$ rpki-client -vvf rpki.apnic.net/member_repository/A91E7561/A26E06E0054C11ECBDB4FE46C4F9AE02/4235F184DACE11EE8E67437CC4F9AE02.roa File: 4235F184DACE11EE8E67437CC4F9AE02.roa (raw, json) Hash identifier: 0K9yV68yal6enaHOZm3w2lBcPnlb+xnfeR0xcd5iRnM= Subject key identifier: C2:69:CD:78:25:F3:D7:BF:D7:E4:E8:B7:B3:52:68:A2:11:03:81:BC Certificate issuer: /CN=A91E7561/serialNumber=25BC7D4DE77BD01B3D191587696E5AFDD8CECD04 Certificate serial: 04DD Authority key identifier: 25:BC:7D:4D:E7:7B:D0:1B:3D:19:15:87:69:6E:5A:FD:D8:CE:CD:04 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Jbx9Ted70Bs9GRWHaW5a_djOzQQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E7561/A26E06E0054C11ECBDB4FE46C4F9AE02/4235F184DACE11EE8E67437CC4F9AE02.roa Signing time: Tue 05 Mar 2024 08:56:31 +0000 ROA not before: Tue 05 Mar 2024 08:56:31 +0000 ROA not after: Thu 31 Oct 2024 00:00:00 +0000 asID: 45629 IP address blocks: 14.207.0.0/16 maxlen: 17 27.130.0.0/16 maxlen: 17 43.245.144.0/22 maxlen: 23 49.48.0.0/15 maxlen: 17 103.16.204.0/22 maxlen: 23 110.164.0.0/16 maxlen: 17 110.164.11.0/24 maxlen: 24 110.164.14.0/24 maxlen: 24 110.164.17.0/24 maxlen: 24 110.164.21.0/24 maxlen: 24 110.164.28.0/24 maxlen: 24 171.4.0.0/14 maxlen: 17 180.183.0.0/16 maxlen: 17 183.88.0.0/15 maxlen: 17 223.204.0.0/14 maxlen: 17 2403:6200::/33 maxlen: 33 2403:6200:8000::/33 maxlen: 33 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E7561/A26E06E0054C11ECBDB4FE46C4F9AE02/Jbx9Ted70Bs9GRWHaW5a_djOzQQ.crl rsync://rpki.apnic.net/member_repository/A91E7561/A26E06E0054C11ECBDB4FE46C4F9AE02/Jbx9Ted70Bs9GRWHaW5a_djOzQQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Jbx9Ted70Bs9GRWHaW5a_djOzQQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 26 May 2024 01:19:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1245 (0x4dd) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E7561/serialNumber=25BC7D4DE77BD01B3D191587696E5AFDD8CECD04 Validity Not Before: Mar 5 08:56:31 2024 GMT Not After : Oct 31 00:00:00 2024 GMT Subject: CN=65e6de3e-7f76 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:e6:de:ec:e2:68:6e:5b:01:8d:7d:25:15:61: 36:75:b6:3a:4e:14:86:d1:5c:a3:f9:dc:6c:a8:ec: a6:d6:39:ab:29:77:17:0f:8c:3a:25:a5:7f:0f:05: 54:7c:dd:08:1b:c7:fb:69:ca:53:51:0c:46:11:c5: 74:7c:da:df:93:9b:46:70:2c:bf:f6:7b:ea:8f:d5: 56:eb:50:da:44:4a:64:86:c9:86:9f:a4:ac:fb:85: 46:3b:ee:8d:35:5e:3f:f3:6b:d8:fc:65:9f:5c:ca: 4d:3b:0e:32:ba:a9:4c:c4:bb:cb:d9:3a:8c:fc:c3: 26:01:50:e2:9e:18:4c:d6:37:2f:1f:3d:ae:65:05: f7:e3:da:79:1c:d3:0d:d3:b6:81:d0:77:bd:f6:c5: 1e:fe:55:69:00:5f:b8:c2:e7:dc:23:be:c6:bb:77: 90:ae:34:76:8a:92:df:21:4f:47:13:56:70:cb:2f: 3c:bd:52:22:b1:6e:3d:17:06:bf:f4:ae:a1:a4:5d: ff:6f:45:96:eb:e1:f4:76:dd:36:7c:ae:8f:0e:7e: 25:b6:60:fd:d4:7a:01:66:a0:83:13:5f:cb:d8:fe: 69:4e:05:57:79:dd:fd:9f:06:fb:7d:52:33:68:b2: 55:fd:f2:1b:38:91:5e:6c:f7:bd:7e:8c:fe:75:dd: 84:0d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C2:69:CD:78:25:F3:D7:BF:D7:E4:E8:B7:B3:52:68:A2:11:03:81:BC X509v3 Authority Key Identifier: keyid:25:BC:7D:4D:E7:7B:D0:1B:3D:19:15:87:69:6E:5A:FD:D8:CE:CD:04 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E7561/A26E06E0054C11ECBDB4FE46C4F9AE02/Jbx9Ted70Bs9GRWHaW5a_djOzQQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Jbx9Ted70Bs9GRWHaW5a_djOzQQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E7561/A26E06E0054C11ECBDB4FE46C4F9AE02/4235F184DACE11EE8E67437CC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 14.207.0.0/16 27.130.0.0/16 43.245.144.0/22 49.48.0.0/15 103.16.204.0/22 110.164.0.0/16 171.4.0.0/14 180.183.0.0/16 183.88.0.0/15 223.204.0.0/14 IPv6: 2403:6200::/32 Signature Algorithm: sha256WithRSAEncryption 50:40:fd:3c:c6:45:d4:a6:e7:a9:94:f4:56:f5:54:c1:fc:7d: b6:74:a7:41:41:8f:fc:0c:93:0d:62:7e:39:64:5d:e5:ae:aa: 43:e8:9d:15:d7:23:08:1d:df:e9:35:f3:ef:b8:cb:54:f8:52: de:4e:c3:42:f8:43:0b:42:93:2f:fb:cc:33:6b:63:24:51:f0: 50:6f:4a:82:06:f7:b6:3d:3d:ca:fe:8a:ca:78:b0:1a:39:03: 70:dc:64:c1:d9:de:57:88:5f:20:22:7b:3e:a3:45:05:38:5d: 9d:ba:b5:cd:e2:ad:2d:f5:02:40:26:3a:a5:c5:d5:16:cc:07: 77:f3:03:d5:4f:08:6a:2d:8c:b8:da:a8:01:89:25:16:7b:ab: fa:f8:9c:63:b1:1e:75:c7:f2:b2:7c:a0:67:7f:d1:c0:01:c0: bd:d0:5d:02:83:92:de:e5:08:6d:40:1c:b1:93:ed:8c:98:bd: 7a:14:5e:d3:14:cd:b2:d7:62:4f:5d:fe:94:0d:0e:ad:bf:3b: ec:12:e0:d4:73:0b:a6:e9:70:fc:06:3c:ee:24:15:18:73:ca: 66:3a:7e:df:68:a7:16:d0:36:e4:0c:7b:33:72:de:bb:18:ef: cc:db:d7:90:48:c6:9a:0d:d4:ff:9d:2d:68:d6:5e:19:d1:40: ef:0f:17:96 -----BEGIN CERTIFICATE----- MIIFrjCCBJagAwIBAgICBN0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTc1NjExMTAvBgNVBAUTKDI1QkM3RDRERTc3QkQwMUIzRDE5MTU4NzY5NkU1QUZE RDhDRUNEMDQwHhcNMjQwMzA1MDg1NjMxWhcNMjQxMDMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NWU2ZGUzZS03Zjc2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvebe7OJoblsBjX0lFWE2dbY6ThSG0Vyj+dxsqOym1jmrKXcXD4w6JaV/DwVU fN0IG8f7acpTUQxGEcV0fNrfk5tGcCy/9nvqj9VW61DaREpkhsmGn6Ss+4VGO+6N NV4/82vY/GWfXMpNOw4yuqlMxLvL2TqM/MMmAVDinhhM1jcvHz2uZQX349p5HNMN 07aB0He99sUe/lVpAF+4wufcI77Gu3eQrjR2ipLfIU9HE1Zwyy88vVIisW49Fwa/ 9K6hpF3/b0WW6+H0dt02fK6PDn4ltmD91HoBZqCDE1/L2P5pTgVXed39nwb7fVIz aLJV/fIbOJFebPe9foz+dd2EDQIDAQABo4IC0jCCAs4wHQYDVR0OBBYEFMJpzXgl 89e/1+Tot7NSaKIRA4G8MB8GA1UdIwQYMBaAFCW8fU3ne9AbPRkVh2luWv3Yzs0E MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNzU2MS9BMjZFMDZFMDA1 NEMxMUVDQkRCNEZFNDZDNEY5QUUwMi9KYng5VGVkNzBCczlHUldIYVc1YV9kak96 UVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0pieDlUZWQ3MEJzOUdSV0hhVzVhX2RqT3pRUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RTc1NjEvQTI2RTA2RTAwNTRDMTFFQ0JEQjRGRTQ2QzRGOUFFMDIvNDIzNUYxODRE QUNFMTFFRThFNjc0MzdDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwXAYIKwYBBQUHAQcBAf8E TTBLMDoEAgABMDQDAwAOzwMDABuCAwQCK/WQAwMBMTADBAJnEMwDAwBupAMDAqsE AwMAtLcDAwG3WAMDAt/MMA0EAgACMAcDBQAkA2IAMA0GCSqGSIb3DQEBCwUAA4IB AQBQQP08xkXUpueplPRW9VTB/H22dKdBQY/8DJMNYn45ZF3lrqpD6J0V1yMIHd/p NfPvuMtU+FLeTsNC+EMLQpMv+8wza2MkUfBQb0qCBve2PT3K/orKeLAaOQNw3GTB 2d5XiF8gIns+o0UFOF2durXN4q0t9QJAJjqlxdUWzAd38wPVTwhqLYy42qgBiSUW e6v6+JxjsR51x/KyfKBnf9HAAcC90F0Cg5Le5QhtQByxk+2MmL16FF7TFM2y12JP Xf6UDQ6tvzvsEuDUcwum6XD8BjzuJBUYc8pmOn7faKcW0DbkDHszct67GO/M29eQ SMaaDdT/nS1o1l4Z0UDvDxeW -----END CERTIFICATE-----Generated at Sun May 19 02:59:16 2024 by rpki-client on console-ams.rpki-client.org