$ rpki-client -vvf rpki.apnic.net/member_repository/A91DC017/105AC8FC90C311EDBA1DCC23C4F9AE02/F4D5EBF490C511EDA07C3025C4F9AE02.roa File: F4D5EBF490C511EDA07C3025C4F9AE02.roa (raw, json) Hash identifier: 1rgt0+rQ3Dub709HW/O/W4oJXJYJkQ3NKVM+Csjy/RQ= Subject key identifier: AE:87:7C:D0:7C:3C:C8:14:3B:BA:64:9E:D5:CA:FF:65:8C:26:72:6F Certificate issuer: /CN=A91DC017/serialNumber=0AA5DE29265A08E27A581D894465BDCDB73709BB Certificate serial: 58 Authority key identifier: 0A:A5:DE:29:26:5A:08:E2:7A:58:1D:89:44:65:BD:CD:B7:37:09:BB Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CqXeKSZaCOJ6WB2JRGW9zbc3Cbs.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91DC017/105AC8FC90C311EDBA1DCC23C4F9AE02/F4D5EBF490C511EDA07C3025C4F9AE02.roa Signing time: Wed 21 Jun 2023 05:45:12 +0000 ROA not before: Wed 21 Jun 2023 05:45:12 +0000 ROA not after: Sat 31 Aug 2024 00:00:00 +0000 asID: 38277 IP address blocks: 43.252.40.0/24 maxlen: 24 43.252.41.0/24 maxlen: 24 103.228.28.0/22 maxlen: 22 103.228.28.0/24 maxlen: 24 103.228.29.0/24 maxlen: 24 103.228.30.0/24 maxlen: 24 103.228.31.0/24 maxlen: 24 103.251.236.0/24 maxlen: 24 103.251.239.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91DC017/105AC8FC90C311EDBA1DCC23C4F9AE02/CqXeKSZaCOJ6WB2JRGW9zbc3Cbs.crl rsync://rpki.apnic.net/member_repository/A91DC017/105AC8FC90C311EDBA1DCC23C4F9AE02/CqXeKSZaCOJ6WB2JRGW9zbc3Cbs.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CqXeKSZaCOJ6WB2JRGW9zbc3Cbs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 26 May 2024 02:50:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 88 (0x58) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91DC017/serialNumber=0AA5DE29265A08E27A581D894465BDCDB73709BB Validity Not Before: Jun 21 05:45:12 2023 GMT Not After : Aug 31 00:00:00 2024 GMT Subject: CN=64928e68-b63a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ed:52:6c:b9:9b:09:cb:ef:be:e5:c9:bd:94:17: fa:a9:10:94:ec:b9:1b:dc:c2:44:25:6a:a0:cf:9d: 6d:46:41:89:d3:b9:bf:ae:eb:21:84:65:28:e1:6b: bd:ed:19:f6:28:c7:80:4d:c8:9a:29:d6:40:27:07: 51:4e:46:93:d8:de:c2:d2:92:9c:4d:1e:26:50:f9: 36:68:05:d4:c0:de:2d:59:3e:5a:4a:5e:d8:1d:98: 81:42:00:ed:51:ab:97:2e:f7:5b:16:88:66:84:db: 67:46:f2:d8:7b:83:7a:2d:a9:66:10:89:39:e3:0d: c9:48:60:e3:ca:c0:77:b4:6d:e6:d1:b6:d6:63:68: e4:c2:c7:d7:d2:d7:6f:3f:01:58:f1:49:92:77:82: e5:bd:d8:71:65:10:ef:7f:50:3d:f9:e6:c9:36:9d: 36:7c:4b:8e:79:47:cd:df:ab:60:ef:d9:52:5b:b7: 49:5a:04:0a:b8:51:d6:04:a8:a1:34:58:c1:b9:8a: b1:d3:61:ec:0a:64:fa:7a:f0:92:3f:50:2d:cd:81: a5:34:8e:cb:8f:27:14:bb:71:cf:c3:87:ed:c3:25: 4f:4b:46:aa:08:49:2e:03:2c:30:d2:5a:9f:ea:dd: 59:c3:fb:2d:72:ed:3d:f4:c0:45:55:3a:41:79:ff: 44:6d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AE:87:7C:D0:7C:3C:C8:14:3B:BA:64:9E:D5:CA:FF:65:8C:26:72:6F X509v3 Authority Key Identifier: keyid:0A:A5:DE:29:26:5A:08:E2:7A:58:1D:89:44:65:BD:CD:B7:37:09:BB X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91DC017/105AC8FC90C311EDBA1DCC23C4F9AE02/CqXeKSZaCOJ6WB2JRGW9zbc3Cbs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CqXeKSZaCOJ6WB2JRGW9zbc3Cbs.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DC017/105AC8FC90C311EDBA1DCC23C4F9AE02/F4D5EBF490C511EDA07C3025C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.252.40.0/23 103.228.28.0/22 103.251.236.0/24 103.251.239.0/24 Signature Algorithm: sha256WithRSAEncryption 47:9e:7e:07:cd:24:45:92:81:bf:85:cd:79:e8:36:40:d3:65: 14:d7:91:35:67:b5:5d:55:3c:fa:08:05:69:69:7d:51:78:5e: 04:03:ed:f0:8c:09:e6:7e:60:aa:24:73:4b:82:f7:fb:bb:cf: 7f:27:b8:2e:ed:20:87:07:6d:f6:3a:6c:84:48:df:2c:ae:b5: c7:76:ce:5b:4a:be:7d:56:dc:c0:19:00:8b:23:95:92:cf:7f: 80:c6:14:36:8b:93:7a:04:10:9e:21:e1:4d:ef:ca:d9:d0:7c: e9:e9:41:48:e6:7c:5a:d5:a8:af:26:d7:c0:00:24:bc:65:1a: 18:85:59:03:07:cd:c7:dc:94:16:06:b0:b2:c8:e8:85:df:61: 05:39:1c:e0:4f:40:b9:82:51:b5:d3:b5:2d:21:78:09:32:19: d5:8c:e6:28:f2:9a:f2:51:e3:8c:4f:d2:59:23:dd:da:29:b9: eb:3a:3c:f0:66:93:63:81:e1:f7:16:22:6d:2f:0b:f6:52:c9: cf:c7:77:ff:85:8a:a2:8c:16:69:33:13:03:cb:d6:87:87:80: 3a:a3:57:38:1f:a8:72:64:ca:71:69:91:44:1f:d4:5e:f8:3b: 8c:58:2a:41:58:bc:aa:47:28:76:00:40:35:03:3c:e2:68:d7: 7c:ef:0a:cc -----BEGIN CERTIFICATE----- MIIFgjCCBGqgAwIBAgIBWDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFE QzAxNzExMC8GA1UEBRMoMEFBNURFMjkyNjVBMDhFMjdBNTgxRDg5NDQ2NUJEQ0RC NzM3MDlCQjAeFw0yMzA2MjEwNTQ1MTJaFw0yNDA4MzEwMDAwMDBaMBgxFjAUBgNV BAMTDTY0OTI4ZTY4LWI2M2EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDtUmy5mwnL777lyb2UF/qpEJTsuRvcwkQlaqDPnW1GQYnTub+u6yGEZSjha73t GfYox4BNyJop1kAnB1FORpPY3sLSkpxNHiZQ+TZoBdTA3i1ZPlpKXtgdmIFCAO1R q5cu91sWiGaE22dG8th7g3otqWYQiTnjDclIYOPKwHe0bebRttZjaOTCx9fS128/ AVjxSZJ3guW92HFlEO9/UD355sk2nTZ8S455R83fq2Dv2VJbt0laBAq4UdYEqKE0 WMG5irHTYewKZPp68JI/UC3NgaU0jsuPJxS7cc/Dh+3DJU9LRqoISS4DLDDSWp/q 3VnD+y1y7T30wEVVOkF5/0RtAgMBAAGjggKnMIICozAdBgNVHQ4EFgQUrod80Hw8 yBQ7umSe1cr/ZYwmcm8wHwYDVR0jBBgwFoAUCqXeKSZaCOJ6WB2JRGW9zbc3Cbsw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MURDMDE3LzEwNUFDOEZDOTBD MzExRURCQTFEQ0MyM0M0RjlBRTAyL0NxWGVLU1phQ09KNldCMkpSR1c5emJjM0Ni cy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvQ3FYZUtTWmFDT0o2V0IySlJHVzl6YmMzQ2JzLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE QzAxNy8xMDVBQzhGQzkwQzMxMUVEQkExRENDMjNDNEY5QUUwMi9GNEQ1RUJGNDkw QzUxMUVEQTA3QzMwMjVDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAxBggrBgEFBQcBBwEB/wQi MCAwHgQCAAEwGAMEASv8KAMEAmfkHAMEAGf77AMEAGf77zANBgkqhkiG9w0BAQsF AAOCAQEAR55+B80kRZKBv4XNeeg2QNNlFNeRNWe1XVU8+ggFaWl9UXheBAPt8IwJ 5n5gqiRzS4L3+7vPfye4Lu0ghwdt9jpshEjfLK61x3bOW0q+fVbcwBkAiyOVks9/ gMYUNouTegQQniHhTe/K2dB86elBSOZ8WtWorybXwAAkvGUaGIVZAwfNx9yUFgaw ssjohd9hBTkc4E9AuYJRtdO1LSF4CTIZ1YzmKPKa8lHjjE/SWSPd2im56zo88GaT Y4Hh9xYibS8L9lLJz8d3/4WKoowWaTMTA8vWh4eAOqNXOB+ocmTKcWmRRB/UXvg7 jFgqQVi8qkcodgBANQM84mjXfO8KzA== -----END CERTIFICATE-----Generated at Sun May 19 06:14:36 2024 by rpki-client on console-ams.rpki-client.org