$ rpki-client -vvf rpki.apnic.net/member_repository/A91E0CE8/900D2646066A11E8B9BAF682C4F9AE02/DA8B814E931011EDB92FFC5FC4F9AE02.roa File: DA8B814E931011EDB92FFC5FC4F9AE02.roa (raw, json) Hash identifier: gTxrLoXouX5xFa9fXnpDCItE5eIlxdUF6xZmbmgyf7Y= Subject key identifier: 57:7F:6B:FF:BC:91:9A:CD:40:5E:85:DC:78:65:9F:EE:56:0F:6F:F8 Certificate issuer: /CN=A91E0CE8/serialNumber=06C627D9C312C7B47D1C3A53B44755A10A68487C Certificate serial: 1574 Authority key identifier: 06:C6:27:D9:C3:12:C7:B4:7D:1C:3A:53:B4:47:55:A1:0A:68:48:7C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BsYn2cMSx7R9HDpTtEdVoQpoSHw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E0CE8/900D2646066A11E8B9BAF682C4F9AE02/DA8B814E931011EDB92FFC5FC4F9AE02.roa Signing time: Wed 06 Dec 2023 17:24:37 +0000 ROA not before: Wed 06 Dec 2023 17:24:37 +0000 ROA not after: Sun 02 Mar 2025 00:00:00 +0000 asID: 139021 IP address blocks: 43.224.152.0/23 maxlen: 23 43.224.154.0/24 maxlen: 24 43.224.155.0/24 maxlen: 24 103.43.188.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E0CE8/900D2646066A11E8B9BAF682C4F9AE02/BsYn2cMSx7R9HDpTtEdVoQpoSHw.crl rsync://rpki.apnic.net/member_repository/A91E0CE8/900D2646066A11E8B9BAF682C4F9AE02/BsYn2cMSx7R9HDpTtEdVoQpoSHw.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BsYn2cMSx7R9HDpTtEdVoQpoSHw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 23 May 2024 17:22:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5492 (0x1574) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E0CE8/serialNumber=06C627D9C312C7B47D1C3A53B44755A10A68487C Validity Not Before: Dec 6 17:24:37 2023 GMT Not After : Mar 2 00:00:00 2025 GMT Subject: CN=6570ae55-9c58 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dc:0c:ed:b9:b9:94:0d:34:d7:7a:8d:b1:e7:32: 14:d9:e0:f1:f2:38:b9:33:23:91:26:91:e6:ef:fe: 9f:ac:82:9f:d9:47:79:ff:b7:13:13:b8:2a:16:92: 04:89:60:76:21:49:10:cf:41:4c:90:fa:08:34:64: 11:66:95:e4:c4:4c:9e:55:60:91:67:45:4b:2a:25: e6:37:a6:9f:90:6e:19:c8:b7:51:7a:88:1d:7c:79: 61:7c:fc:cd:d7:05:41:03:ed:00:ac:6d:9a:f8:31: 2d:d6:91:34:51:40:2b:00:93:99:8f:70:a3:cf:e2: f8:13:c6:61:42:88:d6:d0:e5:5e:e8:07:e9:8b:73: 0b:2c:c8:a1:62:d1:47:03:84:44:6e:bf:c8:6e:ad: d8:05:6f:22:e4:07:7d:86:8b:a2:6b:35:d1:b3:94: fd:0d:fb:f6:55:26:c9:05:08:8e:ee:7f:99:97:a4: a9:2f:12:09:a5:3e:14:b7:c6:04:29:e7:ad:3d:2f: c8:e1:35:a6:3b:fb:06:b6:10:4d:ad:2b:48:fe:29: 26:e7:89:91:d5:41:58:75:82:89:36:46:04:5b:ae: 54:c8:df:9b:e2:95:f0:a7:2b:c2:a2:94:ea:38:b8: 8f:f6:a3:6d:b3:03:48:40:c8:0c:1a:10:49:f2:e4: 59:bd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 57:7F:6B:FF:BC:91:9A:CD:40:5E:85:DC:78:65:9F:EE:56:0F:6F:F8 X509v3 Authority Key Identifier: keyid:06:C6:27:D9:C3:12:C7:B4:7D:1C:3A:53:B4:47:55:A1:0A:68:48:7C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E0CE8/900D2646066A11E8B9BAF682C4F9AE02/BsYn2cMSx7R9HDpTtEdVoQpoSHw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BsYn2cMSx7R9HDpTtEdVoQpoSHw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E0CE8/900D2646066A11E8B9BAF682C4F9AE02/DA8B814E931011EDB92FFC5FC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.224.152.0/22 103.43.188.0/22 Signature Algorithm: sha256WithRSAEncryption a7:73:52:83:2d:13:ca:8f:8b:f2:5e:1f:e5:34:4b:93:08:92: 54:32:e0:6b:b2:28:6a:31:59:45:e1:91:e3:ee:fb:4c:cb:59: 97:ee:c5:68:b0:6e:e1:4f:a3:cf:51:fa:58:73:71:9c:8b:50: 15:31:68:6f:b8:65:59:30:88:71:44:2e:64:15:21:80:b5:1c: a0:58:7a:1f:bb:04:ec:f3:1b:83:d1:27:a5:f7:75:c5:0e:af: d7:98:fb:ec:7a:eb:61:45:d6:e4:df:e7:e8:d2:7c:9a:2a:84: 90:4b:b7:3b:4f:ee:52:63:fa:12:2b:49:fd:7c:c2:32:42:ee: 8d:93:7c:8d:43:76:7c:3b:81:39:4d:6a:2e:64:fe:4a:2a:18: f4:04:aa:39:08:03:fc:b2:8c:5f:a8:71:ce:7f:75:1b:b2:ac: 1a:0a:49:e0:f0:7e:7c:3a:c8:49:08:c0:c2:8d:47:3b:8b:aa: 81:fc:e2:7c:db:d9:11:87:d7:24:71:c0:d7:fc:c4:f6:91:86: f8:df:f5:36:8e:99:66:25:bf:5f:f6:ce:8f:04:6c:5b:1b:8d: 8c:f3:21:1e:8d:1e:19:05:9d:52:a0:fd:39:9e:54:c0:d7:41: 21:69:79:9a:93:98:97:0b:61:47:c3:de:a4:c0:40:6c:ff:cd: 31:88:05:92 -----BEGIN CERTIFICATE----- MIIFdzCCBF+gAwIBAgICFXQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTBDRTgxMTAvBgNVBAUTKDA2QzYyN0Q5QzMxMkM3QjQ3RDFDM0E1M0I0NDc1NUEx MEE2ODQ4N0MwHhcNMjMxMjA2MTcyNDM3WhcNMjUwMzAyMDAwMDAwWjAYMRYwFAYD VQQDEw02NTcwYWU1NS05YzU4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA3AztubmUDTTXeo2x5zIU2eDx8ji5MyORJpHm7/6frIKf2Ud5/7cTE7gqFpIE iWB2IUkQz0FMkPoINGQRZpXkxEyeVWCRZ0VLKiXmN6afkG4ZyLdReogdfHlhfPzN 1wVBA+0ArG2a+DEt1pE0UUArAJOZj3Cjz+L4E8ZhQojW0OVe6Afpi3MLLMihYtFH A4REbr/Ibq3YBW8i5Ad9houiazXRs5T9Dfv2VSbJBQiO7n+Zl6SpLxIJpT4Ut8YE KeetPS/I4TWmO/sGthBNrStI/ikm54mR1UFYdYKJNkYEW65UyN+b4pXwpyvCopTq OLiP9qNtswNIQMgMGhBJ8uRZvQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFFd/a/+8 kZrNQF6F3Hhln+5WD2/4MB8GA1UdIwQYMBaAFAbGJ9nDEse0fRw6U7RHVaEKaEh8 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFMENFOC85MDBEMjY0NjA2 NkExMUU4QjlCQUY2ODJDNEY5QUUwMi9Cc1luMmNNU3g3UjlIRHBUdEVkVm9RcG9T SHcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0JzWW4yY01TeDdSOUhEcFR0RWRWb1Fwb1NIdy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RTBDRTgvOTAwRDI2NDYwNjZBMTFFOEI5QkFGNjgyQzRGOUFFMDIvREE4QjgxNEU5 MzEwMTFFREI5MkZGQzVGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E FjAUMBIEAgABMAwDBAIr4JgDBAJnK7wwDQYJKoZIhvcNAQELBQADggEBAKdzUoMt E8qPi/JeH+U0S5MIklQy4GuyKGoxWUXhkePu+0zLWZfuxWiwbuFPo89R+lhzcZyL UBUxaG+4ZVkwiHFELmQVIYC1HKBYeh+7BOzzG4PRJ6X3dcUOr9eY++x662FF1uTf 5+jSfJoqhJBLtztP7lJj+hIrSf18wjJC7o2TfI1Ddnw7gTlNai5k/koqGPQEqjkI A/yyjF+occ5/dRuyrBoKSeDwfnw6yEkIwMKNRzuLqoH84nzb2RGH1yRxwNf8xPaR hvjf9TaOmWYlv1/2zo8EbFsbjYzzIR6NHhkFnVKg/TmeVMDXQSFpeZqTmJcLYUfD 3qTAQGz/zTGIBZI= -----END CERTIFICATE-----Generated at Thu May 16 20:25:56 2024 by rpki-client on console-ams.rpki-client.org