$ rpki-client -vvf rpki.apnic.net/member_repository/A91E38C1/E75AC2621D9711E28EF8928108B02CD2/5F114FB2C28811EB8BB7245FC4F9AE02.roa File: 5F114FB2C28811EB8BB7245FC4F9AE02.roa (raw, json) Hash identifier: PXWpp6u/LrHOySF1SCldeCo7SamdB2YurYXfusVDxmo= Subject key identifier: 9B:81:DF:32:37:48:23:15:D9:E0:7F:54:81:0F:2C:F3:80:62:F0:E9 Certificate issuer: /CN=A91E38C1/serialNumber=338BD781ED21E5DB14057B37B903A2A408E24202 Certificate serial: 3391 Authority key identifier: 33:8B:D7:81:ED:21:E5:DB:14:05:7B:37:B9:03:A2:A4:08:E2:42:02 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/M4vXge0h5dsUBXs3uQOipAjiQgI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E38C1/E75AC2621D9711E28EF8928108B02CD2/5F114FB2C28811EB8BB7245FC4F9AE02.roa Signing time: Thu 16 Nov 2023 15:10:51 +0000 ROA not before: Thu 16 Nov 2023 15:10:51 +0000 ROA not after: Mon 01 Jul 2024 00:00:00 +0000 asID: 9731 IP address blocks: 119.252.225.0/24 maxlen: 24 119.252.226.0/24 maxlen: 24 119.252.227.0/24 maxlen: 24 119.252.229.0/24 maxlen: 24 119.252.230.0/24 maxlen: 24 119.252.231.0/24 maxlen: 24 119.252.232.0/24 maxlen: 24 119.252.233.0/24 maxlen: 24 119.252.234.0/24 maxlen: 24 119.252.235.0/24 maxlen: 24 119.252.236.0/24 maxlen: 24 119.252.237.0/24 maxlen: 24 119.252.238.0/24 maxlen: 24 119.252.239.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E38C1/E75AC2621D9711E28EF8928108B02CD2/M4vXge0h5dsUBXs3uQOipAjiQgI.crl rsync://rpki.apnic.net/member_repository/A91E38C1/E75AC2621D9711E28EF8928108B02CD2/M4vXge0h5dsUBXs3uQOipAjiQgI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/M4vXge0h5dsUBXs3uQOipAjiQgI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 23 May 2024 15:00:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13201 (0x3391) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E38C1/serialNumber=338BD781ED21E5DB14057B37B903A2A408E24202 Validity Not Before: Nov 16 15:10:51 2023 GMT Not After : Jul 1 00:00:00 2024 GMT Subject: CN=655630fa-6576 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e5:da:9e:bf:88:aa:55:6b:ca:d2:6e:a0:2d:9a: a3:d1:b5:ec:d5:f7:53:64:40:26:3c:f8:0d:1f:dd: 08:38:f2:94:ea:f5:0a:0c:0b:83:da:38:bf:a6:a7: bd:c5:8a:a3:53:4a:ac:78:ea:ad:84:d0:f2:c7:fc: 77:07:5b:06:56:2b:12:08:ba:12:7b:f9:1c:f4:c0: c1:09:28:17:51:3b:dc:ed:46:f7:97:31:fb:68:6f: b5:15:85:38:5e:b0:12:d2:eb:0c:17:49:2d:84:3e: 0a:e3:7e:14:47:64:5a:da:06:2f:a1:0d:ab:85:db: 14:f3:5e:e9:25:35:48:c5:ec:6f:fd:19:1c:0f:bf: ec:4c:37:65:be:21:af:38:21:2f:91:09:57:5e:d4: 8d:68:6f:67:56:da:38:ac:ed:d5:3b:06:88:aa:bd: 27:f5:76:3d:df:59:5c:4b:b4:59:b1:7d:4f:b4:12: e2:02:f9:07:85:7b:22:04:98:66:95:2f:76:1d:18: 12:28:db:67:da:68:40:4d:1f:a5:27:95:b7:0e:89: b9:b4:d6:c4:f1:b8:6a:6f:46:c6:5d:74:26:a9:06: 63:d3:34:33:64:7a:e1:b5:49:b9:74:41:0a:03:80: ea:bd:4e:3a:aa:d9:fe:92:d0:67:47:7b:8e:80:f2: 22:4f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9B:81:DF:32:37:48:23:15:D9:E0:7F:54:81:0F:2C:F3:80:62:F0:E9 X509v3 Authority Key Identifier: keyid:33:8B:D7:81:ED:21:E5:DB:14:05:7B:37:B9:03:A2:A4:08:E2:42:02 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E38C1/E75AC2621D9711E28EF8928108B02CD2/M4vXge0h5dsUBXs3uQOipAjiQgI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/M4vXge0h5dsUBXs3uQOipAjiQgI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E38C1/E75AC2621D9711E28EF8928108B02CD2/5F114FB2C28811EB8BB7245FC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 119.252.225.0-119.252.227.255 119.252.229.0-119.252.239.255 Signature Algorithm: sha256WithRSAEncryption 19:38:d0:ca:e2:ca:51:34:e1:dd:76:b7:a6:fc:b3:36:34:8f: cb:f8:d9:43:52:89:39:9e:23:8f:78:c0:cd:0a:09:af:f8:dd: ce:29:74:d1:0f:ed:2f:00:b4:ba:85:27:33:51:3c:5f:55:a4: cc:7a:2a:27:90:e1:ac:13:9e:72:85:3a:71:53:e4:f5:ce:29: a9:e4:94:a2:34:c7:51:75:47:df:8c:4c:24:4b:e2:3d:f5:df: 52:84:b9:a9:d2:31:6f:c7:7f:72:3e:b7:0b:64:96:58:1a:59: 5f:fb:31:f8:28:a2:e8:3b:1a:eb:8e:17:e4:b2:7f:94:cb:fb: f9:99:33:e6:40:1e:96:7a:03:01:05:75:02:59:a7:d5:02:7f: f1:3a:48:7b:0f:81:d4:46:d2:cf:bc:5a:d2:94:f0:e5:ae:0a: 87:9e:71:c0:2e:a5:4e:fb:4d:fa:88:fa:c2:3d:76:5a:13:e8: 94:ac:58:1e:eb:99:c9:11:be:4e:d6:04:ae:17:b7:3b:0a:32: db:7d:88:ca:97:18:8f:b6:21:31:93:67:55:35:21:b3:96:fa: e5:6c:7c:85:7b:b7:1d:42:34:15:88:02:64:67:9b:79:fc:50: 83:78:8b:40:74:62:ce:05:33:a6:b3:fe:52:79:b1:42:cd:ac: 93:ac:bf:dc -----BEGIN CERTIFICATE----- MIIFhzCCBG+gAwIBAgICM5EwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTM4QzExMTAvBgNVBAUTKDMzOEJENzgxRUQyMUU1REIxNDA1N0IzN0I5MDNBMkE0 MDhFMjQyMDIwHhcNMjMxMTE2MTUxMDUxWhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD VQQDEw02NTU2MzBmYS02NTc2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA5dqev4iqVWvK0m6gLZqj0bXs1fdTZEAmPPgNH90IOPKU6vUKDAuD2ji/pqe9 xYqjU0qseOqthNDyx/x3B1sGVisSCLoSe/kc9MDBCSgXUTvc7Ub3lzH7aG+1FYU4 XrAS0usMF0kthD4K434UR2Ra2gYvoQ2rhdsU817pJTVIxexv/RkcD7/sTDdlviGv OCEvkQlXXtSNaG9nVto4rO3VOwaIqr0n9XY931lcS7RZsX1PtBLiAvkHhXsiBJhm lS92HRgSKNtn2mhATR+lJ5W3Dom5tNbE8bhqb0bGXXQmqQZj0zQzZHrhtUm5dEEK A4DqvU46qtn+ktBnR3uOgPIiTwIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFJuB3zI3 SCMV2eB/VIEPLPOAYvDpMB8GA1UdIwQYMBaAFDOL14HtIeXbFAV7N7kDoqQI4kIC MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFMzhDMS9FNzVBQzI2MjFE OTcxMUUyOEVGODkyODEwOEIwMkNEMi9NNHZYZ2UwaDVkc1VCWHMzdVFPaXBBamlR Z0kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL000dlhnZTBoNWRzVUJYczN1UU9pcEFqaVFnSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RTM4QzEvRTc1QUMyNjIxRDk3MTFFMjhFRjg5MjgxMDhCMDJDRDIvNUYxMTRGQjJD Mjg4MTFFQjhCQjcyNDVGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNQYIKwYBBQUHAQcBAf8E JjAkMCIEAgABMBwwDAMEAHf84QMEAnf84DAMAwQAd/zlAwQEd/zgMA0GCSqGSIb3 DQEBCwUAA4IBAQAZONDK4spRNOHddrem/LM2NI/L+NlDUok5niOPeMDNCgmv+N3O KXTRD+0vALS6hSczUTxfVaTMeionkOGsE55yhTpxU+T1zimp5JSiNMdRdUffjEwk S+I99d9ShLmp0jFvx39yPrcLZJZYGllf+zH4KKLoOxrrjhfksn+Uy/v5mTPmQB6W egMBBXUCWafVAn/xOkh7D4HURtLPvFrSlPDlrgqHnnHALqVO+036iPrCPXZaE+iU rFge65nJEb5O1gSuF7c7CjLbfYjKlxiPtiExk2dVNSGzlvrlbHyFe7cdQjQViAJk Z5t5/FCDeItAdGLOBTOms/5SebFCzayTrL/c -----END CERTIFICATE-----Generated at Thu May 16 16:15:00 2024 by rpki-client on console-fra.rpki-client.org