$ rpki-client -vvf rpki.apnic.net/member_repository/A91C941B/69F6B7DE1A8311EC8C922229C4F9AE02/B3883EE61A8C11ECBD6CCF18C4F9AE02.roa File: B3883EE61A8C11ECBD6CCF18C4F9AE02.roa (raw, json) Hash identifier: 1SiztMWrrOjzVD8IZQc3tHGe6xbD+y3RMtUT94TxEfk= Subject key identifier: 12:4C:46:2E:8D:C4:D0:95:E5:6E:E6:7C:6B:80:51:A9:A1:3D:23:44 Certificate issuer: /CN=A91C941B/serialNumber=08025B9B44EED8AE0B76F11E0372CE961877AD9F Certificate serial: 03A5 Authority key identifier: 08:02:5B:9B:44:EE:D8:AE:0B:76:F1:1E:03:72:CE:96:18:77:AD:9F Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CAJbm0Tu2K4LdvEeA3LOlhh3rZ8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C941B/69F6B7DE1A8311EC8C922229C4F9AE02/B3883EE61A8C11ECBD6CCF18C4F9AE02.roa Signing time: Thu 31 Aug 2023 01:32:35 +0000 ROA not before: Thu 31 Aug 2023 01:32:35 +0000 ROA not after: Thu 31 Oct 2024 00:00:00 +0000 asID: 136204 IP address blocks: 123.100.228.0/24 maxlen: 24 123.100.229.0/24 maxlen: 24 123.100.230.0/24 maxlen: 24 123.100.231.0/24 maxlen: 24 202.157.178.0/24 maxlen: 24 203.142.9.0/24 maxlen: 24 2405:70c0::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C941B/69F6B7DE1A8311EC8C922229C4F9AE02/CAJbm0Tu2K4LdvEeA3LOlhh3rZ8.crl rsync://rpki.apnic.net/member_repository/A91C941B/69F6B7DE1A8311EC8C922229C4F9AE02/CAJbm0Tu2K4LdvEeA3LOlhh3rZ8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CAJbm0Tu2K4LdvEeA3LOlhh3rZ8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 28 May 2024 02:03:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 933 (0x3a5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C941B/serialNumber=08025B9B44EED8AE0B76F11E0372CE961877AD9F Validity Not Before: Aug 31 01:32:35 2023 GMT Not After : Oct 31 00:00:00 2024 GMT Subject: CN=64efedb3-e566 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:bc:7a:85:a1:13:a9:fc:aa:9f:8b:a4:60:65: d5:53:15:72:b5:23:b2:0b:12:ff:55:6e:b0:88:49: 66:c8:87:25:b4:4a:2d:6e:84:3b:2c:ab:b8:ba:7a: 01:86:04:44:d1:b0:a1:b3:17:c3:10:86:5b:dc:f8: db:9a:d8:e2:53:b9:d6:ca:ac:57:c8:ee:f9:4e:a1: 2c:2a:da:68:f0:9e:3c:d5:91:23:c8:eb:62:bb:00: ab:15:3b:c9:e2:f5:0b:50:bf:52:1c:10:47:32:2d: 17:68:7d:d4:d5:2d:52:41:36:f3:f8:27:89:17:ea: ec:27:c6:6b:6a:0c:ed:2a:b8:8d:a8:d8:84:11:eb: f3:6f:65:e0:f2:1c:b4:4c:0e:90:5c:93:89:6f:30: d9:80:33:95:b2:dd:f7:c5:0f:e7:66:b1:60:28:22: 5c:51:88:1f:b4:e6:c5:e4:9b:cb:06:fa:10:fa:0c: b6:ef:f6:f5:18:ef:0b:1a:ac:21:c7:8c:8b:ff:8e: d7:8a:66:2e:98:17:04:0d:b6:e4:3f:5c:8b:2d:2c: 13:69:a6:eb:72:2f:d2:e4:a1:3e:b3:f8:18:12:f4: 62:51:96:a9:1c:9c:bb:d1:8c:0b:3a:4a:23:d9:d5: 79:55:ed:82:bf:3a:d6:4a:d4:5f:d8:92:bc:75:e8: da:2d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 12:4C:46:2E:8D:C4:D0:95:E5:6E:E6:7C:6B:80:51:A9:A1:3D:23:44 X509v3 Authority Key Identifier: keyid:08:02:5B:9B:44:EE:D8:AE:0B:76:F1:1E:03:72:CE:96:18:77:AD:9F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C941B/69F6B7DE1A8311EC8C922229C4F9AE02/CAJbm0Tu2K4LdvEeA3LOlhh3rZ8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CAJbm0Tu2K4LdvEeA3LOlhh3rZ8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C941B/69F6B7DE1A8311EC8C922229C4F9AE02/B3883EE61A8C11ECBD6CCF18C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 123.100.228.0/22 202.157.178.0/24 203.142.9.0/24 IPv6: 2405:70c0::/32 Signature Algorithm: sha256WithRSAEncryption 96:d6:c9:58:77:d7:c6:9e:55:66:05:db:40:aa:6a:17:48:0b: d8:1b:de:34:2e:59:a6:23:25:f7:ba:f8:e4:92:77:2a:1a:f8: 2c:79:e7:13:54:47:df:d2:cf:eb:a5:3c:33:dc:3d:d8:1f:11: 3b:86:cf:b6:32:1d:79:f0:6b:c9:88:77:a8:96:62:af:3d:84: 5c:b3:40:e2:fa:53:a9:cc:c5:c7:70:c4:cc:a3:be:4b:56:c2: f7:69:fd:e8:f6:13:1b:5f:c2:f8:2c:90:18:78:fd:c9:da:56: 9c:86:83:77:c9:69:ec:ed:6d:aa:07:a5:b9:dd:2a:05:36:45: be:24:d0:de:96:86:09:b7:ea:9b:fe:80:4c:c5:2a:f4:f9:7a: 58:57:46:30:2b:63:4d:7e:4f:b0:17:87:62:a3:a0:91:b5:5e: 5b:c9:85:25:a3:db:f2:b0:a1:47:31:ed:ad:0d:7d:90:7f:34: 8e:79:68:36:0d:74:a9:d3:93:92:c0:f5:ed:47:f1:15:c5:cb: ce:88:50:fa:7c:42:ad:46:df:61:cb:a9:36:9b:f8:28:bf:dd: d2:1e:12:82:31:68:34:40:7e:71:0f:42:eb:64:04:d0:6c:ca: 73:71:81:5f:e3:21:cd:a2:af:08:8f:4b:93:39:88:ab:8c:27: 4b:5a:6c:f7 -----BEGIN CERTIFICATE----- MIIFjDCCBHSgAwIBAgICA6UwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Qzk0MUIxMTAvBgNVBAUTKDA4MDI1QjlCNDRFRUQ4QUUwQjc2RjExRTAzNzJDRTk2 MTg3N0FEOUYwHhcNMjMwODMxMDEzMjM1WhcNMjQxMDMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NGVmZWRiMy1lNTY2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA07x6haETqfyqn4ukYGXVUxVytSOyCxL/VW6wiElmyIcltEotboQ7LKu4unoB hgRE0bChsxfDEIZb3PjbmtjiU7nWyqxXyO75TqEsKtpo8J481ZEjyOtiuwCrFTvJ 4vULUL9SHBBHMi0XaH3U1S1SQTbz+CeJF+rsJ8ZragztKriNqNiEEevzb2Xg8hy0 TA6QXJOJbzDZgDOVst33xQ/nZrFgKCJcUYgftObF5JvLBvoQ+gy27/b1GO8LGqwh x4yL/47XimYumBcEDbbkP1yLLSwTaabrci/S5KE+s/gYEvRiUZapHJy70YwLOkoj 2dV5Ve2CvzrWStRf2JK8dejaLQIDAQABo4ICsDCCAqwwHQYDVR0OBBYEFBJMRi6N xNCV5W7mfGuAUamhPSNEMB8GA1UdIwQYMBaAFAgCW5tE7tiuC3bxHgNyzpYYd62f MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDOTQxQi82OUY2QjdERTFB ODMxMUVDOEM5MjIyMjlDNEY5QUUwMi9DQUpibTBUdTJLNExkdkVlQTNMT2xoaDNy WjguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0NBSmJtMFR1Mks0TGR2RWVBM0xPbGhoM3JaOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx Qzk0MUIvNjlGNkI3REUxQTgzMTFFQzhDOTIyMjI5QzRGOUFFMDIvQjM4ODNFRTYx QThDMTFFQ0JENkNDRjE4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOgYIKwYBBQUHAQcBAf8E KzApMBgEAgABMBIDBAJ7ZOQDBADKnbIDBADLjgkwDQQCAAIwBwMFACQFcMAwDQYJ KoZIhvcNAQELBQADggEBAJbWyVh318aeVWYF20CqahdIC9gb3jQuWaYjJfe6+OSS dyoa+Cx55xNUR9/Sz+ulPDPcPdgfETuGz7YyHXnwa8mId6iWYq89hFyzQOL6U6nM xcdwxMyjvktWwvdp/ej2ExtfwvgskBh4/cnaVpyGg3fJaeztbaoHpbndKgU2Rb4k 0N6Whgm36pv+gEzFKvT5elhXRjArY01+T7AXh2KjoJG1XlvJhSWj2/KwoUcx7a0N fZB/NI55aDYNdKnTk5LA9e1H8RXFy86IUPp8Qq1G32HLqTab+Ci/3dIeEoIxaDRA fnEPQutkBNBsynNxgV/jIc2irwiPS5M5iKuMJ0tabPc= -----END CERTIFICATE-----Generated at Tue May 21 03:39:39 2024 by rpki-client on console-ams.rpki-client.org