$ rpki-client -vvf rpki.apnic.net/member_repository/A9160D0A/564A135ED22211ED9A206C46C4F9AE02/42EC5F02D2B711EDAF6DC017C4F9AE02.roa File: 42EC5F02D2B711EDAF6DC017C4F9AE02.roa (raw, json) Hash identifier: z0EtLWEQp9O+xeRsHBz+7LlglO6xcn6/HeB52vSAbyc= Subject key identifier: 5F:8C:88:E0:96:03:22:25:41:34:D3:1A:01:7C:4D:B9:77:B6:DE:B1 Certificate issuer: /CN=A9160D0A/serialNumber=AC6385ED563E1FD6A66B3E4B510DCC6930CD4B0C Certificate serial: AD Authority key identifier: AC:63:85:ED:56:3E:1F:D6:A6:6B:3E:4B:51:0D:CC:69:30:CD:4B:0C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rGOF7VY-H9amaz5LUQ3MaTDNSww.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9160D0A/564A135ED22211ED9A206C46C4F9AE02/42EC5F02D2B711EDAF6DC017C4F9AE02.roa Signing time: Fri 29 Dec 2023 05:26:17 +0000 ROA not before: Fri 29 Dec 2023 05:26:17 +0000 ROA not after: Sun 02 Mar 2025 00:00:00 +0000 asID: 131283 IP address blocks: 103.120.104.0/22 maxlen: 22 103.120.104.0/24 maxlen: 24 103.120.105.0/24 maxlen: 24 103.120.106.0/24 maxlen: 24 103.120.107.0/24 maxlen: 24 175.100.160.0/24 maxlen: 24 175.100.161.0/24 maxlen: 24 175.100.162.0/24 maxlen: 24 175.100.163.0/24 maxlen: 24 2405:a100:10::/44 maxlen: 44 2405:a100:20::/44 maxlen: 44 2405:a100:30::/44 maxlen: 44 2405:a100:40::/44 maxlen: 44 2405:a100:50::/44 maxlen: 44 2405:a100:60::/44 maxlen: 44 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9160D0A/564A135ED22211ED9A206C46C4F9AE02/rGOF7VY-H9amaz5LUQ3MaTDNSww.crl rsync://rpki.apnic.net/member_repository/A9160D0A/564A135ED22211ED9A206C46C4F9AE02/rGOF7VY-H9amaz5LUQ3MaTDNSww.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rGOF7VY-H9amaz5LUQ3MaTDNSww.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 08 Jun 2024 07:17:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 173 (0xad) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9160D0A/serialNumber=AC6385ED563E1FD6A66B3E4B510DCC6930CD4B0C Validity Not Before: Dec 29 05:26:17 2023 GMT Not After : Mar 2 00:00:00 2025 GMT Subject: CN=658e5878-990f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:f6:d3:c1:77:b8:43:6a:47:a5:7d:7b:31:df: 44:e7:62:76:04:b6:92:14:44:18:b4:ea:cf:01:7c: 45:df:b8:1f:da:f0:89:d9:2f:f8:2d:fd:40:91:ee: e8:46:6c:46:52:ae:2a:5a:b7:1b:3c:87:d4:c3:cc: ae:c1:85:c3:e8:af:fe:ed:c2:1c:61:4e:0f:d5:73: a7:2e:d1:f2:39:b3:ec:47:fa:ba:48:bb:fb:60:d9: 56:b0:13:ee:64:c9:a9:a4:be:8e:69:da:8c:29:5e: 49:00:cc:10:16:f0:3b:32:7e:4c:8e:72:34:ae:47: 7b:e0:14:f5:cc:a9:2d:78:95:cd:fa:bd:4e:92:5b: d2:00:34:46:bd:59:a0:52:45:6b:e0:1d:1f:c7:ed: 45:03:c2:01:81:9d:f0:5b:1c:fe:c1:2a:33:d7:eb: 39:ae:95:39:34:eb:c9:70:7f:de:45:f1:7d:7f:05: 5b:f8:f5:49:e8:f2:41:83:8b:cf:ec:d8:80:4d:f9: e5:95:c3:e5:f6:e3:bd:8c:be:c6:01:63:de:92:78: 3e:1d:89:3d:d6:68:f9:21:f7:6d:22:98:5c:20:db: d5:7e:2a:53:6f:c9:30:67:be:4e:91:5f:a7:75:db: 42:5e:67:6d:a5:39:54:1d:fb:7c:90:74:6e:8e:30: 02:43 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5F:8C:88:E0:96:03:22:25:41:34:D3:1A:01:7C:4D:B9:77:B6:DE:B1 X509v3 Authority Key Identifier: keyid:AC:63:85:ED:56:3E:1F:D6:A6:6B:3E:4B:51:0D:CC:69:30:CD:4B:0C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9160D0A/564A135ED22211ED9A206C46C4F9AE02/rGOF7VY-H9amaz5LUQ3MaTDNSww.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rGOF7VY-H9amaz5LUQ3MaTDNSww.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9160D0A/564A135ED22211ED9A206C46C4F9AE02/42EC5F02D2B711EDAF6DC017C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.120.104.0/22 175.100.160.0/22 IPv6: 2405:a100:10::-2405:a100:6f:ffff:ffff:ffff:ffff:ffff Signature Algorithm: sha256WithRSAEncryption 3a:5a:39:b0:ce:20:6f:0d:de:4e:48:59:28:3e:0c:ad:8e:f6: 0b:19:84:9d:12:53:1f:f4:bf:51:6e:de:f6:77:77:2c:a9:6d: 4f:29:8c:a3:a7:a7:6f:a1:d6:76:f4:98:1c:cd:93:87:b7:a5: c8:1d:34:21:84:df:32:48:81:7f:3f:dc:fb:de:fa:62:b2:70: b2:95:84:ba:d7:03:39:cf:dc:d2:a7:95:7d:6d:26:09:bc:0c: 3e:94:18:e7:7c:3d:f8:34:e0:5a:58:22:5a:9a:b7:bc:5d:07: 45:05:e7:93:34:2e:27:4a:60:0b:11:05:2f:d3:ba:be:8b:f6: 08:2d:9c:55:2f:ce:fa:e4:97:7e:44:6e:a7:87:2c:32:94:22: 5f:e5:09:56:84:2f:f5:7d:44:8a:1c:48:14:12:37:c2:e4:68: 5c:35:60:2c:de:90:2f:8a:31:85:a0:16:af:e7:ce:a9:22:c6: 63:66:c8:61:8f:15:4a:c5:2b:f1:c4:b0:d3:08:54:b4:05:60: cc:a4:03:02:2b:06:b8:27:2b:f1:6f:d4:7d:dc:75:a4:99:f8: 2d:1f:dd:e0:1a:2c:30:8b:25:01:a1:73:2a:1b:ca:e1:36:21: be:c9:c2:e5:48:d5:fb:8e:d7:e7:17:d5:ce:cc:d6:f0:f7:75: 84:19:d0:6e -----BEGIN CERTIFICATE----- MIIFkzCCBHugAwIBAgICAK0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NjBEMEExMTAvBgNVBAUTKEFDNjM4NUVENTYzRTFGRDZBNjZCM0U0QjUxMERDQzY5 MzBDRDRCMEMwHhcNMjMxMjI5MDUyNjE3WhcNMjUwMzAyMDAwMDAwWjAYMRYwFAYD VQQDEw02NThlNTg3OC05OTBmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvPbTwXe4Q2pHpX17Md9E52J2BLaSFEQYtOrPAXxF37gf2vCJ2S/4Lf1Ake7o RmxGUq4qWrcbPIfUw8yuwYXD6K/+7cIcYU4P1XOnLtHyObPsR/q6SLv7YNlWsBPu ZMmppL6OadqMKV5JAMwQFvA7Mn5MjnI0rkd74BT1zKkteJXN+r1OklvSADRGvVmg UkVr4B0fx+1FA8IBgZ3wWxz+wSoz1+s5rpU5NOvJcH/eRfF9fwVb+PVJ6PJBg4vP 7NiATfnllcPl9uO9jL7GAWPekng+HYk91mj5IfdtIphcINvVfipTb8kwZ75OkV+n ddtCXmdtpTlUHft8kHRujjACQwIDAQABo4ICtzCCArMwHQYDVR0OBBYEFF+MiOCW AyIlQTTTGgF8Tbl3tt6xMB8GA1UdIwQYMBaAFKxjhe1WPh/Wpms+S1ENzGkwzUsM MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2MEQwQS81NjRBMTM1RUQy MjIxMUVEOUEyMDZDNDZDNEY5QUUwMi9yR09GN1ZZLUg5YW1hejVMVVEzTWFURE5T d3cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3JHT0Y3VlktSDlhbWF6NUxVUTNNYVRETlN3dy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NjBEMEEvNTY0QTEzNUVEMjIyMTFFRDlBMjA2QzQ2QzRGOUFFMDIvNDJFQzVGMDJE MkI3MTFFREFGNkRDMDE3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQQYIKwYBBQUHAQcBAf8E MjAwMBIEAgABMAwDBAJneGgDBAKvZKAwGgQCAAIwFDASAwcEJAWhAAAQAwcEJAWh AABgMA0GCSqGSIb3DQEBCwUAA4IBAQA6WjmwziBvDd5OSFkoPgytjvYLGYSdElMf 9L9Rbt72d3csqW1PKYyjp6dvodZ29JgczZOHt6XIHTQhhN8ySIF/P9z73vpisnCy lYS61wM5z9zSp5V9bSYJvAw+lBjnfD34NOBaWCJamre8XQdFBeeTNC4nSmALEQUv 07q+i/YILZxVL8765Jd+RG6nhywylCJf5QlWhC/1fUSKHEgUEjfC5GhcNWAs3pAv ijGFoBav586pIsZjZshhjxVKxSvxxLDTCFS0BWDMpAMCKwa4Jyvxb9R93HWkmfgt H93gGiwwiyUBoXMqG8rhNiG+ycLlSNX7jtfnF9XOzNbw93WEGdBu -----END CERTIFICATE-----Generated at Sat Jun 1 08:15:58 2024 by rpki-client on console-ams.rpki-client.org