$ rpki-client -vvf rpki.apnic.net/member_repository/A91FB103/2FB9850893FB11EE968EE442C4F9AE02/88EF68A493FB11EEB38F6C43C4F9AE02.roa File: 88EF68A493FB11EEB38F6C43C4F9AE02.roa (raw, json) Hash identifier: N7gXYPnxWIl9zdSTmIwWyh3CoXzXJ9+PxoO1xsssmaU= Subject key identifier: 06:3C:93:56:74:16:20:78:DC:E7:05:94:5E:47:0D:AD:20:CC:2C:40 Certificate issuer: /CN=A91FB103/serialNumber=545C47C0E4313338DC9B4402C12BADCB4E9857C1 Certificate serial: 1D Authority key identifier: 54:5C:47:C0:E4:31:33:38:DC:9B:44:02:C1:2B:AD:CB:4E:98:57:C1 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VFxHwOQxMzjcm0QCwSuty06YV8E.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91FB103/2FB9850893FB11EE968EE442C4F9AE02/88EF68A493FB11EEB38F6C43C4F9AE02.roa Signing time: Sun 14 Jan 2024 06:09:33 +0000 ROA not before: Sun 14 Jan 2024 06:09:33 +0000 ROA not after: Sun 02 Mar 2025 00:00:00 +0000 asID: 152138 IP address blocks: 210.87.68.0/23 maxlen: 23 210.87.68.0/24 maxlen: 24 210.87.69.0/24 maxlen: 24 2001:df3:3dc0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91FB103/2FB9850893FB11EE968EE442C4F9AE02/VFxHwOQxMzjcm0QCwSuty06YV8E.crl rsync://rpki.apnic.net/member_repository/A91FB103/2FB9850893FB11EE968EE442C4F9AE02/VFxHwOQxMzjcm0QCwSuty06YV8E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VFxHwOQxMzjcm0QCwSuty06YV8E.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 07 Jun 2024 07:27:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 29 (0x1d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FB103/serialNumber=545C47C0E4313338DC9B4402C12BADCB4E9857C1 Validity Not Before: Jan 14 06:09:33 2024 GMT Not After : Mar 2 00:00:00 2025 GMT Subject: CN=65a37a9d-5c54 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:a5:6f:4f:fb:81:c7:20:91:24:61:f8:ff:5b: 8d:9f:db:22:43:2f:50:42:d0:39:11:87:fc:83:a0: 77:e4:43:52:2e:1b:19:c4:ae:5c:f4:6b:61:19:26: 69:8d:35:db:17:e4:62:2f:57:f7:58:69:69:95:a3: 64:9a:69:ad:fd:7c:f3:1e:3c:33:1f:d5:ef:31:ae: df:f4:99:ee:c4:c3:bc:09:94:6a:32:78:28:6d:09: 82:e1:85:81:fd:c3:2a:97:93:f6:d6:99:20:0a:ef: a3:5f:2a:6b:fc:c7:7a:26:3a:68:18:0d:dd:f2:0b: b7:89:00:be:a4:d6:5e:1b:34:cb:e5:5d:b3:51:e3: 65:44:cd:67:e4:f6:36:21:29:4d:05:3a:33:3a:ec: 73:2d:5e:2b:e0:f5:c2:48:08:e4:16:fa:bc:91:28: c2:66:4e:10:86:6b:a1:a1:dd:20:94:b4:a0:20:ac: d8:a1:60:ad:9c:c1:bd:70:b5:49:79:de:bd:d9:23: ff:b1:56:24:fd:e4:af:ab:42:8c:85:c3:34:1a:9d: eb:74:01:12:57:2c:53:34:92:9f:67:c2:73:d9:91: 78:b4:c5:50:af:ab:94:cd:45:6b:06:59:ae:7e:1d: 10:8b:dd:d0:48:85:ac:26:2a:83:7c:f8:84:31:7b: 0c:7f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 06:3C:93:56:74:16:20:78:DC:E7:05:94:5E:47:0D:AD:20:CC:2C:40 X509v3 Authority Key Identifier: keyid:54:5C:47:C0:E4:31:33:38:DC:9B:44:02:C1:2B:AD:CB:4E:98:57:C1 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91FB103/2FB9850893FB11EE968EE442C4F9AE02/VFxHwOQxMzjcm0QCwSuty06YV8E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VFxHwOQxMzjcm0QCwSuty06YV8E.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FB103/2FB9850893FB11EE968EE442C4F9AE02/88EF68A493FB11EEB38F6C43C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 210.87.68.0/23 IPv6: 2001:df3:3dc0::/48 Signature Algorithm: sha256WithRSAEncryption 03:6a:13:4b:10:ff:12:c1:34:37:0e:d0:b4:c0:c5:0b:e5:29: 2e:71:52:8b:03:aa:6f:c0:98:8d:bc:85:44:c2:56:81:a2:71: 71:27:40:3f:f5:db:82:7c:85:f8:68:0a:95:53:f3:ed:ca:b8: 65:2b:19:d1:8e:bc:1f:92:9d:04:e3:e1:d4:f1:c5:74:9b:08: f3:29:14:34:94:27:93:93:45:33:22:eb:4f:27:b3:9b:fe:2a: 57:42:91:61:63:73:2e:d7:3e:dd:5a:76:2d:18:f7:f8:09:7e: 2f:2d:a3:5a:bd:0b:3b:f7:53:8e:56:21:f7:68:2c:93:ad:d9: e9:e1:d7:2c:ec:cd:5e:68:04:66:4e:03:20:33:64:ea:51:d4: 94:aa:3a:cc:9f:49:5f:6c:d4:a6:45:47:64:ff:a2:5c:3b:9c: 81:b0:bd:ed:25:45:c6:2c:12:ac:5f:dc:a7:e9:87:fd:11:70: 28:24:38:86:62:0f:7d:47:90:db:7d:e7:c0:5e:03:f1:ad:f6: 5f:df:72:fc:d8:d6:15:21:c8:e3:9d:54:a2:e0:5f:ef:22:db: 0a:10:84:46:02:81:10:51:a4:be:33:c7:49:33:d2:a9:4f:e5: 2f:dc:ce:b8:b8:b3:36:38:b3:42:8c:d1:12:e0:0d:b5:48:7f: e9:94:16:50 -----BEGIN CERTIFICATE----- MIIFgTCCBGmgAwIBAgIBHTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFG QjEwMzExMC8GA1UEBRMoNTQ1QzQ3QzBFNDMxMzMzOERDOUI0NDAyQzEyQkFEQ0I0 RTk4NTdDMTAeFw0yNDAxMTQwNjA5MzNaFw0yNTAzMDIwMDAwMDBaMBgxFjAUBgNV BAMTDTY1YTM3YTlkLTVjNTQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQC6pW9P+4HHIJEkYfj/W42f2yJDL1BC0DkRh/yDoHfkQ1IuGxnErlz0a2EZJmmN NdsX5GIvV/dYaWmVo2Saaa39fPMePDMf1e8xrt/0me7Ew7wJlGoyeChtCYLhhYH9 wyqXk/bWmSAK76NfKmv8x3omOmgYDd3yC7eJAL6k1l4bNMvlXbNR42VEzWfk9jYh KU0FOjM67HMtXivg9cJICOQW+ryRKMJmThCGa6Gh3SCUtKAgrNihYK2cwb1wtUl5 3r3ZI/+xViT95K+rQoyFwzQanet0ARJXLFM0kp9nwnPZkXi0xVCvq5TNRWsGWa5+ HRCL3dBIhawmKoN8+IQxewx/AgMBAAGjggKmMIICojAdBgNVHQ4EFgQUBjyTVnQW IHjc5wWUXkcNrSDMLEAwHwYDVR0jBBgwFoAUVFxHwOQxMzjcm0QCwSuty06YV8Ew DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUZCMTAzLzJGQjk4NTA4OTNG QjExRUU5NjhFRTQ0MkM0RjlBRTAyL1ZGeEh3T1F4TXpqY20wUUN3U3V0eTA2WVY4 RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvVkZ4SHdPUXhNempjbTBRQ3dTdXR5MDZZVjhFLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG QjEwMy8yRkI5ODUwODkzRkIxMUVFOTY4RUU0NDJDNEY5QUUwMi84OEVGNjhBNDkz RkIxMUVFQjM4RjZDNDNDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAwBggrBgEFBQcBBwEB/wQh MB8wDAQCAAEwBgMEAdJXRDAPBAIAAjAJAwcAIAEN8z3AMA0GCSqGSIb3DQEBCwUA A4IBAQADahNLEP8SwTQ3DtC0wMUL5SkucVKLA6pvwJiNvIVEwlaBonFxJ0A/9duC fIX4aAqVU/PtyrhlKxnRjrwfkp0E4+HU8cV0mwjzKRQ0lCeTk0UzIutPJ7Ob/ipX QpFhY3Mu1z7dWnYtGPf4CX4vLaNavQs791OOViH3aCyTrdnp4dcs7M1eaARmTgMg M2TqUdSUqjrMn0lfbNSmRUdk/6JcO5yBsL3tJUXGLBKsX9yn6Yf9EXAoJDiGYg99 R5DbfefAXgPxrfZf33L82NYVIcjjnVSi4F/vItsKEIRGAoEQUaS+M8dJM9KpT+Uv 3M64uLM2OLNCjNES4A21SH/plBZQ -----END CERTIFICATE-----Generated at Fri May 31 10:02:48 2024 by rpki-client on console-ams.rpki-client.org