$ rpki-client -vvf rpki.apnic.net/member_repository/A91E4696/D6A11C4A90BF11ED8CC1E783C4F9AE02/F04A74EC90C511EDA07C3025C4F9AE02.roa File: F04A74EC90C511EDA07C3025C4F9AE02.roa (raw, json) Hash identifier: n1lk7Ae2lpG4eeg9glzQ6d6VJKDCN1LAXDHkqocIaKE= Subject key identifier: F0:5B:4D:1F:FD:5F:22:99:7D:80:A8:96:7B:C7:BB:18:F7:CE:CE:14 Certificate issuer: /CN=A91E4696/serialNumber=27B8722C859CA4F6F03EC1E061FDD4C3B9B497E5 Certificate serial: 71 Authority key identifier: 27:B8:72:2C:85:9C:A4:F6:F0:3E:C1:E0:61:FD:D4:C3:B9:B4:97:E5 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/J7hyLIWcpPbwPsHgYf3Uw7m0l-U.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E4696/D6A11C4A90BF11ED8CC1E783C4F9AE02/F04A74EC90C511EDA07C3025C4F9AE02.roa Signing time: Sat 29 Jul 2023 04:24:45 +0000 ROA not before: Sat 29 Jul 2023 04:24:45 +0000 ROA not after: Mon 30 Sep 2024 00:00:00 +0000 asID: 38277 IP address blocks: 43.252.164.0/22 maxlen: 22 43.252.164.0/24 maxlen: 24 43.252.165.0/24 maxlen: 24 43.252.166.0/24 maxlen: 24 43.252.167.0/24 maxlen: 24 103.28.44.0/22 maxlen: 22 103.28.44.0/24 maxlen: 24 103.28.45.0/24 maxlen: 24 103.28.46.0/24 maxlen: 24 103.28.47.0/24 maxlen: 24 203.124.8.0/24 maxlen: 24 203.124.9.0/24 maxlen: 24 203.124.10.0/24 maxlen: 24 203.124.11.0/24 maxlen: 24 203.124.12.0/24 maxlen: 24 203.124.13.0/24 maxlen: 24 203.124.15.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E4696/D6A11C4A90BF11ED8CC1E783C4F9AE02/J7hyLIWcpPbwPsHgYf3Uw7m0l-U.crl rsync://rpki.apnic.net/member_repository/A91E4696/D6A11C4A90BF11ED8CC1E783C4F9AE02/J7hyLIWcpPbwPsHgYf3Uw7m0l-U.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/J7hyLIWcpPbwPsHgYf3Uw7m0l-U.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 08 Jun 2024 06:52:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 113 (0x71) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E4696/serialNumber=27B8722C859CA4F6F03EC1E061FDD4C3B9B497E5 Validity Not Before: Jul 29 04:24:45 2023 GMT Not After : Sep 30 00:00:00 2024 GMT Subject: CN=64c4948d-6d1e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:42:ad:23:5a:e2:35:9a:40:2b:24:e7:55:17: ce:e7:ae:61:30:db:b5:af:6d:3c:98:a2:4e:6d:34: 07:a1:a8:aa:21:b3:8b:20:9a:63:bb:71:30:e0:a3: 85:05:f6:56:95:8c:ac:ae:aa:35:74:08:16:f7:c9: df:96:57:e6:68:a6:bd:ca:f1:43:6e:ea:9b:b5:84: d9:65:e9:59:dc:74:d7:88:69:d6:9e:2a:3e:41:fa: 55:ab:a8:27:28:de:12:e0:00:f7:70:6d:aa:57:78: e4:84:9b:3a:3d:8a:3d:d8:3e:c2:d2:d8:c2:4f:4e: 33:86:c0:f3:76:89:69:cb:1b:48:85:1c:1b:e6:fd: a0:bc:46:c9:25:dc:e5:5d:d6:fc:9a:af:20:f9:55: 30:77:b2:ad:3a:ce:77:dd:1b:f1:f0:63:18:1e:d1: 7e:d8:5f:c0:6b:4f:87:3c:3a:a9:d2:c1:7b:b2:a5: 8e:cf:e9:6a:e9:59:63:67:01:39:ac:58:ec:22:d3: 7d:ff:1c:3c:99:65:3f:4a:ce:fe:61:77:1e:85:d0: c3:ec:80:5e:88:1c:14:84:e7:eb:39:bf:ee:6c:ae: a4:b9:2b:c4:01:40:f1:48:9f:74:fc:c1:3b:03:01: a4:03:44:9f:52:e5:aa:f2:0b:77:63:db:4f:a3:77: f2:ff Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F0:5B:4D:1F:FD:5F:22:99:7D:80:A8:96:7B:C7:BB:18:F7:CE:CE:14 X509v3 Authority Key Identifier: keyid:27:B8:72:2C:85:9C:A4:F6:F0:3E:C1:E0:61:FD:D4:C3:B9:B4:97:E5 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E4696/D6A11C4A90BF11ED8CC1E783C4F9AE02/J7hyLIWcpPbwPsHgYf3Uw7m0l-U.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/J7hyLIWcpPbwPsHgYf3Uw7m0l-U.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E4696/D6A11C4A90BF11ED8CC1E783C4F9AE02/F04A74EC90C511EDA07C3025C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.252.164.0/22 103.28.44.0/22 203.124.8.0-203.124.13.255 203.124.15.0/24 Signature Algorithm: sha256WithRSAEncryption 93:1e:04:71:af:7e:36:dc:2e:98:be:aa:72:20:44:ab:32:92: 0f:84:89:60:97:90:78:b7:b3:50:e3:01:62:9c:b5:29:db:f8: 1a:21:17:76:e6:ea:c9:59:94:93:42:f7:3c:39:12:00:14:72: 13:ab:71:a4:12:8c:70:a0:f7:44:42:7d:dc:67:0b:5a:77:95: 3f:fb:58:21:41:97:3c:92:df:1f:69:07:ab:d0:2d:b4:40:3d: e4:ff:37:2c:75:35:3e:1b:cd:7e:e9:e8:c6:dc:56:1e:24:a5: 46:f9:3a:80:73:d3:5f:4e:a1:ae:da:ce:d1:84:2a:3f:bc:ca: 33:13:c1:91:3c:3c:a0:e7:15:fe:dc:21:54:28:66:0f:c1:99: 68:de:5c:e1:ef:ea:f3:e2:0a:df:c7:b8:37:9b:24:c8:19:b0: 27:7e:4b:eb:5a:5e:81:bf:7e:be:e1:73:d4:2d:87:ed:b3:fa: ea:ec:fb:69:24:5c:84:f8:b3:e4:99:05:58:bc:f4:94:69:91: ba:06:28:f7:a1:9c:1d:e6:fb:d5:09:8c:70:eb:da:eb:11:a4: a5:3f:34:f2:6a:5d:e1:b8:cb:2e:5f:81:6d:d2:1e:48:35:c3: 48:b3:e4:99:53:37:71:98:f9:d2:2b:2a:47:8b:42:a3:94:98: 0f:e4:46:5b -----BEGIN CERTIFICATE----- MIIFijCCBHKgAwIBAgIBcTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFF NDY5NjExMC8GA1UEBRMoMjdCODcyMkM4NTlDQTRGNkYwM0VDMUUwNjFGREQ0QzNC OUI0OTdFNTAeFw0yMzA3MjkwNDI0NDVaFw0yNDA5MzAwMDAwMDBaMBgxFjAUBgNV BAMTDTY0YzQ5NDhkLTZkMWUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQC2Qq0jWuI1mkArJOdVF87nrmEw27WvbTyYok5tNAehqKohs4sgmmO7cTDgo4UF 9laVjKyuqjV0CBb3yd+WV+Zopr3K8UNu6pu1hNll6VncdNeIadaeKj5B+lWrqCco 3hLgAPdwbapXeOSEmzo9ij3YPsLS2MJPTjOGwPN2iWnLG0iFHBvm/aC8Rskl3OVd 1vyaryD5VTB3sq06znfdG/HwYxge0X7YX8BrT4c8OqnSwXuypY7P6WrpWWNnATms WOwi033/HDyZZT9Kzv5hdx6F0MPsgF6IHBSE5+s5v+5srqS5K8QBQPFIn3T8wTsD AaQDRJ9S5aryC3dj20+jd/L/AgMBAAGjggKvMIICqzAdBgNVHQ4EFgQU8FtNH/1f Ipl9gKiWe8e7GPfOzhQwHwYDVR0jBBgwFoAUJ7hyLIWcpPbwPsHgYf3Uw7m0l+Uw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUU0Njk2L0Q2QTExQzRBOTBC RjExRUQ4Q0MxRTc4M0M0RjlBRTAyL0o3aHlMSVdjcFBid1BzSGdZZjNVdzdtMGwt VS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvSjdoeUxJV2NwUGJ3UHNIZ1lmM1V3N20wbC1VLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF NDY5Ni9ENkExMUM0QTkwQkYxMUVEOENDMUU3ODNDNEY5QUUwMi9GMDRBNzRFQzkw QzUxMUVEQTA3QzMwMjVDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDA5BggrBgEFBQcBBwEB/wQq MCgwJgQCAAEwIAMEAiv8pAMEAmccLDAMAwQDy3wIAwQBy3wMAwQAy3wPMA0GCSqG SIb3DQEBCwUAA4IBAQCTHgRxr3423C6YvqpyIESrMpIPhIlgl5B4t7NQ4wFinLUp 2/gaIRd25urJWZSTQvc8ORIAFHITq3GkEoxwoPdEQn3cZwtad5U/+1ghQZc8kt8f aQer0C20QD3k/zcsdTU+G81+6ejG3FYeJKVG+TqAc9NfTqGu2s7RhCo/vMozE8GR PDyg5xX+3CFUKGYPwZlo3lzh7+rz4grfx7g3myTIGbAnfkvrWl6Bv36+4XPULYft s/rq7PtpJFyE+LPkmQVYvPSUaZG6Bij3oZwd5vvVCYxw69rrEaSlPzTyal3huMsu X4Ft0h5INcNIs+SZUzdxmPnSKypHi0KjlJgP5EZb -----END CERTIFICATE-----Generated at Sat Jun 1 08:16:04 2024 by rpki-client on console-ams.rpki-client.org