$ rpki-client -vvf rpki.apnic.net/member_repository/A91B0770/C33683B61D8E11E28A9B57ED08B02CD2/80F60C0AB36A11EEAE9FF05FC4F9AE02.roa File: 80F60C0AB36A11EEAE9FF05FC4F9AE02.roa (raw, json) Hash identifier: mPmPvCdQywstYRyflEV6nN7rcE2aRGyDBbdAty6Jy8I= Subject key identifier: CF:FF:EB:D6:65:07:A1:0F:C9:DF:B1:22:EA:60:A0:EA:A8:A8:DA:20 Certificate issuer: /CN=A91B0770/serialNumber=1D6225AD943ECA389FA4B66C1974351E34C428FB Certificate serial: 3408 Authority key identifier: 1D:62:25:AD:94:3E:CA:38:9F:A4:B6:6C:19:74:35:1E:34:C4:28:FB Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HWIlrZQ-yjifpLZsGXQ1HjTEKPs.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B0770/C33683B61D8E11E28A9B57ED08B02CD2/80F60C0AB36A11EEAE9FF05FC4F9AE02.roa Signing time: Mon 22 Apr 2024 14:50:49 +0000 ROA not before: Mon 22 Apr 2024 14:50:49 +0000 ROA not after: Tue 01 Jul 2025 00:00:00 +0000 asID: 38461 IP address blocks: 123.242.240.0/22 maxlen: 22 123.242.240.0/24 maxlen: 24 123.242.241.0/24 maxlen: 24 123.242.242.0/24 maxlen: 24 123.242.243.0/24 maxlen: 24 123.242.248.0/23 maxlen: 24 123.242.250.0/23 maxlen: 24 202.61.8.0/23 maxlen: 23 202.61.8.0/24 maxlen: 24 203.189.176.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B0770/C33683B61D8E11E28A9B57ED08B02CD2/HWIlrZQ-yjifpLZsGXQ1HjTEKPs.crl rsync://rpki.apnic.net/member_repository/A91B0770/C33683B61D8E11E28A9B57ED08B02CD2/HWIlrZQ-yjifpLZsGXQ1HjTEKPs.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HWIlrZQ-yjifpLZsGXQ1HjTEKPs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 31 May 2024 14:44:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13320 (0x3408) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B0770/serialNumber=1D6225AD943ECA389FA4B66C1974351E34C428FB Validity Not Before: Apr 22 14:50:49 2024 GMT Not After : Jul 1 00:00:00 2025 GMT Subject: CN=66267949-8700 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:d7:fd:16:f9:6a:2c:f0:dd:b8:f1:c5:e4:bb: 83:78:5d:46:fd:b1:68:70:84:5a:42:a1:4d:5d:4b: a8:1c:42:fe:ae:47:2f:6e:55:e5:31:18:ce:7a:4d: c3:5a:f1:b3:91:6c:29:55:85:71:f9:cb:ca:f9:06: 6f:d4:a1:79:b8:cb:e6:a3:ac:e2:1f:e5:14:f7:71: 1a:6d:0e:a4:48:85:e5:9b:fe:c0:19:12:99:6c:2c: 94:d4:55:1a:ad:24:04:81:a4:3c:1a:3a:b0:54:ab: e0:ba:83:cb:b3:64:10:cf:76:d8:0d:b6:67:a3:41: b9:91:34:3a:eb:b9:f8:9b:82:e9:19:85:c1:2f:a4: 77:bc:a0:77:f2:16:85:eb:78:70:90:65:b8:34:54: d8:5d:01:a3:98:1c:99:53:1a:56:81:36:43:0f:b4: 9f:4d:62:3c:75:4a:6e:7c:51:32:26:fa:1d:07:4e: c8:77:3f:53:56:a3:05:eb:f9:b9:25:27:49:95:31: 23:7e:60:41:6e:dd:30:27:12:71:7b:4b:c7:bc:b1: e0:87:be:5a:9e:40:18:24:f2:4a:1e:cf:58:e3:d7: f9:e7:a7:0e:a4:08:2f:60:8c:de:ca:9e:c4:7c:ef: fe:50:99:85:ea:e5:81:53:8e:4c:0f:ca:70:88:95: 91:8d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CF:FF:EB:D6:65:07:A1:0F:C9:DF:B1:22:EA:60:A0:EA:A8:A8:DA:20 X509v3 Authority Key Identifier: keyid:1D:62:25:AD:94:3E:CA:38:9F:A4:B6:6C:19:74:35:1E:34:C4:28:FB X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B0770/C33683B61D8E11E28A9B57ED08B02CD2/HWIlrZQ-yjifpLZsGXQ1HjTEKPs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HWIlrZQ-yjifpLZsGXQ1HjTEKPs.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B0770/C33683B61D8E11E28A9B57ED08B02CD2/80F60C0AB36A11EEAE9FF05FC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 123.242.240.0/22 123.242.248.0/22 202.61.8.0/23 203.189.176.0/22 Signature Algorithm: sha256WithRSAEncryption 9f:15:9a:5d:c9:e2:f1:dc:53:50:db:6a:3a:cf:ea:40:88:3a: 61:8c:0e:ea:2a:2e:a6:fc:fc:23:7b:5d:fa:b0:08:20:28:a5: dd:fe:aa:75:42:fa:e4:0c:09:ac:20:a0:69:8a:7b:bf:8b:67: 94:46:b1:71:bb:a2:15:c3:51:1d:c9:83:7c:c2:e8:d2:1c:e2: d2:3d:39:4a:d4:fc:2a:4f:76:24:5b:72:5f:80:ea:13:a1:53: a1:b7:7a:e8:e8:09:cc:6f:08:33:78:51:73:62:f6:01:a6:3d: 8f:37:16:c1:83:9d:2e:73:cc:32:2c:88:02:d0:b5:80:d2:cf: f6:61:9a:3b:fd:6c:fd:72:12:32:8e:83:bc:22:dd:04:55:a3: 6a:57:2d:e5:de:a7:c8:91:0e:d1:9e:94:35:b0:6e:a5:f5:76: 85:32:e2:34:95:bb:78:28:04:ee:7d:c0:1a:f5:92:dc:a6:01: ee:eb:06:cc:b4:27:17:a8:f3:e2:9b:e6:e1:27:57:a3:f5:41: d9:21:cd:d1:0e:68:a4:a4:52:15:6f:08:cd:35:29:43:c2:54: 69:89:23:b8:f4:60:5c:45:b1:58:4b:b9:19:56:6d:ac:8d:d2: ea:b9:53:79:ba:34:4c:e7:0f:cf:8b:43:63:e9:18:7f:d8:14: 17:c8:14:cb -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgICNAgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjA3NzAxMTAvBgNVBAUTKDFENjIyNUFEOTQzRUNBMzg5RkE0QjY2QzE5NzQzNTFF MzRDNDI4RkIwHhcNMjQwNDIyMTQ1MDQ5WhcNMjUwNzAxMDAwMDAwWjAYMRYwFAYD VQQDEw02NjI2Nzk0OS04NzAwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAu9f9FvlqLPDduPHF5LuDeF1G/bFocIRaQqFNXUuoHEL+rkcvblXlMRjOek3D WvGzkWwpVYVx+cvK+QZv1KF5uMvmo6ziH+UU93EabQ6kSIXlm/7AGRKZbCyU1FUa rSQEgaQ8GjqwVKvguoPLs2QQz3bYDbZno0G5kTQ667n4m4LpGYXBL6R3vKB38haF 63hwkGW4NFTYXQGjmByZUxpWgTZDD7SfTWI8dUpufFEyJvodB07Idz9TVqMF6/m5 JSdJlTEjfmBBbt0wJxJxe0vHvLHgh75ankAYJPJKHs9Y49f556cOpAgvYIzeyp7E fO/+UJmF6uWBU45MD8pwiJWRjQIDAQABo4ICpzCCAqMwHQYDVR0OBBYEFM//69Zl B6EPyd+xIupgoOqoqNogMB8GA1UdIwQYMBaAFB1iJa2UPso4n6S2bBl0NR40xCj7 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCMDc3MC9DMzM2ODNCNjFE OEUxMUUyOEE5QjU3RUQwOEIwMkNEMi9IV0lsclpRLXlqaWZwTFpzR1hRMUhqVEVL UHMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0hXSWxyWlEteWppZnBMWnNHWFExSGpURUtQcy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QjA3NzAvQzMzNjgzQjYxRDhFMTFFMjhBOUI1N0VEMDhCMDJDRDIvODBGNjBDMEFC MzZBMTFFRUFFOUZGMDVGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMQYIKwYBBQUHAQcBAf8E IjAgMB4EAgABMBgDBAJ78vADBAJ78vgDBAHKPQgDBALLvbAwDQYJKoZIhvcNAQEL BQADggEBAJ8Vml3J4vHcU1DbajrP6kCIOmGMDuoqLqb8/CN7XfqwCCAopd3+qnVC +uQMCawgoGmKe7+LZ5RGsXG7ohXDUR3Jg3zC6NIc4tI9OUrU/CpPdiRbcl+A6hOh U6G3eujoCcxvCDN4UXNi9gGmPY83FsGDnS5zzDIsiALQtYDSz/Zhmjv9bP1yEjKO g7wi3QRVo2pXLeXep8iRDtGelDWwbqX1doUy4jSVu3goBO59wBr1ktymAe7rBsy0 Jxeo8+Kb5uEnV6P1QdkhzdEOaKSkUhVvCM01KUPCVGmJI7j0YFxFsVhLuRlWbayN 0uq5U3m6NEznD8+LQ2PpGH/YFBfIFMs= -----END CERTIFICATE-----Generated at Fri May 24 18:23:58 2024 by rpki-client on console-ams.rpki-client.org