$ rpki-client -vvf rpki.apnic.net/member_repository/A91B6F47/B4A86C381D8411E2969FC5DA08B02CD2/D0886954188811EC8E86754FC4F9AE02.roa File: D0886954188811EC8E86754FC4F9AE02.roa (raw, json) Hash identifier: PAZN7QfWh8lW2XQ1TN9tRPtcIxPfRgm+e1flrycVW/k= Subject key identifier: B0:60:43:12:F1:19:3B:EC:62:62:52:9A:D2:15:A9:FA:97:C9:7B:1A Certificate issuer: /CN=A91B6F47/serialNumber=538B076E0AADD8FAE2970C9543E849A90FE73752 Certificate serial: 3421 Authority key identifier: 53:8B:07:6E:0A:AD:D8:FA:E2:97:0C:95:43:E8:49:A9:0F:E7:37:52 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U4sHbgqt2PrilwyVQ-hJqQ_nN1I.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B6F47/B4A86C381D8411E2969FC5DA08B02CD2/D0886954188811EC8E86754FC4F9AE02.roa Signing time: Wed 18 Oct 2023 14:40:29 +0000 ROA not before: Wed 18 Oct 2023 14:40:29 +0000 ROA not after: Sun 01 Dec 2024 00:00:00 +0000 asID: 7532 IP address blocks: 219.69.251.0/24 maxlen: 24 219.69.252.0/22 maxlen: 22 219.69.252.0/23 maxlen: 23 219.69.252.0/24 maxlen: 24 219.69.253.0/24 maxlen: 24 219.69.254.0/23 maxlen: 23 219.69.254.0/24 maxlen: 24 219.69.255.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B6F47/B4A86C381D8411E2969FC5DA08B02CD2/U4sHbgqt2PrilwyVQ-hJqQ_nN1I.crl rsync://rpki.apnic.net/member_repository/A91B6F47/B4A86C381D8411E2969FC5DA08B02CD2/U4sHbgqt2PrilwyVQ-hJqQ_nN1I.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U4sHbgqt2PrilwyVQ-hJqQ_nN1I.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 31 May 2024 14:26:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13345 (0x3421) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B6F47/serialNumber=538B076E0AADD8FAE2970C9543E849A90FE73752 Validity Not Before: Oct 18 14:40:29 2023 GMT Not After : Dec 1 00:00:00 2024 GMT Subject: CN=652fee5c-df92 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:44:f3:20:ba:ea:86:23:25:45:12:f3:16:6b: a8:ba:fb:d6:73:4e:c4:d4:9b:08:c2:44:48:7b:5f: d0:20:f2:38:35:d2:51:e8:b6:69:e5:66:3c:95:32: 49:9a:e9:fa:5a:9d:71:45:1c:6f:ab:b8:1f:71:73: ea:02:a7:f1:4a:c1:92:31:12:be:4f:66:04:70:d3: 42:47:bf:e6:d0:2f:b9:0b:50:31:a9:e8:ba:aa:e1: 9e:6d:45:98:8b:6e:1d:32:89:51:35:c7:e9:3d:24: b5:1a:f1:93:de:fb:16:c0:3b:f8:14:a2:a5:46:6c: 0e:05:bd:c3:9f:4f:d8:31:6e:bf:e6:d9:83:79:6f: 70:42:f3:6a:05:35:04:f4:d1:67:78:bd:73:c5:02: 99:a4:ef:79:99:d7:77:fe:3b:c2:13:f4:8c:c1:72: 6a:03:9e:f2:f5:2a:8a:32:cc:af:b4:0b:4f:73:81: 2b:6f:2d:f2:ee:84:36:9f:62:20:98:ea:dc:93:a5: 79:4f:12:96:3e:bc:5b:e9:42:0d:13:2a:91:be:29: a7:2a:d9:70:6b:06:b8:3e:ac:b9:43:7e:e8:6f:fa: fc:4f:49:f1:24:0a:48:9b:cd:6e:62:47:46:e7:54: f6:9f:99:22:84:c1:24:f2:e8:0d:73:eb:39:c1:d5: 33:e5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B0:60:43:12:F1:19:3B:EC:62:62:52:9A:D2:15:A9:FA:97:C9:7B:1A X509v3 Authority Key Identifier: keyid:53:8B:07:6E:0A:AD:D8:FA:E2:97:0C:95:43:E8:49:A9:0F:E7:37:52 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B6F47/B4A86C381D8411E2969FC5DA08B02CD2/U4sHbgqt2PrilwyVQ-hJqQ_nN1I.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U4sHbgqt2PrilwyVQ-hJqQ_nN1I.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B6F47/B4A86C381D8411E2969FC5DA08B02CD2/D0886954188811EC8E86754FC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 219.69.251.0-219.69.255.255 Signature Algorithm: sha256WithRSAEncryption 22:61:6e:9c:9c:d7:87:94:86:a2:44:8e:53:a1:3a:16:ee:37: 3b:15:80:ec:50:0c:d1:6a:14:94:47:d5:12:21:b9:a1:d1:dd: 8a:fc:02:e2:fd:e4:72:c8:00:4f:14:75:f3:c4:68:c9:07:0c: 96:83:df:9f:4d:b7:4e:d4:bd:ac:e4:1b:87:a1:f9:81:42:9a: 44:99:3d:6a:68:c5:17:26:97:ec:69:ce:df:c1:4b:a6:cf:01: 47:d1:3e:ce:3b:ab:49:04:58:6b:d3:6f:b6:99:83:2f:b1:73: e4:24:64:9c:6c:e9:0d:02:18:51:ba:cc:24:17:1a:4a:72:51: bf:6a:eb:23:87:df:78:d7:a0:80:7f:60:95:57:d2:14:49:fa: f9:51:28:17:78:34:57:0b:2c:8b:ce:34:ad:71:d3:58:3c:18: a3:28:75:6e:9c:d6:72:88:4b:d1:9d:e5:4c:45:d4:17:01:ee: dd:1c:01:7e:0f:fc:ff:8e:62:7e:f2:ae:fb:21:81:17:c6:f9: a3:f5:64:c1:6c:7d:ae:04:3d:45:4a:5f:61:2c:1f:9b:5b:c9: 0b:67:3f:67:f6:98:57:2b:bd:f9:20:0d:d7:7f:23:c7:e2:ad: 5d:f9:76:38:66:11:15:e6:66:e9:36:7f:90:32:72:82:79:9f: 5d:4b:bd:31 -----BEGIN CERTIFICATE----- MIIFeDCCBGCgAwIBAgICNCEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjZGNDcxMTAvBgNVBAUTKDUzOEIwNzZFMEFBREQ4RkFFMjk3MEM5NTQzRTg0OUE5 MEZFNzM3NTIwHhcNMjMxMDE4MTQ0MDI5WhcNMjQxMjAxMDAwMDAwWjAYMRYwFAYD VQQDEw02NTJmZWU1Yy1kZjkyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAu0TzILrqhiMlRRLzFmuouvvWc07E1JsIwkRIe1/QIPI4NdJR6LZp5WY8lTJJ mun6Wp1xRRxvq7gfcXPqAqfxSsGSMRK+T2YEcNNCR7/m0C+5C1Axqei6quGebUWY i24dMolRNcfpPSS1GvGT3vsWwDv4FKKlRmwOBb3Dn0/YMW6/5tmDeW9wQvNqBTUE 9NFneL1zxQKZpO95mdd3/jvCE/SMwXJqA57y9SqKMsyvtAtPc4Erby3y7oQ2n2Ig mOrck6V5TxKWPrxb6UINEyqRvimnKtlwawa4Pqy5Q37ob/r8T0nxJApIm81uYkdG 51T2n5kihMEk8ugNc+s5wdUz5QIDAQABo4ICnDCCApgwHQYDVR0OBBYEFLBgQxLx GTvsYmJSmtIVqfqXyXsaMB8GA1UdIwQYMBaAFFOLB24Krdj64pcMlUPoSakP5zdS MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNkY0Ny9CNEE4NkMzODFE ODQxMUUyOTY5RkM1REEwOEIwMkNEMi9VNHNIYmdxdDJQcmlsd3lWUS1oSnFRX25O MUkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1U0c0hiZ3F0MlByaWx3eVZRLWhKcVFfbk4xSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QjZGNDcvQjRBODZDMzgxRDg0MTFFMjk2OUZDNURBMDhCMDJDRDIvRDA4ODY5NTQx ODg4MTFFQzhFODY3NTRGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJgYIKwYBBQUHAQcBAf8E FzAVMBMEAgABMA0wCwMEANtF+wMDAdtEMA0GCSqGSIb3DQEBCwUAA4IBAQAiYW6c nNeHlIaiRI5ToToW7jc7FYDsUAzRahSUR9USIbmh0d2K/ALi/eRyyABPFHXzxGjJ BwyWg9+fTbdO1L2s5BuHofmBQppEmT1qaMUXJpfsac7fwUumzwFH0T7OO6tJBFhr 02+2mYMvsXPkJGScbOkNAhhRuswkFxpKclG/ausjh99416CAf2CVV9IUSfr5USgX eDRXCyyLzjStcdNYPBijKHVunNZyiEvRneVMRdQXAe7dHAF+D/z/jmJ+8q77IYEX xvmj9WTBbH2uBD1FSl9hLB+bW8kLZz9n9phXK735IA3XfyPH4q1d+XY4ZhEV5mbp Nn+QMnKCeZ9dS70x -----END CERTIFICATE-----Generated at Fri May 24 18:23:58 2024 by rpki-client on console-ams.rpki-client.org