$ rpki-client -vvf rpki.apnic.net/member_repository/A91B885C/5C19F842F26711E987C7131FC4F9AE02/8BFEF29C3AEA11EC84E6634EC4F9AE02.roa File: 8BFEF29C3AEA11EC84E6634EC4F9AE02.roa (raw, json) Hash identifier: yeHG1kxMnb3frjv9cxAjbOfdyL7AWuUw8STMy6MQRNo= Subject key identifier: 47:31:51:98:E0:22:D4:BD:25:04:D5:C0:79:22:CA:16:FA:98:F3:A4 Certificate issuer: /CN=A91B885C/serialNumber=5374C6E75F186052455A2D8DA5292FEF009CC9AF Certificate serial: 0C0A Authority key identifier: 53:74:C6:E7:5F:18:60:52:45:5A:2D:8D:A5:29:2F:EF:00:9C:C9:AF Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U3TG518YYFJFWi2NpSkv7wCcya8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B885C/5C19F842F26711E987C7131FC4F9AE02/8BFEF29C3AEA11EC84E6634EC4F9AE02.roa Signing time: Wed 22 Nov 2023 19:07:05 +0000 ROA not before: Wed 22 Nov 2023 19:07:05 +0000 ROA not after: Sun 01 Dec 2024 00:00:00 +0000 asID: 134520 IP address blocks: 27.122.56.0/24 maxlen: 24 27.122.57.0/24 maxlen: 24 43.239.156.0/22 maxlen: 24 43.251.157.0/24 maxlen: 24 43.251.158.0/24 maxlen: 24 43.251.159.0/24 maxlen: 24 103.1.152.0/24 maxlen: 24 103.1.153.0/24 maxlen: 24 103.1.154.0/24 maxlen: 24 103.10.196.0/24 maxlen: 24 103.10.198.0/24 maxlen: 24 103.35.72.0/22 maxlen: 22 103.35.72.0/24 maxlen: 24 103.35.73.0/24 maxlen: 24 103.35.74.0/24 maxlen: 24 103.35.75.0/24 maxlen: 24 2402:c480:8000::/48 maxlen: 48 2402:c480:9000::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B885C/5C19F842F26711E987C7131FC4F9AE02/U3TG518YYFJFWi2NpSkv7wCcya8.crl rsync://rpki.apnic.net/member_repository/A91B885C/5C19F842F26711E987C7131FC4F9AE02/U3TG518YYFJFWi2NpSkv7wCcya8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U3TG518YYFJFWi2NpSkv7wCcya8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 23 May 2024 19:03:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3082 (0xc0a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B885C/serialNumber=5374C6E75F186052455A2D8DA5292FEF009CC9AF Validity Not Before: Nov 22 19:07:05 2023 GMT Not After : Dec 1 00:00:00 2024 GMT Subject: CN=655e5159-fe80 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9b:44:19:4c:80:91:b4:49:6a:32:1a:a9:e4:99: 44:3e:b3:9f:7b:7b:47:07:04:36:fc:4c:cd:7f:d4: 5c:00:f1:1e:b1:d3:48:2b:65:75:69:82:5b:7d:20: d7:9b:c2:1b:b1:d6:04:73:9c:ef:fd:86:da:53:a9: f5:67:63:63:ea:b5:d5:bd:c4:1f:4f:c7:53:4e:f4: c9:e7:a0:0c:af:db:e6:04:94:72:8b:6a:63:9b:5d: 76:61:e1:dc:37:a5:0e:fb:de:a6:20:b2:f9:84:ea: 27:f4:d5:70:7d:c4:60:6b:02:78:22:37:80:4a:39: 28:ef:22:77:3d:72:8a:d2:db:e8:db:a1:1b:71:3e: 56:08:0a:60:e6:6f:55:fb:45:fe:c3:2c:4d:c5:4c: 7f:73:98:c8:a2:f9:09:8c:c6:50:f4:a1:97:d2:00: 7e:45:3a:f5:fa:59:e6:c4:90:d6:99:5b:19:3f:3f: 81:a2:74:2c:c6:48:e4:35:51:d8:52:dd:d9:bb:a5: 78:15:2c:78:7f:df:99:0a:36:0d:15:57:56:cb:ce: 24:50:53:35:58:54:c9:c5:4f:ea:ca:98:79:9b:fc: 66:70:92:b1:ce:3e:11:8b:b5:11:ff:7e:fa:79:fe: 57:aa:a5:16:55:7a:61:4c:2e:0b:78:56:5a:ae:c7: 0b:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 47:31:51:98:E0:22:D4:BD:25:04:D5:C0:79:22:CA:16:FA:98:F3:A4 X509v3 Authority Key Identifier: keyid:53:74:C6:E7:5F:18:60:52:45:5A:2D:8D:A5:29:2F:EF:00:9C:C9:AF X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B885C/5C19F842F26711E987C7131FC4F9AE02/U3TG518YYFJFWi2NpSkv7wCcya8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U3TG518YYFJFWi2NpSkv7wCcya8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B885C/5C19F842F26711E987C7131FC4F9AE02/8BFEF29C3AEA11EC84E6634EC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 27.122.56.0/23 43.239.156.0/22 43.251.157.0-43.251.159.255 103.1.152.0-103.1.154.255 103.10.196.0/24 103.10.198.0/24 103.35.72.0/22 IPv6: 2402:c480:8000::/48 2402:c480:9000::/48 Signature Algorithm: sha256WithRSAEncryption ac:cb:b3:5b:1b:48:87:62:1b:87:44:2d:c0:c8:a4:9a:18:03: 81:59:03:a3:a5:71:c5:d3:1c:c0:a1:cc:f2:72:b9:59:84:53: 67:6e:d1:ac:66:48:6b:37:ef:50:4e:7c:c7:28:b3:6a:63:2c: 54:0a:36:03:c8:ed:08:4d:ff:ef:a0:55:12:86:eb:f5:d2:aa: de:2a:8a:d4:6c:5b:d6:ee:4a:f2:cc:e7:26:0e:fb:5f:54:b3: b9:29:00:a5:39:1d:bb:10:dc:88:87:98:46:a2:43:09:31:03: 87:5a:26:17:1c:ba:5e:02:c4:ce:57:be:20:e7:6a:d3:10:be: 6d:82:45:6f:5c:64:df:b2:c5:bd:dd:cb:58:97:14:12:0d:f6: 11:9d:db:65:2e:24:8f:0f:fc:e2:17:32:52:60:38:6e:08:be: c3:31:ef:6c:27:90:91:f0:e4:2c:d2:93:31:03:52:c9:bb:4d: 32:58:cd:a8:88:d6:cc:3d:06:8d:54:ce:b4:7d:df:93:3e:de: ef:26:09:fd:bb:ae:c1:58:6e:9e:44:28:13:03:76:cb:84:76: 96:c2:55:2c:49:4b:bd:2e:9f:e3:11:a2:3c:ff:b3:14:f6:78: 38:aa:cc:cb:7f:fa:6f:c8:22:33:91:dc:c3:95:cb:e6:c2:73: 5c:07:d8:5b -----BEGIN CERTIFICATE----- MIIFvzCCBKegAwIBAgICDAowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Qjg4NUMxMTAvBgNVBAUTKDUzNzRDNkU3NUYxODYwNTI0NTVBMkQ4REE1MjkyRkVG MDA5Q0M5QUYwHhcNMjMxMTIyMTkwNzA1WhcNMjQxMjAxMDAwMDAwWjAYMRYwFAYD VQQDEw02NTVlNTE1OS1mZTgwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAm0QZTICRtElqMhqp5JlEPrOfe3tHBwQ2/EzNf9RcAPEesdNIK2V1aYJbfSDX m8IbsdYEc5zv/YbaU6n1Z2Nj6rXVvcQfT8dTTvTJ56AMr9vmBJRyi2pjm112YeHc N6UO+96mILL5hOon9NVwfcRgawJ4IjeASjko7yJ3PXKK0tvo26EbcT5WCApg5m9V +0X+wyxNxUx/c5jIovkJjMZQ9KGX0gB+RTr1+lnmxJDWmVsZPz+BonQsxkjkNVHY Ut3Zu6V4FSx4f9+ZCjYNFVdWy84kUFM1WFTJxU/qyph5m/xmcJKxzj4Ri7UR/376 ef5XqqUWVXphTC4LeFZarscLZQIDAQABo4IC4zCCAt8wHQYDVR0OBBYEFEcxUZjg ItS9JQTVwHkiyhb6mPOkMB8GA1UdIwQYMBaAFFN0xudfGGBSRVotjaUpL+8AnMmv MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCODg1Qy81QzE5Rjg0MkYy NjcxMUU5ODdDNzEzMUZDNEY5QUUwMi9VM1RHNTE4WVlGSkZXaTJOcFNrdjd3Q2N5 YTguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1UzVEc1MThZWUZKRldpMk5wU2t2N3dDY3lhOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx Qjg4NUMvNUMxOUY4NDJGMjY3MTFFOTg3QzcxMzFGQzRGOUFFMDIvOEJGRUYyOUMz QUVBMTFFQzg0RTY2MzRFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwbQYIKwYBBQUHAQcBAf8E XjBcMEAEAgABMDoDBAEbejgDBAIr75wwDAMEACv7nQMEBSv7gDAMAwQDZwGYAwQA ZwGaAwQAZwrEAwQAZwrGAwQCZyNIMBgEAgACMBIDBwAkAsSAgAADBwAkAsSAkAAw DQYJKoZIhvcNAQELBQADggEBAKzLs1sbSIdiG4dELcDIpJoYA4FZA6OlccXTHMCh zPJyuVmEU2du0axmSGs371BOfMcos2pjLFQKNgPI7QhN/++gVRKG6/XSqt4qitRs W9buSvLM5yYO+19Us7kpAKU5HbsQ3IiHmEaiQwkxA4daJhccul4CxM5XviDnatMQ vm2CRW9cZN+yxb3dy1iXFBIN9hGd22UuJI8P/OIXMlJgOG4IvsMx72wnkJHw5CzS kzEDUsm7TTJYzaiI1sw9Bo1UzrR935M+3u8mCf27rsFYbp5EKBMDdsuEdpbCVSxJ S70un+MRojz/sxT2eDiqzMt/+m/IIjOR3MOVy+bCc1wH2Fs= -----END CERTIFICATE-----Generated at Thu May 16 19:50:00 2024 by rpki-client on console-fra.rpki-client.org