$ rpki-client -vvf rpki.apnic.net/member_repository/A91B6587/417D71B4918611EDA84A124DC4F9AE02/720F30326E5E11EEBFA4E75BC4F9AE02.roa File: 720F30326E5E11EEBFA4E75BC4F9AE02.roa (raw, json) Hash identifier: tndYu5V2i4EBKzB2WQEa6Kz3slutPy4/CPHJxugLnew= Subject key identifier: 69:64:CE:09:B9:BA:F8:0E:F8:E7:F8:AF:2A:12:79:5F:F0:25:13:1B Certificate issuer: /CN=A91B6587/serialNumber=2D634077CC847B59D4048D43E04B3309698FE638 Certificate serial: 0171 Authority key identifier: 2D:63:40:77:CC:84:7B:59:D4:04:8D:43:E0:4B:33:09:69:8F:E6:38 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LWNAd8yEe1nUBI1D4EszCWmP5jg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B6587/417D71B4918611EDA84A124DC4F9AE02/720F30326E5E11EEBFA4E75BC4F9AE02.roa Signing time: Wed 31 Jan 2024 06:58:05 +0000 ROA not before: Wed 31 Jan 2024 06:58:05 +0000 ROA not after: Thu 31 Oct 2024 00:00:00 +0000 asID: 133499 IP address blocks: 43.225.80.0/22 maxlen: 22 43.225.188.0/24 maxlen: 24 43.225.190.0/24 maxlen: 24 43.228.236.0/24 maxlen: 24 43.228.238.0/24 maxlen: 24 43.228.239.0/24 maxlen: 24 103.84.120.0/22 maxlen: 24 103.194.113.0/24 maxlen: 24 103.240.164.0/22 maxlen: 24 103.241.52.0/22 maxlen: 22 103.241.52.0/24 maxlen: 24 103.241.53.0/24 maxlen: 24 103.241.54.0/24 maxlen: 24 103.241.55.0/24 maxlen: 24 103.252.110.0/24 maxlen: 24 150.107.226.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B6587/417D71B4918611EDA84A124DC4F9AE02/LWNAd8yEe1nUBI1D4EszCWmP5jg.crl rsync://rpki.apnic.net/member_repository/A91B6587/417D71B4918611EDA84A124DC4F9AE02/LWNAd8yEe1nUBI1D4EszCWmP5jg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LWNAd8yEe1nUBI1D4EszCWmP5jg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 22 May 2024 04:58:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 369 (0x171) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B6587/serialNumber=2D634077CC847B59D4048D43E04B3309698FE638 Validity Not Before: Jan 31 06:58:05 2024 GMT Not After : Oct 31 00:00:00 2024 GMT Subject: CN=65b9ef7d-a68c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:50:82:0a:f9:df:c0:8a:c3:ef:da:9f:39:6c: 17:33:f4:ce:99:73:e9:77:c0:cc:eb:32:bd:b5:47: 4e:ad:73:44:01:0b:dc:a5:05:aa:07:59:6d:ed:ce: 58:b3:b0:2b:fb:bf:81:12:c1:01:f8:f2:8b:49:87: c4:f0:cf:47:46:19:67:f3:92:52:83:6a:a3:69:4d: 42:54:d4:b0:aa:2e:59:cf:ec:82:7d:a8:ec:4a:63: 2f:08:d5:24:1c:21:d8:2d:c3:46:b1:e7:d0:4c:b0: ef:4b:50:a8:87:3c:55:20:d1:29:9b:52:09:18:36: 14:5f:7e:8d:33:c7:18:8f:bf:4e:22:d4:1f:48:24: 4d:5f:06:00:73:98:0b:2f:ff:45:de:87:8b:c5:d3: 87:3a:1c:4a:13:7b:6d:00:7f:2e:04:a4:c9:ba:1a: 79:e2:23:f3:8b:aa:39:96:1e:90:5d:4d:9d:09:6c: 8b:9e:57:11:a5:cb:e2:c5:c7:01:e6:39:fd:a7:fc: 59:fb:d0:0e:02:58:62:4c:e2:73:e8:dd:84:99:93: bf:c1:fc:72:be:9e:db:f9:27:0e:b5:df:8e:5b:18: 9a:a1:71:cf:3f:bd:ee:cd:85:b1:cd:20:bf:58:b5: 80:af:5a:48:16:1c:31:85:2a:63:7b:3e:a7:78:b2: 3e:41 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 69:64:CE:09:B9:BA:F8:0E:F8:E7:F8:AF:2A:12:79:5F:F0:25:13:1B X509v3 Authority Key Identifier: keyid:2D:63:40:77:CC:84:7B:59:D4:04:8D:43:E0:4B:33:09:69:8F:E6:38 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B6587/417D71B4918611EDA84A124DC4F9AE02/LWNAd8yEe1nUBI1D4EszCWmP5jg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LWNAd8yEe1nUBI1D4EszCWmP5jg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B6587/417D71B4918611EDA84A124DC4F9AE02/720F30326E5E11EEBFA4E75BC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.225.80.0/22 43.225.188.0/24 43.225.190.0/24 43.228.236.0/24 43.228.238.0/23 103.84.120.0/22 103.194.113.0/24 103.240.164.0/22 103.241.52.0/22 103.252.110.0/24 150.107.226.0/24 Signature Algorithm: sha256WithRSAEncryption 8b:19:6f:ff:5a:45:b1:cf:1c:a5:63:22:8b:fd:e4:6e:0c:59: 43:4b:83:14:ee:90:9b:f2:b1:b4:6e:77:b8:db:e9:8a:34:65: 98:31:7f:fd:75:b6:5f:11:80:b7:03:55:57:78:6e:b9:bc:ee: b1:74:b9:e0:61:70:61:52:b1:df:a7:71:b8:cd:02:31:f8:fa: 7e:34:d8:73:0f:74:48:39:66:8f:18:b1:2f:d9:f7:ed:d0:1e: f5:c4:a9:05:45:29:a1:e6:a5:d3:ac:44:73:a7:13:fc:87:54: c1:be:11:00:07:26:b2:ad:cb:ef:0a:29:1e:0c:1b:63:65:9d: 26:b3:a5:74:3c:fc:b5:d8:a4:6a:88:d8:d6:19:54:6c:f6:ed: d1:b4:0e:17:4a:7d:7f:f5:e9:bc:66:11:4b:ca:9c:2c:32:37: 53:f5:8c:82:c1:21:83:c7:57:00:6e:6c:ba:31:a4:77:cf:7a: 0e:b2:94:81:4b:f4:11:9d:eb:87:23:12:6c:d3:19:78:b2:16: fe:38:7d:6b:70:73:da:0b:53:a6:a9:5e:2d:bb:81:88:48:b4: 9f:74:91:7c:3e:1f:6f:69:af:41:3b:8c:fe:15:b6:ed:89:30: 8f:7d:e8:d3:9f:02:70:eb:5d:1a:5f:68:52:c8:3a:a1:aa:ce: b3:a4:1d:03 -----BEGIN CERTIFICATE----- MIIFrTCCBJWgAwIBAgICAXEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjY1ODcxMTAvBgNVBAUTKDJENjM0MDc3Q0M4NDdCNTlENDA0OEQ0M0UwNEIzMzA5 Njk4RkU2MzgwHhcNMjQwMTMxMDY1ODA1WhcNMjQxMDMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NWI5ZWY3ZC1hNjhjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA11CCCvnfwIrD79qfOWwXM/TOmXPpd8DM6zK9tUdOrXNEAQvcpQWqB1lt7c5Y s7Ar+7+BEsEB+PKLSYfE8M9HRhln85JSg2qjaU1CVNSwqi5Zz+yCfajsSmMvCNUk HCHYLcNGsefQTLDvS1CohzxVINEpm1IJGDYUX36NM8cYj79OItQfSCRNXwYAc5gL L/9F3oeLxdOHOhxKE3ttAH8uBKTJuhp54iPzi6o5lh6QXU2dCWyLnlcRpcvixccB 5jn9p/xZ+9AOAlhiTOJz6N2EmZO/wfxyvp7b+ScOtd+OWxiaoXHPP73uzYWxzSC/ WLWAr1pIFhwxhSpjez6neLI+QQIDAQABo4IC0TCCAs0wHQYDVR0OBBYEFGlkzgm5 uvgO+Of4ryoSeV/wJRMbMB8GA1UdIwQYMBaAFC1jQHfMhHtZ1ASNQ+BLMwlpj+Y4 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNjU4Ny80MTdENzFCNDkx ODYxMUVEQTg0QTEyNERDNEY5QUUwMi9MV05BZDh5RWUxblVCSTFENEVzekNXbVA1 amcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0xXTkFkOHlFZTFuVUJJMUQ0RXN6Q1dtUDVqZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QjY1ODcvNDE3RDcxQjQ5MTg2MTFFREE4NEExMjREQzRGOUFFMDIvNzIwRjMwMzI2 RTVFMTFFRUJGQTRFNzVCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwWwYIKwYBBQUHAQcBAf8E TDBKMEgEAgABMEIDBAIr4VADBAAr4bwDBAAr4b4DBAAr5OwDBAEr5O4DBAJnVHgD BABnwnEDBAJn8KQDBAJn8TQDBABn/G4DBACWa+IwDQYJKoZIhvcNAQELBQADggEB AIsZb/9aRbHPHKVjIov95G4MWUNLgxTukJvysbRud7jb6Yo0ZZgxf/11tl8RgLcD VVd4brm87rF0ueBhcGFSsd+ncbjNAjH4+n402HMPdEg5Zo8YsS/Z9+3QHvXEqQVF KaHmpdOsRHOnE/yHVMG+EQAHJrKty+8KKR4MG2NlnSazpXQ8/LXYpGqI2NYZVGz2 7dG0DhdKfX/16bxmEUvKnCwyN1P1jILBIYPHVwBubLoxpHfPeg6ylIFL9BGd64cj EmzTGXiyFv44fWtwc9oLU6apXi27gYhItJ90kXw+H29pr0E7jP4Vtu2JMI996NOf AnDrXRpfaFLIOqGqzrOkHQM= -----END CERTIFICATE-----Generated at Wed May 15 06:54:31 2024 by rpki-client on console-ams.rpki-client.org