$ rpki-client -vvf rpki.apnic.net/member_repository/A91C911D/7B13B3846C0311EB8844784BC4F9AE02/277D6F8A92FC11EE9104E34AC4F9AE02.roa File: 277D6F8A92FC11EE9104E34AC4F9AE02.roa (raw, json) Hash identifier: Y63HpsRvYL/5i6ST/DVFn929os6gpGVpLFx16SbSFmk= Subject key identifier: C9:E8:F0:3C:AD:54:F6:47:AF:B8:32:80:E7:CD:66:E7:A1:F0:FF:3E Certificate issuer: /CN=A91C911D/serialNumber=475B62A5F233ED05AC72D8781234E109BF3A908C Certificate serial: 0608 Authority key identifier: 47:5B:62:A5:F2:33:ED:05:AC:72:D8:78:12:34:E1:09:BF:3A:90:8C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/R1tipfIz7QWscth4EjThCb86kIw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C911D/7B13B3846C0311EB8844784BC4F9AE02/277D6F8A92FC11EE9104E34AC4F9AE02.roa Signing time: Wed 03 Apr 2024 00:33:00 +0000 ROA not before: Wed 03 Apr 2024 00:33:00 +0000 ROA not after: Wed 28 May 2025 00:00:00 +0000 asID: 45158 IP address blocks: 103.251.172.0/22 maxlen: 23 120.29.240.0/21 maxlen: 21 120.29.245.0/24 maxlen: 24 120.29.246.0/24 maxlen: 24 2407:1e00::/32 maxlen: 32 2407:1e00::/33 maxlen: 40 2407:1e00:1003::/48 maxlen: 48 2407:1e00:8000::/33 maxlen: 37 2407:1e00:8000::/34 maxlen: 40 2407:1e00:c000::/35 maxlen: 40 2407:1e00:e000::/36 maxlen: 40 2407:1e00:f000::/37 maxlen: 40 2407:1e00:f800::/38 maxlen: 38 2407:1e00:f800::/39 maxlen: 39 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C911D/7B13B3846C0311EB8844784BC4F9AE02/R1tipfIz7QWscth4EjThCb86kIw.crl rsync://rpki.apnic.net/member_repository/A91C911D/7B13B3846C0311EB8844784BC4F9AE02/R1tipfIz7QWscth4EjThCb86kIw.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/R1tipfIz7QWscth4EjThCb86kIw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 08 Jun 2024 00:54:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1544 (0x608) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C911D/serialNumber=475B62A5F233ED05AC72D8781234E109BF3A908C Validity Not Before: Apr 3 00:33:00 2024 GMT Not After : May 28 00:00:00 2025 GMT Subject: CN=660ca3bc-ca8b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:f1:bc:97:b5:8f:f8:73:ae:a5:ce:81:b0:70: 77:65:53:b5:8e:6f:03:ed:c1:dc:0a:d0:24:99:b7: e8:c6:5d:dc:1c:ce:fc:61:83:13:8a:44:87:85:95: aa:2e:a2:25:e5:6c:dd:e5:e3:65:c6:22:ff:7e:0b: ac:46:44:7d:cc:9d:c2:e7:ad:d9:d3:02:fe:28:c2: dc:23:d9:0a:76:31:82:f2:64:6c:1b:e4:82:a6:da: 73:45:6f:3e:23:02:77:07:a9:a8:b1:81:1f:ad:27: 1b:db:ee:e6:83:57:fd:b8:33:c1:2d:49:2b:9d:1c: 54:5a:b7:d4:f5:af:a7:7b:da:9a:17:fb:8d:eb:86: d6:52:14:db:04:85:97:30:41:87:b9:ff:ea:b8:bc: e2:77:66:58:e2:40:3e:e3:dc:76:c7:d2:b5:91:43: e7:2c:a2:1a:ae:0b:fe:0f:cd:c5:10:7a:3e:2a:a3: 06:02:49:28:c1:15:43:25:b2:50:ff:44:8f:73:06: a8:e9:11:8d:b9:05:ce:fb:ea:5e:c3:a0:13:a0:ec: 58:df:12:28:1c:ec:af:63:07:60:5d:7c:da:c7:69: ab:80:86:a4:c9:05:4e:f2:e1:1a:58:2a:7d:11:84: 45:47:98:76:bc:ad:9f:ed:ff:1a:66:e0:4a:c2:dd: 57:43 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C9:E8:F0:3C:AD:54:F6:47:AF:B8:32:80:E7:CD:66:E7:A1:F0:FF:3E X509v3 Authority Key Identifier: keyid:47:5B:62:A5:F2:33:ED:05:AC:72:D8:78:12:34:E1:09:BF:3A:90:8C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C911D/7B13B3846C0311EB8844784BC4F9AE02/R1tipfIz7QWscth4EjThCb86kIw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/R1tipfIz7QWscth4EjThCb86kIw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C911D/7B13B3846C0311EB8844784BC4F9AE02/277D6F8A92FC11EE9104E34AC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.251.172.0/22 120.29.240.0/21 IPv6: 2407:1e00::/32 Signature Algorithm: sha256WithRSAEncryption 66:a6:e7:00:6d:d0:ab:18:7d:e6:99:ac:15:42:74:ef:1e:b0: ff:ca:ad:b1:97:b8:0e:4b:f2:03:46:17:9f:82:b4:7f:0e:c7: 71:ab:01:41:15:22:55:59:75:40:36:eb:1b:3d:98:0b:63:a6: 54:18:ae:89:f6:31:e3:3b:0e:0f:fb:24:2b:1f:cd:74:50:e1: 2f:62:86:24:d1:da:b2:e1:bb:27:97:67:4f:d0:72:0f:06:f8: 5c:96:42:0f:c1:5e:b6:b4:e0:ea:45:35:b3:31:ed:0a:f8:7b: 7a:e0:f8:30:e0:88:72:ed:14:f7:44:5f:66:8f:fc:8f:44:93: 81:eb:aa:24:5f:40:22:78:e3:0b:a6:8a:9e:2e:ce:e4:f1:60: 7f:55:2e:cd:68:76:3f:52:f8:95:88:69:93:87:13:2b:18:12: ae:a5:5d:1e:54:f2:80:91:63:40:cc:49:01:e5:2f:98:9f:bf: d1:d7:7c:1d:19:75:03:43:96:77:69:30:f9:42:76:5c:b9:9b: c4:d8:c4:fe:51:6b:99:00:4b:b5:46:ae:f5:bd:a8:0c:5b:98: 30:1c:91:4d:86:9e:f4:78:74:ac:46:91:3d:26:a0:64:65:18: 93:11:36:53:91:f9:35:e0:d5:68:ae:bd:78:57:03:96:60:4c: c4:ca:c2:f5 -----BEGIN CERTIFICATE----- MIIFhjCCBG6gAwIBAgICBggwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QzkxMUQxMTAvBgNVBAUTKDQ3NUI2MkE1RjIzM0VEMDVBQzcyRDg3ODEyMzRFMTA5 QkYzQTkwOEMwHhcNMjQwNDAzMDAzMzAwWhcNMjUwNTI4MDAwMDAwWjAYMRYwFAYD VQQDEw02NjBjYTNiYy1jYThiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEArfG8l7WP+HOupc6BsHB3ZVO1jm8D7cHcCtAkmbfoxl3cHM78YYMTikSHhZWq LqIl5Wzd5eNlxiL/fgusRkR9zJ3C563Z0wL+KMLcI9kKdjGC8mRsG+SCptpzRW8+ IwJ3B6mosYEfrScb2+7mg1f9uDPBLUkrnRxUWrfU9a+ne9qaF/uN64bWUhTbBIWX MEGHuf/quLzid2ZY4kA+49x2x9K1kUPnLKIargv+D83FEHo+KqMGAkkowRVDJbJQ /0SPcwao6RGNuQXO++pew6AToOxY3xIoHOyvYwdgXXzax2mrgIakyQVO8uEaWCp9 EYRFR5h2vK2f7f8aZuBKwt1XQwIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFMno8Dyt VPZHr7gygOfNZueh8P8+MB8GA1UdIwQYMBaAFEdbYqXyM+0FrHLYeBI04Qm/OpCM MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDOTExRC83QjEzQjM4NDZD MDMxMUVCODg0NDc4NEJDNEY5QUUwMi9SMXRpcGZJejdRV3NjdGg0RWpUaENiODZr SXcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1IxdGlwZkl6N1FXc2N0aDRFalRoQ2I4NmtJdy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QzkxMUQvN0IxM0IzODQ2QzAzMTFFQjg4NDQ3ODRCQzRGOUFFMDIvMjc3RDZGOEE5 MkZDMTFFRTkxMDRFMzRBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E JTAjMBIEAgABMAwDBAJn+6wDBAN4HfAwDQQCAAIwBwMFACQHHgAwDQYJKoZIhvcN AQELBQADggEBAGam5wBt0KsYfeaZrBVCdO8esP/KrbGXuA5L8gNGF5+CtH8Ox3Gr AUEVIlVZdUA26xs9mAtjplQYron2MeM7Dg/7JCsfzXRQ4S9ihiTR2rLhuyeXZ0/Q cg8G+FyWQg/BXra04OpFNbMx7Qr4e3rg+DDgiHLtFPdEX2aP/I9Ek4HrqiRfQCJ4 4wumip4uzuTxYH9VLs1odj9S+JWIaZOHEysYEq6lXR5U8oCRY0DMSQHlL5ifv9HX fB0ZdQNDlndpMPlCdly5m8TYxP5Ra5kAS7VGrvW9qAxbmDAckU2GnvR4dKxGkT0m oGRlGJMRNlOR+TXg1WiuvXhXA5ZgTMTKwvU= -----END CERTIFICATE-----Generated at Sat Jun 1 02:01:21 2024 by rpki-client on console-ams.rpki-client.org