$ rpki-client -vvf rpki.apnic.net/member_repository/A91DD799/151349981D9511E2BDEBB9F908B02CD2/309BECEE09DA11EBB9839313C4F9AE02.roa File: 309BECEE09DA11EBB9839313C4F9AE02.roa (raw, json) Hash identifier: iAaMJdDCQeuzFuYKnuVasAJoPnDm/i8DMFyMfoTrrkQ= Subject key identifier: 9A:29:87:70:2D:39:D1:C3:2D:36:79:D9:D2:2A:B2:74:8B:25:1D:77 Certificate issuer: /CN=A91DD799/serialNumber=F672D3B6244CA4C8D3FE200826A8A49FAB2C7612 Certificate serial: 334B Authority key identifier: F6:72:D3:B6:24:4C:A4:C8:D3:FE:20:08:26:A8:A4:9F:AB:2C:76:12 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9nLTtiRMpMjT_iAIJqikn6ssdhI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91DD799/151349981D9511E2BDEBB9F908B02CD2/309BECEE09DA11EBB9839313C4F9AE02.roa Signing time: Wed 30 Aug 2023 15:00:46 +0000 ROA not before: Wed 30 Aug 2023 15:00:46 +0000 ROA not after: Thu 31 Oct 2024 00:00:00 +0000 asID: 4749 IP address blocks: 180.235.156.0/24 maxlen: 24 180.235.157.0/24 maxlen: 24 180.235.158.0/24 maxlen: 24 180.235.159.0/24 maxlen: 24 203.62.208.0/24 maxlen: 24 203.62.209.0/24 maxlen: 24 203.62.210.0/24 maxlen: 24 203.62.211.0/24 maxlen: 24 203.62.212.0/24 maxlen: 24 203.62.213.0/24 maxlen: 24 203.62.214.0/24 maxlen: 24 203.62.215.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91DD799/151349981D9511E2BDEBB9F908B02CD2/9nLTtiRMpMjT_iAIJqikn6ssdhI.crl rsync://rpki.apnic.net/member_repository/A91DD799/151349981D9511E2BDEBB9F908B02CD2/9nLTtiRMpMjT_iAIJqikn6ssdhI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9nLTtiRMpMjT_iAIJqikn6ssdhI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 25 May 2024 14:50:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13131 (0x334b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91DD799/serialNumber=F672D3B6244CA4C8D3FE200826A8A49FAB2C7612 Validity Not Before: Aug 30 15:00:46 2023 GMT Not After : Oct 31 00:00:00 2024 GMT Subject: CN=64ef599e-540d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:92:58:dc:a2:05:4f:da:23:9e:3a:b0:3e:63: 59:67:4e:b1:04:17:fe:c5:ea:f5:f7:16:78:42:9c: 34:09:59:12:b1:22:da:41:97:a2:9d:b6:ad:41:e0: 09:ea:2d:e3:f0:09:37:3e:4a:8c:b0:7b:3e:8a:3b: 3f:68:f3:51:9c:91:ca:e1:38:92:54:c9:8a:82:7d: c0:a8:08:94:d2:dd:75:13:37:5a:e1:35:7a:d8:e9: 82:07:a3:19:b4:3f:08:95:9e:08:c3:30:4e:96:21: 17:cd:88:3f:24:98:c2:d3:fd:36:45:31:f9:04:79: be:e7:91:b4:30:95:6b:db:8a:be:8b:10:cd:1d:ae: ae:75:f7:0d:c2:5a:37:38:96:c5:fa:a5:52:37:90: a4:ef:3b:f9:47:83:91:27:f8:02:45:e2:d1:93:1e: f4:a4:e0:0d:4e:5b:dd:88:d3:6b:19:67:a0:2a:51: a9:e4:c2:75:d9:11:d5:83:22:64:aa:40:a5:69:57: d8:f3:0f:2b:d5:52:b1:5a:cc:46:96:e6:8c:ea:fb: 3f:e6:ee:50:40:05:71:82:7b:1a:9b:7a:bd:85:76: 14:6c:bf:c0:47:bf:52:43:9d:c8:08:43:a0:e4:21: b3:14:c5:55:04:b3:88:a9:13:c0:51:81:61:2f:d7: 7f:5b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9A:29:87:70:2D:39:D1:C3:2D:36:79:D9:D2:2A:B2:74:8B:25:1D:77 X509v3 Authority Key Identifier: keyid:F6:72:D3:B6:24:4C:A4:C8:D3:FE:20:08:26:A8:A4:9F:AB:2C:76:12 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91DD799/151349981D9511E2BDEBB9F908B02CD2/9nLTtiRMpMjT_iAIJqikn6ssdhI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9nLTtiRMpMjT_iAIJqikn6ssdhI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DD799/151349981D9511E2BDEBB9F908B02CD2/309BECEE09DA11EBB9839313C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 180.235.156.0/22 203.62.208.0/21 Signature Algorithm: sha256WithRSAEncryption 0c:7f:d8:0a:34:f9:c5:30:24:1f:70:bb:38:3b:80:a9:da:c1: 28:55:d2:05:88:ec:47:8b:56:87:08:91:4c:d1:7d:08:26:c0: 0e:7d:2c:34:e9:42:6d:fb:a3:a9:d6:83:48:da:a7:49:6a:87: 6c:a8:74:92:e6:07:0c:e4:7b:4f:4c:9d:0f:68:ae:e3:17:fe: 83:b9:43:0e:be:46:dd:f7:43:9a:9b:2c:71:ea:92:39:6e:eb: 63:ae:db:a9:a7:56:cf:a1:20:6c:95:e8:7d:39:b2:c7:80:61: 8d:fc:46:5d:b6:a1:28:a8:24:d8:65:2d:40:13:81:d1:c5:78: 94:ee:e7:9b:fa:0b:cc:18:ea:2c:f0:03:91:9e:5f:8a:83:d5: 2f:3b:f4:63:29:5d:cd:cd:03:d2:70:f9:59:42:c0:fe:44:5a: cf:b3:30:19:6b:3a:60:42:3e:96:a2:dc:6e:a6:c1:7a:fb:94: 6a:08:8b:f9:71:0d:e8:5c:02:56:27:20:60:95:c5:aa:b0:49: 99:26:6f:92:9c:e9:89:e2:89:92:fc:c8:ce:32:67:54:bf:69: d3:7b:b7:c3:1e:85:48:31:5d:ac:ab:a9:b8:c9:db:92:17:73: 89:38:d5:8c:dd:3d:d9:f2:b3:89:72:17:35:fd:c7:ae:0e:7d: 01:35:37:d4 -----BEGIN CERTIFICATE----- MIIFdzCCBF+gAwIBAgICM0swDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx REQ3OTkxMTAvBgNVBAUTKEY2NzJEM0I2MjQ0Q0E0QzhEM0ZFMjAwODI2QThBNDlG QUIyQzc2MTIwHhcNMjMwODMwMTUwMDQ2WhcNMjQxMDMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NGVmNTk5ZS01NDBkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwJJY3KIFT9ojnjqwPmNZZ06xBBf+xer19xZ4Qpw0CVkSsSLaQZeinbatQeAJ 6i3j8Ak3PkqMsHs+ijs/aPNRnJHK4TiSVMmKgn3AqAiU0t11Ezda4TV62OmCB6MZ tD8IlZ4IwzBOliEXzYg/JJjC0/02RTH5BHm+55G0MJVr24q+ixDNHa6udfcNwlo3 OJbF+qVSN5Ck7zv5R4ORJ/gCReLRkx70pOANTlvdiNNrGWegKlGp5MJ12RHVgyJk qkClaVfY8w8r1VKxWsxGluaM6vs/5u5QQAVxgnsam3q9hXYUbL/AR79SQ53ICEOg 5CGzFMVVBLOIqRPAUYFhL9d/WwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFJoph3At OdHDLTZ52dIqsnSLJR13MB8GA1UdIwQYMBaAFPZy07YkTKTI0/4gCCaopJ+rLHYS MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFERDc5OS8xNTEzNDk5ODFE OTUxMUUyQkRFQkI5RjkwOEIwMkNEMi85bkxUdGlSTXBNalRfaUFJSnFpa242c3Nk aEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzluTFR0aVJNcE1qVF9pQUlKcWlrbjZzc2RoSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx REQ3OTkvMTUxMzQ5OTgxRDk1MTFFMkJERUJCOUY5MDhCMDJDRDIvMzA5QkVDRUUw OURBMTFFQkI5ODM5MzEzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E FjAUMBIEAgABMAwDBAK065wDBAPLPtAwDQYJKoZIhvcNAQELBQADggEBAAx/2Ao0 +cUwJB9wuzg7gKnawShV0gWI7EeLVocIkUzRfQgmwA59LDTpQm37o6nWg0jap0lq h2yodJLmBwzke09MnQ9oruMX/oO5Qw6+Rt33Q5qbLHHqkjlu62Ou26mnVs+hIGyV 6H05sseAYY38Rl22oSioJNhlLUATgdHFeJTu55v6C8wY6izwA5GeX4qD1S879GMp Xc3NA9Jw+VlCwP5EWs+zMBlrOmBCPpai3G6mwXr7lGoIi/lxDehcAlYnIGCVxaqw SZkmb5Kc6YniiZL8yM4yZ1S/adN7t8MehUgxXayrqbjJ25IXc4k41YzdPdnys4ly FzX9x64OfQE1N9Q= -----END CERTIFICATE-----Generated at Sat May 18 15:26:07 2024 by rpki-client on console-fra.rpki-client.org