$ rpki-client -vvf rpki.apnic.net/member_repository/A918FEF6/1986B9D832FE11EB85BAD157C4F9AE02/3A9A3904330011EBA08B865DC4F9AE02.roa File: 3A9A3904330011EBA08B865DC4F9AE02.roa (raw, json) Hash identifier: mXgai6MTr8xSEwc3PCFuC2ayuXE8yZO5opkds8yoIJc= Subject key identifier: EF:98:42:D9:09:5B:ED:0E:71:B3:A9:B0:18:0B:89:9D:9E:1E:EE:75 Certificate issuer: /CN=A918FEF6/serialNumber=B17042C372171C0F4146FEFC44D1DBAA5223871B Certificate serial: 05F7 Authority key identifier: B1:70:42:C3:72:17:1C:0F:41:46:FE:FC:44:D1:DB:AA:52:23:87:1B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sXBCw3IXHA9BRv78RNHbqlIjhxs.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918FEF6/1986B9D832FE11EB85BAD157C4F9AE02/3A9A3904330011EBA08B865DC4F9AE02.roa Signing time: Sat 30 Sep 2023 22:40:46 +0000 ROA not before: Sat 30 Sep 2023 22:40:46 +0000 ROA not after: Sun 01 Dec 2024 00:00:00 +0000 asID: 134554 IP address blocks: 103.195.20.0/22 maxlen: 22 103.195.20.0/24 maxlen: 24 103.195.21.0/24 maxlen: 24 103.195.22.0/24 maxlen: 24 103.195.23.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918FEF6/1986B9D832FE11EB85BAD157C4F9AE02/sXBCw3IXHA9BRv78RNHbqlIjhxs.crl rsync://rpki.apnic.net/member_repository/A918FEF6/1986B9D832FE11EB85BAD157C4F9AE02/sXBCw3IXHA9BRv78RNHbqlIjhxs.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sXBCw3IXHA9BRv78RNHbqlIjhxs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 08 Jun 2024 00:20:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1527 (0x5f7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918FEF6/serialNumber=B17042C372171C0F4146FEFC44D1DBAA5223871B Validity Not Before: Sep 30 22:40:46 2023 GMT Not After : Dec 1 00:00:00 2024 GMT Subject: CN=6518a3ed-cd6c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:d6:6d:d4:bf:b2:7e:35:5c:c7:3e:28:e5:57: 70:e3:fb:f8:a5:0f:a2:a7:ae:99:1e:f3:b8:31:86: 85:d8:93:b7:9a:58:b9:d3:c8:65:5b:1a:71:23:e5: 40:25:f7:cf:98:fa:dc:e4:b7:b6:2f:75:0c:98:b6: 4d:37:25:16:54:5e:b8:6d:ea:dc:6a:ee:25:2b:9a: 3c:e5:2b:ba:df:0d:7d:09:e5:b8:8a:45:5f:e0:8d: cb:1d:4f:69:b8:b3:9c:60:06:be:5f:33:2a:f5:38: db:f6:d6:06:b3:45:cb:e6:a2:23:38:4d:2e:24:2b: 0a:3c:f7:36:0b:25:2e:36:bb:c9:93:69:ae:61:e5: fe:2f:63:92:81:ca:21:d7:80:99:f0:5e:51:0c:95: ee:7d:35:3a:f0:6c:24:e8:9d:92:10:54:3a:cf:eb: bb:3a:9b:d0:f6:1e:28:07:5a:9d:02:65:79:34:43: 1d:0a:65:da:0d:c4:72:a9:c5:73:58:7a:e3:f3:9e: 5a:b7:96:2d:ac:68:42:35:46:b6:38:bc:67:0f:58: a0:54:1c:c9:19:12:f8:58:da:56:5b:a6:ab:0e:4f: ff:26:56:7f:b6:29:cf:fe:ab:5b:8f:b8:11:36:7f: bb:6b:b8:70:17:23:28:9b:dd:25:63:8f:97:7d:f8: 70:09 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EF:98:42:D9:09:5B:ED:0E:71:B3:A9:B0:18:0B:89:9D:9E:1E:EE:75 X509v3 Authority Key Identifier: keyid:B1:70:42:C3:72:17:1C:0F:41:46:FE:FC:44:D1:DB:AA:52:23:87:1B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918FEF6/1986B9D832FE11EB85BAD157C4F9AE02/sXBCw3IXHA9BRv78RNHbqlIjhxs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sXBCw3IXHA9BRv78RNHbqlIjhxs.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918FEF6/1986B9D832FE11EB85BAD157C4F9AE02/3A9A3904330011EBA08B865DC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.195.20.0/22 Signature Algorithm: sha256WithRSAEncryption bf:db:b5:4b:2a:10:bd:98:48:c8:6e:82:ae:0b:fc:72:c3:db: ed:f3:ee:b8:fc:31:ac:3c:d2:7f:3f:21:1e:bc:1c:92:67:81: 6b:2b:42:05:32:9a:7c:68:47:9e:77:7f:29:10:f2:1d:0b:c1: 28:32:07:e3:9b:b6:f5:80:03:50:24:5d:15:7a:ff:70:78:71: fe:90:67:5a:b4:13:11:f6:7a:4b:d3:b0:19:0a:64:36:ee:d5: ff:86:31:48:5b:59:ef:ad:40:de:b7:dd:f2:12:6f:44:2a:7a: c4:6b:16:cf:6a:61:32:15:81:d4:32:a9:7c:fa:e9:3e:77:1d: c2:6d:ee:76:78:d4:5c:c9:40:d1:07:2c:90:1d:84:fd:84:c6: c5:f3:52:44:16:55:39:c0:eb:db:a6:02:90:61:9b:cb:59:26: ba:af:1d:fb:eb:6d:59:4a:8c:01:4e:e4:c9:a3:df:8d:25:58: 68:5b:e8:65:cf:99:d2:ea:e1:9a:de:8f:85:29:e0:3c:a1:9c: af:cf:9a:06:01:bf:3d:f2:ce:c4:66:33:f3:74:29:05:fe:46: 47:72:18:70:29:70:29:be:e4:77:3e:c9:82:a3:b0:24:4d:ab: 64:5a:b1:64:b5:b0:a7:b5:c2:84:60:d8:57:04:4a:54:f1:2f: ad:19:10:93 -----BEGIN CERTIFICATE----- MIIFcTCCBFmgAwIBAgICBfcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OEZFRjYxMTAvBgNVBAUTKEIxNzA0MkMzNzIxNzFDMEY0MTQ2RkVGQzQ0RDFEQkFB NTIyMzg3MUIwHhcNMjMwOTMwMjI0MDQ2WhcNMjQxMjAxMDAwMDAwWjAYMRYwFAYD VQQDEw02NTE4YTNlZC1jZDZjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAw9Zt1L+yfjVcxz4o5Vdw4/v4pQ+ip66ZHvO4MYaF2JO3mli508hlWxpxI+VA JffPmPrc5Le2L3UMmLZNNyUWVF64bercau4lK5o85Su63w19CeW4ikVf4I3LHU9p uLOcYAa+XzMq9Tjb9tYGs0XL5qIjOE0uJCsKPPc2CyUuNrvJk2muYeX+L2OSgcoh 14CZ8F5RDJXufTU68Gwk6J2SEFQ6z+u7OpvQ9h4oB1qdAmV5NEMdCmXaDcRyqcVz WHrj855at5YtrGhCNUa2OLxnD1igVBzJGRL4WNpWW6arDk//JlZ/tinP/qtbj7gR Nn+7a7hwFyMom90lY4+XffhwCQIDAQABo4IClTCCApEwHQYDVR0OBBYEFO+YQtkJ W+0OcbOpsBgLiZ2eHu51MB8GA1UdIwQYMBaAFLFwQsNyFxwPQUb+/ETR26pSI4cb MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RkVGNi8xOTg2QjlEODMy RkUxMUVCODVCQUQxNTdDNEY5QUUwMi9zWEJDdzNJWEhBOUJSdjc4Uk5IYnFsSWpo eHMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3NYQkN3M0lYSEE5QlJ2NzhSTkhicWxJamh4cy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx OEZFRjYvMTk4NkI5RDgzMkZFMTFFQjg1QkFEMTU3QzRGOUFFMDIvM0E5QTM5MDQz MzAwMTFFQkEwOEI4NjVEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E EDAOMAwEAgABMAYDBAJnwxQwDQYJKoZIhvcNAQELBQADggEBAL/btUsqEL2YSMhu gq4L/HLD2+3z7rj8Maw80n8/IR68HJJngWsrQgUymnxoR553fykQ8h0LwSgyB+Ob tvWAA1AkXRV6/3B4cf6QZ1q0ExH2ekvTsBkKZDbu1f+GMUhbWe+tQN633fISb0Qq esRrFs9qYTIVgdQyqXz66T53HcJt7nZ41FzJQNEHLJAdhP2ExsXzUkQWVTnA69um ApBhm8tZJrqvHfvrbVlKjAFO5Mmj340lWGhb6GXPmdLq4Zrej4Up4DyhnK/PmgYB vz3yzsRmM/N0KQX+RkdyGHApcCm+5Hc+yYKjsCRNq2RasWS1sKe1woRg2FcESlTx L60ZEJM= -----END CERTIFICATE-----Generated at Sat Jun 1 01:41:45 2024 by rpki-client on console-fra.rpki-client.org