$ rpki-client -vvf rpki.apnic.net/member_repository/A918E881/CDD60AEACD1511EBB3F78E23C4F9AE02/F908A568CD1711EB84E11B24C4F9AE02.roa File: F908A568CD1711EB84E11B24C4F9AE02.roa (raw, json) Hash identifier: 1gFlLDZEPlRADkZIIRCf6FHg4FghD3uFjKDBnakBIvA= Subject key identifier: 06:1B:7E:AD:0B:09:DB:06:E5:3E:68:03:F8:9B:88:51:29:62:EC:4C Certificate issuer: /CN=A918E881/serialNumber=F1B03BC5877FE2DA4F446A0633DA6B8E1F77C7DB Certificate serial: 0446 Authority key identifier: F1:B0:3B:C5:87:7F:E2:DA:4F:44:6A:06:33:DA:6B:8E:1F:77:C7:DB Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8bA7xYd_4tpPRGoGM9prjh93x9s.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918E881/CDD60AEACD1511EBB3F78E23C4F9AE02/F908A568CD1711EB84E11B24C4F9AE02.roa Signing time: Fri 07 Jul 2023 00:20:40 +0000 ROA not before: Fri 07 Jul 2023 00:20:39 +0000 ROA not after: Sat 31 Aug 2024 00:00:00 +0000 asID: 55847 IP address blocks: 203.110.240.0/21 maxlen: 21 203.110.240.0/24 maxlen: 24 203.110.241.0/24 maxlen: 24 203.110.242.0/24 maxlen: 24 203.110.243.0/24 maxlen: 24 203.110.244.0/24 maxlen: 24 203.110.245.0/24 maxlen: 24 203.110.246.0/24 maxlen: 24 203.110.247.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918E881/CDD60AEACD1511EBB3F78E23C4F9AE02/8bA7xYd_4tpPRGoGM9prjh93x9s.crl rsync://rpki.apnic.net/member_repository/A918E881/CDD60AEACD1511EBB3F78E23C4F9AE02/8bA7xYd_4tpPRGoGM9prjh93x9s.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8bA7xYd_4tpPRGoGM9prjh93x9s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 08 Jun 2024 02:11:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1094 (0x446) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918E881/serialNumber=F1B03BC5877FE2DA4F446A0633DA6B8E1F77C7DB Validity Not Before: Jul 7 00:20:39 2023 GMT Not After : Aug 31 00:00:00 2024 GMT Subject: CN=64a75a57-bc5a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:4c:b7:95:48:aa:a7:3a:47:ff:e9:7c:6a:78: 53:36:00:13:b2:b6:11:46:06:f8:b3:58:b1:8c:7c: 8b:b6:06:12:d7:55:dc:7c:eb:58:8c:e9:c7:35:c4: 3d:8c:1d:08:1b:7e:f4:97:c2:97:4c:8c:30:51:2e: d2:39:73:84:f7:76:0f:82:12:0c:cc:5b:dc:ff:eb: 42:75:3d:a9:3d:93:a6:25:c2:ff:2a:af:b7:4a:5f: 27:32:97:73:5f:9b:ed:a2:12:7f:e7:96:73:ef:4e: 5a:cc:b7:ba:cc:d0:8c:db:a9:b8:5b:f7:f5:55:90: 27:ca:cb:5e:38:9e:35:0b:c3:3c:0a:8d:e7:7b:c1: 3c:2a:2a:2f:8b:fb:dc:41:79:45:b6:da:d1:4c:e9: 41:02:c2:ac:15:47:eb:87:20:9a:dc:fe:1c:77:73: 9b:e2:d4:fe:d0:7d:c2:59:ad:4a:36:c0:96:70:b4: 7e:45:96:cd:44:47:27:38:7b:e0:5f:1a:86:ff:42: 67:2e:9e:cc:14:fb:ca:73:d9:ee:61:81:c2:43:91: 8f:79:36:c7:41:fe:b4:ba:f2:37:56:4c:e3:51:6d: f3:e9:ad:85:36:c2:ab:1a:f6:94:bf:d6:36:ca:6f: ca:09:54:d1:18:71:a1:92:f8:1a:99:93:d2:11:4f: 86:3f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 06:1B:7E:AD:0B:09:DB:06:E5:3E:68:03:F8:9B:88:51:29:62:EC:4C X509v3 Authority Key Identifier: keyid:F1:B0:3B:C5:87:7F:E2:DA:4F:44:6A:06:33:DA:6B:8E:1F:77:C7:DB X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918E881/CDD60AEACD1511EBB3F78E23C4F9AE02/8bA7xYd_4tpPRGoGM9prjh93x9s.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8bA7xYd_4tpPRGoGM9prjh93x9s.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918E881/CDD60AEACD1511EBB3F78E23C4F9AE02/F908A568CD1711EB84E11B24C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 203.110.240.0/21 Signature Algorithm: sha256WithRSAEncryption 42:93:c1:28:99:92:c6:15:bb:a3:1c:b4:b9:6c:67:a5:75:74: 85:75:4a:f8:37:14:41:cf:10:9b:65:7c:39:8b:27:63:81:98: 99:1e:f2:f8:2a:96:dd:0d:bf:17:ae:0d:2c:fe:2b:98:c7:1a: 83:62:18:2e:c6:3a:cc:7f:f8:5f:b7:14:ae:58:e0:24:1f:b7: 89:10:db:b3:ef:83:93:bc:54:02:1e:1e:74:de:cf:a8:88:ba: 22:76:b4:fe:50:22:40:25:40:2c:94:90:29:b3:a8:9f:74:a0: d9:f4:10:ec:1e:9d:c4:07:2e:5d:93:29:2a:2a:94:8a:17:98: 60:27:4f:dd:9b:47:21:35:4c:5b:4d:00:08:7a:0f:e3:84:da: 25:71:46:a6:03:09:ed:31:c1:5c:bd:89:ec:28:03:14:ea:d0: dc:0b:6d:96:64:9d:ca:f7:62:e1:2d:80:77:a8:ff:00:a9:4c: 0e:06:49:55:9a:96:1a:87:7f:b7:48:6e:44:53:d5:e6:a6:a0: fc:2c:a6:37:88:28:f6:55:28:41:12:ab:ea:d7:e3:96:71:9b: 34:83:3c:c8:35:9e:d4:53:c0:4d:4a:47:e8:aa:4a:0d:70:d6: 15:f7:cd:3d:a9:e2:5d:6f:8a:af:73:7a:35:8e:5d:55:0e:2b: d6:7c:8d:34 -----BEGIN CERTIFICATE----- MIIFcTCCBFmgAwIBAgICBEYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OEU4ODExMTAvBgNVBAUTKEYxQjAzQkM1ODc3RkUyREE0RjQ0NkEwNjMzREE2QjhF MUY3N0M3REIwHhcNMjMwNzA3MDAyMDM5WhcNMjQwODMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NGE3NWE1Ny1iYzVhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAr0y3lUiqpzpH/+l8anhTNgATsrYRRgb4s1ixjHyLtgYS11XcfOtYjOnHNcQ9 jB0IG370l8KXTIwwUS7SOXOE93YPghIMzFvc/+tCdT2pPZOmJcL/Kq+3Sl8nMpdz X5vtohJ/55Zz705azLe6zNCM26m4W/f1VZAnysteOJ41C8M8Co3ne8E8Kiovi/vc QXlFttrRTOlBAsKsFUfrhyCa3P4cd3Ob4tT+0H3CWa1KNsCWcLR+RZbNREcnOHvg XxqG/0JnLp7MFPvKc9nuYYHCQ5GPeTbHQf60uvI3VkzjUW3z6a2FNsKrGvaUv9Y2 ym/KCVTRGHGhkvgamZPSEU+GPwIDAQABo4IClTCCApEwHQYDVR0OBBYEFAYbfq0L CdsG5T5oA/ibiFEpYuxMMB8GA1UdIwQYMBaAFPGwO8WHf+LaT0RqBjPaa44fd8fb MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RTg4MS9DREQ2MEFFQUNE MTUxMUVCQjNGNzhFMjNDNEY5QUUwMi84YkE3eFlkXzR0cFBSR29HTTlwcmpoOTN4 OXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzhiQTd4WWRfNHRwUFJHb0dNOXByamg5M3g5cy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx OEU4ODEvQ0RENjBBRUFDRDE1MTFFQkIzRjc4RTIzQzRGOUFFMDIvRjkwOEE1NjhD RDE3MTFFQjg0RTExQjI0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E EDAOMAwEAgABMAYDBAPLbvAwDQYJKoZIhvcNAQELBQADggEBAEKTwSiZksYVu6Mc tLlsZ6V1dIV1Svg3FEHPEJtlfDmLJ2OBmJke8vgqlt0NvxeuDSz+K5jHGoNiGC7G Osx/+F+3FK5Y4CQft4kQ27Pvg5O8VAIeHnTez6iIuiJ2tP5QIkAlQCyUkCmzqJ90 oNn0EOwencQHLl2TKSoqlIoXmGAnT92bRyE1TFtNAAh6D+OE2iVxRqYDCe0xwVy9 iewoAxTq0NwLbZZkncr3YuEtgHeo/wCpTA4GSVWalhqHf7dIbkRT1eamoPwspjeI KPZVKEESq+rX45ZxmzSDPMg1ntRTwE1KR+iqSg1w1hX3zT2p4l1viq9zejWOXVUO K9Z8jTQ= -----END CERTIFICATE-----Generated at Sat Jun 1 02:55:17 2024 by rpki-client on console-fra.rpki-client.org