$ rpki-client -vvf rpki.apnic.net/member_repository/A91BA5BA/4326CBC0B7CD11ECAF681335C4F9AE02/5FFA5548B5A311EEA95C5732C4F9AE02.roa File: 5FFA5548B5A311EEA95C5732C4F9AE02.roa (raw, json) Hash identifier: +1rr6hdaPkBuu5DRaFr2mXd3vAcnp+KmmihMstYoHfE= Subject key identifier: 7E:CC:7E:14:AF:69:A7:48:87:11:DD:B5:33:44:4F:41:93:03:E9:01 Certificate issuer: /CN=A91BA5BA/serialNumber=02AA3A76C459497B1B45F26E9044ACC6F2E8044F Certificate serial: 028F Authority key identifier: 02:AA:3A:76:C4:59:49:7B:1B:45:F2:6E:90:44:AC:C6:F2:E8:04:4F Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Aqo6dsRZSXsbRfJukESsxvLoBE8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91BA5BA/4326CBC0B7CD11ECAF681335C4F9AE02/5FFA5548B5A311EEA95C5732C4F9AE02.roa Signing time: Wed 20 Mar 2024 02:51:59 +0000 ROA not before: Wed 20 Mar 2024 02:51:59 +0000 ROA not after: Sat 31 Aug 2024 00:00:00 +0000 asID: 131330 IP address blocks: 103.22.148.0/24 maxlen: 24 103.22.149.0/24 maxlen: 24 103.22.150.0/24 maxlen: 24 103.22.151.0/24 maxlen: 24 202.88.40.0/24 maxlen: 24 202.88.41.0/24 maxlen: 24 202.88.43.0/24 maxlen: 24 2400:1560::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91BA5BA/4326CBC0B7CD11ECAF681335C4F9AE02/Aqo6dsRZSXsbRfJukESsxvLoBE8.crl rsync://rpki.apnic.net/member_repository/A91BA5BA/4326CBC0B7CD11ECAF681335C4F9AE02/Aqo6dsRZSXsbRfJukESsxvLoBE8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Aqo6dsRZSXsbRfJukESsxvLoBE8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 08 Jun 2024 04:47:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 655 (0x28f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91BA5BA/serialNumber=02AA3A76C459497B1B45F26E9044ACC6F2E8044F Validity Not Before: Mar 20 02:51:59 2024 GMT Not After : Aug 31 00:00:00 2024 GMT Subject: CN=65fa4f4f-379c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:fe:63:a9:e2:81:a0:4b:52:4c:c9:01:a9:d9: 25:9d:61:ca:a3:a3:04:db:da:cf:aa:ec:b8:fc:78: 36:5c:66:64:5a:95:e9:70:48:69:46:6d:5f:15:74: d6:d5:94:76:9a:d9:5b:c2:85:de:35:82:ce:2e:f1: bb:d2:43:37:57:0d:df:84:f2:9c:e9:87:78:b9:d4: 6c:65:da:74:65:e0:64:1b:89:c3:26:38:c9:03:d3: 9f:b5:f4:ea:31:e6:29:86:53:db:93:df:25:03:8c: b3:1e:be:c5:14:b5:04:7b:28:93:91:ba:e4:5a:3e: ef:b4:93:75:31:a5:3a:72:1b:0b:8d:c3:f2:ef:f3: d1:5c:00:3b:b9:62:34:ca:41:d0:97:be:3b:87:33: 6c:71:2d:8f:ef:be:b9:60:3d:60:bd:d1:05:f6:13: 84:b7:5b:f3:ec:2c:79:61:bf:31:48:9a:f9:47:a4: ee:96:af:dc:f2:11:89:b0:fa:45:79:a8:19:00:7d: fb:4a:bc:2c:cb:cb:40:92:3b:ff:b3:bb:89:b0:05: ae:1c:14:ba:18:ce:ad:9a:18:28:21:c7:ef:61:5d: ce:38:80:51:36:7d:4a:68:8b:89:62:e4:05:46:59: 65:51:a9:12:78:91:50:dc:a8:10:cc:9a:5c:92:06: 31:d1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7E:CC:7E:14:AF:69:A7:48:87:11:DD:B5:33:44:4F:41:93:03:E9:01 X509v3 Authority Key Identifier: keyid:02:AA:3A:76:C4:59:49:7B:1B:45:F2:6E:90:44:AC:C6:F2:E8:04:4F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91BA5BA/4326CBC0B7CD11ECAF681335C4F9AE02/Aqo6dsRZSXsbRfJukESsxvLoBE8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Aqo6dsRZSXsbRfJukESsxvLoBE8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BA5BA/4326CBC0B7CD11ECAF681335C4F9AE02/5FFA5548B5A311EEA95C5732C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.22.148.0/22 202.88.40.0/23 202.88.43.0/24 IPv6: 2400:1560::/32 Signature Algorithm: sha256WithRSAEncryption b7:0e:ca:9c:b6:ed:64:a6:98:2e:ab:49:72:a6:70:03:c8:be: 89:f4:9e:3c:b7:0e:87:f4:05:61:00:ea:93:b4:df:5b:87:d0: 35:b3:67:e4:bc:89:29:17:45:45:46:32:9d:e1:ee:14:a4:33: 70:0c:0a:3d:89:23:3a:95:0a:34:d9:6b:53:56:f9:f8:a4:d3: d8:d6:e1:ca:a5:ca:3d:80:a2:0c:4b:04:50:d1:9c:22:40:14: 7a:2f:c9:58:3b:25:f6:2f:40:f9:ae:a2:61:c2:a7:6a:ef:3a: 1b:14:4a:4f:67:5c:4f:a0:db:1b:35:b5:02:2f:da:61:aa:93: 7c:48:c2:97:48:02:4e:23:ee:d2:f9:04:9f:25:11:7a:8b:2f: ae:55:b0:0a:60:90:f7:20:1b:34:92:e7:42:95:88:66:9d:bd: 5d:5b:d5:bd:55:45:96:cc:a0:86:58:18:b8:50:83:54:42:e8: c2:f8:08:3f:b6:e7:c9:63:c9:35:79:01:60:de:39:6f:fd:45: 4c:94:35:d3:62:7f:13:5a:c6:31:53:17:73:06:78:0b:ac:c6: 88:a6:45:89:58:ea:6f:58:09:f0:1c:39:29:2f:54:d4:6b:31: c5:d1:dc:f1:fb:f9:da:93:4e:5a:70:6b:3c:10:69:d9:a1:74: 00:6f:98:8f -----BEGIN CERTIFICATE----- MIIFjDCCBHSgAwIBAgICAo8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QkE1QkExMTAvBgNVBAUTKDAyQUEzQTc2QzQ1OTQ5N0IxQjQ1RjI2RTkwNDRBQ0M2 RjJFODA0NEYwHhcNMjQwMzIwMDI1MTU5WhcNMjQwODMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NWZhNGY0Zi0zNzljMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxv5jqeKBoEtSTMkBqdklnWHKo6ME29rPquy4/Hg2XGZkWpXpcEhpRm1fFXTW 1ZR2mtlbwoXeNYLOLvG70kM3Vw3fhPKc6Yd4udRsZdp0ZeBkG4nDJjjJA9OftfTq MeYphlPbk98lA4yzHr7FFLUEeyiTkbrkWj7vtJN1MaU6chsLjcPy7/PRXAA7uWI0 ykHQl747hzNscS2P7765YD1gvdEF9hOEt1vz7Cx5Yb8xSJr5R6Tulq/c8hGJsPpF eagZAH37Srwsy8tAkjv/s7uJsAWuHBS6GM6tmhgoIcfvYV3OOIBRNn1KaIuJYuQF RlllUakSeJFQ3KgQzJpckgYx0QIDAQABo4ICsDCCAqwwHQYDVR0OBBYEFH7MfhSv aadIhxHdtTNET0GTA+kBMB8GA1UdIwQYMBaAFAKqOnbEWUl7G0XybpBErMby6ARP MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCQTVCQS80MzI2Q0JDMEI3 Q0QxMUVDQUY2ODEzMzVDNEY5QUUwMi9BcW82ZHNSWlNYc2JSZkp1a0VTc3h2TG9C RTguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0FxbzZkc1JaU1hzYlJmSnVrRVNzeHZMb0JFOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QkE1QkEvNDMyNkNCQzBCN0NEMTFFQ0FGNjgxMzM1QzRGOUFFMDIvNUZGQTU1NDhC NUEzMTFFRUE5NUM1NzMyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOgYIKwYBBQUHAQcBAf8E KzApMBgEAgABMBIDBAJnFpQDBAHKWCgDBADKWCswDQQCAAIwBwMFACQAFWAwDQYJ KoZIhvcNAQELBQADggEBALcOypy27WSmmC6rSXKmcAPIvon0njy3Dof0BWEA6pO0 31uH0DWzZ+S8iSkXRUVGMp3h7hSkM3AMCj2JIzqVCjTZa1NW+fik09jW4cqlyj2A ogxLBFDRnCJAFHovyVg7JfYvQPmuomHCp2rvOhsUSk9nXE+g2xs1tQIv2mGqk3xI wpdIAk4j7tL5BJ8lEXqLL65VsApgkPcgGzSS50KViGadvV1b1b1VRZbMoIZYGLhQ g1RC6ML4CD+258ljyTV5AWDeOW/9RUyUNdNifxNaxjFTF3MGeAusxoimRYlY6m9Y CfAcOSkvVNRrMcXR3PH7+dqTTlpwazwQadmhdABvmI8= -----END CERTIFICATE-----Generated at Sat Jun 1 07:08:25 2024 by rpki-client on console-ams.rpki-client.org