$ rpki-client -vvf rpki.apnic.net/member_repository/A91CFFA0/1D66D486D8CB11E9BAE24D21C4F9AE02/27F85F401B0811EEA3313C43C4F9AE02.roa File: 27F85F401B0811EEA3313C43C4F9AE02.roa (raw, json) Hash identifier: MHsKA6rSmP/5ljZEq6IWVKWYpT2ymttT4WvGNnnCU0M= Subject key identifier: 66:55:45:B0:A2:CC:B8:B9:AE:C7:9E:7C:CD:6C:1F:C1:23:9B:62:33 Certificate issuer: /CN=A91CFFA0/serialNumber=ADD9418F0F9B55F3B7376A093DB11DBAD3AEFEC8 Certificate serial: 0DC7 Authority key identifier: AD:D9:41:8F:0F:9B:55:F3:B7:37:6A:09:3D:B1:1D:BA:D3:AE:FE:C8 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rdlBjw-bVfO3N2oJPbEdutOu_sg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CFFA0/1D66D486D8CB11E9BAE24D21C4F9AE02/27F85F401B0811EEA3313C43C4F9AE02.roa Signing time: Thu 28 Dec 2023 18:56:56 +0000 ROA not before: Thu 28 Dec 2023 18:56:56 +0000 ROA not after: Mon 31 Mar 2025 00:00:00 +0000 asID: 7468 IP address blocks: 202.64.110.0/24 maxlen: 24 220.232.132.0/24 maxlen: 24 220.232.133.0/24 maxlen: 24 220.232.134.0/24 maxlen: 24 220.232.156.0/24 maxlen: 24 220.232.157.0/24 maxlen: 24 220.232.159.0/24 maxlen: 24 220.232.211.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CFFA0/1D66D486D8CB11E9BAE24D21C4F9AE02/rdlBjw-bVfO3N2oJPbEdutOu_sg.crl rsync://rpki.apnic.net/member_repository/A91CFFA0/1D66D486D8CB11E9BAE24D21C4F9AE02/rdlBjw-bVfO3N2oJPbEdutOu_sg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rdlBjw-bVfO3N2oJPbEdutOu_sg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 23 May 2024 19:01:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3527 (0xdc7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CFFA0/serialNumber=ADD9418F0F9B55F3B7376A093DB11DBAD3AEFEC8 Validity Not Before: Dec 28 18:56:56 2023 GMT Not After : Mar 31 00:00:00 2025 GMT Subject: CN=658dc4f8-2d9f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f1:d7:2f:7c:1b:e6:cc:d1:0f:29:f5:b0:8b:31: ff:f0:1a:97:88:19:ba:ec:ff:90:80:36:8f:7a:3e: d2:10:15:22:14:da:e5:95:a6:01:cc:18:ed:81:42: 8a:6a:95:74:69:eb:17:86:9c:fc:35:6d:9c:2e:68: 87:39:53:24:2f:47:c2:0c:5c:dc:ac:2d:19:9b:c1: 5b:19:a2:5b:27:c3:b1:d8:47:7c:1a:f5:75:55:3f: af:37:5c:33:e0:62:5e:53:0c:dd:d7:ab:a7:1c:62: 55:5b:03:31:8b:18:4a:95:b5:5a:ef:66:cb:a9:38: e4:aa:46:a0:f3:6a:48:ac:ad:75:81:7b:db:7d:11: 59:2b:51:67:db:5c:be:84:23:38:38:31:4b:56:24: 62:47:82:fa:98:5f:64:02:58:d6:9e:4e:42:ae:25: 07:0f:52:98:e2:cb:73:38:8d:e3:1b:c7:47:5e:1f: fd:58:00:65:73:97:b0:91:b9:ee:16:90:fc:68:f0: 61:a6:9c:f3:07:cf:5a:31:7c:c7:51:64:47:8f:26: 3b:4b:6d:b3:4b:6f:83:6a:d7:7a:64:33:7d:31:58: 53:e8:57:00:83:0f:85:7b:14:8a:d6:ee:ba:75:62: c6:6b:bb:55:7a:fa:28:cb:0c:1f:fd:5d:bf:37:0f: 9b:3b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 66:55:45:B0:A2:CC:B8:B9:AE:C7:9E:7C:CD:6C:1F:C1:23:9B:62:33 X509v3 Authority Key Identifier: keyid:AD:D9:41:8F:0F:9B:55:F3:B7:37:6A:09:3D:B1:1D:BA:D3:AE:FE:C8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CFFA0/1D66D486D8CB11E9BAE24D21C4F9AE02/rdlBjw-bVfO3N2oJPbEdutOu_sg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rdlBjw-bVfO3N2oJPbEdutOu_sg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CFFA0/1D66D486D8CB11E9BAE24D21C4F9AE02/27F85F401B0811EEA3313C43C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 202.64.110.0/24 220.232.132.0-220.232.134.255 220.232.156.0/23 220.232.159.0/24 220.232.211.0/24 Signature Algorithm: sha256WithRSAEncryption 7a:0b:4f:aa:67:57:83:77:43:bf:96:c9:fb:c5:b9:cd:b4:ba: 87:a4:9c:9a:70:6d:93:2e:1f:eb:32:c1:be:94:e7:c6:cd:33: 10:9c:20:81:b8:6c:33:58:a2:bf:0f:b4:a9:cd:d5:e2:e5:c3: cf:27:0c:3c:f8:90:bb:55:3f:ec:d3:61:0a:bb:a7:a6:94:65: 55:49:14:90:47:d1:f1:e7:8e:df:8f:5f:c1:7b:f2:6f:79:7d: d5:09:d7:0d:c5:5e:81:e5:d0:a0:7f:ff:20:dc:58:06:e5:d5: 68:11:2e:68:6c:99:ff:e8:60:15:1b:e9:3d:39:ff:0b:cf:bd: 87:39:6d:29:e4:7d:17:a7:8a:89:d7:43:86:0a:b9:89:22:d9: 05:bc:ad:9f:60:00:39:2b:d1:1e:df:2e:73:44:01:1f:a8:ee: 1e:94:63:b4:ad:9e:09:c5:8c:1a:a3:b6:d5:af:d0:4b:a1:ae: 3c:2a:f3:62:f6:99:44:6b:cc:ab:e5:a7:44:7c:c3:61:8c:90: 29:9e:cf:c1:cc:22:82:b3:93:47:54:4c:08:59:20:b7:ab:de: a9:68:b9:19:e1:de:56:81:9e:c4:d7:2a:06:41:f1:3a:be:7c: 18:63:d7:95:1a:21:dc:b2:38:3b:b2:5d:de:12:c4:8e:09:80: df:a4:b7:c2 -----BEGIN CERTIFICATE----- MIIFkTCCBHmgAwIBAgICDccwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Q0ZGQTAxMTAvBgNVBAUTKEFERDk0MThGMEY5QjU1RjNCNzM3NkEwOTNEQjExREJB RDNBRUZFQzgwHhcNMjMxMjI4MTg1NjU2WhcNMjUwMzMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NThkYzRmOC0yZDlmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA8dcvfBvmzNEPKfWwizH/8BqXiBm67P+QgDaPej7SEBUiFNrllaYBzBjtgUKK apV0aesXhpz8NW2cLmiHOVMkL0fCDFzcrC0Zm8FbGaJbJ8Ox2Ed8GvV1VT+vN1wz 4GJeUwzd16unHGJVWwMxixhKlbVa72bLqTjkqkag82pIrK11gXvbfRFZK1Fn21y+ hCM4ODFLViRiR4L6mF9kAljWnk5CriUHD1KY4stzOI3jG8dHXh/9WABlc5ewkbnu FpD8aPBhppzzB89aMXzHUWRHjyY7S22zS2+Datd6ZDN9MVhT6FcAgw+FexSK1u66 dWLGa7tVevooywwf/V2/Nw+bOwIDAQABo4ICtTCCArEwHQYDVR0OBBYEFGZVRbCi zLi5rseefM1sH8Ejm2IzMB8GA1UdIwQYMBaAFK3ZQY8Pm1XztzdqCT2xHbrTrv7I MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDRkZBMC8xRDY2RDQ4NkQ4 Q0IxMUU5QkFFMjREMjFDNEY5QUUwMi9yZGxCanctYlZmTzNOMm9KUGJFZHV0T3Vf c2cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3JkbEJqdy1iVmZPM04yb0pQYkVkdXRPdV9zZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx Q0ZGQTAvMUQ2NkQ0ODZEOENCMTFFOUJBRTI0RDIxQzRGOUFFMDIvMjdGODVGNDAx QjA4MTFFRUEzMzEzQzQzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwPwYIKwYBBQUHAQcBAf8E MDAuMCwEAgABMCYDBADKQG4wDAMEAtzohAMEANzohgMEAdzonAMEANzonwMEANzo 0zANBgkqhkiG9w0BAQsFAAOCAQEAegtPqmdXg3dDv5bJ+8W5zbS6h6ScmnBtky4f 6zLBvpTnxs0zEJwggbhsM1iivw+0qc3V4uXDzycMPPiQu1U/7NNhCrunppRlVUkU kEfR8eeO349fwXvyb3l91QnXDcVegeXQoH//INxYBuXVaBEuaGyZ/+hgFRvpPTn/ C8+9hzltKeR9F6eKiddDhgq5iSLZBbytn2AAOSvRHt8uc0QBH6juHpRjtK2eCcWM GqO21a/QS6GuPCrzYvaZRGvMq+WnRHzDYYyQKZ7PwcwigrOTR1RMCFkgt6veqWi5 GeHeVoGexNcqBkHxOr58GGPXlRoh3LI4O7Jd3hLEjgmA36S3wg== -----END CERTIFICATE-----Generated at Thu May 16 20:25:55 2024 by rpki-client on console-ams.rpki-client.org