$ rpki-client -vvf rpki.apnic.net/member_repository/A91C77BD/38937198DF4011E58232734AC4F9AE02/A257A95EA9DC11E9AA03780DC4F9AE02.roa File: A257A95EA9DC11E9AA03780DC4F9AE02.roa (raw, json) Hash identifier: gnzYE1UPF0infgIE4GAAJVFt04czSCksQg2paK1f/KA= Subject key identifier: 04:ED:A9:B0:54:BB:62:27:2E:87:AC:3E:1F:F9:24:D8:70:8E:24:03 Certificate issuer: /CN=A91C77BD/serialNumber=A3EB7C435063BC54D3573D81DBDC1873987663E0 Certificate serial: 2031 Authority key identifier: A3:EB:7C:43:50:63:BC:54:D3:57:3D:81:DB:DC:18:73:98:76:63:E0 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/o-t8Q1BjvFTTVz2B29wYc5h2Y-A.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C77BD/38937198DF4011E58232734AC4F9AE02/A257A95EA9DC11E9AA03780DC4F9AE02.roa Signing time: Tue 26 Sep 2023 16:13:17 +0000 ROA not before: Tue 26 Sep 2023 16:13:17 +0000 ROA not after: Sun 01 Dec 2024 00:00:00 +0000 asID: 134707 IP address blocks: 103.196.136.0/22 maxlen: 22 203.189.116.0/22 maxlen: 22 223.25.60.0/22 maxlen: 22 2404:3380::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C77BD/38937198DF4011E58232734AC4F9AE02/o-t8Q1BjvFTTVz2B29wYc5h2Y-A.crl rsync://rpki.apnic.net/member_repository/A91C77BD/38937198DF4011E58232734AC4F9AE02/o-t8Q1BjvFTTVz2B29wYc5h2Y-A.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/o-t8Q1BjvFTTVz2B29wYc5h2Y-A.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 07 Jun 2024 16:27:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8241 (0x2031) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C77BD/serialNumber=A3EB7C435063BC54D3573D81DBDC1873987663E0 Validity Not Before: Sep 26 16:13:17 2023 GMT Not After : Dec 1 00:00:00 2024 GMT Subject: CN=6513031c-2847 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:cb:be:67:e4:e9:b6:9b:28:a2:7f:25:77:cf: e1:3e:fb:e9:41:79:25:81:8b:aa:0f:db:b9:be:e4: 01:c0:fd:4e:3e:e1:c6:a3:0c:8a:45:f5:b7:07:5e: 8d:70:b3:9d:89:09:f5:11:b1:92:85:64:f6:78:5e: 72:d1:63:76:05:5f:d6:3d:9d:0b:c5:30:37:4d:b5: 49:c1:88:24:34:2e:06:2f:25:4d:21:ae:0e:8c:ca: 2e:8f:b4:ad:d0:a4:f0:d9:fe:cb:4a:83:c1:07:94: 02:79:69:b3:3b:8f:9d:9e:b8:19:c7:e2:63:a7:66: 23:20:85:82:aa:be:ae:dd:05:5c:10:97:8d:9c:c1: a1:29:0a:6c:0e:da:b7:e7:d0:df:23:d4:ec:d1:e3: 5f:9b:3e:49:da:b2:58:e1:59:a4:59:36:68:c0:01: 90:64:2c:73:d0:fe:6b:2c:bc:02:8e:7d:3e:ce:d7: 30:4f:7b:a7:c2:9d:cf:38:e8:59:5e:5e:74:08:34: 87:ef:ea:01:b3:75:b2:57:ba:6a:aa:f4:77:ee:39: 9b:1a:d2:43:e0:cf:f9:01:b7:91:98:19:5a:2d:35: 90:48:c0:ef:e5:05:fd:98:03:b1:ea:43:36:6c:bc: 84:ce:82:16:6c:4a:2a:df:4c:de:b3:5e:8b:44:0d: 01:cb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 04:ED:A9:B0:54:BB:62:27:2E:87:AC:3E:1F:F9:24:D8:70:8E:24:03 X509v3 Authority Key Identifier: keyid:A3:EB:7C:43:50:63:BC:54:D3:57:3D:81:DB:DC:18:73:98:76:63:E0 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C77BD/38937198DF4011E58232734AC4F9AE02/o-t8Q1BjvFTTVz2B29wYc5h2Y-A.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/o-t8Q1BjvFTTVz2B29wYc5h2Y-A.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C77BD/38937198DF4011E58232734AC4F9AE02/A257A95EA9DC11E9AA03780DC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.196.136.0/22 203.189.116.0/22 223.25.60.0/22 IPv6: 2404:3380::/32 Signature Algorithm: sha256WithRSAEncryption 39:eb:e8:d0:20:87:24:4e:48:be:d5:59:5b:d4:f9:e1:f9:25: 0d:5e:b3:84:4a:d7:1a:6e:04:82:fa:10:ff:9c:2f:ab:90:99: 47:41:1f:64:56:c7:7b:7d:db:a3:10:c5:10:a8:0c:6c:e7:32: ca:9f:37:28:20:5f:04:d1:92:57:45:3b:c9:f9:dd:23:84:52: 9a:d9:f9:e9:ef:eb:be:00:c4:32:b1:86:94:d4:ac:2c:eb:91: 0f:a1:19:a0:75:a3:38:4c:b0:ab:c3:ef:1f:d1:f8:70:e3:29: 3d:19:05:81:ed:f6:67:b2:02:b1:e7:53:dc:e3:4d:6a:a3:10: f4:52:ac:a3:4e:e7:56:ac:d9:e8:f6:9a:c2:8c:83:d8:6a:d5: 83:81:9f:00:84:d2:f1:35:d9:23:ba:32:fb:b2:b6:29:9f:58: 2b:ed:32:7a:e3:24:79:aa:4a:99:30:88:e1:11:a2:99:08:2c: e2:6a:94:c1:af:66:ef:f3:c8:8b:85:6b:3a:63:9e:69:c0:b1: 97:74:ec:4d:e5:48:89:9b:cc:93:e0:85:bd:00:1b:8e:bf:7f: f5:8b:88:e2:d3:f1:1f:44:f5:0b:90:2c:d3:b3:35:cf:7c:53: 70:12:a3:32:09:3a:5f:91:43:52:e9:02:86:77:aa:34:13:70: cc:2b:20:bd -----BEGIN CERTIFICATE----- MIIFjDCCBHSgAwIBAgICIDEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Qzc3QkQxMTAvBgNVBAUTKEEzRUI3QzQzNTA2M0JDNTREMzU3M0Q4MURCREMxODcz OTg3NjYzRTAwHhcNMjMwOTI2MTYxMzE3WhcNMjQxMjAxMDAwMDAwWjAYMRYwFAYD VQQDEw02NTEzMDMxYy0yODQ3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvcu+Z+Tptpsoon8ld8/hPvvpQXklgYuqD9u5vuQBwP1OPuHGowyKRfW3B16N cLOdiQn1EbGShWT2eF5y0WN2BV/WPZ0LxTA3TbVJwYgkNC4GLyVNIa4OjMouj7St 0KTw2f7LSoPBB5QCeWmzO4+dnrgZx+Jjp2YjIIWCqr6u3QVcEJeNnMGhKQpsDtq3 59DfI9Ts0eNfmz5J2rJY4VmkWTZowAGQZCxz0P5rLLwCjn0+ztcwT3unwp3POOhZ Xl50CDSH7+oBs3WyV7pqqvR37jmbGtJD4M/5AbeRmBlaLTWQSMDv5QX9mAOx6kM2 bLyEzoIWbEoq30zes16LRA0BywIDAQABo4ICsDCCAqwwHQYDVR0OBBYEFATtqbBU u2InLoesPh/5JNhwjiQDMB8GA1UdIwQYMBaAFKPrfENQY7xU01c9gdvcGHOYdmPg MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDNzdCRC8zODkzNzE5OERG NDAxMUU1ODIzMjczNEFDNEY5QUUwMi9vLXQ4UTFCanZGVFRWejJCMjl3WWM1aDJZ LUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL28tdDhRMUJqdkZUVFZ6MkIyOXdZYzVoMlktQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx Qzc3QkQvMzg5MzcxOThERjQwMTFFNTgyMzI3MzRBQzRGOUFFMDIvQTI1N0E5NUVB OURDMTFFOUFBMDM3ODBEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOgYIKwYBBQUHAQcBAf8E KzApMBgEAgABMBIDBAJnxIgDBALLvXQDBALfGTwwDQQCAAIwBwMFACQEM4AwDQYJ KoZIhvcNAQELBQADggEBADnr6NAghyROSL7VWVvU+eH5JQ1es4RK1xpuBIL6EP+c L6uQmUdBH2RWx3t926MQxRCoDGznMsqfNyggXwTRkldFO8n53SOEUprZ+env674A xDKxhpTUrCzrkQ+hGaB1ozhMsKvD7x/R+HDjKT0ZBYHt9meyArHnU9zjTWqjEPRS rKNO51as2ej2msKMg9hq1YOBnwCE0vE12SO6MvuytimfWCvtMnrjJHmqSpkwiOER opkILOJqlMGvZu/zyIuFazpjnmnAsZd07E3lSImbzJPghb0AG46/f/WLiOLT8R9E 9QuQLNOzNc98U3ASozIJOl+RQ1LpAoZ3qjQTcMwrIL0= -----END CERTIFICATE-----Generated at Fri May 31 17:44:52 2024 by rpki-client on console-fra.rpki-client.org