$ rpki-client -vvf rpki.apnic.net/member_repository/A91C9E82/EA7E5FA6636F11EE97C74B5CC4F9AE02/99341DD6663D11EE8CBBAE7CC4F9AE02.roa File: 99341DD6663D11EE8CBBAE7CC4F9AE02.roa (raw, json) Hash identifier: yreHq8Rx1Sr37J0Byk4e2x0mSL9OEEW3A7jtjJoGoX4= Subject key identifier: 23:39:26:83:57:C8:43:C2:DA:2E:27:78:91:EB:EB:FD:A4:69:65:75 Certificate issuer: /CN=A91C9E82/serialNumber=5E72AA7D5B1D5632E5D33FEC72FA7433F49CE29A Certificate serial: 25 Authority key identifier: 5E:72:AA:7D:5B:1D:56:32:E5:D3:3F:EC:72:FA:74:33:F4:9C:E2:9A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XnKqfVsdVjLl0z_scvp0M_Sc4po.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C9E82/EA7E5FA6636F11EE97C74B5CC4F9AE02/99341DD6663D11EE8CBBAE7CC4F9AE02.roa Signing time: Mon 09 Oct 2023 01:36:23 +0000 ROA not before: Mon 09 Oct 2023 01:36:23 +0000 ROA not after: Thu 31 Oct 2024 00:00:00 +0000 asID: 9466 IP address blocks: 203.5.217.0/24 maxlen: 24 203.6.31.0/24 maxlen: 24 203.6.32.0/24 maxlen: 24 203.6.33.0/24 maxlen: 24 203.6.36.0/22 maxlen: 22 203.6.64.0/21 maxlen: 21 203.6.72.0/21 maxlen: 21 203.6.118.0/24 maxlen: 24 203.6.119.0/24 maxlen: 24 203.6.120.0/24 maxlen: 24 203.10.217.0/24 maxlen: 24 203.11.0.0/24 maxlen: 24 2401:6bff::/40 maxlen: 40 2401:6bff:8000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C9E82/EA7E5FA6636F11EE97C74B5CC4F9AE02/XnKqfVsdVjLl0z_scvp0M_Sc4po.crl rsync://rpki.apnic.net/member_repository/A91C9E82/EA7E5FA6636F11EE97C74B5CC4F9AE02/XnKqfVsdVjLl0z_scvp0M_Sc4po.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XnKqfVsdVjLl0z_scvp0M_Sc4po.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 20 Jun 2024 07:03:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 37 (0x25) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C9E82/serialNumber=5E72AA7D5B1D5632E5D33FEC72FA7433F49CE29A Validity Not Before: Oct 9 01:36:23 2023 GMT Not After : Oct 31 00:00:00 2024 GMT Subject: CN=65235917-e310 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:74:a6:7d:98:41:4c:0e:2d:c1:8e:7d:01:35: c0:8b:7e:d6:1c:20:e9:85:ad:96:e8:03:2b:bc:ee: cb:c1:57:bc:2b:65:06:8a:d3:3f:74:b1:a0:b4:49: c3:e7:f9:d0:e1:e3:40:ce:5a:80:9b:63:fe:fe:a5: eb:70:54:3d:fe:e8:32:03:0f:55:46:99:61:f8:53: 89:c8:68:e4:02:38:82:26:8d:3a:9e:60:cb:27:b7: cd:9d:44:7d:ae:7a:07:1c:c5:cd:20:12:27:fb:ed: 79:b8:11:3f:f2:33:c1:78:a8:29:5d:d6:96:f9:f0: 45:9d:86:7b:a8:87:94:18:28:68:2c:f9:01:2f:71: b5:59:13:89:31:5f:e2:d9:2d:e4:5c:2c:69:ab:99: cd:88:a6:e9:0c:7e:fd:e4:2c:ed:bc:22:e1:34:2d: 14:c8:5c:a7:90:ef:31:09:c2:2f:c2:ee:18:68:23: eb:b5:67:93:07:e3:13:e5:54:0a:8a:80:c8:61:db: 9a:48:79:9d:c9:0e:7e:0b:8f:69:4a:7b:2d:48:7b: 4b:9a:92:12:91:70:7d:f5:29:05:38:30:1d:c6:f9: 7f:35:95:de:79:5f:bd:4d:42:b9:50:28:aa:2a:65: bb:2e:96:d3:db:85:60:b9:20:68:d6:4d:c5:fe:d3: 2d:df Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 23:39:26:83:57:C8:43:C2:DA:2E:27:78:91:EB:EB:FD:A4:69:65:75 X509v3 Authority Key Identifier: keyid:5E:72:AA:7D:5B:1D:56:32:E5:D3:3F:EC:72:FA:74:33:F4:9C:E2:9A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C9E82/EA7E5FA6636F11EE97C74B5CC4F9AE02/XnKqfVsdVjLl0z_scvp0M_Sc4po.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XnKqfVsdVjLl0z_scvp0M_Sc4po.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C9E82/EA7E5FA6636F11EE97C74B5CC4F9AE02/99341DD6663D11EE8CBBAE7CC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 203.5.217.0/24 203.6.31.0-203.6.33.255 203.6.36.0/22 203.6.64.0/20 203.6.118.0-203.6.120.255 203.10.217.0/24 203.11.0.0/24 IPv6: 2401:6bff::/40 2401:6bff:8000::/40 Signature Algorithm: sha256WithRSAEncryption 27:21:00:51:19:8f:95:0c:8c:6d:01:05:27:ea:7b:a4:14:86: 2d:f8:07:7b:c8:ef:44:21:33:20:38:23:7d:c9:fd:12:eb:d4: f9:51:80:2f:9c:01:ff:a7:ae:6d:35:09:71:58:69:9b:9a:de: ac:ab:8f:cc:f5:36:31:39:44:a8:b5:9c:f1:07:1b:0e:81:9e: d8:52:8a:48:1a:8d:0c:ae:2b:06:00:48:93:3a:4a:aa:98:32: 0a:c8:3d:ba:b9:3f:7c:e1:bc:29:65:c7:bd:3a:97:48:48:28: 3a:c2:d9:28:02:21:e8:6e:aa:c7:95:64:19:f5:01:45:43:e2: 84:98:41:9f:46:b9:a0:9b:62:8d:69:ae:61:b0:04:59:65:ca: f9:a4:8f:be:54:b0:06:d9:cd:b6:c2:93:56:53:6c:3c:64:2b: be:75:20:6f:56:79:69:76:55:27:40:91:3a:f4:e7:65:17:e5: 1a:7f:2f:6c:77:66:06:48:74:bf:ac:1e:cb:59:d9:70:ab:7f: d5:d6:74:9c:34:d6:c6:c8:ba:61:0f:de:02:1c:b3:25:46:7f: b8:0f:00:8e:09:ba:8b:a2:24:f3:e9:8e:0a:90:4f:c2:5a:0e: 12:f5:f8:d8:08:82:c6:d4:89:8c:57:5d:c7:6b:71:bf:36:27: 99:12:c1:73 -----BEGIN CERTIFICATE----- MIIFvDCCBKSgAwIBAgIBJTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFD OUU4MjExMC8GA1UEBRMoNUU3MkFBN0Q1QjFENTYzMkU1RDMzRkVDNzJGQTc0MzNG NDlDRTI5QTAeFw0yMzEwMDkwMTM2MjNaFw0yNDEwMzEwMDAwMDBaMBgxFjAUBgNV BAMTDTY1MjM1OTE3LWUzMTAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCsdKZ9mEFMDi3Bjn0BNcCLftYcIOmFrZboAyu87svBV7wrZQaK0z90saC0ScPn +dDh40DOWoCbY/7+petwVD3+6DIDD1VGmWH4U4nIaOQCOIImjTqeYMsnt82dRH2u egccxc0gEif77Xm4ET/yM8F4qCld1pb58EWdhnuoh5QYKGgs+QEvcbVZE4kxX+LZ LeRcLGmrmc2IpukMfv3kLO28IuE0LRTIXKeQ7zEJwi/C7hhoI+u1Z5MH4xPlVAqK gMhh25pIeZ3JDn4Lj2lKey1Ie0uakhKRcH31KQU4MB3G+X81ld55X71NQrlQKKoq ZbsultPbhWC5IGjWTcX+0y3fAgMBAAGjggLhMIIC3TAdBgNVHQ4EFgQUIzkmg1fI Q8LaLid4kevr/aRpZXUwHwYDVR0jBBgwFoAUXnKqfVsdVjLl0z/scvp0M/Sc4pow DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUM5RTgyL0VBN0U1RkE2NjM2 RjExRUU5N0M3NEI1Q0M0RjlBRTAyL1huS3FmVnNkVmpMbDB6X3NjdnAwTV9TYzRw by5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvWG5LcWZWc2RWakxsMHpfc2N2cDBNX1NjNHBvLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD OUU4Mi9FQTdFNUZBNjYzNkYxMUVFOTdDNzRCNUNDNEY5QUUwMi85OTM0MURENjY2 M0QxMUVFOENCQkFFN0NDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDBrBggrBgEFBQcBBwEB/wRc MFowQAQCAAEwOgMEAMsF2TAMAwQAywYfAwQBywYgAwQCywYkAwQEywZAMAwDBAHL BnYDBADLBngDBADLCtkDBADLCwAwFgQCAAIwEAMGACQBa/8AAwYAJAFr/4AwDQYJ KoZIhvcNAQELBQADggEBACchAFEZj5UMjG0BBSfqe6QUhi34B3vI70QhMyA4I33J /RLr1PlRgC+cAf+nrm01CXFYaZua3qyrj8z1NjE5RKi1nPEHGw6BnthSikgajQyu KwYASJM6SqqYMgrIPbq5P3zhvCllx706l0hIKDrC2SgCIehuqseVZBn1AUVD4oSY QZ9GuaCbYo1prmGwBFllyvmkj75UsAbZzbbCk1ZTbDxkK751IG9WeWl2VSdAkTr0 52UX5Rp/L2x3ZgZIdL+sHstZ2XCrf9XWdJw01sbIumEP3gIcsyVGf7gPAI4Juoui JPPpjgqQT8JaDhL1+NgIgsbUiYxXXcdrcb82J5kSwXM= -----END CERTIFICATE-----Generated at Thu Jun 13 08:02:32 2024 by rpki-client on console-ams.rpki-client.org