$ rpki-client -vvf rpki.apnic.net/member_repository/A91D83D0/0A16208AAFBC11EAA961CB86C4F9AE02/5353EA28781F11EEBA05B17FC4F9AE02.roa File: 5353EA28781F11EEBA05B17FC4F9AE02.roa (raw, json) Hash identifier: yfWpHkNEQh2G2/td7i4AwoD5izJRxTmfi2zYrBb7ip0= Subject key identifier: 67:5E:6F:F8:9F:61:B3:E3:B8:9A:01:01:6D:04:D8:FF:AE:A9:B3:A6 Certificate issuer: /CN=A91D83D0/serialNumber=C4E4F0DA010AF58637CC59628471E998B7243C52 Certificate serial: 081B Authority key identifier: C4:E4:F0:DA:01:0A:F5:86:37:CC:59:62:84:71:E9:98:B7:24:3C:52 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xOTw2gEK9YY3zFlihHHpmLckPFI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D83D0/0A16208AAFBC11EAA961CB86C4F9AE02/5353EA28781F11EEBA05B17FC4F9AE02.roa Signing time: Tue 02 Apr 2024 22:31:04 +0000 ROA not before: Tue 02 Apr 2024 22:31:04 +0000 ROA not after: Wed 28 May 2025 00:00:00 +0000 asID: 26496 IP address blocks: 43.255.152.0/22 maxlen: 24 103.1.172.0/22 maxlen: 24 118.139.160.0/19 maxlen: 24 182.50.128.0/19 maxlen: 24 203.124.96.0/19 maxlen: 24 2407:1c00::/32 maxlen: 32 2407:1c00:6100::/40 maxlen: 48 2407:1c00:6400::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D83D0/0A16208AAFBC11EAA961CB86C4F9AE02/xOTw2gEK9YY3zFlihHHpmLckPFI.crl rsync://rpki.apnic.net/member_repository/A91D83D0/0A16208AAFBC11EAA961CB86C4F9AE02/xOTw2gEK9YY3zFlihHHpmLckPFI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xOTw2gEK9YY3zFlihHHpmLckPFI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 27 May 2024 21:22:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2075 (0x81b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D83D0/serialNumber=C4E4F0DA010AF58637CC59628471E998B7243C52 Validity Not Before: Apr 2 22:31:04 2024 GMT Not After : May 28 00:00:00 2025 GMT Subject: CN=660c8728-e3c4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:ce:49:a1:83:7c:38:0c:1d:9a:f3:78:f8:dd: bd:2d:19:e0:00:58:82:e2:98:82:7f:9c:42:40:28: 80:d7:16:47:54:b2:43:e8:be:f7:8f:da:d3:1a:cd: 58:fa:d9:63:d8:a2:d7:2a:17:42:38:99:c2:6c:7a: 5b:71:9f:86:9f:d0:ab:4a:4e:fd:7d:f0:dd:58:0b: d3:6a:d5:72:aa:f8:8d:dc:b4:82:d6:28:7e:67:7d: ff:c7:bf:6b:7f:91:46:97:86:b2:23:0a:08:a5:49: 40:43:50:5e:ae:da:53:13:09:ae:a3:d9:7f:84:05: 61:93:6b:38:8a:6b:ce:d2:e9:20:36:af:8a:df:2a: 39:a7:75:ae:23:4b:c2:f0:8d:23:87:2b:c0:eb:a6: 79:c2:c8:78:90:86:5e:ef:19:08:90:e9:55:46:90: dd:45:8e:99:f1:6d:91:65:a7:b6:40:aa:b2:e9:0b: aa:0a:4e:c6:b6:8d:2f:2e:21:51:41:0e:58:67:79: 6f:ff:1e:5a:6b:67:2b:58:e6:b8:31:78:b0:6e:11: 3d:1d:d4:ac:c5:c6:9c:0b:fe:06:7a:b5:e0:ce:e8: 6a:fa:91:5b:e2:54:b6:c7:fb:ac:4c:f9:bc:28:c2: 8b:28:00:6b:2d:dd:ca:1b:30:47:1b:db:49:71:11: 3f:c1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 67:5E:6F:F8:9F:61:B3:E3:B8:9A:01:01:6D:04:D8:FF:AE:A9:B3:A6 X509v3 Authority Key Identifier: keyid:C4:E4:F0:DA:01:0A:F5:86:37:CC:59:62:84:71:E9:98:B7:24:3C:52 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D83D0/0A16208AAFBC11EAA961CB86C4F9AE02/xOTw2gEK9YY3zFlihHHpmLckPFI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xOTw2gEK9YY3zFlihHHpmLckPFI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D83D0/0A16208AAFBC11EAA961CB86C4F9AE02/5353EA28781F11EEBA05B17FC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.255.152.0/22 103.1.172.0/22 118.139.160.0/19 182.50.128.0/19 203.124.96.0/19 IPv6: 2407:1c00::/32 Signature Algorithm: sha256WithRSAEncryption 96:3d:09:8d:f7:98:21:cc:9e:2e:74:a3:55:ec:a1:e7:07:10: 6e:3f:bd:40:d8:e2:96:b1:16:0d:03:20:2c:46:c2:ee:10:3a: 50:d1:4d:f2:4e:b7:74:85:11:1d:54:46:17:d4:5f:b5:fb:79: 92:32:47:ff:6e:7f:55:61:ea:15:fc:95:10:d1:82:34:19:a8: 14:bc:92:67:d5:c3:7c:8c:51:7e:9a:00:ee:f4:59:6e:97:dd: 0e:73:5f:ae:37:ef:0c:4e:aa:c5:50:30:0f:96:02:92:60:4c: fb:01:af:cf:51:e7:8f:4a:11:34:45:3e:8f:ac:4e:28:c7:45: 65:dc:3b:82:63:0c:de:a5:23:a7:49:ab:9a:f9:f6:83:32:1a: 41:b9:8d:83:aa:93:f7:70:c6:ae:c8:a4:37:24:5d:5d:cf:ff: da:2c:fa:ab:2b:0c:52:7c:00:7c:04:79:35:69:24:b3:47:1b: 73:ab:42:c2:cf:61:ff:5e:40:c5:96:0f:eb:09:60:3e:10:3d: 33:42:e6:56:57:c6:cd:46:41:0c:a8:0d:10:e9:88:7c:0f:ef: cd:ac:5f:81:cc:68:20:ad:ee:84:a9:16:49:25:5b:da:8c:25: ab:2a:14:ed:c5:1a:48:fe:64:9c:e7:6b:83:a9:28:c4:e8:12: c9:bc:cb:6c -----BEGIN CERTIFICATE----- MIIFmDCCBICgAwIBAgICCBswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDgzRDAxMTAvBgNVBAUTKEM0RTRGMERBMDEwQUY1ODYzN0NDNTk2Mjg0NzFFOTk4 QjcyNDNDNTIwHhcNMjQwNDAyMjIzMTA0WhcNMjUwNTI4MDAwMDAwWjAYMRYwFAYD VQQDEw02NjBjODcyOC1lM2M0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAts5JoYN8OAwdmvN4+N29LRngAFiC4piCf5xCQCiA1xZHVLJD6L73j9rTGs1Y +tlj2KLXKhdCOJnCbHpbcZ+Gn9CrSk79ffDdWAvTatVyqviN3LSC1ih+Z33/x79r f5FGl4ayIwoIpUlAQ1BertpTEwmuo9l/hAVhk2s4imvO0ukgNq+K3yo5p3WuI0vC 8I0jhyvA66Z5wsh4kIZe7xkIkOlVRpDdRY6Z8W2RZae2QKqy6QuqCk7Gto0vLiFR QQ5YZ3lv/x5aa2crWOa4MXiwbhE9HdSsxcacC/4GerXgzuhq+pFb4lS2x/usTPm8 KMKLKABrLd3KGzBHG9tJcRE/wQIDAQABo4ICvDCCArgwHQYDVR0OBBYEFGdeb/if YbPjuJoBAW0E2P+uqbOmMB8GA1UdIwQYMBaAFMTk8NoBCvWGN8xZYoRx6Zi3JDxS MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEODNEMC8wQTE2MjA4QUFG QkMxMUVBQTk2MUNCODZDNEY5QUUwMi94T1R3MmdFSzlZWTN6RmxpaEhIcG1MY2tQ RkkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3hPVHcyZ0VLOVlZM3pGbGloSEhwbUxja1BGSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RDgzRDAvMEExNjIwOEFBRkJDMTFFQUE5NjFDQjg2QzRGOUFFMDIvNTM1M0VBMjg3 ODFGMTFFRUJBMDVCMTdGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwRgYIKwYBBQUHAQcBAf8E NzA1MCQEAgABMB4DBAIr/5gDBAJnAawDBAV2i6ADBAW2MoADBAXLfGAwDQQCAAIw BwMFACQHHAAwDQYJKoZIhvcNAQELBQADggEBAJY9CY33mCHMni50o1XsoecHEG4/ vUDY4paxFg0DICxGwu4QOlDRTfJOt3SFER1URhfUX7X7eZIyR/9uf1Vh6hX8lRDR gjQZqBS8kmfVw3yMUX6aAO70WW6X3Q5zX6437wxOqsVQMA+WApJgTPsBr89R549K ETRFPo+sTijHRWXcO4JjDN6lI6dJq5r59oMyGkG5jYOqk/dwxq7IpDckXV3P/9os +qsrDFJ8AHwEeTVpJLNHG3OrQsLPYf9eQMWWD+sJYD4QPTNC5lZXxs1GQQyoDRDp iHwP782sX4HMaCCt7oSpFkklW9qMJasqFO3FGkj+ZJzna4OpKMToEsm8y2w= -----END CERTIFICATE-----Generated at Mon May 20 22:38:26 2024 by rpki-client on console-fra.rpki-client.org