$ rpki-client -vvf rpki.apnic.net/member_repository/A91C2E87/A9F3C6EE129F11EAAB27202FC4F9AE02/4F4A22E23CDE11EAB553996BC4F9AE02.roa File: 4F4A22E23CDE11EAB553996BC4F9AE02.roa (raw, json) Hash identifier: 5WuLHxmG8IWJX07luYYTcBfHJi95efpMQlBpweMImOc= Subject key identifier: 68:52:C5:40:B0:BA:FE:6C:98:CA:01:18:4B:F6:C3:6C:4E:13:04:E3 Certificate issuer: /CN=A91C2E87/serialNumber=5A4A1A1F2D924DE85555C71D3DB66B9BB0E43643 Certificate serial: 0B09 Authority key identifier: 5A:4A:1A:1F:2D:92:4D:E8:55:55:C7:1D:3D:B6:6B:9B:B0:E4:36:43 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WkoaHy2STehVVccdPbZrm7DkNkM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C2E87/A9F3C6EE129F11EAAB27202FC4F9AE02/4F4A22E23CDE11EAB553996BC4F9AE02.roa Signing time: Wed 20 Dec 2023 19:47:22 +0000 ROA not before: Wed 20 Dec 2023 19:47:22 +0000 ROA not after: Sun 02 Mar 2025 00:00:00 +0000 asID: 63969 IP address blocks: 103.124.250.0/23 maxlen: 23 103.124.250.0/24 maxlen: 24 103.124.251.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C2E87/A9F3C6EE129F11EAAB27202FC4F9AE02/WkoaHy2STehVVccdPbZrm7DkNkM.crl rsync://rpki.apnic.net/member_repository/A91C2E87/A9F3C6EE129F11EAAB27202FC4F9AE02/WkoaHy2STehVVccdPbZrm7DkNkM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WkoaHy2STehVVccdPbZrm7DkNkM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Jun 2024 19:59:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2825 (0xb09) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C2E87/serialNumber=5A4A1A1F2D924DE85555C71D3DB66B9BB0E43643 Validity Not Before: Dec 20 19:47:22 2023 GMT Not After : Mar 2 00:00:00 2025 GMT Subject: CN=658344ca-cc34 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dc:11:a5:6f:52:cc:1a:00:1a:ca:90:95:ab:d4: fe:27:93:17:11:54:c5:f6:2c:de:5c:90:38:64:d7: 24:3d:79:de:9b:e1:34:47:f5:0c:44:50:d9:d2:44: 54:4c:f0:3a:1e:3e:b6:5b:48:18:ce:ee:78:e0:3e: bd:4d:91:bb:b3:ca:00:23:37:7d:de:bf:47:6b:bb: 9f:6b:83:fc:17:67:ad:ed:e8:98:40:c4:e2:5a:27: 8b:a4:ea:65:73:59:ee:3f:2b:f8:db:41:01:16:21: c1:b8:51:06:d5:8e:29:df:57:52:79:1f:e0:f5:c7: b4:c2:48:c9:46:52:4c:77:7d:d2:84:b2:22:2e:fd: 5c:4c:2f:02:7e:48:d6:ef:11:ae:70:26:86:80:86: e4:a4:25:70:2d:31:7b:04:00:0e:47:3f:29:a8:7b: b2:b2:6b:91:68:cf:d2:88:2a:79:2b:a3:8d:3c:b5: 5a:1a:d4:13:9a:eb:78:70:43:15:d3:ff:e9:8d:b0: e8:aa:09:9f:cb:19:34:36:1a:a0:a3:3d:3a:e6:a2: 90:1f:ce:94:cb:ec:a0:0e:11:ce:b2:88:24:fb:e9: 65:2a:8f:bb:22:6b:e7:f8:2c:6c:b7:9f:66:6e:48: 7a:40:3e:85:34:3c:ff:3b:08:c1:b7:99:2e:a5:25: 3c:7d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 68:52:C5:40:B0:BA:FE:6C:98:CA:01:18:4B:F6:C3:6C:4E:13:04:E3 X509v3 Authority Key Identifier: keyid:5A:4A:1A:1F:2D:92:4D:E8:55:55:C7:1D:3D:B6:6B:9B:B0:E4:36:43 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C2E87/A9F3C6EE129F11EAAB27202FC4F9AE02/WkoaHy2STehVVccdPbZrm7DkNkM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WkoaHy2STehVVccdPbZrm7DkNkM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C2E87/A9F3C6EE129F11EAAB27202FC4F9AE02/4F4A22E23CDE11EAB553996BC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.124.250.0/23 Signature Algorithm: sha256WithRSAEncryption 78:52:a2:cb:0f:87:d2:a4:ad:12:9d:79:66:5c:f5:d7:f9:dc: 05:e0:76:28:9a:26:2e:3f:e4:af:00:98:ee:3e:05:20:4e:32: f7:8f:bb:7b:36:89:80:ee:d7:97:a3:cd:a9:14:e5:39:c2:f5: d8:6a:84:c3:c2:8c:97:5b:93:39:f0:66:11:e7:bb:70:06:12: 6b:cd:f3:15:25:d7:0c:c0:fe:eb:e3:c3:d5:40:30:23:f6:4c: 0e:b5:0b:23:e7:1a:23:8d:54:5d:e9:21:84:8c:a6:da:d5:be: b5:e9:f2:de:62:d4:a5:2b:09:61:f5:db:04:93:db:ad:af:61: 89:10:94:eb:1f:93:d9:97:87:6e:88:d4:d9:06:38:33:c9:d8: 3b:0d:49:7c:49:04:a8:1f:3d:3d:c5:b5:ba:c6:83:18:a7:bb: 49:c3:20:36:e8:28:ac:bf:30:ff:ba:24:43:1c:a5:16:96:4f: d6:9b:62:04:6d:f5:ed:3d:af:c2:0e:9a:ed:47:e9:a3:72:ea: 60:2c:9e:59:cd:d3:a2:d3:5d:8d:93:52:fa:fa:f0:68:2e:b2: 88:ec:ec:fd:70:87:0b:8a:6e:59:09:81:bc:e4:93:77:b3:b0: b2:5c:76:d0:e0:52:3d:d5:66:fc:9e:29:ab:0d:0b:f0:c0:2e: 17:8b:10:37 -----BEGIN CERTIFICATE----- MIIFcTCCBFmgAwIBAgICCwkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QzJFODcxMTAvBgNVBAUTKDVBNEExQTFGMkQ5MjRERTg1NTU1QzcxRDNEQjY2QjlC QjBFNDM2NDMwHhcNMjMxMjIwMTk0NzIyWhcNMjUwMzAyMDAwMDAwWjAYMRYwFAYD VQQDEw02NTgzNDRjYS1jYzM0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA3BGlb1LMGgAaypCVq9T+J5MXEVTF9izeXJA4ZNckPXnem+E0R/UMRFDZ0kRU TPA6Hj62W0gYzu544D69TZG7s8oAIzd93r9Ha7ufa4P8F2et7eiYQMTiWieLpOpl c1nuPyv420EBFiHBuFEG1Y4p31dSeR/g9ce0wkjJRlJMd33ShLIiLv1cTC8CfkjW 7xGucCaGgIbkpCVwLTF7BAAORz8pqHuysmuRaM/SiCp5K6ONPLVaGtQTmut4cEMV 0//pjbDoqgmfyxk0Nhqgoz065qKQH86Uy+ygDhHOsogk++llKo+7Imvn+Cxst59m bkh6QD6FNDz/OwjBt5kupSU8fQIDAQABo4IClTCCApEwHQYDVR0OBBYEFGhSxUCw uv5smMoBGEv2w2xOEwTjMB8GA1UdIwQYMBaAFFpKGh8tkk3oVVXHHT22a5uw5DZD MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDMkU4Ny9BOUYzQzZFRTEy OUYxMUVBQUIyNzIwMkZDNEY5QUUwMi9Xa29hSHkyU1RlaFZWY2NkUGJacm03RGtO a00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1drb2FIeTJTVGVoVlZjY2RQYlpybTdEa05rTS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QzJFODcvQTlGM0M2RUUxMjlGMTFFQUFCMjcyMDJGQzRGOUFFMDIvNEY0QTIyRTIz Q0RFMTFFQUI1NTM5OTZCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E EDAOMAwEAgABMAYDBAFnfPowDQYJKoZIhvcNAQELBQADggEBAHhSossPh9KkrRKd eWZc9df53AXgdiiaJi4/5K8AmO4+BSBOMvePu3s2iYDu15ejzakU5TnC9dhqhMPC jJdbkznwZhHnu3AGEmvN8xUl1wzA/uvjw9VAMCP2TA61CyPnGiONVF3pIYSMptrV vrXp8t5i1KUrCWH12wST262vYYkQlOsfk9mXh26I1NkGODPJ2DsNSXxJBKgfPT3F tbrGgxinu0nDIDboKKy/MP+6JEMcpRaWT9abYgRt9e09r8IOmu1H6aNy6mAsnlnN 06LTXY2TUvr68Ggusojs7P1whwuKblkJgbzkk3ezsLJcdtDgUj3VZvyeKasNC/DA LheLEDc= -----END CERTIFICATE-----Generated at Sun Jun 2 20:59:18 2024 by rpki-client on console-fra.rpki-client.org