$ rpki-client -vvf rpki.apnic.net/member_repository/A91E0C33/54265F34668711EEB93D3F6CC4F9AE02/F43FF9A8AA7511EE9BF3CC35C4F9AE02.roa File: F43FF9A8AA7511EE9BF3CC35C4F9AE02.roa (raw, json) Hash identifier: WKYiP49W1hPEBg5xPJNDaypzL2WmJIjN8JIxlvH+Nc8= Subject key identifier: 65:63:45:E2:87:D8:6A:8D:C3:E8:22:09:E9:DE:CF:DC:FD:59:3E:47 Certificate issuer: /CN=A91E0C33/serialNumber=80BE930E30649B12ACEE8DC40B575AB7DDE64945 Certificate serial: 33 Authority key identifier: 80:BE:93:0E:30:64:9B:12:AC:EE:8D:C4:0B:57:5A:B7:DD:E6:49:45 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gL6TDjBkmxKs7o3EC1dat93mSUU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E0C33/54265F34668711EEB93D3F6CC4F9AE02/F43FF9A8AA7511EE9BF3CC35C4F9AE02.roa Signing time: Wed 03 Jan 2024 20:23:28 +0000 ROA not before: Wed 03 Jan 2024 20:23:28 +0000 ROA not after: Fri 31 Jan 2025 00:00:00 +0000 asID: 150129 IP address blocks: 103.249.115.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E0C33/54265F34668711EEB93D3F6CC4F9AE02/gL6TDjBkmxKs7o3EC1dat93mSUU.crl rsync://rpki.apnic.net/member_repository/A91E0C33/54265F34668711EEB93D3F6CC4F9AE02/gL6TDjBkmxKs7o3EC1dat93mSUU.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gL6TDjBkmxKs7o3EC1dat93mSUU.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 20 Jun 2024 07:03:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 51 (0x33) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E0C33/serialNumber=80BE930E30649B12ACEE8DC40B575AB7DDE64945 Validity Not Before: Jan 3 20:23:28 2024 GMT Not After : Jan 31 00:00:00 2025 GMT Subject: CN=6595c240-0200 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:fd:e1:7e:8a:fa:b5:ad:90:91:bc:ba:57:c4: 59:04:f2:98:b6:68:bf:ae:45:d3:50:bb:58:0a:a1: ba:26:5b:b3:18:d1:4d:0c:7d:b5:d6:59:ae:2f:54: db:08:fd:12:04:81:1a:8a:89:e6:f1:c3:7e:fd:56: fe:14:a7:8c:4b:e6:15:4d:e5:94:17:f7:64:b7:b2: ba:6d:46:03:29:65:66:3f:e0:c1:f1:37:55:71:c9: c9:81:d5:5c:0e:d7:a1:4c:8d:67:cf:64:8b:41:09: 1d:ac:3d:be:cf:07:ad:32:d0:22:32:5d:fb:15:07: 92:7f:52:ff:d5:27:f1:1e:67:68:ce:55:d6:f8:7e: bd:1e:20:c9:ef:3c:a8:88:fb:9a:73:36:d5:20:0d: 75:88:f2:c8:58:fd:00:72:9a:6c:99:bb:55:91:f5: 2a:4f:fc:5e:e5:fc:d9:47:4f:94:79:f1:32:65:3a: 24:40:16:0c:75:7b:65:0e:b2:e7:c2:c4:c7:2c:2b: 56:bc:8c:b5:9b:6c:74:e2:16:8a:44:0f:8c:64:ac: 6c:f7:94:46:cb:54:0a:6a:e8:7f:94:e8:25:18:74: 76:57:e4:a0:7c:01:fe:1b:e9:14:8b:e5:fd:8c:ee: dd:13:fd:c7:96:32:1a:08:58:39:ca:38:45:68:8b: 51:b3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 65:63:45:E2:87:D8:6A:8D:C3:E8:22:09:E9:DE:CF:DC:FD:59:3E:47 X509v3 Authority Key Identifier: keyid:80:BE:93:0E:30:64:9B:12:AC:EE:8D:C4:0B:57:5A:B7:DD:E6:49:45 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E0C33/54265F34668711EEB93D3F6CC4F9AE02/gL6TDjBkmxKs7o3EC1dat93mSUU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gL6TDjBkmxKs7o3EC1dat93mSUU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E0C33/54265F34668711EEB93D3F6CC4F9AE02/F43FF9A8AA7511EE9BF3CC35C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.249.115.0/24 Signature Algorithm: sha256WithRSAEncryption 0e:78:64:9b:7a:9c:14:05:5e:d6:d3:ec:4c:28:71:59:5e:5c: a4:89:a4:6c:d1:f9:30:8a:42:64:1d:bb:a3:d9:32:93:19:72: 36:be:22:72:a2:ab:0f:c0:bb:69:e5:bc:a7:a1:cf:04:cc:db: 7a:11:d8:d1:92:bd:b3:56:60:d4:e9:2f:30:29:88:93:62:60: 38:41:4d:58:e4:92:75:f7:91:5c:b2:3a:13:45:f0:6d:87:49: 8e:df:15:b1:b6:99:87:58:db:eb:f7:ae:d3:76:20:f9:8d:f7: 52:68:e1:a3:ac:8a:f2:71:31:71:59:a5:c5:f5:6d:ad:f1:5c: 7f:20:c8:ae:7c:54:da:39:77:df:1d:0c:c2:27:a4:da:5b:44: b5:4e:52:c4:7a:55:48:52:64:42:7d:19:bf:d0:c1:26:58:23: de:82:f5:60:0f:82:39:33:5f:6a:81:4f:00:b5:de:8d:a5:72: 16:f9:7b:bf:20:59:e2:21:23:85:7d:17:95:53:b6:21:77:79: 53:dd:e5:bc:0f:7b:76:f6:00:d1:a0:3a:df:62:a6:70:b9:18: 6e:e8:03:bd:b0:f4:76:89:ad:8f:94:1d:25:2a:17:4d:c4:c3: f1:8e:c5:82:19:7d:d7:6b:60:d1:d5:3e:23:1f:60:cd:7e:57: c8:e2:5c:03 -----BEGIN CERTIFICATE----- MIIFcDCCBFigAwIBAgIBMzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFF MEMzMzExMC8GA1UEBRMoODBCRTkzMEUzMDY0OUIxMkFDRUU4REM0MEI1NzVBQjdE REU2NDk0NTAeFw0yNDAxMDMyMDIzMjhaFw0yNTAxMzEwMDAwMDBaMBgxFjAUBgNV BAMTDTY1OTVjMjQwLTAyMDAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQC3/eF+ivq1rZCRvLpXxFkE8pi2aL+uRdNQu1gKobomW7MY0U0MfbXWWa4vVNsI /RIEgRqKiebxw379Vv4Up4xL5hVN5ZQX92S3srptRgMpZWY/4MHxN1VxycmB1VwO 16FMjWfPZItBCR2sPb7PB60y0CIyXfsVB5J/Uv/VJ/EeZ2jOVdb4fr0eIMnvPKiI +5pzNtUgDXWI8shY/QBymmyZu1WR9SpP/F7l/NlHT5R58TJlOiRAFgx1e2UOsufC xMcsK1a8jLWbbHTiFopED4xkrGz3lEbLVApq6H+U6CUYdHZX5KB8Af4b6RSL5f2M 7t0T/ceWMhoIWDnKOEVoi1GzAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUZWNF4ofY ao3D6CIJ6d7P3P1ZPkcwHwYDVR0jBBgwFoAUgL6TDjBkmxKs7o3EC1dat93mSUUw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUUwQzMzLzU0MjY1RjM0NjY4 NzExRUVCOTNEM0Y2Q0M0RjlBRTAyL2dMNlREakJrbXhLczdvM0VDMWRhdDkzbVNV VS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvZ0w2VERqQmtteEtzN28zRUMxZGF0OTNtU1VVLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF MEMzMy81NDI2NUYzNDY2ODcxMUVFQjkzRDNGNkNDNEY5QUUwMi9GNDNGRjlBOEFB NzUxMUVFOUJGM0NDMzVDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ MA4wDAQCAAEwBgMEAGf5czANBgkqhkiG9w0BAQsFAAOCAQEADnhkm3qcFAVe1tPs TChxWV5cpImkbNH5MIpCZB27o9kykxlyNr4icqKrD8C7aeW8p6HPBMzbehHY0ZK9 s1Zg1OkvMCmIk2JgOEFNWOSSdfeRXLI6E0XwbYdJjt8VsbaZh1jb6/eu03Yg+Y33 Umjho6yK8nExcVmlxfVtrfFcfyDIrnxU2jl33x0Mwiek2ltEtU5SxHpVSFJkQn0Z v9DBJlgj3oL1YA+COTNfaoFPALXejaVyFvl7vyBZ4iEjhX0XlVO2IXd5U93lvA97 dvYA0aA632KmcLkYbugDvbD0domtj5QdJSoXTcTD8Y7Fghl912tg0dU+Ix9gzX5X yOJcAw== -----END CERTIFICATE-----Generated at Thu Jun 13 07:43:07 2024 by rpki-client on console-fra.rpki-client.org