$ rpki-client -vvf rpki.apnic.net/member_repository/A91FA92A/45797C5C5A4D11E799F46B74C4F9AE02/3A1C441A5A4E11E7965D9A75C4F9AE02.roa File: 3A1C441A5A4E11E7965D9A75C4F9AE02.roa (raw, json) Hash identifier: 229M5wQ79kMkp7IyMNbQzPN9ua0MSiyhRdYezXrdYlI= Subject key identifier: 0F:2B:5A:64:97:A1:E8:FF:75:F9:10:E3:15:27:42:AF:95:18:AC:A9 Certificate issuer: /CN=A91FA92A/serialNumber=A7EC2258682F6FAE9F8438FA2627189E542F4DEF Certificate serial: 18D5 Authority key identifier: A7:EC:22:58:68:2F:6F:AE:9F:84:38:FA:26:27:18:9E:54:2F:4D:EF Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/p-wiWGgvb66fhDj6JicYnlQvTe8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91FA92A/45797C5C5A4D11E799F46B74C4F9AE02/3A1C441A5A4E11E7965D9A75C4F9AE02.roa Signing time: Fri 08 Dec 2023 17:04:09 +0000 ROA not before: Fri 08 Dec 2023 17:04:09 +0000 ROA not after: Fri 31 Jan 2025 00:00:00 +0000 asID: 135666 IP address blocks: 43.230.208.0/24 maxlen: 24 103.78.111.0/24 maxlen: 24 103.78.116.0/23 maxlen: 24 103.252.84.0/24 maxlen: 24 2400:1440::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91FA92A/45797C5C5A4D11E799F46B74C4F9AE02/p-wiWGgvb66fhDj6JicYnlQvTe8.crl rsync://rpki.apnic.net/member_repository/A91FA92A/45797C5C5A4D11E799F46B74C4F9AE02/p-wiWGgvb66fhDj6JicYnlQvTe8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/p-wiWGgvb66fhDj6JicYnlQvTe8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 23 May 2024 16:01:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6357 (0x18d5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FA92A/serialNumber=A7EC2258682F6FAE9F8438FA2627189E542F4DEF Validity Not Before: Dec 8 17:04:09 2023 GMT Not After : Jan 31 00:00:00 2025 GMT Subject: CN=65734c89-31df Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:cc:7a:8f:53:f8:90:1c:fe:4b:f5:79:62:76: 39:35:37:bc:8f:2c:7f:b2:f7:8b:d4:cf:59:69:80: b0:1a:60:59:3c:5b:48:82:00:db:9f:db:d5:fb:4d: 7f:41:49:44:77:5a:17:d6:2c:35:0c:a4:59:88:6b: ea:8d:43:8b:df:59:b7:16:02:19:2e:40:ce:b2:12: b4:1c:70:6b:6d:a8:95:02:20:40:c9:c3:cb:73:7d: 3c:1c:bb:ea:52:6a:95:6a:12:b1:e5:87:2c:4f:dd: 3f:d4:cf:84:76:a6:65:e3:3f:eb:85:ca:87:61:3d: a2:04:62:66:09:72:53:02:c6:b6:1e:86:dc:55:aa: 0a:62:3c:3e:6a:38:df:1e:75:4e:c0:9e:1a:ad:3b: 37:df:6d:c0:58:d5:72:8a:de:13:18:9b:7c:a6:93: ad:30:46:b5:f7:c8:ab:bb:df:c1:b2:6b:33:86:d3: 2b:ab:e1:9e:b3:be:ee:f1:a0:ed:ee:d9:52:51:e2: ea:69:d9:73:4c:bb:54:98:67:ad:d8:cb:93:33:54: 16:4c:5a:a3:db:bb:ca:0a:5a:e2:f9:f0:2b:a2:a8: a9:bb:3c:fa:fd:cd:05:14:59:03:2e:05:74:e7:31: 91:e3:0a:a8:fc:1e:5d:df:df:dd:6b:fa:d4:d2:8c: e1:21 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0F:2B:5A:64:97:A1:E8:FF:75:F9:10:E3:15:27:42:AF:95:18:AC:A9 X509v3 Authority Key Identifier: keyid:A7:EC:22:58:68:2F:6F:AE:9F:84:38:FA:26:27:18:9E:54:2F:4D:EF X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91FA92A/45797C5C5A4D11E799F46B74C4F9AE02/p-wiWGgvb66fhDj6JicYnlQvTe8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/p-wiWGgvb66fhDj6JicYnlQvTe8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FA92A/45797C5C5A4D11E799F46B74C4F9AE02/3A1C441A5A4E11E7965D9A75C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.230.208.0/24 103.78.111.0/24 103.78.116.0/23 103.252.84.0/24 IPv6: 2400:1440::/32 Signature Algorithm: sha256WithRSAEncryption b3:2a:74:5c:98:e3:18:51:f4:03:51:e7:11:52:75:f9:24:e3: a7:a1:bd:04:78:63:e1:38:4e:87:99:74:b8:fb:47:38:1a:4f: e6:e4:87:b0:48:38:89:7e:ec:4b:57:c4:8f:a9:47:19:2b:c0: 45:5d:4c:e0:07:4a:18:d7:28:60:91:33:c5:ae:31:c1:a8:55: c5:6a:f4:f5:ac:b2:3b:e9:dd:c2:ad:d7:eb:f2:8f:30:1e:9c: f5:07:cb:75:6c:c3:14:f1:1b:62:e4:75:80:e1:53:8f:79:ae: 7f:e8:7c:85:a0:0d:4f:06:c9:b1:4a:8f:85:05:87:f3:04:e3: 94:9f:df:3a:0d:de:6e:0b:56:06:a8:d2:61:bd:e4:a7:3d:4e: cf:ed:c1:b8:a7:6a:d5:74:9e:e0:aa:11:0d:6f:c1:eb:d8:dd: fc:0e:4d:dc:1a:9e:07:f1:45:e3:d5:90:5c:ad:19:b4:3d:fe: 61:c0:f1:7a:27:15:1f:79:8c:38:af:2d:e0:b2:c2:59:f3:8a: 5d:cf:c6:f9:22:42:70:37:50:48:a4:8a:0b:f2:58:91:bb:f9: 73:7c:91:8b:37:08:7c:39:f8:83:99:0a:47:e8:72:b2:62:03: 89:55:39:89:66:4c:2e:11:ce:da:49:94:9f:52:f2:40:1f:2b: 6c:af:3b:56 -----BEGIN CERTIFICATE----- MIIFkjCCBHqgAwIBAgICGNUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RkE5MkExMTAvBgNVBAUTKEE3RUMyMjU4NjgyRjZGQUU5Rjg0MzhGQTI2MjcxODlF NTQyRjRERUYwHhcNMjMxMjA4MTcwNDA5WhcNMjUwMTMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NTczNGM4OS0zMWRmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwsx6j1P4kBz+S/V5YnY5NTe8jyx/sveL1M9ZaYCwGmBZPFtIggDbn9vV+01/ QUlEd1oX1iw1DKRZiGvqjUOL31m3FgIZLkDOshK0HHBrbaiVAiBAycPLc308HLvq UmqVahKx5YcsT90/1M+EdqZl4z/rhcqHYT2iBGJmCXJTAsa2HobcVaoKYjw+ajjf HnVOwJ4arTs3323AWNVyit4TGJt8ppOtMEa198iru9/BsmszhtMrq+Ges77u8aDt 7tlSUeLqadlzTLtUmGet2MuTM1QWTFqj27vKClri+fAroqipuzz6/c0FFFkDLgV0 5zGR4wqo/B5d39/da/rU0ozhIQIDAQABo4ICtjCCArIwHQYDVR0OBBYEFA8rWmSX oej/dfkQ4xUnQq+VGKypMB8GA1UdIwQYMBaAFKfsIlhoL2+un4Q4+iYnGJ5UL03v MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGQTkyQS80NTc5N0M1QzVB NEQxMUU3OTlGNDZCNzRDNEY5QUUwMi9wLXdpV0dndmI2NmZoRGo2SmljWW5sUXZU ZTguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3Atd2lXR2d2YjY2ZmhEajZKaWNZbmxRdlRlOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RkE5MkEvNDU3OTdDNUM1QTREMTFFNzk5RjQ2Qjc0QzRGOUFFMDIvM0ExQzQ0MUE1 QTRFMTFFNzk2NUQ5QTc1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQAYIKwYBBQUHAQcBAf8E MTAvMB4EAgABMBgDBAAr5tADBABnTm8DBAFnTnQDBABn/FQwDQQCAAIwBwMFACQA FEAwDQYJKoZIhvcNAQELBQADggEBALMqdFyY4xhR9ANR5xFSdfkk46ehvQR4Y+E4 ToeZdLj7RzgaT+bkh7BIOIl+7EtXxI+pRxkrwEVdTOAHShjXKGCRM8WuMcGoVcVq 9PWssjvp3cKt1+vyjzAenPUHy3VswxTxG2LkdYDhU495rn/ofIWgDU8GybFKj4UF h/ME45Sf3zoN3m4LVgao0mG95Kc9Ts/twbinatV0nuCqEQ1vwevY3fwOTdwangfx RePVkFytGbQ9/mHA8XonFR95jDivLeCywlnzil3PxvkiQnA3UEikigvyWJG7+XN8 kYs3CHw5+IOZCkfocrJiA4lVOYlmTC4RztpJlJ9S8kAfK2yvO1Y= -----END CERTIFICATE-----Generated at Thu May 16 17:51:54 2024 by rpki-client on console-ams.rpki-client.org