26:dc:17:84:c2: c9:8d:20:a3:af:01:16:dc:ee:69:38:4d:28:86:a6: 19:fb:33:e8:10:dc:d3:82:8b:5d:7c:f2:67:51:76: 3d:a1:02:a9:b1:ae:71:8e:b0:1d:66:96:73:88:e7: 44:bc:9d:0b:15:b1:13:f7:5d:99:ba:c4:29:e7:38: dd:e6:b3:ee:fe:45:c0:bd:71:d7:3c:86:4f:de:f7: 29:89 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E6:19:AB:16:FE:95:A4:0C:3A:B9:CE:38:51:E9:88:80:48:CA:49:41 X509v3 Authority Key Identifier: keyid:E8:DF:8D:5E:4C:84:DA:87:D7:29:A7:3C:1C:4E:86:11:38:1A:B2:C1 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B01C7/97CF20FA332311E4A6E74911C4F9AE02/6N-NXkyE2ofXKac8HE6GETgassE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6N-NXkyE2ofXKac8HE6GETgassE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B01C7/97CF20FA332311E4A6E74911C4F9AE02/37C9EE28F10611EE96681A3CC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.245.192.0/24 43.245.195.0/24 103.9.112.0/22 IPv6: 2403:e100::/32 Signature Algorithm: sha256WithRSAEncryption 6d:4d:67:30:38:51:39:a5:c1:5d:39:d4:ea:ca:7f:86:34:07: 7e:ad:41:ea:74:0a:14:6c:58:74:be:e7:67:63:7e:1c:ae:b2: a9:e3:ce:cc:19:0c:da:fc:19:88:08:1c:e8:7f:03:20:b7:cf: 28:b8:1c:e9:00:65:a8:46:de:ec:f0:da:df:e0:86:a8:a0:33: 1a:a8:04:70:6e:fc:50:1e:3d:46:64:4a:b6:c0:b8:0e:3b:de: 4a:21:91:46:d6:bc:08:79:4f:cc:3b:92:f6:2c:7a:55:c1:62: 79:ce:d3:d4:4a:27:f6:dc:e3:6b:bc:e9:d8:96:e4:32:ed:ca: 0d:75:47:3e:dc:03:f1:e2:18:c9:1a:35:34:15:24:a5:be:d0: ef:64:4c:cf:be:08:fc:f6:bb:0b:5a:52:e2:49:55:d1:81:f0: 51:18:88:c2:17:b4:36:b9:df:eb:8b:f1:5a:e8:0a:d2:40:13: 6c:3b:bd:38:c1:c7:e5:76:73:db:ab:55:30:80:b4:9b:ad:52: 36:4e:49:3e:f7:07:49:e5:c1:3c:b9:87:26:e7:f2:1d:09:db: e1:18:65:db:f3:80:e9:c7:82:5d:f1:86:a2:38:9e:e0:7d:e3: e6:dc:a7:d6:89:58:54:31:97:7b:b4:0f:e2:cd:aa:85:46:74: 77:01:6c:b3 -----BEGIN CERTIFICATE----- MIIFjDCCBHSgAwIBAgICKUQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjAxQzcxMTAvBgNVBAUTKEU4REY4RDVFNEM4NERBODdENzI5QTczQzFDNEU4NjEx MzgxQUIyQzEwHhcNMjQwNDAyMTUzMjMwWhcNMjQwNzMwMDAwMDAwWjAYMRYwFAYD VQQDEw02NjBjMjUwZS0wODNhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvIHrkx/MQJHW+K18wS5erMgFbdICbYSPkB2DIOL9UJwnDoX5pNfpQ65Xv/3m sw+HK5otBoHVh+jRKOQiMgC9ajkDkZSp5dBt3/UPTGAEVBAghBRfIuJjJyE8y3n5 NF4fJMvRxs5crY0cApdsHsh/Hua4IJXrSk3SROu6/UTB8zjLEBQ86o75F8PwVJY3 0ZC3E2krdTwdKXPztpZWAzMxiBoWDGQHi2gyQ4EwaoV9JtwXhMLJjSCjrwEW3O5p OE0ohqYZ+zPoENzTgotdfPJnUXY9oQKpsa5xjrAdZpZziOdEvJ0LFbET912ZusQp 5zjd5rPu/kXAvXHXPIZP3vcpiQIDAQABo4ICsDCCAqwwHQYDVR0OBBYEFOYZqxb+ laQMOrnOOFHpiIBIyklBMB8GA1UdIwQYMBaAFOjfjV5MhNqH1ymnPBxOhhE4GrLB MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCMDFDNy85N0NGMjBGQTMz MjMxMUU0QTZFNzQ5MTFDNEY5QUUwMi82Ti1OWGt5RTJvZlhLYWM4SEU2R0VUZ2Fz c0UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzZOLU5Ya3lFMm9mWEthYzhIRTZHRVRnYXNzRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QjAxQzcvOTdDRjIwRkEzMzIzMTFFNEE2RTc0OTExQzRGOUFFMDIvMzdDOUVFMjhG MTA2MTFFRTk2NjgxQTNDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOgYIKwYBBQUHAQcBAf8E KzApMBgEAgABMBIDBAAr9cADBAAr9cMDBAJnCXAwDQQCAAIwBwMFACQD4QAwDQYJ KoZIhvcNAQELBQADggEBAG1NZzA4UTmlwV051OrKf4Y0B36tQep0ChRsWHS+52dj fhyusqnjzswZDNr8GYgIHOh/AyC3zyi4HOkAZahG3uzw2t/ghqigMxqoBHBu/FAe PUZkSrbAuA473kohkUbWvAh5T8w7kvYselXBYnnO09RKJ/bc42u86diW5DLtyg11 Rz7cA/HiGMkaNTQVJKW+0O9kTM++CPz2uwtaUuJJVdGB8FEYiMIXtDa53+uL8Vro CtJAE2w7vTjBx+V2c9urVTCAtJutUjZOST73B0nlwTy5hybn8h0J2+EYZdvzgOnH gl3xhqI4nuB94+bcp9aJWFQxl3u0D+LNqoVGdHcBbLM= -----END CERTIFICATE-----Generated at Sun May 26 19:11:40 2024 by rpki-client on console-ams.rpki-client.org