$ rpki-client -vvf rpki.apnic.net/member_repository/A91DA0AA/82BBB552003D11EE9608F147C4F9AE02/8A0713CC004411EE8F32354EC4F9AE02.roa File: 8A0713CC004411EE8F32354EC4F9AE02.roa (raw, json) Hash identifier: iunNRCpoATeuJoiG5398xNfyQXzNgJQZPPVc1V5Kzpw= Subject key identifier: BC:20:46:94:87:61:F5:B2:06:EE:D8:2E:A2:A1:2B:BC:36:08:67:CA Certificate issuer: /CN=A91DA0AA/serialNumber=ED8F5D6C9BFC148F7ABB708C5291D384781C61FD Certificate serial: 10 Authority key identifier: ED:8F:5D:6C:9B:FC:14:8F:7A:BB:70:8C:52:91:D3:84:78:1C:61:FD Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7Y9dbJv8FI96u3CMUpHThHgcYf0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91DA0AA/82BBB552003D11EE9608F147C4F9AE02/8A0713CC004411EE8F32354EC4F9AE02.roa Signing time: Thu 15 Jun 2023 06:46:15 +0000 ROA not before: Thu 15 Jun 2023 06:46:15 +0000 ROA not after: Tue 30 Jul 2024 00:00:00 +0000 asID: 17828 IP address blocks: 202.58.128.0/22 maxlen: 22 202.58.131.0/24 maxlen: 24 202.165.192.0/20 maxlen: 20 2001:c60::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91DA0AA/82BBB552003D11EE9608F147C4F9AE02/7Y9dbJv8FI96u3CMUpHThHgcYf0.crl rsync://rpki.apnic.net/member_repository/A91DA0AA/82BBB552003D11EE9608F147C4F9AE02/7Y9dbJv8FI96u3CMUpHThHgcYf0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7Y9dbJv8FI96u3CMUpHThHgcYf0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 08 Jun 2024 07:46:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 16 (0x10) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91DA0AA/serialNumber=ED8F5D6C9BFC148F7ABB708C5291D384781C61FD Validity Not Before: Jun 15 06:46:15 2023 GMT Not After : Jul 30 00:00:00 2024 GMT Subject: CN=648ab3b7-b861 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dc:86:25:f3:74:71:d3:b0:bc:3a:1e:e4:d9:47: 49:ac:1d:43:a9:c9:0d:43:46:47:64:a5:24:a2:08: 27:38:89:30:bd:ca:5f:d2:f5:84:52:a6:3d:5b:1a: 16:0f:84:4c:cd:15:29:29:e9:cc:2b:ad:16:b0:ec: 3c:3a:06:66:4a:81:c0:37:7d:bc:a9:3a:a7:34:9c: 21:17:59:dc:2b:f1:cb:65:14:ee:49:b8:a3:d0:7e: 8d:84:f6:20:86:9a:5b:42:63:25:ea:6a:8e:40:88: 9b:04:e2:4b:90:67:c8:67:ab:0e:d1:3c:34:bc:ad: 62:53:63:37:bf:4d:fb:b2:b1:f2:08:d8:8b:b8:3e: 69:f4:2c:0c:36:8b:55:8c:ea:c1:29:ec:37:22:93: 7e:d2:39:cc:27:90:7a:3e:a6:7c:3c:97:9d:e4:d4: ed:e9:26:72:ae:1b:22:28:f2:27:02:e1:2b:98:15: e9:ab:08:5b:49:ba:0e:57:46:89:4d:6b:1f:22:60: 0c:fd:fc:e4:cb:76:83:c6:73:ac:48:b5:a3:fe:a4: cb:7b:25:52:46:8e:8c:a4:54:c5:63:63:05:dc:97: 17:71:45:37:b4:88:07:bb:53:e3:17:22:e2:cf:f0: e2:18:0b:1d:34:d5:c3:7a:7b:3f:cc:c9:6b:c3:22: 15:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BC:20:46:94:87:61:F5:B2:06:EE:D8:2E:A2:A1:2B:BC:36:08:67:CA X509v3 Authority Key Identifier: keyid:ED:8F:5D:6C:9B:FC:14:8F:7A:BB:70:8C:52:91:D3:84:78:1C:61:FD X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91DA0AA/82BBB552003D11EE9608F147C4F9AE02/7Y9dbJv8FI96u3CMUpHThHgcYf0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7Y9dbJv8FI96u3CMUpHThHgcYf0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DA0AA/82BBB552003D11EE9608F147C4F9AE02/8A0713CC004411EE8F32354EC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 202.58.128.0/22 202.165.192.0/20 IPv6: 2001:c60::/32 Signature Algorithm: sha256WithRSAEncryption ac:b0:cd:eb:9d:ad:6a:49:52:ad:e0:bf:6e:b8:43:ca:af:d0: 55:eb:68:b9:2c:4a:b7:97:54:5c:ab:3a:b2:ca:93:76:11:17: 1a:77:ee:7c:ea:2c:0e:88:a2:55:7a:05:50:75:e0:34:49:7f: a5:20:9f:98:e9:51:95:4b:77:f6:86:65:98:f1:2c:42:c0:46: 69:53:47:26:0f:85:9e:40:3a:4e:8d:80:28:e4:05:23:bf:ae: 87:7b:ed:c0:e1:95:e0:14:7e:ef:93:49:cb:af:a9:f1:fb:d9: 85:57:6c:7a:2c:f3:08:5c:ad:50:7b:68:1f:78:d7:b5:26:ef: b3:6c:f8:c8:5c:28:9b:b6:a7:e8:3b:98:c5:42:75:18:48:0f: 7e:d0:c0:f9:11:86:20:25:11:1f:5c:4e:c3:09:11:0b:b0:2b: a8:a9:f3:ed:da:bd:de:b2:eb:35:74:3b:4d:f8:bb:58:05:ae: 63:f0:0c:0a:de:a5:82:ad:6b:5b:33:69:f5:ce:d6:cd:8c:75: 37:3f:ef:ad:fc:09:7c:61:db:55:dd:bc:2b:c3:9e:f5:34:73: a2:21:7d:f7:55:ed:77:41:1a:97:3b:0e:27:7c:d5:68:cb:51: f8:fc:c6:02:67:66:38:3f:86:d4:d0:a9:ee:c4:83:f3:e8:5f: ea:8b:a3:82 -----BEGIN CERTIFICATE----- MIIFhTCCBG2gAwIBAgIBEDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFE QTBBQTExMC8GA1UEBRMoRUQ4RjVENkM5QkZDMTQ4RjdBQkI3MDhDNTI5MUQzODQ3 ODFDNjFGRDAeFw0yMzA2MTUwNjQ2MTVaFw0yNDA3MzAwMDAwMDBaMBgxFjAUBgNV BAMTDTY0OGFiM2I3LWI4NjEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDchiXzdHHTsLw6HuTZR0msHUOpyQ1DRkdkpSSiCCc4iTC9yl/S9YRSpj1bGhYP hEzNFSkp6cwrrRaw7Dw6BmZKgcA3fbypOqc0nCEXWdwr8ctlFO5JuKPQfo2E9iCG mltCYyXqao5AiJsE4kuQZ8hnqw7RPDS8rWJTYze/TfuysfII2Iu4Pmn0LAw2i1WM 6sEp7Dcik37SOcwnkHo+pnw8l53k1O3pJnKuGyIo8icC4SuYFemrCFtJug5XRolN ax8iYAz9/OTLdoPGc6xItaP+pMt7JVJGjoykVMVjYwXclxdxRTe0iAe7U+MXIuLP 8OIYCx001cN6ez/MyWvDIhVFAgMBAAGjggKqMIICpjAdBgNVHQ4EFgQUvCBGlIdh 9bIG7tguoqErvDYIZ8owHwYDVR0jBBgwFoAU7Y9dbJv8FI96u3CMUpHThHgcYf0w DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MURBMEFBLzgyQkJCNTUyMDAz RDExRUU5NjA4RjE0N0M0RjlBRTAyLzdZOWRiSnY4Rkk5NnUzQ01VcEhUaEhnY1lm MC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvN1k5ZGJKdjhGSTk2dTNDTVVwSFRoSGdjWWYwLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE QTBBQS84MkJCQjU1MjAwM0QxMUVFOTYwOEYxNDdDNEY5QUUwMi84QTA3MTNDQzAw NDQxMUVFOEYzMjM1NEVDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDA0BggrBgEFBQcBBwEB/wQl MCMwEgQCAAEwDAMEAso6gAMEBMqlwDANBAIAAjAHAwUAIAEMYDANBgkqhkiG9w0B AQsFAAOCAQEArLDN652taklSreC/brhDyq/QVetouSxKt5dUXKs6ssqTdhEXGnfu fOosDoiiVXoFUHXgNEl/pSCfmOlRlUt39oZlmPEsQsBGaVNHJg+FnkA6To2AKOQF I7+uh3vtwOGV4BR+75NJy6+p8fvZhVdseizzCFytUHtoH3jXtSbvs2z4yFwom7an 6DuYxUJ1GEgPftDA+RGGICURH1xOwwkRC7ArqKnz7dq93rLrNXQ7Tfi7WAWuY/AM Ct6lgq1rWzNp9c7WzYx1Nz/vrfwJfGHbVd28K8Oe9TRzoiF991Xtd0EalzsOJ3zV aMtR+PzGAmdmOD+G1NCp7sSD8+hf6oujgg== -----END CERTIFICATE-----Generated at Sat Jun 1 11:47:34 2024 by rpki-client on console-ams.rpki-client.org