$ rpki-client -vvf rpki.apnic.net/member_repository/A91CFA8E/61BAD8E0F87E11ED90D8445CC4F9AE02/61663178F88311EDB1DF555DC4F9AE02.roa File: 61663178F88311EDB1DF555DC4F9AE02.roa (raw, json) Hash identifier: UrcwKDaR3AkRy6/pEVnSRQ8ZMWTM/9hdb4jF8pJExns= Subject key identifier: 22:15:02:74:3A:83:7F:A8:43:59:C7:F5:24:C1:80:99:76:47:B9:F5 Certificate issuer: /CN=A91CFA8E/serialNumber=D880EF265B940E31DFED1C42AEF5144B64413717 Certificate serial: 6D Authority key identifier: D8:80:EF:26:5B:94:0E:31:DF:ED:1C:42:AE:F5:14:4B:64:41:37:17 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2IDvJluUDjHf7RxCrvUUS2RBNxc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CFA8E/61BAD8E0F87E11ED90D8445CC4F9AE02/61663178F88311EDB1DF555DC4F9AE02.roa Signing time: Wed 22 Nov 2023 04:09:20 +0000 ROA not before: Wed 22 Nov 2023 04:09:20 +0000 ROA not after: Sat 31 Aug 2024 00:00:00 +0000 asID: 56309 IP address blocks: 43.229.148.0/22 maxlen: 24 103.13.28.0/22 maxlen: 24 103.99.11.0/24 maxlen: 24 103.117.148.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CFA8E/61BAD8E0F87E11ED90D8445CC4F9AE02/2IDvJluUDjHf7RxCrvUUS2RBNxc.crl rsync://rpki.apnic.net/member_repository/A91CFA8E/61BAD8E0F87E11ED90D8445CC4F9AE02/2IDvJluUDjHf7RxCrvUUS2RBNxc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2IDvJluUDjHf7RxCrvUUS2RBNxc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 May 2024 06:31:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 109 (0x6d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CFA8E/serialNumber=D880EF265B940E31DFED1C42AEF5144B64413717 Validity Not Before: Nov 22 04:09:20 2023 GMT Not After : Aug 31 00:00:00 2024 GMT Subject: CN=655d7eef-5f50 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:e5:bd:7a:17:e6:d5:4e:99:9e:ff:22:16:d7: f3:1d:7a:a2:50:78:a0:12:30:7c:79:93:59:55:d8: 69:13:c2:f1:26:55:41:87:58:f0:94:84:89:d6:99: e1:44:6e:90:ac:b4:80:9c:1a:b1:51:94:02:b7:f3: 34:52:42:7e:7d:b8:c0:b2:c6:f1:78:3a:b6:0f:fa: 29:fa:e6:b1:f0:2f:c7:54:db:75:4b:87:2f:d6:f6: 04:40:83:c2:b6:1a:4f:fc:fc:62:15:ad:2d:f1:79: c4:78:57:2a:80:7e:d7:29:e3:77:ff:03:51:82:ef: bd:b9:65:08:85:85:6b:bb:71:f3:33:83:91:e6:d0: ad:d5:c9:3c:75:3b:63:49:61:54:f4:d4:46:1a:02: 7c:d3:0c:0d:47:d7:81:cb:d0:22:8c:e6:5d:78:98: 43:ad:aa:87:f5:72:d4:c8:7c:ac:4b:9b:23:54:5d: 7c:93:2f:3e:c1:4f:52:d6:62:e2:15:19:e7:56:fb: 9d:8f:ae:af:d5:c2:92:bd:0b:13:0f:22:55:ac:15: da:b3:5a:ba:04:a0:b6:72:58:3a:11:31:03:a1:f3: b7:0a:9c:85:2c:38:a4:c3:7e:c3:08:33:1b:78:13: dd:9a:90:ff:d7:3c:4e:20:40:48:c5:1d:a3:67:f9: f4:23 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 22:15:02:74:3A:83:7F:A8:43:59:C7:F5:24:C1:80:99:76:47:B9:F5 X509v3 Authority Key Identifier: keyid:D8:80:EF:26:5B:94:0E:31:DF:ED:1C:42:AE:F5:14:4B:64:41:37:17 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CFA8E/61BAD8E0F87E11ED90D8445CC4F9AE02/2IDvJluUDjHf7RxCrvUUS2RBNxc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2IDvJluUDjHf7RxCrvUUS2RBNxc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CFA8E/61BAD8E0F87E11ED90D8445CC4F9AE02/61663178F88311EDB1DF555DC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.229.148.0/22 103.13.28.0/22 103.99.11.0/24 103.117.148.0/22 Signature Algorithm: sha256WithRSAEncryption 6e:20:56:d9:51:9a:d5:9c:27:d5:a7:e9:ba:91:c6:25:96:d8: e4:31:cd:ef:bd:60:09:20:4d:1a:8e:44:93:8e:dd:85:62:94: 6f:b2:e2:06:74:79:a5:cc:72:70:c0:73:4d:0c:93:62:15:5b: 69:34:9b:6d:55:97:8d:c2:59:fb:fa:bc:02:32:ce:38:e2:f1: 3f:a7:10:ab:f0:66:18:bf:0d:ee:3d:4e:02:92:97:3b:d7:41: dd:c9:cf:3e:4e:2e:ba:b5:f7:20:ca:fc:ab:d3:fe:d5:cc:90: ac:2b:4c:ee:75:58:e3:9f:0c:2e:20:8b:23:d6:cc:62:0a:13: 9d:07:29:f2:3e:29:97:04:2c:de:43:fd:00:42:d6:bb:b8:dc: 2c:bb:77:70:15:88:45:98:61:48:a5:56:f7:44:19:f3:ca:22: 79:4f:16:70:70:6a:4d:0a:e2:42:58:08:6f:ee:d9:55:d8:f3: 14:51:59:79:dd:c2:9f:ae:17:25:65:9a:05:e5:38:14:88:69: 4f:29:45:0b:ed:60:3c:1a:5b:68:4c:bc:32:4d:8d:8a:0b:b9: 01:be:6c:06:31:18:60:2a:cc:0d:e8:0d:fb:20:f3:2f:e6:ce: 11:18:19:72:ca:12:e0:f9:e7:7d:de:c5:58:cf:c2:89:9c:1a: 18:b2:a6:e9 -----BEGIN CERTIFICATE----- MIIFgjCCBGqgAwIBAgIBbTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFD RkE4RTExMC8GA1UEBRMoRDg4MEVGMjY1Qjk0MEUzMURGRUQxQzQyQUVGNTE0NEI2 NDQxMzcxNzAeFw0yMzExMjIwNDA5MjBaFw0yNDA4MzEwMDAwMDBaMBgxFjAUBgNV BAMTDTY1NWQ3ZWVmLTVmNTAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCw5b16F+bVTpme/yIW1/MdeqJQeKASMHx5k1lV2GkTwvEmVUGHWPCUhInWmeFE bpCstICcGrFRlAK38zRSQn59uMCyxvF4OrYP+in65rHwL8dU23VLhy/W9gRAg8K2 Gk/8/GIVrS3xecR4VyqAftcp43f/A1GC7725ZQiFhWu7cfMzg5Hm0K3VyTx1O2NJ YVT01EYaAnzTDA1H14HL0CKM5l14mEOtqof1ctTIfKxLmyNUXXyTLz7BT1LWYuIV GedW+52Prq/VwpK9CxMPIlWsFdqzWroEoLZyWDoRMQOh87cKnIUsOKTDfsMIMxt4 E92akP/XPE4gQEjFHaNn+fQjAgMBAAGjggKnMIICozAdBgNVHQ4EFgQUIhUCdDqD f6hDWcf1JMGAmXZHufUwHwYDVR0jBBgwFoAU2IDvJluUDjHf7RxCrvUUS2RBNxcw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUNGQThFLzYxQkFEOEUwRjg3 RTExRUQ5MEQ4NDQ1Q0M0RjlBRTAyLzJJRHZKbHVVRGpIZjdSeENydlVVUzJSQk54 Yy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvMklEdkpsdVVEakhmN1J4Q3J2VVVTMlJCTnhjLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD RkE4RS82MUJBRDhFMEY4N0UxMUVEOTBEODQ0NUNDNEY5QUUwMi82MTY2MzE3OEY4 ODMxMUVEQjFERjU1NURDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAxBggrBgEFBQcBBwEB/wQi MCAwHgQCAAEwGAMEAivllAMEAmcNHAMEAGdjCwMEAmd1lDANBgkqhkiG9w0BAQsF AAOCAQEAbiBW2VGa1Zwn1afpupHGJZbY5DHN771gCSBNGo5Ek47dhWKUb7LiBnR5 pcxycMBzTQyTYhVbaTSbbVWXjcJZ+/q8AjLOOOLxP6cQq/BmGL8N7j1OApKXO9dB 3cnPPk4uurX3IMr8q9P+1cyQrCtM7nVY458MLiCLI9bMYgoTnQcp8j4plwQs3kP9 AELWu7jcLLt3cBWIRZhhSKVW90QZ88oieU8WcHBqTQriQlgIb+7ZVdjzFFFZed3C n64XJWWaBeU4FIhpTylFC+1gPBpbaEy8Mk2Nigu5Ab5sBjEYYCrMDegN+yDzL+bO ERgZcsoS4Pnnfd7FWM/CiZwaGLKm6Q== -----END CERTIFICATE-----Generated at Fri May 17 08:13:54 2024 by rpki-client on console-fra.rpki-client.org