$ rpki-client -vvf rpki.apnic.net/member_repository/A91BF28F/7DDC5A2E554711EDB47B332BC4F9AE02/FD6087F4BBB011EEAA4D5371C4F9AE02.roa File: FD6087F4BBB011EEAA4D5371C4F9AE02.roa (raw, json) Hash identifier: nEeHpaHqc9FDrvUQzpouSnf9S72J6Kbq7ZJJBcBvTPI= Subject key identifier: C4:A4:B8:30:50:EC:C4:31:96:72:9B:32:3B:0D:67:35:CB:EE:4A:75 Certificate issuer: /CN=A91BF28F/serialNumber=86CD8B4218A9B9A1BCE2FAC5EE6DC785B00A931D Certificate serial: 013E Authority key identifier: 86:CD:8B:42:18:A9:B9:A1:BC:E2:FA:C5:EE:6D:C7:85:B0:0A:93:1D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hs2LQhipuaG84vrF7m3HhbAKkx0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91BF28F/7DDC5A2E554711EDB47B332BC4F9AE02/FD6087F4BBB011EEAA4D5371C4F9AE02.roa Signing time: Sat 18 May 2024 19:00:00 +0000 ROA not before: Sat 18 May 2024 19:00:00 +0000 ROA not after: Fri 31 Jan 2025 00:00:00 +0000 asID: 150385 IP address blocks: 103.24.88.0/23 maxlen: 23 103.24.88.0/24 maxlen: 24 103.24.89.0/24 maxlen: 24 2400:baa0::/32 maxlen: 32 2400:baa0:1::/48 maxlen: 48 2400:baa0:100::/48 maxlen: 48 2400:baa0:200::/48 maxlen: 48 2400:baa0:300::/48 maxlen: 48 2400:baa0:400::/48 maxlen: 48 2400:baa0:500::/48 maxlen: 48 2400:baa0:600::/48 maxlen: 48 2400:baa0:700::/48 maxlen: 48 2400:baa0:800::/48 maxlen: 48 2400:baa0:900::/48 maxlen: 48 2400:baa0:1000::/48 maxlen: 48 2400:baa0:2000::/48 maxlen: 48 2400:baa0:3000::/48 maxlen: 48 2400:baa0:4000::/48 maxlen: 48 2400:baa0:5000::/48 maxlen: 48 2400:baa0:6000::/48 maxlen: 48 2400:baa0:7000::/48 maxlen: 48 2400:baa0:8000::/48 maxlen: 48 2400:baa0:9000::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91BF28F/7DDC5A2E554711EDB47B332BC4F9AE02/hs2LQhipuaG84vrF7m3HhbAKkx0.crl rsync://rpki.apnic.net/member_repository/A91BF28F/7DDC5A2E554711EDB47B332BC4F9AE02/hs2LQhipuaG84vrF7m3HhbAKkx0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hs2LQhipuaG84vrF7m3HhbAKkx0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 08 Jun 2024 05:53:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 318 (0x13e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91BF28F/serialNumber=86CD8B4218A9B9A1BCE2FAC5EE6DC785B00A931D Validity Not Before: May 18 19:00:00 2024 GMT Not After : Jan 31 00:00:00 2025 GMT Subject: CN=6648fab0-42b8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:99:b7:0d:fc:c8:78:41:66:55:08:cc:02:31:57: b6:aa:8e:30:5a:e4:12:68:8b:64:22:0f:6f:f4:07: 2f:aa:c9:31:14:0c:23:b4:e1:25:41:f6:29:40:9d: 2f:54:56:ec:d4:10:3d:e3:43:ad:64:0b:c6:f7:8f: 08:9c:2b:c8:e2:85:21:70:0e:fc:d9:69:c4:24:54: f8:7a:da:2a:bc:63:6b:f6:6c:78:17:e3:c1:63:96: 26:e8:96:d3:bb:26:0a:bd:f2:c1:cb:13:82:98:94: aa:cd:04:f9:bf:6e:58:c3:f9:a6:51:e8:c4:79:8e: 83:1c:ef:d5:7d:a8:62:96:78:8c:87:15:fa:10:83: 75:25:00:3c:a7:41:91:25:2b:25:bd:45:80:5c:be: 79:12:ea:85:aa:ce:08:c2:1f:bd:78:46:6a:49:fc: 58:8a:f2:a7:87:e3:e9:1d:13:a2:58:72:11:2b:c5: 89:b6:4c:ba:b7:1b:ac:4d:da:a7:32:2a:d6:2a:47: a7:2b:ea:cc:55:52:58:29:07:db:93:7f:a0:36:bd: 59:fb:99:f9:50:e0:74:c3:59:10:4a:f4:eb:ee:12: 41:49:ad:1e:60:5d:0e:05:44:03:9a:8e:c0:38:41: 83:6d:18:88:74:ed:6b:ff:10:05:64:24:53:93:61: b0:a7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C4:A4:B8:30:50:EC:C4:31:96:72:9B:32:3B:0D:67:35:CB:EE:4A:75 X509v3 Authority Key Identifier: keyid:86:CD:8B:42:18:A9:B9:A1:BC:E2:FA:C5:EE:6D:C7:85:B0:0A:93:1D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91BF28F/7DDC5A2E554711EDB47B332BC4F9AE02/hs2LQhipuaG84vrF7m3HhbAKkx0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hs2LQhipuaG84vrF7m3HhbAKkx0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BF28F/7DDC5A2E554711EDB47B332BC4F9AE02/FD6087F4BBB011EEAA4D5371C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.24.88.0/23 IPv6: 2400:baa0::/32 Signature Algorithm: sha256WithRSAEncryption 3b:5a:1b:ca:f6:2e:94:88:3f:b6:f7:52:ca:20:56:e8:30:28: 9b:5b:7e:a5:50:74:1a:2e:ff:d2:86:81:87:5d:70:1a:38:de: 81:a6:5c:5b:3f:c6:5a:dc:c7:11:65:00:be:2a:dd:e2:ac:a4: 77:0b:26:1f:2f:6d:4c:d2:b5:f5:24:97:fe:0a:3d:e3:58:d0: 07:69:cf:8a:d5:5a:8f:89:58:60:2e:7f:6e:f2:d8:9d:cd:1d: d0:fe:50:5d:e3:cd:fd:43:cc:eb:b4:d8:3b:e6:52:4d:c9:52: 4c:23:10:78:9d:6d:a2:39:4c:37:b3:5a:5c:df:7b:d3:7a:75: ed:b1:95:78:1d:64:f9:c4:04:e6:d2:cd:df:8d:45:8b:1e:59: c1:34:47:38:85:8e:6e:46:45:d0:92:a9:a6:e0:6e:08:3c:33: 52:92:f6:ca:16:ea:79:d5:63:b7:63:7e:5f:b1:6e:71:e1:be: c1:b4:60:2b:a9:07:f6:89:80:d6:cd:58:9c:f3:87:32:f4:8c: 03:d9:9a:c7:39:07:71:51:5d:fd:04:65:38:76:d9:6d:c2:2a: 81:e7:9b:80:1f:10:de:21:98:6c:be:90:b6:5f:70:58:f7:8e: 43:69:cb:6f:01:52:2c:12:c6:49:cd:00:1b:c0:f2:e0:8a:21: 35:69:3a:ff -----BEGIN CERTIFICATE----- MIIFgDCCBGigAwIBAgICAT4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QkYyOEYxMTAvBgNVBAUTKDg2Q0Q4QjQyMThBOUI5QTFCQ0UyRkFDNUVFNkRDNzg1 QjAwQTkzMUQwHhcNMjQwNTE4MTkwMDAwWhcNMjUwMTMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NjQ4ZmFiMC00MmI4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAmbcN/Mh4QWZVCMwCMVe2qo4wWuQSaItkIg9v9AcvqskxFAwjtOElQfYpQJ0v VFbs1BA940OtZAvG948InCvI4oUhcA782WnEJFT4etoqvGNr9mx4F+PBY5Ym6JbT uyYKvfLByxOCmJSqzQT5v25Yw/mmUejEeY6DHO/VfahilniMhxX6EIN1JQA8p0GR JSslvUWAXL55EuqFqs4Iwh+9eEZqSfxYivKnh+PpHROiWHIRK8WJtky6txusTdqn MirWKkenK+rMVVJYKQfbk3+gNr1Z+5n5UOB0w1kQSvTr7hJBSa0eYF0OBUQDmo7A OEGDbRiIdO1r/xAFZCRTk2GwpwIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFMSkuDBQ 7MQxlnKbMjsNZzXL7kp1MB8GA1UdIwQYMBaAFIbNi0IYqbmhvOL6xe5tx4WwCpMd MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCRjI4Ri83RERDNUEyRTU1 NDcxMUVEQjQ3QjMzMkJDNEY5QUUwMi9oczJMUWhpcHVhRzg0dnJGN20zSGhiQUtr eDAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2hzMkxRaGlwdWFHODR2ckY3bTNIaGJBS2t4MC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QkYyOEYvN0REQzVBMkU1NTQ3MTFFREI0N0IzMzJCQzRGOUFFMDIvRkQ2MDg3RjRC QkIwMTFFRUFBNEQ1MzcxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E HzAdMAwEAgABMAYDBAFnGFgwDQQCAAIwBwMFACQAuqAwDQYJKoZIhvcNAQELBQAD ggEBADtaG8r2LpSIP7b3UsogVugwKJtbfqVQdBou/9KGgYddcBo43oGmXFs/xlrc xxFlAL4q3eKspHcLJh8vbUzStfUkl/4KPeNY0Adpz4rVWo+JWGAuf27y2J3NHdD+ UF3jzf1DzOu02DvmUk3JUkwjEHidbaI5TDezWlzfe9N6de2xlXgdZPnEBObSzd+N RYseWcE0RziFjm5GRdCSqabgbgg8M1KS9soW6nnVY7djfl+xbnHhvsG0YCupB/aJ gNbNWJzzhzL0jAPZmsc5B3FRXf0EZTh22W3CKoHnm4AfEN4hmGy+kLZfcFj3jkNp y28BUiwSxknNABvA8uCKITVpOv8= -----END CERTIFICATE-----Generated at Sat Jun 1 07:08:26 2024 by rpki-client on console-ams.rpki-client.org