$ rpki-client -vvf rpki.apnic.net/member_repository/A91F8A41/554140DE87BC11EBB3C08272C4F9AE02/804EBE76E89811EC8CDD1B61C4F9AE02.roa File: 804EBE76E89811EC8CDD1B61C4F9AE02.roa (raw, json) Hash identifier: bAUeoxBtbiQheQo5rWitJs3VRiUoXDry7Vgfb3IUS/8= Subject key identifier: F1:84:E6:AB:7F:4C:07:3F:64:28:30:89:EA:CB:5F:C6:31:BB:B1:2F Certificate issuer: /CN=A91F8A41/serialNumber=CDFEDF2D411C84C36DC3BB6A02FDF1AC50B5BA14 Certificate serial: 0629 Authority key identifier: CD:FE:DF:2D:41:1C:84:C3:6D:C3:BB:6A:02:FD:F1:AC:50:B5:BA:14 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zf7fLUEchMNtw7tqAv3xrFC1uhQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F8A41/554140DE87BC11EBB3C08272C4F9AE02/804EBE76E89811EC8CDD1B61C4F9AE02.roa Signing time: Wed 01 May 2024 01:03:42 +0000 ROA not before: Wed 01 May 2024 01:03:42 +0000 ROA not after: Tue 01 Jul 2025 00:00:00 +0000 asID: 132395 IP address blocks: 103.42.208.0/22 maxlen: 24 202.152.68.0/24 maxlen: 24 202.152.76.0/22 maxlen: 22 202.152.76.0/24 maxlen: 24 202.152.77.0/24 maxlen: 24 202.152.78.0/24 maxlen: 24 202.152.79.0/24 maxlen: 24 202.152.88.0/22 maxlen: 22 202.160.32.0/20 maxlen: 20 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F8A41/554140DE87BC11EBB3C08272C4F9AE02/zf7fLUEchMNtw7tqAv3xrFC1uhQ.crl rsync://rpki.apnic.net/member_repository/A91F8A41/554140DE87BC11EBB3C08272C4F9AE02/zf7fLUEchMNtw7tqAv3xrFC1uhQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zf7fLUEchMNtw7tqAv3xrFC1uhQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 28 May 2024 00:30:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1577 (0x629) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F8A41/serialNumber=CDFEDF2D411C84C36DC3BB6A02FDF1AC50B5BA14 Validity Not Before: May 1 01:03:42 2024 GMT Not After : Jul 1 00:00:00 2025 GMT Subject: CN=663194ee-6760 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:08:94:48:df:bf:a5:7b:53:14:ec:34:f9:71: c7:15:09:83:b0:34:1d:be:cd:ef:9a:29:c2:c3:7d: 1f:8a:b1:cd:74:13:b8:04:ce:b2:70:8a:75:49:1d: 56:2a:2e:40:2e:20:76:eb:b5:5f:a8:c4:e2:81:f7: 1d:80:28:f9:34:68:cc:ef:3a:c1:2d:26:91:f8:ff: f0:70:99:dc:5f:69:d6:33:92:bb:3e:fb:43:c5:2f: 10:a3:c1:d9:3c:f3:1d:dd:9f:fe:e1:51:99:c4:88: 35:f5:01:7e:19:d1:53:ba:78:3e:ad:14:80:eb:1a: 27:07:fa:63:54:5d:4d:6d:6e:16:0e:20:f5:05:10: 23:91:f3:5f:bf:27:2d:2b:32:e7:d0:f6:74:56:d7: 4b:2d:df:ad:d6:0e:c9:18:d1:ab:26:18:6c:76:17: b9:fc:e0:3f:34:c1:b6:cc:8f:00:41:21:3d:3d:c7: 5d:35:9d:35:02:aa:fc:97:7d:9e:73:e3:62:fb:58: 34:67:81:a3:c0:ad:6d:ea:34:9b:aa:fd:0b:63:c6: fd:69:75:f4:13:eb:8c:2c:21:1a:be:d6:fc:39:fb: 67:6d:e9:c7:8e:04:53:ae:02:2c:88:22:34:14:3c: 2a:22:9b:63:77:70:75:e3:d2:20:40:69:2d:c9:8a: e3:2f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F1:84:E6:AB:7F:4C:07:3F:64:28:30:89:EA:CB:5F:C6:31:BB:B1:2F X509v3 Authority Key Identifier: keyid:CD:FE:DF:2D:41:1C:84:C3:6D:C3:BB:6A:02:FD:F1:AC:50:B5:BA:14 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F8A41/554140DE87BC11EBB3C08272C4F9AE02/zf7fLUEchMNtw7tqAv3xrFC1uhQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zf7fLUEchMNtw7tqAv3xrFC1uhQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F8A41/554140DE87BC11EBB3C08272C4F9AE02/804EBE76E89811EC8CDD1B61C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.42.208.0/22 202.152.68.0/24 202.152.76.0/22 202.152.88.0/22 202.160.32.0/20 Signature Algorithm: sha256WithRSAEncryption b2:01:ed:9a:cc:b4:c1:09:74:aa:9e:08:a6:61:e2:7c:b2:d1: b6:28:a2:f8:d1:db:2b:f2:d5:81:db:9e:91:08:65:db:9f:11: dc:36:3b:7c:81:c6:4b:f1:30:2b:4d:0e:c0:df:36:6a:a0:e2: 1e:1b:3c:09:d6:94:a5:69:e8:13:bd:4f:d0:74:4a:6f:73:a0: f7:0a:d0:6c:cf:f8:fb:87:fe:6d:a3:ac:20:0e:fa:be:4b:97: cd:cf:4e:8d:63:83:7e:c6:94:95:81:c4:02:9e:88:85:a7:94: 17:8d:47:cc:71:d0:d5:c8:11:6a:e4:4d:49:ae:be:1e:a3:08: 40:25:0f:fb:5e:86:35:6c:d0:b9:f9:5d:a6:9f:6b:47:37:17: de:af:4f:66:9c:0b:ab:66:bf:05:bf:a2:77:96:7b:cb:e5:65: 6a:b7:15:05:07:02:8a:9a:24:21:86:32:5f:f3:12:43:2f:e6: 91:0d:be:47:66:c9:17:27:df:72:30:22:b5:89:34:74:60:cc: 2e:10:99:e2:a6:5b:6f:9e:bf:5e:84:09:46:57:6e:1d:78:27: 6e:ea:7c:30:32:91:50:e9:c0:df:e0:43:d0:48:84:f8:b9:80: 56:c2:6b:5e:25:57:66:e3:c8:13:0c:1f:54:bb:af:4e:7d:8a: 12:5d:44:f9 -----BEGIN CERTIFICATE----- MIIFiTCCBHGgAwIBAgICBikwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjhBNDExMTAvBgNVBAUTKENERkVERjJENDExQzg0QzM2REMzQkI2QTAyRkRGMUFD NTBCNUJBMTQwHhcNMjQwNTAxMDEwMzQyWhcNMjUwNzAxMDAwMDAwWjAYMRYwFAYD VQQDEw02NjMxOTRlZS02NzYwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwgiUSN+/pXtTFOw0+XHHFQmDsDQdvs3vminCw30firHNdBO4BM6ycIp1SR1W Ki5ALiB267VfqMTigfcdgCj5NGjM7zrBLSaR+P/wcJncX2nWM5K7PvtDxS8Qo8HZ PPMd3Z/+4VGZxIg19QF+GdFTung+rRSA6xonB/pjVF1NbW4WDiD1BRAjkfNfvyct KzLn0PZ0VtdLLd+t1g7JGNGrJhhsdhe5/OA/NMG2zI8AQSE9PcddNZ01Aqr8l32e c+Ni+1g0Z4GjwK1t6jSbqv0LY8b9aXX0E+uMLCEavtb8OftnbenHjgRTrgIsiCI0 FDwqIptjd3B149IgQGktyYrjLwIDAQABo4ICrTCCAqkwHQYDVR0OBBYEFPGE5qt/ TAc/ZCgwierLX8Yxu7EvMB8GA1UdIwQYMBaAFM3+3y1BHITDbcO7agL98axQtboU MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGOEE0MS81NTQxNDBERTg3 QkMxMUVCQjNDMDgyNzJDNEY5QUUwMi96ZjdmTFVFY2hNTnR3N3RxQXYzeHJGQzF1 aFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3pmN2ZMVUVjaE1OdHc3dHFBdjN4ckZDMXVoUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RjhBNDEvNTU0MTQwREU4N0JDMTFFQkIzQzA4MjcyQzRGOUFFMDIvODA0RUJFNzZF ODk4MTFFQzhDREQxQjYxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNwYIKwYBBQUHAQcBAf8E KDAmMCQEAgABMB4DBAJnKtADBADKmEQDBALKmEwDBALKmFgDBATKoCAwDQYJKoZI hvcNAQELBQADggEBALIB7ZrMtMEJdKqeCKZh4nyy0bYoovjR2yvy1YHbnpEIZduf Edw2O3yBxkvxMCtNDsDfNmqg4h4bPAnWlKVp6BO9T9B0Sm9zoPcK0GzP+PuH/m2j rCAO+r5Ll83PTo1jg37GlJWBxAKeiIWnlBeNR8xx0NXIEWrkTUmuvh6jCEAlD/te hjVs0Ln5Xaafa0c3F96vT2acC6tmvwW/oneWe8vlZWq3FQUHAoqaJCGGMl/zEkMv 5pENvkdmyRcn33IwIrWJNHRgzC4QmeKmW2+ev16ECUZXbh14J27qfDAykVDpwN/g Q9BIhPi5gFbCa14lV2bjyBMMH1S7r059ihJdRPk= -----END CERTIFICATE-----Generated at Tue May 21 01:47:06 2024 by rpki-client on console-fra.rpki-client.org