$ rpki-client -vvf rpki.apnic.net/member_repository/A91E2A61/EDC08FE6960B11ECBBE4BE64C4F9AE02/457D2B5A28DC11ED839D6243C4F9AE02.roa File: 457D2B5A28DC11ED839D6243C4F9AE02.roa (raw, json) Hash identifier: OkDK+Nxlt9Q2bp2OYRTVJO3DvEPzh1fiNTgAKWgasFI= Subject key identifier: FA:94:80:7D:A1:C7:B2:32:62:3E:E8:31:72:29:65:E3:06:24:3E:75 Certificate issuer: /CN=A91E2A61/serialNumber=2B517C6B79E3CEB0389D41ABC5ECE2107FEC53FB Certificate serial: 0294 Authority key identifier: 2B:51:7C:6B:79:E3:CE:B0:38:9D:41:AB:C5:EC:E2:10:7F:EC:53:FB Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/K1F8a3njzrA4nUGrxeziEH_sU_s.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E2A61/EDC08FE6960B11ECBBE4BE64C4F9AE02/457D2B5A28DC11ED839D6243C4F9AE02.roa Signing time: Wed 15 Nov 2023 02:54:42 +0000 ROA not before: Wed 15 Nov 2023 02:54:42 +0000 ROA not after: Mon 30 Dec 2024 00:00:00 +0000 asID: 133861 IP address blocks: 43.255.28.0/24 maxlen: 24 43.255.29.0/24 maxlen: 24 43.255.30.0/24 maxlen: 24 43.255.31.0/24 maxlen: 24 103.74.192.0/24 maxlen: 24 103.74.193.0/24 maxlen: 24 103.74.194.0/24 maxlen: 24 103.74.195.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E2A61/EDC08FE6960B11ECBBE4BE64C4F9AE02/K1F8a3njzrA4nUGrxeziEH_sU_s.crl rsync://rpki.apnic.net/member_repository/A91E2A61/EDC08FE6960B11ECBBE4BE64C4F9AE02/K1F8a3njzrA4nUGrxeziEH_sU_s.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/K1F8a3njzrA4nUGrxeziEH_sU_s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 May 2024 03:17:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 660 (0x294) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E2A61/serialNumber=2B517C6B79E3CEB0389D41ABC5ECE2107FEC53FB Validity Not Before: Nov 15 02:54:42 2023 GMT Not After : Dec 30 00:00:00 2024 GMT Subject: CN=655432f2-e7e4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:6e:d9:6d:b5:2e:dc:95:33:29:2b:e1:8d:ac: 8d:88:3a:41:32:a9:21:56:3c:aa:05:02:5f:39:a1: 6d:90:41:f8:5d:84:3d:44:bd:8f:b7:63:5b:01:52: ba:b3:36:51:8f:8a:cd:f2:66:84:ec:18:c7:d6:7f: 12:15:aa:84:f0:13:3f:ab:1e:1d:51:70:17:41:b7: 39:0b:14:eb:17:b1:91:28:15:b4:ce:1c:54:2e:52: 0a:69:c7:3d:18:22:09:65:ae:50:1a:d5:56:a3:5e: 79:4b:d4:e4:02:12:b7:5c:0e:7e:3f:a5:35:6b:4a: fe:17:ca:13:fe:b1:cc:85:0d:63:9f:3d:ca:15:b3: 32:44:c0:f4:50:ce:7a:a6:00:71:b2:c8:e6:05:8d: 7e:c7:c3:fe:c9:ed:81:96:27:7b:63:f8:24:58:be: ea:43:bf:6d:f4:1f:a0:74:a0:db:47:05:fb:d9:5f: 38:91:b3:e7:42:b1:ef:dc:13:56:69:ea:89:81:5a: 2a:07:74:5a:80:ac:07:21:63:29:c9:05:57:e9:58: 3c:27:b0:f7:97:a5:5b:8b:2d:6e:99:ba:37:8d:8e: fd:1e:5d:b4:21:0a:f8:6b:63:22:18:4f:45:b4:72: 18:9f:db:ba:a6:82:a3:4f:93:6a:37:7c:5f:f5:c8: 50:ff Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FA:94:80:7D:A1:C7:B2:32:62:3E:E8:31:72:29:65:E3:06:24:3E:75 X509v3 Authority Key Identifier: keyid:2B:51:7C:6B:79:E3:CE:B0:38:9D:41:AB:C5:EC:E2:10:7F:EC:53:FB X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E2A61/EDC08FE6960B11ECBBE4BE64C4F9AE02/K1F8a3njzrA4nUGrxeziEH_sU_s.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/K1F8a3njzrA4nUGrxeziEH_sU_s.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E2A61/EDC08FE6960B11ECBBE4BE64C4F9AE02/457D2B5A28DC11ED839D6243C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.255.28.0/22 103.74.192.0/22 Signature Algorithm: sha256WithRSAEncryption 84:8e:eb:2b:43:af:24:9b:75:84:b9:9a:30:72:1f:2a:eb:3c: 1c:6c:c8:58:34:87:94:f2:6a:94:82:84:0e:d5:8f:4a:d5:98: 14:12:0d:19:4e:e6:3a:a4:03:56:46:1a:5b:3c:7d:25:ac:6c: 00:f9:c9:6c:57:39:a5:46:3b:0b:04:7f:c9:84:d7:40:55:46: 34:21:b1:49:83:16:6f:68:95:a7:87:c4:dc:6f:67:00:25:d5: 2b:fb:0c:89:26:e1:36:01:24:9a:99:cb:2c:9e:b2:01:2d:0d: 30:c8:f7:07:b1:1a:e9:d1:f7:d2:f5:a8:36:da:b5:b6:6b:2f: ca:5d:c2:2c:11:fb:4f:58:b7:7e:76:d4:62:b1:fa:c6:77:9b: c2:f2:24:a3:0b:b0:44:a9:6c:8e:dc:77:3a:37:5f:f6:39:b8: 7c:3a:72:f9:8a:8e:02:ed:93:9e:a3:62:8a:2b:83:c3:99:b4: 2e:25:42:0e:91:12:a7:38:09:e8:07:be:5c:a4:41:51:05:68: 60:64:5b:c6:db:8a:91:2a:9c:02:57:cc:9b:26:ab:59:ff:94: 9a:b9:ae:71:95:86:33:47:53:c1:07:1d:66:87:1b:6b:bf:55: d1:cf:5b:6d:04:75:ad:c8:71:1b:12:cb:da:18:ed:0b:39:ce: a1:af:38:6c -----BEGIN CERTIFICATE----- MIIFdzCCBF+gAwIBAgICApQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTJBNjExMTAvBgNVBAUTKDJCNTE3QzZCNzlFM0NFQjAzODlENDFBQkM1RUNFMjEw N0ZFQzUzRkIwHhcNMjMxMTE1MDI1NDQyWhcNMjQxMjMwMDAwMDAwWjAYMRYwFAYD VQQDEw02NTU0MzJmMi1lN2U0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwW7ZbbUu3JUzKSvhjayNiDpBMqkhVjyqBQJfOaFtkEH4XYQ9RL2Pt2NbAVK6 szZRj4rN8maE7BjH1n8SFaqE8BM/qx4dUXAXQbc5CxTrF7GRKBW0zhxULlIKacc9 GCIJZa5QGtVWo155S9TkAhK3XA5+P6U1a0r+F8oT/rHMhQ1jnz3KFbMyRMD0UM56 pgBxssjmBY1+x8P+ye2Blid7Y/gkWL7qQ79t9B+gdKDbRwX72V84kbPnQrHv3BNW aeqJgVoqB3RagKwHIWMpyQVX6Vg8J7D3l6Vbiy1umbo3jY79Hl20IQr4a2MiGE9F tHIYn9u6poKjT5NqN3xf9chQ/wIDAQABo4ICmzCCApcwHQYDVR0OBBYEFPqUgH2h x7IyYj7oMXIpZeMGJD51MB8GA1UdIwQYMBaAFCtRfGt5486wOJ1Bq8Xs4hB/7FP7 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFMkE2MS9FREMwOEZFNjk2 MEIxMUVDQkJFNEJFNjRDNEY5QUUwMi9LMUY4YTNuanpyQTRuVUdyeGV6aUVIX3NV X3MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0sxRjhhM25qenJBNG5VR3J4ZXppRUhfc1Vfcy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RTJBNjEvRURDMDhGRTY5NjBCMTFFQ0JCRTRCRTY0QzRGOUFFMDIvNDU3RDJCNUEy OERDMTFFRDgzOUQ2MjQzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E FjAUMBIEAgABMAwDBAIr/xwDBAJnSsAwDQYJKoZIhvcNAQELBQADggEBAISO6ytD rySbdYS5mjByHyrrPBxsyFg0h5TyapSChA7Vj0rVmBQSDRlO5jqkA1ZGGls8fSWs bAD5yWxXOaVGOwsEf8mE10BVRjQhsUmDFm9olaeHxNxvZwAl1Sv7DIkm4TYBJJqZ yyyesgEtDTDI9wexGunR99L1qDbatbZrL8pdwiwR+09Yt3521GKx+sZ3m8LyJKML sESpbI7cdzo3X/Y5uHw6cvmKjgLtk56jYoorg8OZtC4lQg6REqc4CegHvlykQVEF aGBkW8bbipEqnAJXzJsmq1n/lJq5rnGVhjNHU8EHHWaHG2u/VdHPW20Eda3IcRsS y9oY7Qs5zqGvOGw= -----END CERTIFICATE-----Generated at Mon May 13 04:21:03 2024 by rpki-client on console-ams.rpki-client.org