$ rpki-client -vvf rpki.apnic.net/member_repository/A91F3853/F01F63285FA111EEBD9AF828C4F9AE02/0AA6EF265FA311EE90BA7329C4F9AE02.roa File: 0AA6EF265FA311EE90BA7329C4F9AE02.roa (raw, json) Hash identifier: hM8PEGfaJ3T2NT4PUF9FfI7k/P6ShySZJUysAivogJk= Subject key identifier: F0:24:79:22:DF:15:F6:26:79:89:7D:E0:19:4A:85:A2:F9:EA:41:CA Certificate issuer: /CN=A91F3853/serialNumber=7B59A4DB86EF5419F7ADBDDA1DF52B509EE6DF75 Certificate serial: 56 Authority key identifier: 7B:59:A4:DB:86:EF:54:19:F7:AD:BD:DA:1D:F5:2B:50:9E:E6:DF:75 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/e1mk24bvVBn3rb3aHfUrUJ7m33U.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F3853/F01F63285FA111EEBD9AF828C4F9AE02/0AA6EF265FA311EE90BA7329C4F9AE02.roa Signing time: Fri 01 Mar 2024 07:38:40 +0000 ROA not before: Fri 01 Mar 2024 07:38:40 +0000 ROA not after: Thu 01 May 2025 00:00:00 +0000 asID: 64021 IP address blocks: 43.230.8.0/24 maxlen: 24 43.230.10.0/24 maxlen: 24 43.230.11.0/24 maxlen: 24 103.49.60.0/24 maxlen: 24 103.49.61.0/24 maxlen: 24 103.49.62.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F3853/F01F63285FA111EEBD9AF828C4F9AE02/e1mk24bvVBn3rb3aHfUrUJ7m33U.crl rsync://rpki.apnic.net/member_repository/A91F3853/F01F63285FA111EEBD9AF828C4F9AE02/e1mk24bvVBn3rb3aHfUrUJ7m33U.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/e1mk24bvVBn3rb3aHfUrUJ7m33U.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 04 May 2024 03:36:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 86 (0x56) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F3853/serialNumber=7B59A4DB86EF5419F7ADBDDA1DF52B509EE6DF75 Validity Not Before: Mar 1 07:38:40 2024 GMT Not After : May 1 00:00:00 2025 GMT Subject: CN=65e18600-9794 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:ea:e8:76:d3:61:33:cd:59:46:b0:bb:a2:03: ba:43:18:5f:d1:3b:70:b2:1a:82:2d:b1:ac:33:82: 86:87:2e:94:0f:76:47:9c:17:97:87:cf:04:a5:d1: d4:67:ca:91:73:72:f4:2c:5a:ad:94:2c:2e:40:c1: 8b:11:4f:86:ce:e2:cf:2e:a6:a6:d6:6b:0d:82:a5: 62:27:ee:89:ed:16:70:0f:30:5e:4d:ec:02:8d:b6: 37:c3:34:65:a6:bd:ea:52:9c:3e:97:16:2e:95:b0: fd:f1:55:be:af:dd:25:2c:32:3d:07:59:b7:90:80: f5:88:78:dd:59:3b:54:bc:49:70:65:db:79:9c:03: 0b:73:d6:59:70:14:86:5c:52:fb:96:2b:b9:79:83: ee:30:3c:0b:a5:51:bc:33:ad:47:5b:b7:c5:a1:64: 16:ed:79:0f:ac:10:73:69:8a:95:1b:85:85:2b:15: e1:cd:57:4e:f2:04:9d:a5:26:42:64:a8:a3:d5:60: 9b:27:da:b7:0c:ff:9c:12:76:d1:88:16:f1:6c:e9: ca:eb:c8:30:ac:36:7b:95:58:0a:65:1a:8a:c7:2c: e0:4e:98:0b:67:f2:79:19:e9:d7:0a:93:c2:11:35: 1b:4a:9b:72:76:bd:0c:45:85:53:24:7a:f8:09:4d: df:41 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F0:24:79:22:DF:15:F6:26:79:89:7D:E0:19:4A:85:A2:F9:EA:41:CA X509v3 Authority Key Identifier: keyid:7B:59:A4:DB:86:EF:54:19:F7:AD:BD:DA:1D:F5:2B:50:9E:E6:DF:75 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F3853/F01F63285FA111EEBD9AF828C4F9AE02/e1mk24bvVBn3rb3aHfUrUJ7m33U.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/e1mk24bvVBn3rb3aHfUrUJ7m33U.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F3853/F01F63285FA111EEBD9AF828C4F9AE02/0AA6EF265FA311EE90BA7329C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.230.8.0/24 43.230.10.0/23 103.49.60.0-103.49.62.255 Signature Algorithm: sha256WithRSAEncryption b4:b2:19:67:5e:f3:3c:f2:f3:e2:f8:4f:50:a5:42:8c:d4:df: 01:c7:95:b2:10:80:a8:87:78:39:d4:8a:2c:67:06:c8:b7:b7: f3:96:8c:78:2b:87:67:34:eb:73:e1:63:96:8e:86:b1:d3:26: 45:e1:fb:9d:d1:ad:59:40:f5:24:c6:b9:e9:09:4f:e1:40:bd: 30:0e:62:ea:fb:f2:bb:4b:09:50:e1:07:97:94:cb:20:92:de: 62:45:67:85:e5:6d:16:b8:a4:43:bc:b9:cf:fe:4b:4b:66:3e: 4c:eb:95:51:eb:46:79:45:00:94:7c:68:74:6c:a7:68:81:c5: f1:9d:bf:7e:64:b8:a5:d8:2b:fa:0f:0a:dd:f8:73:4e:2b:18: bf:b2:bd:0d:82:5d:85:e9:40:fc:b1:b0:8c:67:f0:09:6f:20: eb:f6:bd:96:c6:fe:ce:22:b9:eb:65:82:a0:12:bb:9c:46:d7: 32:59:ee:8f:97:6f:7a:ea:4b:bc:b4:10:ab:1b:19:cc:b4:2a: cf:09:8f:0d:f4:9b:e5:0e:d1:28:e1:9f:6a:bc:c3:d1:17:49: 5a:83:b5:34:52:e8:83:28:5d:10:84:1f:1d:bf:65:f4:ce:1a: 1d:93:79:5f:39:82:dc:09:bc:9e:b7:a8:32:82:96:24:77:cc: 86:3c:45:f5 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgIBVjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFG Mzg1MzExMC8GA1UEBRMoN0I1OUE0REI4NkVGNTQxOUY3QURCRERBMURGNTJCNTA5 RUU2REY3NTAeFw0yNDAzMDEwNzM4NDBaFw0yNTA1MDEwMDAwMDBaMBgxFjAUBgNV BAMTDTY1ZTE4NjAwLTk3OTQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDI6uh202EzzVlGsLuiA7pDGF/RO3CyGoItsawzgoaHLpQPdkecF5eHzwSl0dRn ypFzcvQsWq2ULC5AwYsRT4bO4s8upqbWaw2CpWIn7ontFnAPMF5N7AKNtjfDNGWm vepSnD6XFi6VsP3xVb6v3SUsMj0HWbeQgPWIeN1ZO1S8SXBl23mcAwtz1llwFIZc UvuWK7l5g+4wPAulUbwzrUdbt8WhZBbteQ+sEHNpipUbhYUrFeHNV07yBJ2lJkJk qKPVYJsn2rcM/5wSdtGIFvFs6crryDCsNnuVWAplGorHLOBOmAtn8nkZ6dcKk8IR NRtKm3J2vQxFhVMkevgJTd9BAgMBAAGjggKpMIICpTAdBgNVHQ4EFgQU8CR5It8V 9iZ5iX3gGUqFovnqQcowHwYDVR0jBBgwFoAUe1mk24bvVBn3rb3aHfUrUJ7m33Uw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUYzODUzL0YwMUY2MzI4NUZB MTExRUVCRDlBRjgyOEM0RjlBRTAyL2UxbWsyNGJ2VkJuM3JiM2FIZlVyVUo3bTMz VS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvZTFtazI0YnZWQm4zcmIzYUhmVXJVSjdtMzNVLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG Mzg1My9GMDFGNjMyODVGQTExMUVFQkQ5QUY4MjhDNEY5QUUwMi8wQUE2RUYyNjVG QTMxMUVFOTBCQTczMjlDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAzBggrBgEFBQcBBwEB/wQk MCIwIAQCAAEwGgMEACvmCAMEASvmCjAMAwQCZzE8AwQAZzE+MA0GCSqGSIb3DQEB CwUAA4IBAQC0shlnXvM88vPi+E9QpUKM1N8Bx5WyEICoh3g51IosZwbIt7fzlox4 K4dnNOtz4WOWjoax0yZF4fud0a1ZQPUkxrnpCU/hQL0wDmLq+/K7SwlQ4QeXlMsg kt5iRWeF5W0WuKRDvLnP/ktLZj5M65VR60Z5RQCUfGh0bKdogcXxnb9+ZLil2Cv6 Dwrd+HNOKxi/sr0Ngl2F6UD8sbCMZ/AJbyDr9r2Wxv7OIrnrZYKgErucRtcyWe6P l2966ku8tBCrGxnMtCrPCY8N9JvlDtEo4Z9qvMPRF0lag7U0UuiDKF0QhB8dv2X0 zhodk3lfOYLcCbyet6gygpYkd8yGPEX1 -----END CERTIFICATE-----Generated at Sat Apr 27 10:20:58 2024 by rpki-client on console-ams.rpki-client.org