$ rpki-client -vvf rpki.apnic.net/member_repository/A91A3078/8630B1C84C8C11EAB9E27057C4F9AE02/CEFEEFEA854E11EBA2CFDC87C4F9AE02.roa File: CEFEEFEA854E11EBA2CFDC87C4F9AE02.roa (raw, json) Hash identifier: Z7JDkrblDij0tRdpHFc+vT28x0wdm8Xo3AJexdSDKt4= Subject key identifier: BC:CD:4A:0F:9F:51:C9:66:78:78:A9:A1:31:C9:36:D2:22:9D:8E:93 Certificate issuer: /CN=A91A3078/serialNumber=5027F3192EBDD54950A39C3D13094A71F1D33266 Certificate serial: 0A0C Authority key identifier: 50:27:F3:19:2E:BD:D5:49:50:A3:9C:3D:13:09:4A:71:F1:D3:32:66 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UCfzGS691UlQo5w9EwlKcfHTMmY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A3078/8630B1C84C8C11EAB9E27057C4F9AE02/CEFEEFEA854E11EBA2CFDC87C4F9AE02.roa Signing time: Wed 31 Jan 2024 20:48:29 +0000 ROA not before: Wed 31 Jan 2024 20:48:29 +0000 ROA not after: Mon 31 Mar 2025 00:00:00 +0000 asID: 63969 IP address blocks: 103.147.182.0/23 maxlen: 23 103.147.182.0/24 maxlen: 24 103.147.183.0/24 maxlen: 24 103.204.80.0/23 maxlen: 23 103.204.80.0/24 maxlen: 24 103.204.81.0/24 maxlen: 24 2001:df2:9f80::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A3078/8630B1C84C8C11EAB9E27057C4F9AE02/UCfzGS691UlQo5w9EwlKcfHTMmY.crl rsync://rpki.apnic.net/member_repository/A91A3078/8630B1C84C8C11EAB9E27057C4F9AE02/UCfzGS691UlQo5w9EwlKcfHTMmY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UCfzGS691UlQo5w9EwlKcfHTMmY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 07 Jun 2024 21:14:47 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2572 (0xa0c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A3078/serialNumber=5027F3192EBDD54950A39C3D13094A71F1D33266 Validity Not Before: Jan 31 20:48:29 2024 GMT Not After : Mar 31 00:00:00 2025 GMT Subject: CN=65bab21d-785f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:70:13:57:8b:40:18:9b:22:a7:4a:b5:b5:4f: 56:87:1f:87:4d:f5:02:fb:98:51:97:4b:14:e5:01: 92:50:be:9b:f0:67:32:23:6f:dc:de:8e:f8:ac:df: 68:a9:00:cf:b4:e7:ba:0f:ee:09:02:80:33:6b:a3: 6b:60:f9:50:e2:b6:9a:7f:1e:20:cd:bb:7e:ed:67: 1e:c3:ed:24:d1:11:a7:42:d1:2f:2e:0a:18:4a:a2: 9a:0d:4c:e2:0f:19:54:f3:fa:11:2e:72:66:4d:d5: 46:38:1d:28:68:cb:7e:98:df:14:ac:80:7a:88:77: e1:84:98:a3:c1:78:2c:b1:e4:b3:f2:77:2d:46:64: b7:08:4b:f5:cd:32:c1:cb:fe:1e:db:41:ac:e3:0d: 48:45:16:fa:d2:32:e6:ab:20:fb:be:37:f0:5f:5a: 97:3f:f9:05:45:28:c6:dc:76:bd:0e:92:55:c8:33: fd:81:aa:29:66:13:34:ea:e3:6b:18:4b:51:b8:7a: bf:dc:9c:15:37:35:1e:5e:75:9a:20:d6:76:77:f2: 9c:3a:df:a0:08:ce:a8:3d:1f:42:c3:f3:d4:25:1d: 78:eb:a3:48:07:47:2c:49:3e:b2:52:a0:a0:b5:86: 66:42:9b:d2:9d:bd:00:60:01:ad:b9:88:cc:08:7f: b3:e5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BC:CD:4A:0F:9F:51:C9:66:78:78:A9:A1:31:C9:36:D2:22:9D:8E:93 X509v3 Authority Key Identifier: keyid:50:27:F3:19:2E:BD:D5:49:50:A3:9C:3D:13:09:4A:71:F1:D3:32:66 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A3078/8630B1C84C8C11EAB9E27057C4F9AE02/UCfzGS691UlQo5w9EwlKcfHTMmY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UCfzGS691UlQo5w9EwlKcfHTMmY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A3078/8630B1C84C8C11EAB9E27057C4F9AE02/CEFEEFEA854E11EBA2CFDC87C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.147.182.0/23 103.204.80.0/23 IPv6: 2001:df2:9f80::/48 Signature Algorithm: sha256WithRSAEncryption 39:05:1e:d2:e0:e4:26:50:a2:82:49:aa:b5:01:a3:11:2e:d3: be:8d:2c:98:e7:0b:42:4f:3f:13:10:18:db:5a:71:6e:ba:1a: 7d:0d:7e:69:ff:83:5e:c7:f2:08:44:aa:75:68:80:6b:e6:a9: c7:0f:ab:4e:df:8b:d4:92:55:21:28:0e:00:92:55:df:3a:77: 44:db:5e:bb:bd:d4:12:11:c0:1e:92:02:db:62:a0:9a:23:fd: 50:13:4e:24:75:1c:9c:63:83:39:32:78:b5:6f:6f:34:4c:31: be:78:aa:98:c5:98:8f:03:80:42:8d:22:05:b2:95:ab:fe:9e: e6:31:d1:24:c3:23:4b:fb:e6:b1:48:4f:fc:d2:04:a4:f2:fb: 32:f7:4b:02:15:69:6d:d1:b4:03:0c:f3:dc:5d:2d:70:bc:81: 38:bd:21:38:74:64:47:b1:20:2a:ce:a7:14:e1:86:92:4d:97: be:57:2b:48:2b:64:93:d0:5b:b1:e2:e1:35:80:e1:c6:e1:96: 54:d7:97:69:f7:b0:82:77:37:4e:fc:bb:49:78:b9:1e:5d:05: 62:3f:5c:e7:a2:f8:1e:2a:1d:d4:30:cb:c2:b8:b6:bb:95:0b: ec:0b:ec:73:72:63:f8:61:71:da:1f:2a:75:96:ec:49:90:6a: c8:d2:75:e1 -----BEGIN CERTIFICATE----- MIIFiDCCBHCgAwIBAgICCgwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTMwNzgxMTAvBgNVBAUTKDUwMjdGMzE5MkVCREQ1NDk1MEEzOUMzRDEzMDk0QTcx RjFEMzMyNjYwHhcNMjQwMTMxMjA0ODI5WhcNMjUwMzMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NWJhYjIxZC03ODVmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwXATV4tAGJsip0q1tU9Whx+HTfUC+5hRl0sU5QGSUL6b8GcyI2/c3o74rN9o qQDPtOe6D+4JAoAza6NrYPlQ4raafx4gzbt+7Wcew+0k0RGnQtEvLgoYSqKaDUzi DxlU8/oRLnJmTdVGOB0oaMt+mN8UrIB6iHfhhJijwXgsseSz8nctRmS3CEv1zTLB y/4e20Gs4w1IRRb60jLmqyD7vjfwX1qXP/kFRSjG3Ha9DpJVyDP9gaopZhM06uNr GEtRuHq/3JwVNzUeXnWaINZ2d/KcOt+gCM6oPR9Cw/PUJR1466NIB0csST6yUqCg tYZmQpvSnb0AYAGtuYjMCH+z5QIDAQABo4ICrDCCAqgwHQYDVR0OBBYEFLzNSg+f UclmeHipoTHJNtIinY6TMB8GA1UdIwQYMBaAFFAn8xkuvdVJUKOcPRMJSnHx0zJm MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBMzA3OC84NjMwQjFDODRD OEMxMUVBQjlFMjcwNTdDNEY5QUUwMi9VQ2Z6R1M2OTFVbFFvNXc5RXdsS2NmSFRN bVkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1VDZnpHUzY5MVVsUW81dzlFd2xLY2ZIVE1tWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QTMwNzgvODYzMEIxQzg0QzhDMTFFQUI5RTI3MDU3QzRGOUFFMDIvQ0VGRUVGRUE4 NTRFMTFFQkEyQ0ZEQzg3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNgYIKwYBBQUHAQcBAf8E JzAlMBIEAgABMAwDBAFnk7YDBAFnzFAwDwQCAAIwCQMHACABDfKfgDANBgkqhkiG 9w0BAQsFAAOCAQEAOQUe0uDkJlCigkmqtQGjES7Tvo0smOcLQk8/ExAY21pxbroa fQ1+af+DXsfyCESqdWiAa+apxw+rTt+L1JJVISgOAJJV3zp3RNteu73UEhHAHpIC 22KgmiP9UBNOJHUcnGODOTJ4tW9vNEwxvniqmMWYjwOAQo0iBbKVq/6e5jHRJMMj S/vmsUhP/NIEpPL7MvdLAhVpbdG0Awzz3F0tcLyBOL0hOHRkR7EgKs6nFOGGkk2X vlcrSCtkk9BbseLhNYDhxuGWVNeXafewgnc3Tvy7SXi5Hl0FYj9c56L4Hiod1DDL wri2u5UL7Avsc3Jj+GFx2h8qdZbsSZBqyNJ14Q== -----END CERTIFICATE-----Generated at Sat Jun 1 00:13:25 2024 by rpki-client on console-ams.rpki-client.org