$ rpki-client -vvf rpki.apnic.net/member_repository/A91F4BB3/AEA873EC5BC711ECAD58B05FC4F9AE02/AFDD7E16DA6011EC9A304C24C4F9AE02.roa File: AFDD7E16DA6011EC9A304C24C4F9AE02.roa (raw, json) Hash identifier: A4cao1ypJynEcdW6HC5d/P241PVIeOu+8/rdLAZLoLo= Subject key identifier: 24:2F:7A:37:7A:55:74:1E:03:ED:82:22:91:B3:1B:B9:F6:F6:A5:9E Certificate issuer: /CN=A91F4BB3/serialNumber=AC7C9E71822C056185186453F960B2C1E8CA94E3 Certificate serial: 02D9 Authority key identifier: AC:7C:9E:71:82:2C:05:61:85:18:64:53:F9:60:B2:C1:E8:CA:94:E3 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rHyecYIsBWGFGGRT-WCywejKlOM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F4BB3/AEA873EC5BC711ECAD58B05FC4F9AE02/AFDD7E16DA6011EC9A304C24C4F9AE02.roa Signing time: Mon 29 May 2023 04:46:00 +0000 ROA not before: Mon 29 May 2023 04:46:00 +0000 ROA not after: Tue 30 Jul 2024 00:00:00 +0000 asID: 45947 IP address blocks: 202.43.84.0/24 maxlen: 24 202.43.85.0/24 maxlen: 24 202.43.86.0/24 maxlen: 24 202.43.87.0/24 maxlen: 24 203.22.215.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F4BB3/AEA873EC5BC711ECAD58B05FC4F9AE02/rHyecYIsBWGFGGRT-WCywejKlOM.crl rsync://rpki.apnic.net/member_repository/A91F4BB3/AEA873EC5BC711ECAD58B05FC4F9AE02/rHyecYIsBWGFGGRT-WCywejKlOM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rHyecYIsBWGFGGRT-WCywejKlOM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 26 May 2024 02:43:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 729 (0x2d9) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F4BB3/serialNumber=AC7C9E71822C056185186453F960B2C1E8CA94E3 Validity Not Before: May 29 04:46:00 2023 GMT Not After : Jul 30 00:00:00 2024 GMT Subject: CN=64742e08-9b53 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9a:32:b4:49:56:9b:55:53:54:b3:49:d6:97:4a: 9d:53:41:14:4c:03:d6:b1:5a:a1:3e:1a:8a:b7:7f: 5c:3e:3d:dd:fd:ce:b0:0a:18:16:31:53:71:7b:7a: 0e:10:91:61:23:b7:43:2a:54:92:78:b2:c9:26:f3: 58:7e:92:49:06:42:34:80:63:bb:15:74:08:6b:7a: 1f:36:ed:6d:ea:30:56:7d:c1:eb:a0:15:3e:05:d8: 39:f8:c8:6d:20:92:ab:df:a5:8b:fe:ac:49:a6:6b: 08:f5:ee:db:17:7e:83:84:20:25:d2:66:9e:69:4f: fc:0b:dc:a2:98:50:c2:3d:9a:15:24:49:7c:82:b0: bf:c1:2e:90:ed:73:d1:d0:55:df:83:7a:a4:8e:0b: 6c:5b:98:e8:b2:ed:17:fa:9d:c2:3e:c8:d5:f4:d4: ab:73:89:78:8e:d1:52:bd:cf:6b:15:1d:f6:55:97: ab:f3:4a:d1:54:ca:b5:4c:e4:8e:a5:a1:1c:0d:7c: c8:32:99:4a:04:7d:fa:df:a4:ca:68:76:56:7c:2e: 6d:73:42:88:3b:7e:5f:06:25:82:2c:09:62:e9:99: 87:19:a9:72:86:ff:22:55:d0:ea:58:e5:d7:6f:8e: b6:5f:8f:8c:e1:d1:ed:0f:5d:5b:27:fc:bf:25:55: 89:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 24:2F:7A:37:7A:55:74:1E:03:ED:82:22:91:B3:1B:B9:F6:F6:A5:9E X509v3 Authority Key Identifier: keyid:AC:7C:9E:71:82:2C:05:61:85:18:64:53:F9:60:B2:C1:E8:CA:94:E3 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F4BB3/AEA873EC5BC711ECAD58B05FC4F9AE02/rHyecYIsBWGFGGRT-WCywejKlOM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rHyecYIsBWGFGGRT-WCywejKlOM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F4BB3/AEA873EC5BC711ECAD58B05FC4F9AE02/AFDD7E16DA6011EC9A304C24C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 202.43.84.0/22 203.22.215.0/24 Signature Algorithm: sha256WithRSAEncryption 52:b0:7a:4d:9b:0f:38:ea:a1:ce:d3:9a:6f:4c:f6:b6:cd:19: 83:43:56:b1:2e:01:5d:15:45:f8:1a:5a:60:b4:1e:1c:63:2f: 0c:ca:76:8d:19:e2:5d:1f:08:4f:bd:5a:bb:de:37:bc:a6:84: 5e:df:0f:aa:6b:7f:34:be:c4:50:5a:d3:a7:3e:a0:87:29:34: 19:28:06:34:35:17:0c:28:d6:23:e5:29:75:a7:64:bf:ac:b1: 7b:80:36:3e:0c:83:fe:2e:fd:3c:6c:94:a7:15:5c:1c:a5:64: c7:cd:c1:d5:82:fe:b6:a9:92:9e:a0:5f:f7:8d:98:88:7c:52: 22:93:47:8b:a0:40:f5:df:ef:1b:ea:0a:d4:f5:33:f3:1d:63: 45:ee:55:52:c7:5b:73:db:67:aa:96:1a:9a:68:4d:e0:f9:77: 02:83:2d:8a:51:b5:70:8b:9c:05:72:b7:25:29:94:fc:7c:4b: ac:7c:9b:49:79:ed:e1:8d:d0:8b:e6:62:1c:8d:8e:e2:b3:17: 78:56:29:87:ae:02:96:7f:7d:3f:46:c8:14:16:aa:d5:9a:ca: 8f:56:95:6e:c2:27:8d:be:91:8b:85:07:0f:63:1d:2a:c9:4a: aa:6b:6b:0f:16:c3:e8:8f:fd:9e:4d:49:f9:70:e0:33:a3:2c: 12:8c:b5:0c -----BEGIN CERTIFICATE----- MIIFdzCCBF+gAwIBAgICAtkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjRCQjMxMTAvBgNVBAUTKEFDN0M5RTcxODIyQzA1NjE4NTE4NjQ1M0Y5NjBCMkMx RThDQTk0RTMwHhcNMjMwNTI5MDQ0NjAwWhcNMjQwNzMwMDAwMDAwWjAYMRYwFAYD VQQDEw02NDc0MmUwOC05YjUzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAmjK0SVabVVNUs0nWl0qdU0EUTAPWsVqhPhqKt39cPj3d/c6wChgWMVNxe3oO EJFhI7dDKlSSeLLJJvNYfpJJBkI0gGO7FXQIa3ofNu1t6jBWfcHroBU+Bdg5+Mht IJKr36WL/qxJpmsI9e7bF36DhCAl0maeaU/8C9yimFDCPZoVJEl8grC/wS6Q7XPR 0FXfg3qkjgtsW5josu0X+p3CPsjV9NSrc4l4jtFSvc9rFR32VZer80rRVMq1TOSO paEcDXzIMplKBH3636TKaHZWfC5tc0KIO35fBiWCLAli6ZmHGalyhv8iVdDqWOXX b462X4+M4dHtD11bJ/y/JVWJRQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFCQvejd6 VXQeA+2CIpGzG7n29qWeMB8GA1UdIwQYMBaAFKx8nnGCLAVhhRhkU/lgssHoypTj MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGNEJCMy9BRUE4NzNFQzVC QzcxMUVDQUQ1OEIwNUZDNEY5QUUwMi9ySHllY1lJc0JXR0ZHR1JULVdDeXdlakts T00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3JIeWVjWUlzQldHRkdHUlQtV0N5d2VqS2xPTS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RjRCQjMvQUVBODczRUM1QkM3MTFFQ0FENThCMDVGQzRGOUFFMDIvQUZERDdFMTZE QTYwMTFFQzlBMzA0QzI0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E FjAUMBIEAgABMAwDBALKK1QDBADLFtcwDQYJKoZIhvcNAQELBQADggEBAFKwek2b Dzjqoc7Tmm9M9rbNGYNDVrEuAV0VRfgaWmC0HhxjLwzKdo0Z4l0fCE+9WrveN7ym hF7fD6prfzS+xFBa06c+oIcpNBkoBjQ1Fwwo1iPlKXWnZL+ssXuANj4Mg/4u/Txs lKcVXBylZMfNwdWC/rapkp6gX/eNmIh8UiKTR4ugQPXf7xvqCtT1M/MdY0XuVVLH W3PbZ6qWGppoTeD5dwKDLYpRtXCLnAVytyUplPx8S6x8m0l57eGN0IvmYhyNjuKz F3hWKYeuApZ/fT9GyBQWqtWayo9WlW7CJ42+kYuFBw9jHSrJSqpraw8Ww+iP/Z5N Sflw4DOjLBKMtQw= -----END CERTIFICATE-----Generated at Sun May 19 03:14:50 2024 by rpki-client on console-fra.rpki-client.org