$ rpki-client -vvf rpki.apnic.net/member_repository/A91FDC78/15474008AEAC11EAA6C1D761C4F9AE02/6BC3CFFCAEAF11EAB092EE6BC4F9AE02.roa File: 6BC3CFFCAEAF11EAB092EE6BC4F9AE02.roa (raw, json) Hash identifier: XGbDDV66bAzoojuwchkvz9g9032oFFLBbcaVWzJ0vHs= Subject key identifier: 45:8F:57:88:04:2E:C4:BA:18:3F:29:3A:F4:78:BA:2A:C4:BF:C3:78 Certificate issuer: /CN=A91FDC78/serialNumber=CC57E036431A5EA3C172AA7283401AF3C4AD5C59 Certificate serial: 081E Authority key identifier: CC:57:E0:36:43:1A:5E:A3:C1:72:AA:72:83:40:1A:F3:C4:AD:5C:59 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zFfgNkMaXqPBcqpyg0Aa88StXFk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91FDC78/15474008AEAC11EAA6C1D761C4F9AE02/6BC3CFFCAEAF11EAB092EE6BC4F9AE02.roa Signing time: Tue 02 Apr 2024 22:00:57 +0000 ROA not before: Tue 02 Apr 2024 22:00:56 +0000 ROA not after: Wed 28 May 2025 00:00:00 +0000 asID: 135126 IP address blocks: 43.252.112.0/22 maxlen: 22 43.252.112.0/24 maxlen: 24 43.252.113.0/24 maxlen: 24 43.252.114.0/24 maxlen: 24 43.252.115.0/24 maxlen: 24 103.210.24.0/22 maxlen: 22 103.210.24.0/23 maxlen: 23 103.210.24.0/24 maxlen: 24 103.210.25.0/24 maxlen: 24 103.210.26.0/24 maxlen: 24 103.210.27.0/24 maxlen: 24 180.233.124.0/22 maxlen: 22 180.233.124.0/24 maxlen: 24 180.233.125.0/24 maxlen: 24 180.233.126.0/24 maxlen: 24 180.233.127.0/24 maxlen: 24 2404:78c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91FDC78/15474008AEAC11EAA6C1D761C4F9AE02/zFfgNkMaXqPBcqpyg0Aa88StXFk.crl rsync://rpki.apnic.net/member_repository/A91FDC78/15474008AEAC11EAA6C1D761C4F9AE02/zFfgNkMaXqPBcqpyg0Aa88StXFk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zFfgNkMaXqPBcqpyg0Aa88StXFk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 04 Jun 2024 21:27:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2078 (0x81e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FDC78/serialNumber=CC57E036431A5EA3C172AA7283401AF3C4AD5C59 Validity Not Before: Apr 2 22:00:56 2024 GMT Not After : May 28 00:00:00 2025 GMT Subject: CN=660c8018-4d55 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:64:f6:d6:30:40:53:82:4b:78:97:6c:37:4e: 71:e2:e2:8d:2a:bd:39:f9:ee:6d:23:69:57:6a:f1: 10:65:47:4d:de:d0:ee:57:ed:dc:da:f7:30:7f:d3: 5e:39:9e:c2:58:03:56:5b:42:52:5e:7e:a2:17:9b: 86:e2:8c:a5:7a:5b:8b:25:e8:d8:c9:95:83:71:d1: 97:2c:21:ce:32:86:1a:56:8b:c9:fd:a3:b1:62:1d: 4e:13:f0:1d:4c:e5:bb:1c:55:66:4c:91:38:1c:68: 80:60:02:bc:2b:9b:f9:85:03:52:1d:5d:ca:ba:2e: a9:00:fc:3f:be:29:0a:7e:a6:95:be:e8:b3:95:4e: 5d:05:44:d3:a0:be:7d:de:69:de:db:b4:bb:54:d2: d7:65:e2:28:7f:62:aa:dc:0a:94:11:56:d5:59:2a: 9a:df:d7:0f:bf:b5:9f:cb:86:11:9d:a8:9d:4e:8f: 2e:a5:67:82:6f:59:13:53:ea:0c:8c:1e:87:cb:f6: 23:d1:3c:ac:69:51:d9:a1:bd:51:c8:25:4e:df:66: 2a:4b:81:06:b9:e4:49:b9:f7:68:cc:f5:f2:41:93: 8c:a2:75:89:00:e9:c2:62:78:05:c0:53:d6:12:80: a1:d6:d7:7e:4e:94:14:e6:cc:7c:35:d4:6b:b0:14: 69:7b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 45:8F:57:88:04:2E:C4:BA:18:3F:29:3A:F4:78:BA:2A:C4:BF:C3:78 X509v3 Authority Key Identifier: keyid:CC:57:E0:36:43:1A:5E:A3:C1:72:AA:72:83:40:1A:F3:C4:AD:5C:59 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91FDC78/15474008AEAC11EAA6C1D761C4F9AE02/zFfgNkMaXqPBcqpyg0Aa88StXFk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zFfgNkMaXqPBcqpyg0Aa88StXFk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FDC78/15474008AEAC11EAA6C1D761C4F9AE02/6BC3CFFCAEAF11EAB092EE6BC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.252.112.0/22 103.210.24.0/22 180.233.124.0/22 IPv6: 2404:78c0::/48 Signature Algorithm: sha256WithRSAEncryption 2b:fd:99:54:2c:d0:ed:3b:78:6b:3e:e1:89:df:40:07:8d:d3: f2:38:e8:31:54:d0:ff:97:79:53:31:7d:93:ff:b4:64:1a:d6: 86:36:4f:1d:8f:9f:6a:97:90:97:f0:c1:02:66:1d:d5:15:57: 96:a4:bc:00:e0:7e:bf:79:1c:16:63:69:08:c1:09:1a:c8:f1: 3d:a0:ae:a8:c0:cf:41:28:2c:7f:7d:03:d8:56:fd:ea:f3:19: 0b:db:42:06:8c:83:ad:ca:ee:ae:90:10:b2:ff:8e:6c:40:81: 50:56:a6:2a:cf:c6:8b:c0:f7:3a:bc:7c:9a:a7:20:aa:8a:a9: 19:00:e2:f4:46:2a:48:58:1c:e6:73:52:55:ce:5a:29:22:77: b7:26:df:a2:a6:f9:72:cc:07:77:d9:19:30:d3:b9:67:96:13: d8:86:1c:ed:eb:c0:ce:ab:91:11:e8:9b:fb:fe:30:cd:2c:87: 9c:b3:7c:27:a9:94:34:7b:ea:09:75:76:99:f4:8f:d3:1a:a2: 5e:0a:2e:ea:30:d3:ef:87:7b:18:fa:b2:21:a0:0c:df:a9:76: 22:77:fa:7a:24:9a:ee:1b:60:c2:56:61:39:30:c8:9a:eb:50: ec:ee:16:58:8f:76:59:fa:47:48:3d:82:e9:f7:f4:1f:42:5f: 0f:8d:37:5d -----BEGIN CERTIFICATE----- MIIFjjCCBHagAwIBAgICCB4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RkRDNzgxMTAvBgNVBAUTKENDNTdFMDM2NDMxQTVFQTNDMTcyQUE3MjgzNDAxQUYz QzRBRDVDNTkwHhcNMjQwNDAyMjIwMDU2WhcNMjUwNTI4MDAwMDAwWjAYMRYwFAYD VQQDEw02NjBjODAxOC00ZDU1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwmT21jBAU4JLeJdsN05x4uKNKr05+e5tI2lXavEQZUdN3tDuV+3c2vcwf9Ne OZ7CWANWW0JSXn6iF5uG4oyleluLJejYyZWDcdGXLCHOMoYaVovJ/aOxYh1OE/Ad TOW7HFVmTJE4HGiAYAK8K5v5hQNSHV3Kui6pAPw/vikKfqaVvuizlU5dBUTToL59 3mne27S7VNLXZeIof2Kq3AqUEVbVWSqa39cPv7Wfy4YRnaidTo8upWeCb1kTU+oM jB6Hy/Yj0TysaVHZob1RyCVO32YqS4EGueRJufdozPXyQZOMonWJAOnCYngFwFPW EoCh1td+TpQU5sx8NdRrsBRpewIDAQABo4ICsjCCAq4wHQYDVR0OBBYEFEWPV4gE LsS6GD8pOvR4uirEv8N4MB8GA1UdIwQYMBaAFMxX4DZDGl6jwXKqcoNAGvPErVxZ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGREM3OC8xNTQ3NDAwOEFF QUMxMUVBQTZDMUQ3NjFDNEY5QUUwMi96RmZnTmtNYVhxUEJjcXB5ZzBBYTg4U3RY RmsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3pGZmdOa01hWHFQQmNxcHlnMEFhODhTdFhGay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RkRDNzgvMTU0NzQwMDhBRUFDMTFFQUE2QzFENzYxQzRGOUFFMDIvNkJDM0NGRkNB RUFGMTFFQUIwOTJFRTZCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwPAYIKwYBBQUHAQcBAf8E LTArMBgEAgABMBIDBAIr/HADBAJn0hgDBAK06XwwDwQCAAIwCQMHACQEeMAAADAN BgkqhkiG9w0BAQsFAAOCAQEAK/2ZVCzQ7Tt4az7hid9AB43T8jjoMVTQ/5d5UzF9 k/+0ZBrWhjZPHY+fapeQl/DBAmYd1RVXlqS8AOB+v3kcFmNpCMEJGsjxPaCuqMDP QSgsf30D2Fb96vMZC9tCBoyDrcrurpAQsv+ObECBUFamKs/Gi8D3Orx8mqcgqoqp GQDi9EYqSFgc5nNSVc5aKSJ3tybfoqb5cswHd9kZMNO5Z5YT2IYc7evAzquREeib +/4wzSyHnLN8J6mUNHvqCXV2mfSP0xqiXgou6jDT74d7GPqyIaAM36l2Inf6eiSa 7htgwlZhOTDImutQ7O4WWI92WfpHSD2C6ff0H0JfD403XQ== -----END CERTIFICATE-----Generated at Tue May 28 22:51:44 2024 by rpki-client on console-ams.rpki-client.org