$ rpki-client -vvf rpki.apnic.net/member_repository/A91F7DCD/84428B0E73D111EA9CDEC534C4F9AE02/855AECF29B3A11EB9B73EB7BC4F9AE02.roa File: 855AECF29B3A11EB9B73EB7BC4F9AE02.roa (raw, json) Hash identifier: FV72IIPNnKaptJ6wsgdg9QRoiE8Fis6/GKNmve2u0+o= Subject key identifier: F5:D8:E8:E7:56:D7:55:8A:B6:54:7A:CE:64:F3:61:13:99:C9:2E:7E Certificate issuer: /CN=A91F7DCD/serialNumber=3BD302FA7A2E866A679B1B6096DB67453A03AB86 Certificate serial: 08E2 Authority key identifier: 3B:D3:02:FA:7A:2E:86:6A:67:9B:1B:60:96:DB:67:45:3A:03:AB:86 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/O9MC-nouhmpnmxtglttnRToDq4Y.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F7DCD/84428B0E73D111EA9CDEC534C4F9AE02/855AECF29B3A11EB9B73EB7BC4F9AE02.roa Signing time: Tue 12 Sep 2023 20:38:14 +0000 ROA not before: Tue 12 Sep 2023 20:38:14 +0000 ROA not after: Sun 01 Dec 2024 00:00:00 +0000 asID: 141768 IP address blocks: 39.109.92.0/22 maxlen: 22 39.109.92.0/24 maxlen: 24 39.109.93.0/24 maxlen: 24 39.109.94.0/24 maxlen: 24 39.109.95.0/24 maxlen: 24 103.120.228.0/23 maxlen: 23 103.120.228.0/24 maxlen: 24 103.120.229.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F7DCD/84428B0E73D111EA9CDEC534C4F9AE02/O9MC-nouhmpnmxtglttnRToDq4Y.crl rsync://rpki.apnic.net/member_repository/A91F7DCD/84428B0E73D111EA9CDEC534C4F9AE02/O9MC-nouhmpnmxtglttnRToDq4Y.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/O9MC-nouhmpnmxtglttnRToDq4Y.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 25 May 2024 19:51:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2274 (0x8e2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F7DCD/serialNumber=3BD302FA7A2E866A679B1B6096DB67453A03AB86 Validity Not Before: Sep 12 20:38:14 2023 GMT Not After : Dec 1 00:00:00 2024 GMT Subject: CN=6500cc36-b371 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e9:71:5f:12:56:00:87:e6:ef:49:6d:a3:94:c3: 60:37:dd:9a:ab:e9:bc:1b:c3:f4:f1:42:8b:df:d6: 0c:21:02:80:51:39:1b:5e:c8:95:51:bc:39:f9:2d: ba:5c:36:09:29:8c:d5:9d:f0:95:17:8e:4e:14:75: f2:e5:40:89:e2:58:d7:5a:d5:95:66:86:9d:d2:ed: a0:a6:a9:75:21:53:12:be:ff:d8:ea:a1:99:47:a8: 64:0c:6c:52:32:17:d8:af:96:87:71:df:9f:44:2d: 60:a1:cc:93:7a:31:ba:57:c6:fd:54:60:f0:ce:8a: e1:28:c3:28:63:f3:8c:9d:79:f2:88:5f:cd:e4:14: f3:29:5b:67:d3:03:39:63:2a:56:ad:25:ba:3e:65: 18:cc:1a:6e:88:21:9b:08:07:95:33:46:4d:87:91: ff:3b:9d:8e:99:98:29:33:83:47:6d:c7:71:f3:2f: 41:8c:f1:43:ea:86:36:2d:e0:e3:87:d8:5d:36:a8: 42:7b:bc:16:6e:98:39:c7:8f:3c:48:10:c6:3d:56: 82:41:a4:ba:37:34:18:68:7f:1e:0d:6f:3f:50:1a: 45:23:fd:d2:e0:8c:20:66:08:e2:74:96:6e:56:8a: f4:8a:61:35:8a:95:e7:d5:e5:a3:6a:a0:fd:c3:8f: 6f:4d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F5:D8:E8:E7:56:D7:55:8A:B6:54:7A:CE:64:F3:61:13:99:C9:2E:7E X509v3 Authority Key Identifier: keyid:3B:D3:02:FA:7A:2E:86:6A:67:9B:1B:60:96:DB:67:45:3A:03:AB:86 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F7DCD/84428B0E73D111EA9CDEC534C4F9AE02/O9MC-nouhmpnmxtglttnRToDq4Y.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/O9MC-nouhmpnmxtglttnRToDq4Y.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F7DCD/84428B0E73D111EA9CDEC534C4F9AE02/855AECF29B3A11EB9B73EB7BC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 39.109.92.0/22 103.120.228.0/23 Signature Algorithm: sha256WithRSAEncryption 4c:17:51:9a:2b:6d:10:ae:00:c6:67:61:e3:d5:86:7a:17:14: 85:d5:2b:9c:8a:b2:9a:0f:63:af:41:9d:f1:57:db:e3:4b:97: 4b:b7:4d:3b:07:92:18:7e:0f:42:1b:23:d3:94:ca:f9:d0:6e: fc:8f:01:34:df:b8:01:b5:03:49:0a:48:37:d1:a1:16:c8:92: e4:b4:7e:87:a9:50:ad:74:21:c1:e6:0b:3a:e5:bb:18:a3:da: 09:9d:3e:70:7d:a7:ab:db:e2:fb:0a:51:0f:d5:95:cf:ba:60: dd:9e:49:f9:08:4f:3c:dd:21:ad:3b:73:0d:fa:37:b3:e5:7b: 72:3d:83:48:14:08:f5:a3:52:b6:a8:53:ae:21:18:72:8d:3a: ef:8c:3f:eb:c1:ca:b8:15:f3:29:4b:8a:89:b3:be:33:15:7b: 4a:19:62:e3:05:1f:51:08:03:20:56:6d:b6:89:4c:8c:ee:d5: 9c:8d:03:70:c8:55:50:ad:2d:95:ee:10:03:34:83:b3:23:6e: 1d:38:83:5c:34:4c:77:76:9c:ad:19:8a:69:e9:4b:84:12:26: d6:17:73:c7:6c:bc:5a:37:7a:77:80:e3:1b:e9:f9:33:7f:48: f1:0b:80:84:9f:f8:8b:32:ca:28:b1:a8:c4:74:a5:8d:05:6e: d6:b8:64:02 -----BEGIN CERTIFICATE----- MIIFdzCCBF+gAwIBAgICCOIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjdEQ0QxMTAvBgNVBAUTKDNCRDMwMkZBN0EyRTg2NkE2NzlCMUI2MDk2REI2NzQ1 M0EwM0FCODYwHhcNMjMwOTEyMjAzODE0WhcNMjQxMjAxMDAwMDAwWjAYMRYwFAYD VQQDEw02NTAwY2MzNi1iMzcxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA6XFfElYAh+bvSW2jlMNgN92aq+m8G8P08UKL39YMIQKAUTkbXsiVUbw5+S26 XDYJKYzVnfCVF45OFHXy5UCJ4ljXWtWVZoad0u2gpql1IVMSvv/Y6qGZR6hkDGxS MhfYr5aHcd+fRC1gocyTejG6V8b9VGDwzorhKMMoY/OMnXnyiF/N5BTzKVtn0wM5 YypWrSW6PmUYzBpuiCGbCAeVM0ZNh5H/O52OmZgpM4NHbcdx8y9BjPFD6oY2LeDj h9hdNqhCe7wWbpg5x488SBDGPVaCQaS6NzQYaH8eDW8/UBpFI/3S4IwgZgjidJZu Vor0imE1ipXn1eWjaqD9w49vTQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFPXY6OdW 11WKtlR6zmTzYROZyS5+MB8GA1UdIwQYMBaAFDvTAvp6LoZqZ5sbYJbbZ0U6A6uG MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGN0RDRC84NDQyOEIwRTcz RDExMUVBOUNERUM1MzRDNEY5QUUwMi9POU1DLW5vdWhtcG5teHRnbHR0blJUb0Rx NFkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL085TUMtbm91aG1wbm14dGdsdHRuUlRvRHE0WS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RjdEQ0QvODQ0MjhCMEU3M0QxMTFFQTlDREVDNTM0QzRGOUFFMDIvODU1QUVDRjI5 QjNBMTFFQjlCNzNFQjdCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E FjAUMBIEAgABMAwDBAInbVwDBAFneOQwDQYJKoZIhvcNAQELBQADggEBAEwXUZor bRCuAMZnYePVhnoXFIXVK5yKspoPY69BnfFX2+NLl0u3TTsHkhh+D0IbI9OUyvnQ bvyPATTfuAG1A0kKSDfRoRbIkuS0foepUK10IcHmCzrluxij2gmdPnB9p6vb4vsK UQ/Vlc+6YN2eSfkITzzdIa07cw36N7Ple3I9g0gUCPWjUraoU64hGHKNOu+MP+vB yrgV8ylLiomzvjMVe0oZYuMFH1EIAyBWbbaJTIzu1ZyNA3DIVVCtLZXuEAM0g7Mj bh04g1w0THd2nK0ZimnpS4QSJtYXc8dsvFo3eneA4xvp+TN/SPELgISf+Isyyiix qMR0pY0Fbta4ZAI= -----END CERTIFICATE-----Generated at Sat May 18 22:28:02 2024 by rpki-client on console-ams.rpki-client.org