$ rpki-client -vvf rpki.apnic.net/member_repository/A91AFF15/B4785BE88D4C11EABBDD3A74C4F9AE02/B67BE8ECC13C11EE80101E73C4F9AE02.roa File: B67BE8ECC13C11EE80101E73C4F9AE02.roa (raw, json) Hash identifier: YC6lkhP1a4Efa36JyDIdl/C4I5FegljvoSzCWSqobWI= Subject key identifier: A1:D5:64:93:35:43:6D:C8:A3:CB:86:82:E2:D7:31:6D:25:76:26:B0 Certificate issuer: /CN=A91AFF15/serialNumber=599A78D4BBCE13D4D813DEF9167CD35747EA0260 Certificate serial: 08B3 Authority key identifier: 59:9A:78:D4:BB:CE:13:D4:D8:13:DE:F9:16:7C:D3:57:47:EA:02:60 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WZp41LvOE9TYE975FnzTV0fqAmA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91AFF15/B4785BE88D4C11EABBDD3A74C4F9AE02/B67BE8ECC13C11EE80101E73C4F9AE02.roa Signing time: Thu 01 Feb 2024 20:01:40 +0000 ROA not before: Thu 01 Feb 2024 20:01:40 +0000 ROA not after: Sun 01 Dec 2024 00:00:00 +0000 asID: 141342 IP address blocks: 103.72.0.0/24 maxlen: 24 103.72.1.0/24 maxlen: 24 103.72.2.0/24 maxlen: 24 103.72.3.0/24 maxlen: 24 103.194.92.0/24 maxlen: 24 103.194.93.0/24 maxlen: 24 103.194.94.0/24 maxlen: 24 103.194.95.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91AFF15/B4785BE88D4C11EABBDD3A74C4F9AE02/WZp41LvOE9TYE975FnzTV0fqAmA.crl rsync://rpki.apnic.net/member_repository/A91AFF15/B4785BE88D4C11EABBDD3A74C4F9AE02/WZp41LvOE9TYE975FnzTV0fqAmA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WZp41LvOE9TYE975FnzTV0fqAmA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 07 Jun 2024 22:11:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2227 (0x8b3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91AFF15/serialNumber=599A78D4BBCE13D4D813DEF9167CD35747EA0260 Validity Not Before: Feb 1 20:01:40 2024 GMT Not After : Dec 1 00:00:00 2024 GMT Subject: CN=65bbf8a4-f602 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:ce:13:33:29:b9:c8:30:aa:7f:8b:d6:7d:7e: d6:44:83:d6:a1:b1:91:42:00:fd:9f:cf:f4:1b:51: 6a:b3:87:84:2d:f1:67:c8:9d:18:31:61:2f:50:5a: 9f:60:a3:e8:7b:f4:52:01:70:13:74:0f:44:94:9a: ea:de:22:95:c6:a9:19:57:3f:88:d6:69:12:cf:e0: 42:09:7e:1d:3e:cc:c7:d3:c8:f3:7a:78:b5:6c:e5: 3f:ee:a0:72:62:a1:5f:87:79:fe:27:c0:74:19:28: 04:52:31:8b:9b:e7:07:f6:2a:a0:86:ea:74:43:06: b2:6d:9c:7c:31:64:e9:83:ae:d2:67:52:b6:5f:46: f1:04:4b:47:6a:cb:b4:ed:bf:8d:aa:dd:9a:26:8a: 9c:1d:67:7b:06:7b:0d:ed:dd:1c:fd:8a:8f:bf:af: 1f:83:cf:43:16:8d:ce:ea:cf:3f:46:14:ea:7d:af: de:9e:0d:e3:8e:55:82:a1:77:07:65:cb:1b:0a:c4: 64:db:b5:aa:e9:0e:1b:f1:0f:43:43:f8:80:27:a1: f8:d1:37:4e:6e:a7:14:39:eb:4d:1e:b7:d7:b5:a6: fc:3b:3a:a8:0a:39:cb:3c:5b:15:fc:82:e8:ce:89: 37:58:dd:b5:76:d1:72:73:21:5c:1c:58:87:a8:07: 33:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A1:D5:64:93:35:43:6D:C8:A3:CB:86:82:E2:D7:31:6D:25:76:26:B0 X509v3 Authority Key Identifier: keyid:59:9A:78:D4:BB:CE:13:D4:D8:13:DE:F9:16:7C:D3:57:47:EA:02:60 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91AFF15/B4785BE88D4C11EABBDD3A74C4F9AE02/WZp41LvOE9TYE975FnzTV0fqAmA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WZp41LvOE9TYE975FnzTV0fqAmA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AFF15/B4785BE88D4C11EABBDD3A74C4F9AE02/B67BE8ECC13C11EE80101E73C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.72.0.0/22 103.194.92.0/22 Signature Algorithm: sha256WithRSAEncryption 93:40:d7:5b:57:f4:8f:86:26:57:42:13:49:10:00:6e:33:a3: 82:bd:82:02:53:4d:1c:f8:e2:24:ed:92:8e:35:98:e5:55:52: 05:69:f1:6f:56:5c:6f:3b:f7:b4:ca:67:e2:ea:83:3a:1f:cc: 0d:70:d0:38:46:42:04:a6:ff:9b:23:94:e7:90:a8:6b:77:c0: 75:a1:8c:b1:32:70:8b:36:f1:39:44:7c:1e:b9:bf:d3:8b:ac: 53:a9:95:ab:46:62:f7:5f:9a:1f:58:9a:95:46:3b:71:60:3f: ed:c0:be:34:c4:8e:a8:f7:f1:87:9f:08:0b:e2:69:b9:00:55: 07:1d:fb:9d:5e:9d:5c:25:22:5c:82:9a:5f:a2:19:6a:95:26: bf:db:cf:9c:e1:7f:7b:6e:a2:cf:07:34:f2:b8:ee:97:1f:39: 2d:84:ef:5e:74:99:d5:05:17:74:a5:46:94:ad:f4:24:02:8d: 94:44:9e:2f:f5:a3:ed:d3:c3:64:4c:86:66:d5:72:9f:f3:8d: 71:f5:a8:79:cb:07:c6:5f:c3:52:cb:fa:b3:72:8c:d9:8e:a8: c4:1b:50:d0:03:a6:54:8f:9f:af:32:8e:00:7c:c3:31:18:94: 00:2a:be:35:82:8a:b0:82:a1:57:0e:44:2f:92:02:fa:bd:63: 89:46:24:44 -----BEGIN CERTIFICATE----- MIIFdzCCBF+gAwIBAgICCLMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QUZGMTUxMTAvBgNVBAUTKDU5OUE3OEQ0QkJDRTEzRDREODEzREVGOTE2N0NEMzU3 NDdFQTAyNjAwHhcNMjQwMjAxMjAwMTQwWhcNMjQxMjAxMDAwMDAwWjAYMRYwFAYD VQQDEw02NWJiZjhhNC1mNjAyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAqc4TMym5yDCqf4vWfX7WRIPWobGRQgD9n8/0G1Fqs4eELfFnyJ0YMWEvUFqf YKPoe/RSAXATdA9ElJrq3iKVxqkZVz+I1mkSz+BCCX4dPszH08jzeni1bOU/7qBy YqFfh3n+J8B0GSgEUjGLm+cH9iqghup0QwaybZx8MWTpg67SZ1K2X0bxBEtHasu0 7b+Nqt2aJoqcHWd7BnsN7d0c/YqPv68fg89DFo3O6s8/RhTqfa/eng3jjlWCoXcH ZcsbCsRk27Wq6Q4b8Q9DQ/iAJ6H40TdObqcUOetNHrfXtab8OzqoCjnLPFsV/ILo zok3WN21dtFycyFcHFiHqAczKwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFKHVZJM1 Q23Io8uGguLXMW0ldiawMB8GA1UdIwQYMBaAFFmaeNS7zhPU2BPe+RZ801dH6gJg MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBRkYxNS9CNDc4NUJFODhE NEMxMUVBQkJERDNBNzRDNEY5QUUwMi9XWnA0MUx2T0U5VFlFOTc1Rm56VFYwZnFB bUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1dacDQxTHZPRTlUWUU5NzVGbnpUVjBmcUFtQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QUZGMTUvQjQ3ODVCRTg4RDRDMTFFQUJCREQzQTc0QzRGOUFFMDIvQjY3QkU4RUND MTNDMTFFRTgwMTAxRTczQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E FjAUMBIEAgABMAwDBAJnSAADBAJnwlwwDQYJKoZIhvcNAQELBQADggEBAJNA11tX 9I+GJldCE0kQAG4zo4K9ggJTTRz44iTtko41mOVVUgVp8W9WXG8797TKZ+Lqgzof zA1w0DhGQgSm/5sjlOeQqGt3wHWhjLEycIs28TlEfB65v9OLrFOplatGYvdfmh9Y mpVGO3FgP+3AvjTEjqj38YefCAviabkAVQcd+51enVwlIlyCml+iGWqVJr/bz5zh f3tuos8HNPK47pcfOS2E7150mdUFF3SlRpSt9CQCjZREni/1o+3Tw2RMhmbVcp/z jXH1qHnLB8Zfw1LL+rNyjNmOqMQbUNADplSPn68yjgB8wzEYlAAqvjWCirCCoVcO RC+SAvq9Y4lGJEQ= -----END CERTIFICATE-----Generated at Sat Jun 1 00:13:26 2024 by rpki-client on console-ams.rpki-client.org