$ rpki-client -vvf rpki.apnic.net/member_repository/A91BB493/5FCAB67268F311EA832DDB37C4F9AE02/66E400CACB4C11EE8E404546C4F9AE02.roa File: 66E400CACB4C11EE8E404546C4F9AE02.roa (raw, json) Hash identifier: Bhm0Q4XwclM/AutVLQajl/RY7MZ/JnuqZS+j7Xz7NN4= Subject key identifier: 52:49:95:3A:64:92:AB:90:C3:90:FA:DC:F2:E4:26:B8:74:7F:43:30 Certificate issuer: /CN=A91BB493/serialNumber=9A3FE54122A5096D3EDD88060ED4D9183CBE1867 Certificate serial: 0991 Authority key identifier: 9A:3F:E5:41:22:A5:09:6D:3E:DD:88:06:0E:D4:D9:18:3C:BE:18:67 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/mj_lQSKlCW0-3YgGDtTZGDy-GGc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91BB493/5FCAB67268F311EA832DDB37C4F9AE02/66E400CACB4C11EE8E404546C4F9AE02.roa Signing time: Tue 26 Mar 2024 21:10:19 +0000 ROA not before: Tue 26 Mar 2024 21:10:19 +0000 ROA not after: Wed 28 May 2025 00:00:00 +0000 asID: 2914 IP address blocks: 27.110.64.0/21 maxlen: 21 203.78.192.0/20 maxlen: 20 203.131.240.0/20 maxlen: 20 203.131.244.0/22 maxlen: 22 2001:218::/32 maxlen: 32 2001:218:2002::/48 maxlen: 48 2001:218:8000::/38 maxlen: 38 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91BB493/5FCAB67268F311EA832DDB37C4F9AE02/mj_lQSKlCW0-3YgGDtTZGDy-GGc.crl rsync://rpki.apnic.net/member_repository/A91BB493/5FCAB67268F311EA832DDB37C4F9AE02/mj_lQSKlCW0-3YgGDtTZGDy-GGc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/mj_lQSKlCW0-3YgGDtTZGDy-GGc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 13 May 2024 20:40:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2449 (0x991) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91BB493/serialNumber=9A3FE54122A5096D3EDD88060ED4D9183CBE1867 Validity Not Before: Mar 26 21:10:19 2024 GMT Not After : May 28 00:00:00 2025 GMT Subject: CN=660339bb-95e4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:eb:5f:ac:15:f3:81:56:1b:79:5a:ba:d0:39: b4:95:72:44:91:87:e4:0b:b7:fd:59:6c:f2:29:2f: 58:29:0b:bf:67:55:ff:c7:b9:34:83:84:31:14:e3: a0:04:84:fd:8b:8a:c6:ac:12:ab:5b:cb:cc:e6:65: 89:3f:cf:b0:09:71:f9:29:9f:05:16:a6:96:c4:bd: a5:32:04:55:cd:85:dd:50:fb:3c:76:3e:bf:15:ee: 69:e3:e6:40:22:df:86:a1:79:d0:3a:a1:e8:f9:0e: 56:69:a8:67:96:00:e7:4a:04:b1:8a:fa:7c:20:04: 3f:db:5d:fd:5e:2e:df:de:41:67:48:3a:a6:0a:91: a1:d2:06:3c:b7:54:10:ed:96:07:8a:64:77:f8:53: 37:b2:73:f4:bd:35:85:ab:18:5c:48:aa:b1:cf:e1: c9:c2:15:92:5d:5a:ce:3d:3d:46:fd:a3:1f:f6:6f: 7c:c8:74:80:49:6e:65:10:e5:49:a1:ca:7e:55:aa: 64:df:a4:11:cb:b7:8f:23:e2:07:4e:d2:0a:a9:3b: b3:68:ff:1f:e3:89:68:69:19:1d:a4:35:ee:49:ee: b4:84:25:98:1c:17:75:8a:38:23:3c:16:81:87:b4: 68:75:9c:09:0b:6d:b4:6b:ac:8a:e2:65:5d:29:e7: ba:f5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 52:49:95:3A:64:92:AB:90:C3:90:FA:DC:F2:E4:26:B8:74:7F:43:30 X509v3 Authority Key Identifier: keyid:9A:3F:E5:41:22:A5:09:6D:3E:DD:88:06:0E:D4:D9:18:3C:BE:18:67 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91BB493/5FCAB67268F311EA832DDB37C4F9AE02/mj_lQSKlCW0-3YgGDtTZGDy-GGc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/mj_lQSKlCW0-3YgGDtTZGDy-GGc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BB493/5FCAB67268F311EA832DDB37C4F9AE02/66E400CACB4C11EE8E404546C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 27.110.64.0/21 203.78.192.0/20 203.131.240.0/20 IPv6: 2001:218::/32 Signature Algorithm: sha256WithRSAEncryption c7:f3:c5:50:cd:87:b5:29:2a:bc:64:bb:c1:45:31:f2:13:4e: 03:0d:78:d7:51:bb:83:be:b1:41:d0:af:4b:39:9b:b1:cc:3b: 65:a3:e9:96:7c:6b:03:4f:38:aa:ea:d4:23:fc:c6:b5:6b:9e: 16:9e:e9:5e:0f:30:e0:0c:8d:d2:b1:cc:ec:1d:ca:ed:71:35: b9:89:f3:12:23:26:03:96:78:f0:05:6a:33:be:fb:8a:fd:c6: 21:37:82:44:4a:d6:10:6f:b8:40:6a:e4:2f:04:d4:3b:59:eb: 4d:e7:23:6c:e7:f4:1a:ff:35:1c:5a:14:ac:2a:f0:3e:bd:d1: 72:76:7c:35:27:ba:aa:bd:5b:5c:23:59:5c:96:c0:fe:1b:c4: d4:96:d6:3c:7e:f5:b0:28:64:45:ce:7c:b5:28:29:5b:8a:91: 93:84:13:79:08:d2:fc:86:44:b3:a6:94:27:fd:72:84:3a:8f: b1:65:75:2f:49:f7:89:21:61:28:4c:89:f5:d2:8e:4f:06:3d: 78:03:05:30:91:eb:88:d2:d6:22:bb:f3:fa:4c:f4:3b:ad:84: 5e:68:b3:0d:cd:52:a9:c8:8f:be:a1:4e:9f:03:39:0e:1c:43: 1f:10:2f:0c:c6:b1:e3:4f:77:82:4c:fb:9b:2b:b4:21:0b:52: 56:d4:3a:73 -----BEGIN CERTIFICATE----- MIIFjDCCBHSgAwIBAgICCZEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QkI0OTMxMTAvBgNVBAUTKDlBM0ZFNTQxMjJBNTA5NkQzRUREODgwNjBFRDREOTE4 M0NCRTE4NjcwHhcNMjQwMzI2MjExMDE5WhcNMjUwNTI4MDAwMDAwWjAYMRYwFAYD VQQDEw02NjAzMzliYi05NWU0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEApOtfrBXzgVYbeVq60Dm0lXJEkYfkC7f9WWzyKS9YKQu/Z1X/x7k0g4QxFOOg BIT9i4rGrBKrW8vM5mWJP8+wCXH5KZ8FFqaWxL2lMgRVzYXdUPs8dj6/Fe5p4+ZA It+GoXnQOqHo+Q5WaahnlgDnSgSxivp8IAQ/2139Xi7f3kFnSDqmCpGh0gY8t1QQ 7ZYHimR3+FM3snP0vTWFqxhcSKqxz+HJwhWSXVrOPT1G/aMf9m98yHSASW5lEOVJ ocp+Vapk36QRy7ePI+IHTtIKqTuzaP8f44loaRkdpDXuSe60hCWYHBd1ijgjPBaB h7RodZwJC220a6yK4mVdKee69QIDAQABo4ICsDCCAqwwHQYDVR0OBBYEFFJJlTpk kquQw5D63PLkJrh0f0MwMB8GA1UdIwQYMBaAFJo/5UEipQltPt2IBg7U2Rg8vhhn MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCQjQ5My81RkNBQjY3MjY4 RjMxMUVBODMyRERCMzdDNEY5QUUwMi9tal9sUVNLbENXMC0zWWdHRHRUWkdEeS1H R2MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL21qX2xRU0tsQ1cwLTNZZ0dEdFRaR0R5LUdHYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QkI0OTMvNUZDQUI2NzI2OEYzMTFFQTgzMkREQjM3QzRGOUFFMDIvNjZFNDAwQ0FD QjRDMTFFRThFNDA0NTQ2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOgYIKwYBBQUHAQcBAf8E KzApMBgEAgABMBIDBAMbbkADBATLTsADBATLg/AwDQQCAAIwBwMFACABAhgwDQYJ KoZIhvcNAQELBQADggEBAMfzxVDNh7UpKrxku8FFMfITTgMNeNdRu4O+sUHQr0s5 m7HMO2Wj6ZZ8awNPOKrq1CP8xrVrnhae6V4PMOAMjdKxzOwdyu1xNbmJ8xIjJgOW ePAFajO++4r9xiE3gkRK1hBvuEBq5C8E1DtZ603nI2zn9Br/NRxaFKwq8D690XJ2 fDUnuqq9W1wjWVyWwP4bxNSW1jx+9bAoZEXOfLUoKVuKkZOEE3kI0vyGRLOmlCf9 coQ6j7FldS9J94khYShMifXSjk8GPXgDBTCR64jS1iK78/pM9DuthF5osw3NUqnI j76hTp8DOQ4cQx8QLwzGseNPd4JM+5srtCELUlbUOnM= -----END CERTIFICATE-----Generated at Mon May 6 22:41:02 2024 by rpki-client on console-ams.rpki-client.org