$ rpki-client -vvf rpki.apnic.net/member_repository/A911EA9E/66E0C6384A0711EEA1BF5030C4F9AE02/C7C28CAC4A0711EEBE153131C4F9AE02.roa File: C7C28CAC4A0711EEBE153131C4F9AE02.roa (raw, json) Hash identifier: h8ryCSY3VtLE8rJLGDkskzinHxO0ZE2CrFOuNn/YGBQ= Subject key identifier: 69:D5:D0:A7:54:E0:10:75:90:08:2E:64:99:D3:AF:1D:66:BA:2E:43 Certificate issuer: /CN=A911EA9E/serialNumber=D6757FC32409DBC2F22B62C319B9E44DB9EA0799 Certificate serial: 44 Authority key identifier: D6:75:7F:C3:24:09:DB:C2:F2:2B:62:C3:19:B9:E4:4D:B9:EA:07:99 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1nV_wyQJ28LyK2LDGbnkTbnqB5k.cer Subject info access: rsync://rpki.apnic.net/member_repository/A911EA9E/66E0C6384A0711EEA1BF5030C4F9AE02/C7C28CAC4A0711EEBE153131C4F9AE02.roa Signing time: Wed 10 Jan 2024 05:29:34 +0000 ROA not before: Wed 10 Jan 2024 05:29:34 +0000 ROA not after: Sun 01 Dec 2024 00:00:00 +0000 asID: 151650 IP address blocks: 103.249.198.0/23 maxlen: 23 103.249.198.0/24 maxlen: 24 103.249.199.0/24 maxlen: 24 2401:2260::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A911EA9E/66E0C6384A0711EEA1BF5030C4F9AE02/1nV_wyQJ28LyK2LDGbnkTbnqB5k.crl rsync://rpki.apnic.net/member_repository/A911EA9E/66E0C6384A0711EEA1BF5030C4F9AE02/1nV_wyQJ28LyK2LDGbnkTbnqB5k.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1nV_wyQJ28LyK2LDGbnkTbnqB5k.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 08 Jun 2024 07:43:47 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 68 (0x44) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A911EA9E/serialNumber=D6757FC32409DBC2F22B62C319B9E44DB9EA0799 Validity Not Before: Jan 10 05:29:34 2024 GMT Not After : Dec 1 00:00:00 2024 GMT Subject: CN=659e2b3e-45f8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:5f:ea:4b:d7:e5:36:28:d1:ae:81:ea:c9:c5: 21:f9:b5:43:78:b1:87:aa:47:50:86:b4:44:97:20: 17:45:2d:8b:3c:1a:46:26:bb:bc:aa:d0:88:d6:6a: a9:fe:15:cf:b3:c3:71:68:f9:c5:a5:c6:66:1d:af: c6:fc:52:1e:4b:f2:bc:10:44:24:ab:95:17:e4:20: dc:fb:bd:ac:d4:ff:f2:6c:57:4a:42:8c:2e:f6:9d: f8:6a:04:4e:ab:f3:29:25:f2:07:1c:48:99:8d:8d: 6d:90:06:cb:7e:e3:6b:d0:a4:86:10:66:44:b3:e2: 84:43:75:e4:0b:4f:06:85:2d:f8:f5:e3:23:31:bb: c8:fd:ff:d2:38:26:32:5f:6f:83:67:82:56:87:a7: d1:62:46:97:42:a4:8d:55:dc:fa:f4:3d:d7:f9:c7: f5:f3:67:3b:60:e8:01:39:24:0d:32:3a:bc:15:98: d7:27:d2:ac:cb:31:0b:71:67:38:97:24:ac:ab:03: 08:7d:27:f0:b4:60:5a:98:f8:1b:fc:25:64:10:ad: db:b6:8d:2c:ba:eb:08:24:39:c6:8d:09:d7:50:75: b7:2d:e8:39:b1:d8:11:bb:cf:41:c4:a4:86:e4:e8: 1a:9d:96:51:56:83:53:5b:7c:ae:9a:dd:fb:e6:1a: 61:e9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 69:D5:D0:A7:54:E0:10:75:90:08:2E:64:99:D3:AF:1D:66:BA:2E:43 X509v3 Authority Key Identifier: keyid:D6:75:7F:C3:24:09:DB:C2:F2:2B:62:C3:19:B9:E4:4D:B9:EA:07:99 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A911EA9E/66E0C6384A0711EEA1BF5030C4F9AE02/1nV_wyQJ28LyK2LDGbnkTbnqB5k.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1nV_wyQJ28LyK2LDGbnkTbnqB5k.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911EA9E/66E0C6384A0711EEA1BF5030C4F9AE02/C7C28CAC4A0711EEBE153131C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.249.198.0/23 IPv6: 2401:2260::/32 Signature Algorithm: sha256WithRSAEncryption 05:3c:ad:2d:06:55:82:3d:a3:26:3c:1e:6e:c3:e1:48:a6:4c: 96:f1:df:b3:9e:8b:48:45:24:13:c7:42:df:42:2d:22:c5:62: c7:55:c7:b9:39:4d:f3:20:89:66:d9:bf:ce:c6:15:89:00:d3: 25:43:0c:0a:db:5d:ee:32:b0:72:bb:18:f9:65:f8:18:af:46: ba:42:81:e2:6f:c0:6e:a4:63:17:b8:45:dd:ce:0f:b5:58:4e: ff:a6:a8:2b:6d:e3:8b:60:7f:02:7a:7e:09:ad:78:52:60:93: 4b:04:79:0c:c3:61:20:2c:55:81:a1:bb:f3:ed:71:f4:95:4f: f1:fa:2f:59:af:db:e2:80:70:7a:c8:2f:93:32:bd:e1:27:71: d3:eb:77:be:14:89:60:0d:4b:fa:73:dc:a4:f3:40:81:71:cb: 88:38:20:c6:cd:cb:8d:ff:8d:b3:9e:d0:a5:37:fc:ea:ec:d2: 28:39:65:f0:d0:d6:87:be:d5:df:74:12:b8:44:93:99:4a:ad: 33:f0:f8:d0:bf:ae:80:81:86:4a:a2:37:8c:32:c0:6b:ac:ff: bb:d4:a4:e4:20:d2:89:91:20:54:be:df:57:27:11:e8:7c:dd: 5f:5a:b9:ef:2a:8b:22:f1:d6:81:ed:03:46:50:44:ae:6c:1b: 04:73:6a:0d -----BEGIN CERTIFICATE----- MIIFfzCCBGegAwIBAgIBRDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEx RUE5RTExMC8GA1UEBRMoRDY3NTdGQzMyNDA5REJDMkYyMkI2MkMzMTlCOUU0NERC OUVBMDc5OTAeFw0yNDAxMTAwNTI5MzRaFw0yNDEyMDEwMDAwMDBaMBgxFjAUBgNV BAMTDTY1OWUyYjNlLTQ1ZjgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCvX+pL1+U2KNGugerJxSH5tUN4sYeqR1CGtESXIBdFLYs8GkYmu7yq0IjWaqn+ Fc+zw3Fo+cWlxmYdr8b8Uh5L8rwQRCSrlRfkINz7vazU//JsV0pCjC72nfhqBE6r 8ykl8gccSJmNjW2QBst+42vQpIYQZkSz4oRDdeQLTwaFLfj14yMxu8j9/9I4JjJf b4NnglaHp9FiRpdCpI1V3Pr0Pdf5x/XzZztg6AE5JA0yOrwVmNcn0qzLMQtxZziX JKyrAwh9J/C0YFqY+Bv8JWQQrdu2jSy66wgkOcaNCddQdbct6Dmx2BG7z0HEpIbk 6BqdllFWg1NbfK6a3fvmGmHpAgMBAAGjggKkMIICoDAdBgNVHQ4EFgQUadXQp1Tg EHWQCC5kmdOvHWa6LkMwHwYDVR0jBBgwFoAU1nV/wyQJ28LyK2LDGbnkTbnqB5kw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTFFQTlFLzY2RTBDNjM4NEEw NzExRUVBMUJGNTAzMEM0RjlBRTAyLzFuVl93eVFKMjhMeUsyTERHYm5rVGJucUI1 ay5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvMW5WX3d5UUoyOEx5SzJMREdibmtUYm5xQjVrLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx RUE5RS82NkUwQzYzODRBMDcxMUVFQTFCRjUwMzBDNEY5QUUwMi9DN0MyOENBQzRB MDcxMUVFQkUxNTMxMzFDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAuBggrBgEFBQcBBwEB/wQf MB0wDAQCAAEwBgMEAWf5xjANBAIAAjAHAwUAJAEiYDANBgkqhkiG9w0BAQsFAAOC AQEABTytLQZVgj2jJjwebsPhSKZMlvHfs56LSEUkE8dC30ItIsVix1XHuTlN8yCJ Ztm/zsYViQDTJUMMCttd7jKwcrsY+WX4GK9GukKB4m/AbqRjF7hF3c4PtVhO/6ao K23ji2B/Anp+Ca14UmCTSwR5DMNhICxVgaG78+1x9JVP8fovWa/b4oBwesgvkzK9 4Sdx0+t3vhSJYA1L+nPcpPNAgXHLiDggxs3Ljf+Ns57QpTf86uzSKDll8NDWh77V 33QSuESTmUqtM/D40L+ugIGGSqI3jDLAa6z/u9Sk5CDSiZEgVL7fVycR6HzdX1q5 7yqLIvHWge0DRlBErmwbBHNqDQ== -----END CERTIFICATE-----Generated at Sat Jun 1 09:10:28 2024 by rpki-client on console-fra.rpki-client.org