$ rpki-client -vvf rpki.apnic.net/member_repository/A91D28EB/77148AC6EB0911EB9C759180C4F9AE02/8E90AA02EB0B11EBA0B6DD84C4F9AE02.roa File: 8E90AA02EB0B11EBA0B6DD84C4F9AE02.roa (raw, json) Hash identifier: cGA0ZQAQhZrC4mXNbZRUDuLhz5+stSxu/w+9xlh0ErM= Subject key identifier: 66:FB:32:39:6B:8C:7F:E1:1D:68:01:D1:93:F6:D1:B7:00:7B:B2:47 Certificate issuer: /CN=A91D28EB/serialNumber=5C365B1731CA7CE7DB81DD57130BD4D643019B5E Certificate serial: 0432 Authority key identifier: 5C:36:5B:17:31:CA:7C:E7:DB:81:DD:57:13:0B:D4:D6:43:01:9B:5E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XDZbFzHKfOfbgd1XEwvU1kMBm14.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D28EB/77148AC6EB0911EB9C759180C4F9AE02/8E90AA02EB0B11EBA0B6DD84C4F9AE02.roa Signing time: Thu 19 Oct 2023 00:52:59 +0000 ROA not before: Thu 19 Oct 2023 00:52:59 +0000 ROA not after: Mon 30 Sep 2024 00:00:00 +0000 asID: 134550 IP address blocks: 45.123.200.0/22 maxlen: 22 45.123.200.0/24 maxlen: 24 45.123.201.0/24 maxlen: 24 45.123.202.0/24 maxlen: 24 45.123.203.0/24 maxlen: 24 103.192.44.0/22 maxlen: 22 103.192.44.0/24 maxlen: 24 103.192.45.0/24 maxlen: 24 103.192.46.0/24 maxlen: 24 103.192.47.0/24 maxlen: 24 2402:9280::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D28EB/77148AC6EB0911EB9C759180C4F9AE02/XDZbFzHKfOfbgd1XEwvU1kMBm14.crl rsync://rpki.apnic.net/member_repository/A91D28EB/77148AC6EB0911EB9C759180C4F9AE02/XDZbFzHKfOfbgd1XEwvU1kMBm14.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XDZbFzHKfOfbgd1XEwvU1kMBm14.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 26 May 2024 01:19:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1074 (0x432) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D28EB/serialNumber=5C365B1731CA7CE7DB81DD57130BD4D643019B5E Validity Not Before: Oct 19 00:52:59 2023 GMT Not After : Sep 30 00:00:00 2024 GMT Subject: CN=65307deb-7b98 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:2c:41:cd:54:7d:fd:b7:1b:73:b8:b4:f5:7d: 5b:2c:6a:bc:4c:d8:03:ba:1c:b6:7c:c6:44:97:0f: 3b:9d:3c:83:d5:a7:e6:f7:6e:46:57:10:f6:e7:2d: 41:27:4d:94:ba:83:78:4b:7b:85:3e:58:a6:fe:a1: 53:61:0b:bd:45:27:dd:77:5d:86:37:be:1b:61:e2: dc:8c:85:0f:56:9f:6f:b8:a3:1b:05:0c:b9:b3:80: 05:ff:b2:08:0b:b3:9e:43:f8:08:ab:ac:bb:99:d0: 2f:72:58:b6:5c:43:cd:c6:d2:4d:c9:81:7b:6c:f9: ed:71:92:97:8e:60:86:6c:61:62:b0:09:b2:5d:30: 39:26:31:af:7d:3b:14:79:9e:7f:74:1e:8a:d2:b5: 4d:c1:a9:ec:4f:b4:df:0a:b2:fb:f5:3d:3e:63:08: cc:c0:66:aa:45:8f:cd:76:ac:5c:22:77:f9:93:e3: cc:b3:42:7d:3f:90:df:15:e8:1f:81:7c:7c:d8:d8: 1f:31:ef:eb:dd:68:4f:70:be:70:35:f9:41:55:c8: 18:03:a5:3a:c7:ba:46:3e:92:77:5e:f9:d8:c4:cd: 77:a8:73:b8:e6:1b:6e:a9:37:19:db:c7:d5:11:40: 55:04:82:3f:92:6a:d8:87:66:7b:47:76:34:c4:7b: 25:93 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 66:FB:32:39:6B:8C:7F:E1:1D:68:01:D1:93:F6:D1:B7:00:7B:B2:47 X509v3 Authority Key Identifier: keyid:5C:36:5B:17:31:CA:7C:E7:DB:81:DD:57:13:0B:D4:D6:43:01:9B:5E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D28EB/77148AC6EB0911EB9C759180C4F9AE02/XDZbFzHKfOfbgd1XEwvU1kMBm14.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XDZbFzHKfOfbgd1XEwvU1kMBm14.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D28EB/77148AC6EB0911EB9C759180C4F9AE02/8E90AA02EB0B11EBA0B6DD84C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 45.123.200.0/22 103.192.44.0/22 IPv6: 2402:9280::/32 Signature Algorithm: sha256WithRSAEncryption 5d:03:1a:b0:ed:d4:93:08:d8:ae:5d:c6:9d:b1:4f:9e:41:50: b9:21:95:7d:8e:5d:91:84:d4:4c:31:60:74:1f:2d:63:d3:61: 29:39:45:7c:78:68:9e:e5:5b:df:b7:6d:83:91:aa:e7:d6:3b: 1e:77:5d:d2:b9:6a:ee:6f:ab:b6:74:79:3b:55:c9:65:2c:ab: 2a:8a:fb:3b:eb:05:e9:f2:49:14:90:6b:09:a3:c6:e2:b5:8d: e4:0f:f8:28:73:04:0f:fd:81:86:6e:e0:63:3e:79:81:50:d4: 48:2b:0a:8f:bd:1c:a5:67:b8:8d:45:a8:3d:e4:4a:56:73:c8: cf:3b:3c:1e:91:84:a6:c2:d3:94:3b:ca:26:bd:cd:48:aa:f0: 9d:b7:3b:5b:15:d3:d6:03:e6:80:a1:82:76:13:cc:2c:8e:51: 12:35:d5:70:0c:ad:87:70:a9:b5:a2:0c:88:8e:37:34:9f:e8: 4c:5e:d7:e5:8b:bd:b2:0b:5a:d0:0f:b7:7c:e1:dc:79:b6:0c: 46:52:79:5e:de:95:72:41:7d:9f:30:00:15:a5:c9:22:57:6d: e5:63:1e:3a:a4:f9:6d:5b:4b:42:d4:49:76:bc:1f:1e:77:b2: 0b:65:cd:61:07:54:7d:11:c8:92:3f:25:0e:5e:a7:de:a9:1f: aa:f7:d0:5a -----BEGIN CERTIFICATE----- MIIFhjCCBG6gAwIBAgICBDIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDI4RUIxMTAvBgNVBAUTKDVDMzY1QjE3MzFDQTdDRTdEQjgxREQ1NzEzMEJENEQ2 NDMwMTlCNUUwHhcNMjMxMDE5MDA1MjU5WhcNMjQwOTMwMDAwMDAwWjAYMRYwFAYD VQQDEw02NTMwN2RlYi03Yjk4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA1yxBzVR9/bcbc7i09X1bLGq8TNgDuhy2fMZElw87nTyD1afm925GVxD25y1B J02UuoN4S3uFPlim/qFTYQu9RSfdd12GN74bYeLcjIUPVp9vuKMbBQy5s4AF/7II C7OeQ/gIq6y7mdAvcli2XEPNxtJNyYF7bPntcZKXjmCGbGFisAmyXTA5JjGvfTsU eZ5/dB6K0rVNwansT7TfCrL79T0+YwjMwGaqRY/NdqxcInf5k+PMs0J9P5DfFegf gXx82NgfMe/r3WhPcL5wNflBVcgYA6U6x7pGPpJ3XvnYxM13qHO45htuqTcZ28fV EUBVBII/kmrYh2Z7R3Y0xHslkwIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFGb7Mjlr jH/hHWgB0ZP20bcAe7JHMB8GA1UdIwQYMBaAFFw2Wxcxynzn24HdVxML1NZDAZte MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEMjhFQi83NzE0OEFDNkVC MDkxMUVCOUM3NTkxODBDNEY5QUUwMi9YRFpiRnpIS2ZPZmJnZDFYRXd2VTFrTUJt MTQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1hEWmJGekhLZk9mYmdkMVhFd3ZVMWtNQm0xNC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RDI4RUIvNzcxNDhBQzZFQjA5MTFFQjlDNzU5MTgwQzRGOUFFMDIvOEU5MEFBMDJF QjBCMTFFQkEwQjZERDg0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E JTAjMBIEAgABMAwDBAIte8gDBAJnwCwwDQQCAAIwBwMFACQCkoAwDQYJKoZIhvcN AQELBQADggEBAF0DGrDt1JMI2K5dxp2xT55BULkhlX2OXZGE1EwxYHQfLWPTYSk5 RXx4aJ7lW9+3bYORqufWOx53XdK5au5vq7Z0eTtVyWUsqyqK+zvrBenySRSQawmj xuK1jeQP+ChzBA/9gYZu4GM+eYFQ1EgrCo+9HKVnuI1FqD3kSlZzyM87PB6RhKbC 05Q7yia9zUiq8J23O1sV09YD5oChgnYTzCyOURI11XAMrYdwqbWiDIiONzSf6Exe 1+WLvbILWtAPt3zh3Hm2DEZSeV7elXJBfZ8wABWlySJXbeVjHjqk+W1bS0LUSXa8 Hx53sgtlzWEHVH0RyJI/JQ5ep96pH6r30Fo= -----END CERTIFICATE-----Generated at Sun May 19 02:39:37 2024 by rpki-client on console-fra.rpki-client.org