$ rpki-client -vvf rpki.apnic.net/member_repository/A91DBF0D/57964D4ACB0E11EAA10F331DC4F9AE02/9D664600CB1211EAACC0E528C4F9AE02.roa File: 9D664600CB1211EAACC0E528C4F9AE02.roa (raw, json) Hash identifier: wrz9NcO15NKFZgxZwwAqVuVrrYTqHhwaMWYAmXJ0k7U= Subject key identifier: DF:09:08:61:9E:A5:FE:B3:58:77:3C:14:19:3F:DA:7F:2B:6B:66:E3 Certificate issuer: /CN=A91DBF0D/serialNumber=0D68DBAD600F8BD90B355B98F4B238FB9E9A57FA Certificate serial: 0750 Authority key identifier: 0D:68:DB:AD:60:0F:8B:D9:0B:35:5B:98:F4:B2:38:FB:9E:9A:57:FA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DWjbrWAPi9kLNVuY9LI4-56aV_o.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91DBF0D/57964D4ACB0E11EAA10F331DC4F9AE02/9D664600CB1211EAACC0E528C4F9AE02.roa Signing time: Thu 04 Jan 2024 21:59:50 +0000 ROA not before: Thu 04 Jan 2024 21:59:50 +0000 ROA not after: Mon 31 Mar 2025 00:00:00 +0000 asID: 63920 IP address blocks: 43.225.48.0/22 maxlen: 24 103.44.32.0/22 maxlen: 24 103.65.252.0/22 maxlen: 24 103.208.164.0/22 maxlen: 24 137.59.168.0/22 maxlen: 24 2401:cd80::/31 maxlen: 48 2404:4180::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91DBF0D/57964D4ACB0E11EAA10F331DC4F9AE02/DWjbrWAPi9kLNVuY9LI4-56aV_o.crl rsync://rpki.apnic.net/member_repository/A91DBF0D/57964D4ACB0E11EAA10F331DC4F9AE02/DWjbrWAPi9kLNVuY9LI4-56aV_o.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DWjbrWAPi9kLNVuY9LI4-56aV_o.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 25 May 2024 19:51:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1872 (0x750) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91DBF0D/serialNumber=0D68DBAD600F8BD90B355B98F4B238FB9E9A57FA Validity Not Before: Jan 4 21:59:50 2024 GMT Not After : Mar 31 00:00:00 2025 GMT Subject: CN=65972a55-8c5c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:4a:a6:70:72:64:55:fe:bb:64:31:d5:8f:3e: 06:14:47:b6:ae:f1:4d:b4:d1:9d:77:e7:7b:9c:84: 71:45:64:67:13:96:58:3c:30:92:d1:de:8d:83:bc: 0c:a6:4f:09:da:e4:3b:9e:a3:dc:14:24:c9:2c:4f: 26:58:01:be:04:26:48:5e:23:16:0d:d8:47:a4:bf: 73:16:b6:8a:8d:0b:38:39:1a:56:c7:cd:0c:76:9c: e1:88:15:d1:31:07:a0:4d:6e:dd:d3:fc:8a:03:e4: 9b:a7:59:d5:61:e1:28:e1:70:f6:0e:a4:2f:ec:3c: 0f:0f:e7:8c:f4:b0:b0:af:be:39:bc:ff:31:9b:fc: c1:f8:c4:d3:69:91:cc:30:04:26:b3:1e:b9:d7:e7: bc:80:77:74:4f:e9:73:ac:44:78:cb:03:b2:f9:c6: 10:f7:fc:d8:2c:57:ba:93:8b:63:fa:4b:73:85:17: a4:46:a1:ae:ae:53:df:96:d7:08:b0:02:1f:23:d4: 23:6f:ab:f0:c9:2d:e9:91:83:75:3f:dc:ae:dd:3c: 6d:2c:9d:b2:f9:f7:b3:79:93:a4:ba:63:93:51:99: 91:30:2d:4a:a2:c3:d5:6c:a6:cb:e4:64:55:e8:76: 58:c9:d0:d8:a1:a9:14:92:c3:2b:c8:f0:1f:7f:73: f7:83 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DF:09:08:61:9E:A5:FE:B3:58:77:3C:14:19:3F:DA:7F:2B:6B:66:E3 X509v3 Authority Key Identifier: keyid:0D:68:DB:AD:60:0F:8B:D9:0B:35:5B:98:F4:B2:38:FB:9E:9A:57:FA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91DBF0D/57964D4ACB0E11EAA10F331DC4F9AE02/DWjbrWAPi9kLNVuY9LI4-56aV_o.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DWjbrWAPi9kLNVuY9LI4-56aV_o.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DBF0D/57964D4ACB0E11EAA10F331DC4F9AE02/9D664600CB1211EAACC0E528C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.225.48.0/22 103.44.32.0/22 103.65.252.0/22 103.208.164.0/22 137.59.168.0/22 IPv6: 2401:cd80::/31 2404:4180::/32 Signature Algorithm: sha256WithRSAEncryption 1c:f0:27:eb:8d:48:e7:74:bc:a2:45:43:f0:00:11:6d:b5:30: 1e:3d:6e:15:f6:d9:e6:f0:06:b5:02:f0:1d:0a:18:40:f4:57: 47:47:74:e1:20:6d:56:ce:91:6e:9f:24:2d:47:d5:28:79:d8: 9d:00:e0:42:64:78:95:28:20:38:6a:c3:86:0a:02:8e:d5:68: 4c:18:3d:da:21:ec:d2:45:41:3d:75:1d:38:44:b6:62:1f:7e: 52:e0:6d:9b:92:65:17:a3:50:e4:6d:bd:fb:90:a2:5f:48:e9: e1:02:8e:23:d3:b7:41:7e:2f:33:27:ac:71:77:92:34:93:8c: 3f:de:d5:1d:cf:a0:fa:2a:a2:ac:36:4d:14:0c:15:69:0f:06: 43:b0:3a:7c:f2:5f:f7:b7:98:a3:ef:87:be:b5:8e:e6:7b:df: 4b:4c:74:e5:fe:3f:4a:ac:2d:e6:a6:5d:fc:03:3b:ff:54:a1: 23:70:35:f4:78:9d:24:11:b1:21:dc:f8:67:51:c1:d3:31:2a: a4:f2:4d:b1:c3:de:e7:2e:16:3a:f3:89:02:37:9a:01:a2:c8: cd:e5:ff:a5:d6:5a:3b:83:56:e8:6f:a4:c4:86:1a:ec:f0:70: f8:a1:f3:e5:85:2c:85:24:64:9d:d5:55:3d:85:a0:0c:c3:b0: 97:3d:51:b9 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgICB1AwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx REJGMEQxMTAvBgNVBAUTKDBENjhEQkFENjAwRjhCRDkwQjM1NUI5OEY0QjIzOEZC OUU5QTU3RkEwHhcNMjQwMTA0MjE1OTUwWhcNMjUwMzMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NTk3MmE1NS04YzVjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAzUqmcHJkVf67ZDHVjz4GFEe2rvFNtNGdd+d7nIRxRWRnE5ZYPDCS0d6Ng7wM pk8J2uQ7nqPcFCTJLE8mWAG+BCZIXiMWDdhHpL9zFraKjQs4ORpWx80MdpzhiBXR MQegTW7d0/yKA+Sbp1nVYeEo4XD2DqQv7DwPD+eM9LCwr745vP8xm/zB+MTTaZHM MAQmsx651+e8gHd0T+lzrER4ywOy+cYQ9/zYLFe6k4tj+ktzhRekRqGurlPfltcI sAIfI9Qjb6vwyS3pkYN1P9yu3TxtLJ2y+fezeZOkumOTUZmRMC1KosPVbKbL5GRV 6HZYydDYoakUksMryPAff3P3gwIDAQABo4ICwzCCAr8wHQYDVR0OBBYEFN8JCGGe pf6zWHc8FBk/2n8ra2bjMB8GA1UdIwQYMBaAFA1o261gD4vZCzVbmPSyOPuemlf6 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEQkYwRC81Nzk2NEQ0QUNC MEUxMUVBQTEwRjMzMURDNEY5QUUwMi9EV2picldBUGk5a0xOVnVZOUxJNC01NmFW X28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0RXamJyV0FQaTlrTE5WdVk5TEk0LTU2YVZfby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx REJGMEQvNTc5NjRENEFDQjBFMTFFQUExMEYzMzFEQzRGOUFFMDIvOUQ2NjQ2MDBD QjEyMTFFQUFDQzBFNTI4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwTQYIKwYBBQUHAQcBAf8E PjA8MCQEAgABMB4DBAIr4TADBAJnLCADBAJnQfwDBAJn0KQDBAKJO6gwFAQCAAIw DgMFASQBzYADBQAkBEGAMA0GCSqGSIb3DQEBCwUAA4IBAQAc8CfrjUjndLyiRUPw ABFttTAePW4V9tnm8Aa1AvAdChhA9FdHR3ThIG1WzpFunyQtR9UoedidAOBCZHiV KCA4asOGCgKO1WhMGD3aIezSRUE9dR04RLZiH35S4G2bkmUXo1Dkbb37kKJfSOnh Ao4j07dBfi8zJ6xxd5I0k4w/3tUdz6D6KqKsNk0UDBVpDwZDsDp88l/3t5ij74e+ tY7me99LTHTl/j9KrC3mpl38Azv/VKEjcDX0eJ0kEbEh3PhnUcHTMSqk8k2xw97n LhY684kCN5oBosjN5f+l1lo7g1bob6TEhhrs8HD4ofPlhSyFJGSd1VU9haAMw7CX PVG5 -----END CERTIFICATE-----Generated at Sun May 19 00:30:22 2024 by rpki-client on console-ams.rpki-client.org