$ rpki-client -vvf rpki.apnic.net/member_repository/A9153AA6/9C3D87E6F52411E79644B009C4F9AE02/99C6F94CF52511E7948D5A0BC4F9AE02.roa File: 99C6F94CF52511E7948D5A0BC4F9AE02.roa (raw, json) Hash identifier: +YVTXBVMB4NVDrSuu5VfKltIOz41e+WgOeU4jEE7Kc8= Subject key identifier: 62:44:57:9A:6B:DB:41:87:FB:BD:13:3D:05:03:E3:24:AB:DB:79:02 Certificate issuer: /CN=A9153AA6/serialNumber=E5C3A686C83DEE6D33BFEC541EACB4A4A0899279 Certificate serial: 157F Authority key identifier: E5:C3:A6:86:C8:3D:EE:6D:33:BF:EC:54:1E:AC:B4:A4:A0:89:92:79 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5cOmhsg97m0zv-xUHqy0pKCJknk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9153AA6/9C3D87E6F52411E79644B009C4F9AE02/99C6F94CF52511E7948D5A0BC4F9AE02.roa Signing time: Thu 24 Aug 2023 17:14:24 +0000 ROA not before: Thu 24 Aug 2023 17:14:24 +0000 ROA not after: Mon 30 Sep 2024 00:00:00 +0000 asID: 132365 IP address blocks: 103.72.109.0/24 maxlen: 24 103.90.0.0/23 maxlen: 23 103.90.0.0/24 maxlen: 24 103.90.1.0/24 maxlen: 24 103.90.2.0/24 maxlen: 24 2401:3b40::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9153AA6/9C3D87E6F52411E79644B009C4F9AE02/5cOmhsg97m0zv-xUHqy0pKCJknk.crl rsync://rpki.apnic.net/member_repository/A9153AA6/9C3D87E6F52411E79644B009C4F9AE02/5cOmhsg97m0zv-xUHqy0pKCJknk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5cOmhsg97m0zv-xUHqy0pKCJknk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 13 Jun 2024 17:27:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5503 (0x157f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9153AA6/serialNumber=E5C3A686C83DEE6D33BFEC541EACB4A4A0899279 Validity Not Before: Aug 24 17:14:24 2023 GMT Not After : Sep 30 00:00:00 2024 GMT Subject: CN=64e78ff0-b488 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:3b:2a:de:ee:f2:42:d6:ce:66:54:d7:cc:55: ef:79:58:9c:d6:a6:27:6a:2f:ce:6a:08:2a:ba:f7: 6f:9d:07:9b:12:de:b8:4a:37:66:82:27:8c:f5:bf: 3f:56:62:d1:49:81:7c:75:11:5f:0b:8f:cf:a3:ff: ce:cf:b0:23:79:5a:8b:50:6a:20:2e:eb:a5:cb:23: 70:9e:a7:30:f1:9e:bb:e2:b4:b4:de:d3:31:d7:45: 1e:07:3f:4a:bd:74:d4:ba:e3:4f:0c:1d:11:2f:81: a3:52:cc:8b:e0:b7:d4:62:23:9b:b4:eb:89:ff:d7: 5f:03:90:da:79:66:48:6d:72:ab:a4:b9:1f:50:c9: c9:cb:30:b5:7e:95:9b:7d:ee:9d:64:81:e7:0d:23: 54:8d:82:09:1c:21:98:82:a8:00:7c:71:be:f1:87: 07:c7:ad:b7:a7:d4:74:a7:3b:9a:c5:7a:60:db:b9: 2d:83:f7:8e:bc:7d:92:c4:5a:0b:a0:f3:9d:ec:d2: c8:70:ba:7a:64:10:c2:96:ae:90:ee:1b:b3:b3:f7: 03:66:01:10:ab:45:e6:99:97:6f:f4:02:c0:cb:0e: 42:e8:91:57:9a:68:42:f8:18:b9:3f:ee:99:b7:99: 5e:aa:60:e2:67:3b:03:eb:1f:33:da:da:42:e2:87: 4d:39 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 62:44:57:9A:6B:DB:41:87:FB:BD:13:3D:05:03:E3:24:AB:DB:79:02 X509v3 Authority Key Identifier: keyid:E5:C3:A6:86:C8:3D:EE:6D:33:BF:EC:54:1E:AC:B4:A4:A0:89:92:79 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9153AA6/9C3D87E6F52411E79644B009C4F9AE02/5cOmhsg97m0zv-xUHqy0pKCJknk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5cOmhsg97m0zv-xUHqy0pKCJknk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9153AA6/9C3D87E6F52411E79644B009C4F9AE02/99C6F94CF52511E7948D5A0BC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.72.109.0/24 103.90.0.0-103.90.2.255 IPv6: 2401:3b40::/32 Signature Algorithm: sha256WithRSAEncryption 71:46:21:2a:c2:6a:af:37:f0:94:61:55:91:2b:30:9b:3e:bc: f3:bf:58:96:f5:df:c9:2b:9f:e2:6a:06:0e:11:b3:b9:98:51: 8a:33:61:3e:2c:34:e5:39:46:db:7b:c5:03:98:e0:f9:52:e8: f1:62:5b:da:f7:7d:d7:7b:8e:c2:43:d4:05:44:2d:1b:73:ae: 79:66:ca:4c:1f:6d:b6:96:94:c5:75:ea:30:16:56:16:5f:d3: 4b:10:76:09:1f:e0:33:50:a8:cf:7b:ca:91:bd:23:57:8a:04: 6e:67:0f:dd:c7:e0:79:6a:57:84:95:95:c6:4a:05:fa:56:e4: ab:fd:bb:84:94:e8:29:90:69:c9:a5:79:8f:0b:a3:fe:ba:e1: 37:98:47:ce:3d:6d:fd:d6:aa:45:dd:aa:50:92:55:65:62:95: f6:a0:6c:70:1d:5d:74:8f:ad:af:ee:1e:9c:51:37:c4:77:32: be:04:96:1e:37:d4:62:34:c5:52:e2:0a:5a:f3:da:c1:bb:a1: 4c:b0:3f:a4:aa:8f:8a:df:0c:92:5f:d4:54:dd:36:53:c7:93: 58:99:98:85:54:71:39:64:bb:0a:02:74:52:c8:7a:96:4c:1f: ea:d8:c3:43:ed:54:98:86:e5:97:cd:76:d8:4f:2f:35:26:2b: 16:4e:4a:8c -----BEGIN CERTIFICATE----- MIIFjTCCBHWgAwIBAgICFX8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTNBQTYxMTAvBgNVBAUTKEU1QzNBNjg2QzgzREVFNkQzM0JGRUM1NDFFQUNCNEE0 QTA4OTkyNzkwHhcNMjMwODI0MTcxNDI0WhcNMjQwOTMwMDAwMDAwWjAYMRYwFAYD VQQDEw02NGU3OGZmMC1iNDg4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtjsq3u7yQtbOZlTXzFXveVic1qYnai/OaggquvdvnQebEt64SjdmgieM9b8/ VmLRSYF8dRFfC4/Po//Oz7AjeVqLUGogLuulyyNwnqcw8Z674rS03tMx10UeBz9K vXTUuuNPDB0RL4GjUsyL4LfUYiObtOuJ/9dfA5DaeWZIbXKrpLkfUMnJyzC1fpWb fe6dZIHnDSNUjYIJHCGYgqgAfHG+8YcHx623p9R0pzuaxXpg27ktg/eOvH2SxFoL oPOd7NLIcLp6ZBDClq6Q7huzs/cDZgEQq0XmmZdv9ALAyw5C6JFXmmhC+Bi5P+6Z t5leqmDiZzsD6x8z2tpC4odNOQIDAQABo4ICsTCCAq0wHQYDVR0OBBYEFGJEV5pr 20GH+70TPQUD4ySr23kCMB8GA1UdIwQYMBaAFOXDpobIPe5tM7/sVB6stKSgiZJ5 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1M0FBNi85QzNEODdFNkY1 MjQxMUU3OTY0NEIwMDlDNEY5QUUwMi81Y09taHNnOTdtMHp2LXhVSHF5MHBLQ0pr bmsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzVjT21oc2c5N20wenYteFVIcXkwcEtDSmtuay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NTNBQTYvOUMzRDg3RTZGNTI0MTFFNzk2NDRCMDA5QzRGOUFFMDIvOTlDNkY5NENG NTI1MTFFNzk0OEQ1QTBCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOwYIKwYBBQUHAQcBAf8E LDAqMBkEAgABMBMDBABnSG0wCwMDAWdaAwQAZ1oCMA0EAgACMAcDBQAkATtAMA0G CSqGSIb3DQEBCwUAA4IBAQBxRiEqwmqvN/CUYVWRKzCbPrzzv1iW9d/JK5/iagYO EbO5mFGKM2E+LDTlOUbbe8UDmOD5UujxYlva933Xe47CQ9QFRC0bc655ZspMH222 lpTFdeowFlYWX9NLEHYJH+AzUKjPe8qRvSNXigRuZw/dx+B5aleElZXGSgX6VuSr /buElOgpkGnJpXmPC6P+uuE3mEfOPW391qpF3apQklVlYpX2oGxwHV10j62v7h6c UTfEdzK+BJYeN9RiNMVS4gpa89rBu6FMsD+kqo+K3wySX9RU3TZTx5NYmZiFVHE5 ZLsKAnRSyHqWTB/q2MND7VSYhuWXzXbYTy81JisWTkqM -----END CERTIFICATE-----Generated at Thu Jun 6 21:10:41 2024 by rpki-client on console-ams.rpki-client.org