$ rpki-client -vvf rpki.apnic.net/member_repository/A91DEA56/684667F4BF3A11EA94AE4E7CC4F9AE02/65877060BF3C11EAAF328582C4F9AE02.roa File: 65877060BF3C11EAAF328582C4F9AE02.roa (raw, json) Hash identifier: R/E+pt7Sz8vsBZqLeMFXQCwUDmvXuDGTsxuS+gbk+RM= Subject key identifier: 15:2B:0D:AB:0B:BA:47:B4:40:B6:EB:6E:D7:9E:46:BE:29:DC:AF:29 Certificate issuer: /CN=A91DEA56/serialNumber=BBE49FCB41F5026A35BF6C93B91FDFF3C88C736E Certificate serial: 0790 Authority key identifier: BB:E4:9F:CB:41:F5:02:6A:35:BF:6C:93:B9:1F:DF:F3:C8:8C:73:6E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/u-Sfy0H1Amo1v2yTuR_f88iMc24.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91DEA56/684667F4BF3A11EA94AE4E7CC4F9AE02/65877060BF3C11EAAF328582C4F9AE02.roa Signing time: Tue 02 Jan 2024 21:59:42 +0000 ROA not before: Tue 02 Jan 2024 21:59:42 +0000 ROA not after: Mon 31 Mar 2025 00:00:00 +0000 asID: 132827 IP address blocks: 43.248.40.0/22 maxlen: 22 103.16.36.0/22 maxlen: 22 103.23.220.0/24 maxlen: 24 103.23.223.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91DEA56/684667F4BF3A11EA94AE4E7CC4F9AE02/u-Sfy0H1Amo1v2yTuR_f88iMc24.crl rsync://rpki.apnic.net/member_repository/A91DEA56/684667F4BF3A11EA94AE4E7CC4F9AE02/u-Sfy0H1Amo1v2yTuR_f88iMc24.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/u-Sfy0H1Amo1v2yTuR_f88iMc24.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 02 Jun 2024 21:17:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1936 (0x790) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91DEA56/serialNumber=BBE49FCB41F5026A35BF6C93B91FDFF3C88C736E Validity Not Before: Jan 2 21:59:42 2024 GMT Not After : Mar 31 00:00:00 2025 GMT Subject: CN=6594874e-da80 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:d7:3b:7b:79:9c:72:6b:f4:ff:01:5a:c3:5b: 22:17:9f:7c:3f:3a:d0:83:8a:8f:a2:b0:91:22:6f: c1:fe:23:85:3e:e5:9b:11:a5:4e:21:89:91:6b:98: 9d:a5:4d:cf:a6:0c:be:26:8f:05:f9:d4:ce:a5:8b: 0f:3f:9a:d7:0f:e7:81:8f:8b:7c:57:b1:c3:2f:3e: be:47:7e:38:41:ce:67:49:78:e0:cc:4a:73:93:4d: 9c:af:90:0f:62:db:89:90:0b:be:83:26:dd:90:21: 1f:3b:38:78:10:d5:a9:2c:34:04:10:52:b1:f8:2f: 82:a9:5b:2a:5e:af:12:e7:6f:fb:77:ce:e4:a9:c1: cf:c7:df:8c:10:0d:1c:91:7b:bd:fe:5c:51:02:b9: 8c:0d:09:e4:b6:0c:65:96:a9:24:e5:0d:07:a0:b1: e4:ac:8e:97:1e:6e:1a:ea:bf:1c:00:61:52:42:78: 84:40:16:c4:88:2c:f0:36:35:65:12:a7:29:f4:4e: ff:b2:37:41:62:8b:33:16:fb:99:f8:0e:85:96:b9: 41:f6:7d:30:ab:d9:e4:fb:ac:00:1b:ba:26:6c:a2: 39:0c:96:b5:8f:af:80:28:93:11:3b:78:31:82:7b: 4e:e3:9c:18:cc:55:ce:26:17:0b:ff:aa:d3:c9:8c: 20:13 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 15:2B:0D:AB:0B:BA:47:B4:40:B6:EB:6E:D7:9E:46:BE:29:DC:AF:29 X509v3 Authority Key Identifier: keyid:BB:E4:9F:CB:41:F5:02:6A:35:BF:6C:93:B9:1F:DF:F3:C8:8C:73:6E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91DEA56/684667F4BF3A11EA94AE4E7CC4F9AE02/u-Sfy0H1Amo1v2yTuR_f88iMc24.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/u-Sfy0H1Amo1v2yTuR_f88iMc24.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DEA56/684667F4BF3A11EA94AE4E7CC4F9AE02/65877060BF3C11EAAF328582C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.248.40.0/22 103.16.36.0/22 103.23.220.0/24 103.23.223.0/24 Signature Algorithm: sha256WithRSAEncryption 4d:5e:b1:db:65:55:26:eb:65:dc:b2:8e:97:4b:74:c0:ad:b8: a7:de:dd:0d:ee:27:db:ce:4b:12:6b:1e:84:43:0e:05:f4:2b: 8e:81:61:93:d0:41:83:3a:57:74:15:ec:e0:d1:47:69:7b:38: a2:be:cb:bb:6c:1e:89:61:47:fa:4d:8f:6c:f0:e3:fc:47:e9: ee:9d:cd:58:75:a2:99:76:3a:1a:df:80:21:9f:f0:01:28:e4: ef:9c:af:8d:d1:d7:cc:c1:46:4d:41:f6:68:cf:53:89:d1:68: 9a:d6:9c:b0:ff:39:2e:64:4f:eb:fc:ed:93:c8:0b:4c:eb:5f: 66:3c:ce:ca:57:40:2a:41:49:4c:3a:bb:79:56:c6:d9:76:c9: 90:56:a6:ae:09:9c:0a:f9:38:ab:06:bd:af:be:6e:a6:83:e7: 16:c0:0c:2a:92:51:3c:21:86:7b:1e:60:de:cc:56:0b:c9:95: 9e:41:1b:1c:3f:da:15:86:fd:b6:bf:f8:af:66:86:9d:15:a9: 73:eb:69:f1:aa:4b:02:10:46:83:8b:ff:cb:95:ad:b6:e9:98: a1:12:97:c7:0c:9b:38:3a:a9:f4:1b:78:6b:3b:9b:12:a8:bc: f3:78:55:0a:b7:c6:88:f1:c5:df:e2:ac:23:cf:c8:14:91:42: d2:03:c7:e9 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgICB5AwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx REVBNTYxMTAvBgNVBAUTKEJCRTQ5RkNCNDFGNTAyNkEzNUJGNkM5M0I5MUZERkYz Qzg4QzczNkUwHhcNMjQwMTAyMjE1OTQyWhcNMjUwMzMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NTk0ODc0ZS1kYTgwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA2Nc7e3mccmv0/wFaw1siF598PzrQg4qPorCRIm/B/iOFPuWbEaVOIYmRa5id pU3Ppgy+Jo8F+dTOpYsPP5rXD+eBj4t8V7HDLz6+R344Qc5nSXjgzEpzk02cr5AP YtuJkAu+gybdkCEfOzh4ENWpLDQEEFKx+C+CqVsqXq8S52/7d87kqcHPx9+MEA0c kXu9/lxRArmMDQnktgxllqkk5Q0HoLHkrI6XHm4a6r8cAGFSQniEQBbEiCzwNjVl Eqcp9E7/sjdBYoszFvuZ+A6FlrlB9n0wq9nk+6wAG7ombKI5DJa1j6+AKJMRO3gx gntO45wYzFXOJhcL/6rTyYwgEwIDAQABo4ICpzCCAqMwHQYDVR0OBBYEFBUrDasL uke0QLbrbteeRr4p3K8pMB8GA1UdIwQYMBaAFLvkn8tB9QJqNb9sk7kf3/PIjHNu MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFERUE1Ni82ODQ2NjdGNEJG M0ExMUVBOTRBRTRFN0NDNEY5QUUwMi91LVNmeTBIMUFtbzF2MnlUdVJfZjg4aU1j MjQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3UtU2Z5MEgxQW1vMXYyeVR1Ul9mODhpTWMyNC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx REVBNTYvNjg0NjY3RjRCRjNBMTFFQTk0QUU0RTdDQzRGOUFFMDIvNjU4NzcwNjBC RjNDMTFFQUFGMzI4NTgyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMQYIKwYBBQUHAQcBAf8E IjAgMB4EAgABMBgDBAIr+CgDBAJnECQDBABnF9wDBABnF98wDQYJKoZIhvcNAQEL BQADggEBAE1esdtlVSbrZdyyjpdLdMCtuKfe3Q3uJ9vOSxJrHoRDDgX0K46BYZPQ QYM6V3QV7ODRR2l7OKK+y7tsHolhR/pNj2zw4/xH6e6dzVh1opl2OhrfgCGf8AEo 5O+cr43R18zBRk1B9mjPU4nRaJrWnLD/OS5kT+v87ZPIC0zrX2Y8zspXQCpBSUw6 u3lWxtl2yZBWpq4JnAr5OKsGva++bqaD5xbADCqSUTwhhnseYN7MVgvJlZ5BGxw/ 2hWG/ba/+K9mhp0VqXPrafGqSwIQRoOL/8uVrbbpmKESl8cMmzg6qfQbeGs7mxKo vPN4VQq3xojxxd/irCPPyBSRQtIDx+k= -----END CERTIFICATE-----Generated at Sun May 26 22:43:32 2024 by rpki-client on console-fra.rpki-client.org