$ rpki-client -vvf rpki.apnic.net/member_repository/A91CD174/51C3E5480B4D11EA92C28F20C4F9AE02/54AD60AE0C2E11EABBBFA158C4F9AE02.roa File: 54AD60AE0C2E11EABBBFA158C4F9AE02.roa (raw, json) Hash identifier: xVTFBNmOi1HL5rDX7+M+vUXncg1h8s61EzgOhvnvgE8= Subject key identifier: 7E:57:43:69:6F:70:E5:60:6B:7B:A7:F2:DA:75:2E:31:B9:38:4B:C2 Certificate issuer: /CN=A91CD174/serialNumber=95DCE21B5ECADEB069DC81B92405D474DE41C206 Certificate serial: 0B53 Authority key identifier: 95:DC:E2:1B:5E:CA:DE:B0:69:DC:81:B9:24:05:D4:74:DE:41:C2:06 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ldziG17K3rBp3IG5JAXUdN5BwgY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CD174/51C3E5480B4D11EA92C28F20C4F9AE02/54AD60AE0C2E11EABBBFA158C4F9AE02.roa Signing time: Thu 28 Mar 2024 19:58:08 +0000 ROA not before: Thu 28 Mar 2024 19:58:08 +0000 ROA not after: Wed 28 May 2025 00:00:00 +0000 asID: 133430 IP address blocks: 103.228.120.0/22 maxlen: 22 103.228.120.0/23 maxlen: 23 103.228.120.0/24 maxlen: 24 103.228.121.0/24 maxlen: 24 103.228.122.0/24 maxlen: 24 103.228.123.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CD174/51C3E5480B4D11EA92C28F20C4F9AE02/ldziG17K3rBp3IG5JAXUdN5BwgY.crl rsync://rpki.apnic.net/member_repository/A91CD174/51C3E5480B4D11EA92C28F20C4F9AE02/ldziG17K3rBp3IG5JAXUdN5BwgY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ldziG17K3rBp3IG5JAXUdN5BwgY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 07 Jun 2024 20:13:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2899 (0xb53) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD174/serialNumber=95DCE21B5ECADEB069DC81B92405D474DE41C206 Validity Not Before: Mar 28 19:58:08 2024 GMT Not After : May 28 00:00:00 2025 GMT Subject: CN=6605cbd0-f528 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:9c:67:21:60:c3:17:09:fd:22:95:9e:7b:79: 8a:d9:d7:ec:dd:ee:72:f6:3a:38:1f:68:09:e1:ec: 5a:fa:b3:b0:59:3d:30:bc:ba:de:e7:6e:ea:2c:90: 5b:eb:a7:d3:3b:7f:e4:cb:f6:60:12:f0:be:7b:0d: 16:19:c1:97:eb:ca:85:41:81:d3:df:e1:b5:2f:79: 18:d0:30:1c:1e:46:ed:e1:1d:59:77:47:9a:5f:9b: 45:55:7b:16:2f:06:00:65:23:11:1c:06:4d:5a:f0: 62:d4:56:de:9f:c6:6a:ac:3c:30:9c:24:68:ec:d2: ce:1b:3e:5b:44:8f:8e:71:b2:ad:b9:73:a7:21:cd: ce:ce:d1:10:80:5a:d8:c9:76:ea:4f:45:d2:58:7f: 55:c8:1c:7d:7a:6b:3d:4b:06:73:cc:65:c6:75:6c: 0c:e4:fa:fa:bb:2a:27:59:8b:f8:4e:06:b7:ef:6a: be:da:5c:fb:74:be:1c:67:2d:67:b4:53:e0:50:9a: 67:fb:ec:94:64:3d:41:45:46:58:f0:df:87:42:c3: dc:48:c6:5a:35:e0:6b:ab:8c:32:a3:38:67:5a:ef: f7:af:6c:27:2e:0d:e9:1d:fd:13:dc:03:f1:fe:bf: bd:5a:0e:2b:cf:28:22:33:9f:45:91:ca:13:f3:3c: e1:95 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7E:57:43:69:6F:70:E5:60:6B:7B:A7:F2:DA:75:2E:31:B9:38:4B:C2 X509v3 Authority Key Identifier: keyid:95:DC:E2:1B:5E:CA:DE:B0:69:DC:81:B9:24:05:D4:74:DE:41:C2:06 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CD174/51C3E5480B4D11EA92C28F20C4F9AE02/ldziG17K3rBp3IG5JAXUdN5BwgY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ldziG17K3rBp3IG5JAXUdN5BwgY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CD174/51C3E5480B4D11EA92C28F20C4F9AE02/54AD60AE0C2E11EABBBFA158C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.228.120.0/22 Signature Algorithm: sha256WithRSAEncryption 2d:f4:27:03:16:ec:cc:57:42:f3:6d:5f:30:80:2d:2b:71:6b: 74:13:3b:4e:ec:4a:eb:fd:41:57:2c:b0:20:85:15:db:93:09: 28:bd:48:70:a8:a7:81:9b:a9:72:1b:4a:97:93:2b:db:1a:04: fe:bf:58:a9:1e:6b:7c:b2:de:2c:e9:2f:4c:51:ee:b0:a4:0f: 1a:19:7e:62:3e:ff:bd:19:6d:e7:51:32:46:9c:b1:49:d9:6b: b7:fc:24:96:4d:bc:50:52:44:93:2d:8a:cc:a2:6f:bf:69:ed: b5:a1:bc:97:7e:da:da:2f:93:44:65:a7:15:a0:4f:69:1a:1e: bc:fd:91:8d:e6:d5:a3:61:d1:81:d0:90:f9:4a:1b:41:fa:99: a0:fe:5d:6e:4a:2f:fc:0b:f6:00:82:1d:37:d9:f0:fc:2b:de: ad:6c:52:8d:6e:c0:e2:ea:ed:ad:8a:b7:25:7e:03:4b:17:8e: 3d:bb:2e:c9:ad:c0:24:23:cf:60:89:f3:e9:b9:3e:83:83:73: 9d:01:80:06:ac:5e:73:d1:35:00:a0:f8:9e:b0:ab:6f:97:96: f1:f0:2f:ce:66:52:b8:e1:f1:d5:45:09:79:ac:44:0c:e8:52: 61:13:77:c8:09:9d:4b:e4:bb:78:e0:68:45:08:31:70:26:5f: 24:a4:38:f5 -----BEGIN CERTIFICATE----- MIIFcTCCBFmgAwIBAgICC1MwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Q0QxNzQxMTAvBgNVBAUTKDk1RENFMjFCNUVDQURFQjA2OURDODFCOTI0MDVENDc0 REU0MUMyMDYwHhcNMjQwMzI4MTk1ODA4WhcNMjUwNTI4MDAwMDAwWjAYMRYwFAYD VQQDEw02NjA1Y2JkMC1mNTI4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAo5xnIWDDFwn9IpWee3mK2dfs3e5y9jo4H2gJ4exa+rOwWT0wvLre527qLJBb 66fTO3/ky/ZgEvC+ew0WGcGX68qFQYHT3+G1L3kY0DAcHkbt4R1Zd0eaX5tFVXsW LwYAZSMRHAZNWvBi1Fben8ZqrDwwnCRo7NLOGz5bRI+OcbKtuXOnIc3OztEQgFrY yXbqT0XSWH9VyBx9ems9SwZzzGXGdWwM5Pr6uyonWYv4Tga372q+2lz7dL4cZy1n tFPgUJpn++yUZD1BRUZY8N+HQsPcSMZaNeBrq4wyozhnWu/3r2wnLg3pHf0T3APx /r+9Wg4rzygiM59FkcoT8zzhlQIDAQABo4IClTCCApEwHQYDVR0OBBYEFH5XQ2lv cOVga3un8tp1LjG5OEvCMB8GA1UdIwQYMBaAFJXc4hteyt6wadyBuSQF1HTeQcIG MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDRDE3NC81MUMzRTU0ODBC NEQxMUVBOTJDMjhGMjBDNEY5QUUwMi9sZHppRzE3SzNyQnAzSUc1SkFYVWRONUJ3 Z1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2xkemlHMTdLM3JCcDNJRzVKQVhVZE41QndnWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx Q0QxNzQvNTFDM0U1NDgwQjREMTFFQTkyQzI4RjIwQzRGOUFFMDIvNTRBRDYwQUUw QzJFMTFFQUJCQkZBMTU4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E EDAOMAwEAgABMAYDBAJn5HgwDQYJKoZIhvcNAQELBQADggEBAC30JwMW7MxXQvNt XzCALStxa3QTO07sSuv9QVcssCCFFduTCSi9SHCop4GbqXIbSpeTK9saBP6/WKke a3yy3izpL0xR7rCkDxoZfmI+/70ZbedRMkacsUnZa7f8JJZNvFBSRJMtisyib79p 7bWhvJd+2tovk0RlpxWgT2kaHrz9kY3m1aNh0YHQkPlKG0H6maD+XW5KL/wL9gCC HTfZ8Pwr3q1sUo1uwOLq7a2KtyV+A0sXjj27LsmtwCQjz2CJ8+m5PoODc50BgAas XnPRNQCg+J6wq2+XlvHwL85mUrjh8dVFCXmsRAzoUmETd8gJnUvku3jgaEUIMXAm XySkOPU= -----END CERTIFICATE-----Generated at Sat Jun 1 00:13:28 2024 by rpki-client on console-ams.rpki-client.org