$ rpki-client -vvf rpki.apnic.net/member_repository/A9172C8D/9A11086469BA11EABC0BD863C4F9AE02/64AFBE3E69BC11EA97D4FE67C4F9AE02.roa File: 64AFBE3E69BC11EA97D4FE67C4F9AE02.roa (raw, json) Hash identifier: AGi6WLaD/fMCwEuDk+FFNuutFaq5yGhDQV+II3VrbtE= Subject key identifier: D4:CF:C6:EF:5F:2C:F3:A1:E0:9F:28:80:D0:65:BB:59:E1:E2:B0:4D Certificate issuer: /CN=A9172C8D/serialNumber=E714A81497C8177868CBB4CDB338C3EF6CE9E953 Certificate serial: 091F Authority key identifier: E7:14:A8:14:97:C8:17:78:68:CB:B4:CD:B3:38:C3:EF:6C:E9:E9:53 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5xSoFJfIF3hoy7TNszjD72zp6VM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9172C8D/9A11086469BA11EABC0BD863C4F9AE02/64AFBE3E69BC11EA97D4FE67C4F9AE02.roa Signing time: Wed 08 Nov 2023 21:08:33 +0000 ROA not before: Wed 08 Nov 2023 21:08:33 +0000 ROA not after: Mon 30 Dec 2024 00:00:00 +0000 asID: 58895 IP address blocks: 103.102.156.0/22 maxlen: 22 103.102.156.0/24 maxlen: 24 103.102.157.0/24 maxlen: 24 103.102.158.0/24 maxlen: 24 103.102.159.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9172C8D/9A11086469BA11EABC0BD863C4F9AE02/5xSoFJfIF3hoy7TNszjD72zp6VM.crl rsync://rpki.apnic.net/member_repository/A9172C8D/9A11086469BA11EABC0BD863C4F9AE02/5xSoFJfIF3hoy7TNszjD72zp6VM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5xSoFJfIF3hoy7TNszjD72zp6VM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Nov 2024 19:41:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2335 (0x91f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9172C8D/serialNumber=E714A81497C8177868CBB4CDB338C3EF6CE9E953 Validity Not Before: Nov 8 21:08:33 2023 GMT Not After : Dec 30 00:00:00 2024 GMT Subject: CN=654bf8d1-f795 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e8:bd:46:ca:c9:c6:4b:11:b4:3b:a7:98:48:39: 60:81:22:ad:48:4f:f4:e0:29:26:6e:27:44:4c:b3: c2:4a:5c:11:6f:3d:a2:93:2d:95:42:6d:58:a5:c0: bb:8b:24:7a:40:e2:ad:a5:0d:48:12:5a:26:1b:90: 2c:44:34:98:b9:83:80:af:9e:d5:d1:9f:2e:59:4e: ae:9b:20:74:d4:2d:17:12:80:6e:8a:5a:53:f9:27: be:a1:34:dd:d2:4c:af:a8:51:af:64:b0:6c:9f:51: 5c:bd:ec:79:0a:f7:52:ba:32:5c:43:2d:23:a9:8b: ad:67:54:ea:fc:45:9e:d1:ec:95:c8:9c:91:40:17: 18:d7:4f:fd:f2:8c:d5:29:9b:59:eb:f1:bf:96:30: b5:a0:0c:b7:12:4e:d8:f0:30:0e:23:e9:79:ff:f3: ec:d3:b7:57:6c:43:84:b4:27:f2:a3:47:a5:3d:1d: eb:ae:ea:6e:a3:bb:71:6a:bd:33:b4:5d:86:06:11: 2c:b5:c0:0e:0c:2c:59:bc:fc:82:16:6f:7a:1e:02: 62:e5:3b:b4:c0:43:3a:04:f6:66:5a:3a:1c:75:cc: f6:c9:7f:24:5d:8a:2c:ea:a1:de:d1:7b:e3:a7:8f: 92:c7:de:5d:8d:c3:d9:dd:89:23:a2:7e:e2:96:17: 84:61 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D4:CF:C6:EF:5F:2C:F3:A1:E0:9F:28:80:D0:65:BB:59:E1:E2:B0:4D X509v3 Authority Key Identifier: keyid:E7:14:A8:14:97:C8:17:78:68:CB:B4:CD:B3:38:C3:EF:6C:E9:E9:53 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9172C8D/9A11086469BA11EABC0BD863C4F9AE02/5xSoFJfIF3hoy7TNszjD72zp6VM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5xSoFJfIF3hoy7TNszjD72zp6VM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9172C8D/9A11086469BA11EABC0BD863C4F9AE02/64AFBE3E69BC11EA97D4FE67C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.102.156.0/22 Signature Algorithm: sha256WithRSAEncryption 50:9a:7d:77:99:0c:b1:d2:3f:8f:f8:36:62:67:96:09:61:f2: 6b:d0:5b:09:69:10:83:5f:54:54:b1:fe:70:dc:07:34:ad:5b: b0:ca:7c:ab:bb:33:eb:a9:28:19:8b:a8:7e:2e:6b:f3:b1:09: 73:aa:18:99:fe:bf:57:5c:39:3d:65:33:57:1e:a3:eb:f2:88: 5d:de:cb:67:d2:b9:75:4c:97:6a:68:79:e9:64:e6:7f:71:b7: be:4f:f1:e8:e8:7c:f0:3a:1a:41:e2:d1:37:d6:59:e3:35:1f: 01:58:33:f9:ad:88:95:a3:95:70:d2:30:4f:48:1a:e5:47:b9: f9:36:59:71:79:c6:73:c2:94:c3:52:55:86:2c:25:2a:b1:d4: 7f:09:0b:59:ca:52:97:61:d9:79:6a:97:ac:95:04:87:b6:f2: 1b:d7:df:d1:d3:58:81:12:5c:da:f9:86:b7:a4:da:c8:f0:f4: b0:dd:9d:f0:a4:fd:b6:1a:1c:ca:6c:df:bf:34:2d:d8:0b:84: a2:f9:e6:6e:30:53:96:01:d1:a3:4f:6d:46:06:1d:b7:fe:bf: 12:bb:b6:5d:8f:be:2e:0b:41:b5:4f:c1:45:fd:d3:6f:03:62: 3a:8f:e7:d7:c2:e2:c9:d9:4f:2e:43:9c:88:30:38:bd:54:15: 18:7e:83:7f -----BEGIN CERTIFICATE----- MIIFcTCCBFmgAwIBAgICCR8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NzJDOEQxMTAvBgNVBAUTKEU3MTRBODE0OTdDODE3Nzg2OENCQjRDREIzMzhDM0VG NkNFOUU5NTMwHhcNMjMxMTA4MjEwODMzWhcNMjQxMjMwMDAwMDAwWjAYMRYwFAYD VQQDEw02NTRiZjhkMS1mNzk1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA6L1GysnGSxG0O6eYSDlggSKtSE/04CkmbidETLPCSlwRbz2iky2VQm1YpcC7 iyR6QOKtpQ1IElomG5AsRDSYuYOAr57V0Z8uWU6umyB01C0XEoBuilpT+Se+oTTd 0kyvqFGvZLBsn1Fcvex5CvdSujJcQy0jqYutZ1Tq/EWe0eyVyJyRQBcY10/98ozV KZtZ6/G/ljC1oAy3Ek7Y8DAOI+l5//Ps07dXbEOEtCfyo0elPR3rrupuo7txar0z tF2GBhEstcAODCxZvPyCFm96HgJi5Tu0wEM6BPZmWjocdcz2yX8kXYos6qHe0Xvj p4+Sx95djcPZ3Ykjon7ilheEYQIDAQABo4IClTCCApEwHQYDVR0OBBYEFNTPxu9f LPOh4J8ogNBlu1nh4rBNMB8GA1UdIwQYMBaAFOcUqBSXyBd4aMu0zbM4w+9s6elT MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3MkM4RC85QTExMDg2NDY5 QkExMUVBQkMwQkQ4NjNDNEY5QUUwMi81eFNvRkpmSUYzaG95N1ROc3pqRDcyenA2 Vk0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzV4U29GSmZJRjNob3k3VE5zempENzJ6cDZWTS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NzJDOEQvOUExMTA4NjQ2OUJBMTFFQUJDMEJEODYzQzRGOUFFMDIvNjRBRkJFM0U2 OUJDMTFFQTk3RDRGRTY3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E EDAOMAwEAgABMAYDBAJnZpwwDQYJKoZIhvcNAQELBQADggEBAFCafXeZDLHSP4/4 NmJnlglh8mvQWwlpEINfVFSx/nDcBzStW7DKfKu7M+upKBmLqH4ua/OxCXOqGJn+ v1dcOT1lM1ceo+vyiF3ey2fSuXVMl2poeelk5n9xt75P8ejofPA6GkHi0TfWWeM1 HwFYM/mtiJWjlXDSME9IGuVHufk2WXF5xnPClMNSVYYsJSqx1H8JC1nKUpdh2Xlq l6yVBIe28hvX39HTWIESXNr5hrek2sjw9LDdnfCk/bYaHMps3780LdgLhKL55m4w U5YB0aNPbUYGHbf+vxK7tl2Pvi4LQbVPwUX9028DYjqP59fC4snZTy5DnIgwOL1U FRh+g38= -----END CERTIFICATE-----Generated at Fri Nov 22 21:05:29 2024 by rpki-client on console-fra.rpki-client.org