$ rpki-client -vvf rpki.apnic.net/member_repository/A91EF24F/65DDFAB402FA11EBA3A0A231C4F9AE02/A3C7651AD06411ED8A5ADE5EC4F9AE02.roa File: A3C7651AD06411ED8A5ADE5EC4F9AE02.roa (raw, json) Hash identifier: N93Z2cXGkLHgshLBPD76RTxJ/CnlZHXFVqSx0yLO0lg= Subject key identifier: 69:CD:69:2E:3F:16:8D:EB:9E:26:F1:6E:23:44:95:7C:DB:D0:31:65 Certificate issuer: /CN=A91EF24F/serialNumber=1EB7AD2352F7C6EA4A62F784CE5FBB116DF26EC2 Certificate serial: 0679 Authority key identifier: 1E:B7:AD:23:52:F7:C6:EA:4A:62:F7:84:CE:5F:BB:11:6D:F2:6E:C2 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HretI1L3xupKYveEzl-7EW3ybsI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EF24F/65DDFAB402FA11EBA3A0A231C4F9AE02/A3C7651AD06411ED8A5ADE5EC4F9AE02.roa Signing time: Fri 18 Aug 2023 22:19:36 +0000 ROA not before: Fri 18 Aug 2023 22:19:36 +0000 ROA not after: Thu 31 Oct 2024 00:00:00 +0000 asID: 55705 IP address blocks: 45.124.108.0/24 maxlen: 24 45.124.109.0/24 maxlen: 24 103.36.156.0/24 maxlen: 24 103.36.158.0/24 maxlen: 24 103.36.159.0/24 maxlen: 24 103.225.60.0/24 maxlen: 24 103.225.61.0/24 maxlen: 24 103.225.62.0/24 maxlen: 24 103.225.63.0/24 maxlen: 24 103.238.100.0/24 maxlen: 24 103.238.101.0/24 maxlen: 24 103.238.102.0/24 maxlen: 24 103.238.103.0/24 maxlen: 24 202.41.22.0/24 maxlen: 24 202.41.23.0/24 maxlen: 24 202.41.24.0/24 maxlen: 24 202.41.25.0/24 maxlen: 24 203.55.102.0/24 maxlen: 24 203.55.103.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EF24F/65DDFAB402FA11EBA3A0A231C4F9AE02/HretI1L3xupKYveEzl-7EW3ybsI.crl rsync://rpki.apnic.net/member_repository/A91EF24F/65DDFAB402FA11EBA3A0A231C4F9AE02/HretI1L3xupKYveEzl-7EW3ybsI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HretI1L3xupKYveEzl-7EW3ybsI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 27 May 2024 22:52:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1657 (0x679) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EF24F/serialNumber=1EB7AD2352F7C6EA4A62F784CE5FBB116DF26EC2 Validity Not Before: Aug 18 22:19:36 2023 GMT Not After : Oct 31 00:00:00 2024 GMT Subject: CN=64dfee77-5c22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:17:6c:a1:0b:ac:fd:b0:63:a1:90:fa:2e:79: ce:c3:7d:0e:4d:1b:26:fa:e3:da:53:b3:e0:2f:36: 9a:d6:b8:00:b5:38:89:77:f0:d4:80:02:8c:00:ca: 08:69:a0:2b:ce:2d:52:fd:fd:21:31:89:88:e1:fb: f3:40:7c:1d:3d:6b:62:67:3f:fb:9e:b3:34:f8:e0: d9:8b:0b:f3:b8:fc:0f:f7:26:e2:74:1b:91:1d:d7: 9f:12:b2:40:1a:8d:f0:7e:4b:31:c0:95:ae:77:6d: f1:7d:b6:d4:d9:fe:1c:ab:40:80:79:b1:7c:57:34: 7a:76:11:6f:b6:eb:8e:61:93:f1:c6:57:f1:8a:e1: 8d:73:bb:28:85:74:1d:d7:ff:da:1e:15:4f:93:e1: 89:b8:66:da:0b:c9:3e:ae:c8:64:f4:f5:48:a7:03: c7:c3:b7:44:c3:74:80:4c:3d:09:f5:7c:2d:7e:f0: 0d:7f:d5:27:d4:35:d8:a8:87:22:e2:a6:2c:e6:3f: e4:e0:16:80:8c:6b:66:fc:72:33:57:bc:88:21:d1: 0e:85:ff:aa:1e:31:27:fa:3e:b3:a7:26:67:9c:40: a2:67:59:2b:ef:60:df:e1:6d:70:d4:a2:da:74:c2: 11:fa:65:09:c3:b5:89:e3:22:6e:43:70:4b:f6:8c: e2:8f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 69:CD:69:2E:3F:16:8D:EB:9E:26:F1:6E:23:44:95:7C:DB:D0:31:65 X509v3 Authority Key Identifier: keyid:1E:B7:AD:23:52:F7:C6:EA:4A:62:F7:84:CE:5F:BB:11:6D:F2:6E:C2 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EF24F/65DDFAB402FA11EBA3A0A231C4F9AE02/HretI1L3xupKYveEzl-7EW3ybsI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HretI1L3xupKYveEzl-7EW3ybsI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EF24F/65DDFAB402FA11EBA3A0A231C4F9AE02/A3C7651AD06411ED8A5ADE5EC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 45.124.108.0/23 103.36.156.0/24 103.36.158.0/23 103.225.60.0/22 103.238.100.0/22 202.41.22.0-202.41.25.255 203.55.102.0/23 Signature Algorithm: sha256WithRSAEncryption 75:cf:af:86:91:6f:6b:0b:2e:83:76:47:a4:b7:7f:ab:f1:52: bf:43:24:ba:f1:65:5c:5e:c4:66:e2:27:cb:00:41:29:ab:73: a5:2e:94:1e:2a:ea:7d:b3:6c:52:27:3a:51:b2:99:d5:cc:0c: 99:16:b2:76:cf:db:cf:1c:6e:98:bd:e7:ab:ff:46:f6:94:60: e7:e2:e4:1f:bc:16:23:28:cb:d5:02:8d:06:78:05:dc:d2:d8: 72:d2:4a:b3:be:ca:74:68:33:c1:e5:94:31:67:cc:fb:67:61: 19:e9:0a:9c:ed:2b:4d:18:24:6e:f5:7b:a2:7e:a2:f7:9d:0e: 6d:f3:29:29:52:c1:03:40:42:be:ab:c1:32:cb:97:40:9e:85: 4a:88:8a:3c:cd:74:be:4a:18:1e:a3:02:41:d4:96:43:32:d8: f6:08:d5:59:85:2b:03:8d:d2:a0:66:39:68:9f:81:22:c7:af: 9f:08:c5:e2:75:43:1c:2c:44:1e:da:a1:13:75:41:3a:22:04: 2f:79:cc:81:f8:8a:a0:ee:86:a9:74:16:97:9e:58:40:57:1a: ec:dd:4e:d5:20:ca:f7:cd:5c:bd:42:7f:0c:7f:3d:8b:8c:16: 46:b1:b9:2c:1a:3c:ab:d8:53:9b:b2:dc:36:ce:44:84:1a:12: ae:d9:f0:00 -----BEGIN CERTIFICATE----- MIIFnTCCBIWgAwIBAgICBnkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RUYyNEYxMTAvBgNVBAUTKDFFQjdBRDIzNTJGN0M2RUE0QTYyRjc4NENFNUZCQjEx NkRGMjZFQzIwHhcNMjMwODE4MjIxOTM2WhcNMjQxMDMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NGRmZWU3Ny01YzIyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEApRdsoQus/bBjoZD6LnnOw30OTRsm+uPaU7PgLzaa1rgAtTiJd/DUgAKMAMoI aaArzi1S/f0hMYmI4fvzQHwdPWtiZz/7nrM0+ODZiwvzuPwP9ybidBuRHdefErJA Go3wfksxwJWud23xfbbU2f4cq0CAebF8VzR6dhFvtuuOYZPxxlfxiuGNc7sohXQd 1//aHhVPk+GJuGbaC8k+rshk9PVIpwPHw7dEw3SATD0J9XwtfvANf9Un1DXYqIci 4qYs5j/k4BaAjGtm/HIzV7yIIdEOhf+qHjEn+j6zpyZnnECiZ1kr72Df4W1w1KLa dMIR+mUJw7WJ4yJuQ3BL9ozijwIDAQABo4ICwTCCAr0wHQYDVR0OBBYEFGnNaS4/ Fo3rnibxbiNElXzb0DFlMB8GA1UdIwQYMBaAFB63rSNS98bqSmL3hM5fuxFt8m7C MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFRjI0Ri82NURERkFCNDAy RkExMUVCQTNBMEEyMzFDNEY5QUUwMi9IcmV0STFMM3h1cEtZdmVFemwtN0VXM3li c0kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0hyZXRJMUwzeHVwS1l2ZUV6bC03RVczeWJzSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RUYyNEYvNjVEREZBQjQwMkZBMTFFQkEzQTBBMjMxQzRGOUFFMDIvQTNDNzY1MUFE MDY0MTFFRDhBNUFERTVFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwSwYIKwYBBQUHAQcBAf8E PDA6MDgEAgABMDIDBAEtfGwDBABnJJwDBAFnJJ4DBAJn4TwDBAJn7mQwDAMEAcop FgMEAcopGAMEAcs3ZjANBgkqhkiG9w0BAQsFAAOCAQEAdc+vhpFvawsug3ZHpLd/ q/FSv0MkuvFlXF7EZuInywBBKatzpS6UHirqfbNsUic6UbKZ1cwMmRayds/bzxxu mL3nq/9G9pRg5+LkH7wWIyjL1QKNBngF3NLYctJKs77KdGgzweWUMWfM+2dhGekK nO0rTRgkbvV7on6i950ObfMpKVLBA0BCvqvBMsuXQJ6FSoiKPM10vkoYHqMCQdSW QzLY9gjVWYUrA43SoGY5aJ+BIsevnwjF4nVDHCxEHtqhE3VBOiIEL3nMgfiKoO6G qXQWl55YQFca7N1O1SDK981cvUJ/DH89i4wWRrG5LBo8q9hTm7LcNs5EhBoSrtnw AA== -----END CERTIFICATE-----Generated at Mon May 20 23:42:25 2024 by rpki-client on console-ams.rpki-client.org