$ rpki-client -vvf rpki.apnic.net/member_repository/A91E96BC/6687EF22D14D11EE9DB4180FC4F9AE02/29E1D8AAE82511EE9E51342EC4F9AE02.roa File: 29E1D8AAE82511EE9E51342EC4F9AE02.roa (raw, json) Hash identifier: V8csm2Ikjq+/lOdjXY5y7sLhjKHzTZep/E3tm4lTIOs= Subject key identifier: 71:5C:B5:9E:43:58:D8:1B:2A:BD:FA:67:C6:06:8F:F7:D8:D2:C0:EB Certificate issuer: /CN=A91E96BC/serialNumber=ED11EB4C34804199EA77500EDDBBEEE10B7549AB Certificate serial: 23 Authority key identifier: ED:11:EB:4C:34:80:41:99:EA:77:50:0E:DD:BB:EE:E1:0B:75:49:AB Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7RHrTDSAQZnqd1AO3bvu4Qt1Sas.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E96BC/6687EF22D14D11EE9DB4180FC4F9AE02/29E1D8AAE82511EE9E51342EC4F9AE02.roa Signing time: Thu 11 Apr 2024 07:36:59 +0000 ROA not before: Thu 11 Apr 2024 07:36:59 +0000 ROA not after: Mon 30 Dec 2024 00:00:00 +0000 asID: 141883 IP address blocks: 103.143.14.0/23 maxlen: 23 103.143.14.0/24 maxlen: 24 103.143.15.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E96BC/6687EF22D14D11EE9DB4180FC4F9AE02/7RHrTDSAQZnqd1AO3bvu4Qt1Sas.crl rsync://rpki.apnic.net/member_repository/A91E96BC/6687EF22D14D11EE9DB4180FC4F9AE02/7RHrTDSAQZnqd1AO3bvu4Qt1Sas.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7RHrTDSAQZnqd1AO3bvu4Qt1Sas.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 08 Jun 2024 08:57:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 35 (0x23) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E96BC/serialNumber=ED11EB4C34804199EA77500EDDBBEEE10B7549AB Validity Not Before: Apr 11 07:36:59 2024 GMT Not After : Dec 30 00:00:00 2024 GMT Subject: CN=6617931b-7fa7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:df:ae:3d:09:76:b5:0e:58:cf:de:01:ad:9e: 27:9b:e4:9e:0b:6d:38:1c:60:f2:e1:6a:1a:13:22: a2:c0:83:b1:51:2a:0a:38:4b:09:44:7d:30:71:94: de:c1:fb:45:e0:b0:8f:f4:6b:f1:89:08:f7:b7:4e: b7:ee:59:b2:27:63:40:51:36:83:2c:ac:75:ea:2d: 28:f6:04:3f:ea:b5:6c:b9:a2:46:84:09:80:c7:03: 28:48:05:f3:73:e7:38:9f:be:f7:90:2b:c4:5d:9f: 17:aa:24:29:02:a6:0b:d3:ad:4c:76:43:6a:55:65: 97:e7:c8:e6:ae:f2:3c:4e:50:ca:3d:9c:29:4e:25: 1b:78:72:79:40:18:6b:fd:cd:4b:70:78:2f:13:73: 83:9e:cf:ea:6b:f9:ce:a1:f6:42:fd:d6:90:a9:f1: fc:62:91:24:7e:6b:f3:1e:fa:93:73:cf:62:7a:64: 5d:1b:90:48:10:b1:0e:33:38:82:ce:fd:04:f2:ad: af:1e:f5:a3:a4:29:41:12:70:a0:67:32:75:8a:f2: 22:8c:7d:0d:0d:1c:ff:6d:67:56:6a:96:f9:06:d2: 42:cd:45:d9:79:e0:3a:ce:43:8e:61:0b:5d:c7:aa: da:d8:36:ac:6f:28:f7:c2:c1:0d:f9:8f:22:d2:72: 57:39 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 71:5C:B5:9E:43:58:D8:1B:2A:BD:FA:67:C6:06:8F:F7:D8:D2:C0:EB X509v3 Authority Key Identifier: keyid:ED:11:EB:4C:34:80:41:99:EA:77:50:0E:DD:BB:EE:E1:0B:75:49:AB X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E96BC/6687EF22D14D11EE9DB4180FC4F9AE02/7RHrTDSAQZnqd1AO3bvu4Qt1Sas.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7RHrTDSAQZnqd1AO3bvu4Qt1Sas.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E96BC/6687EF22D14D11EE9DB4180FC4F9AE02/29E1D8AAE82511EE9E51342EC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.143.14.0/23 Signature Algorithm: sha256WithRSAEncryption 0b:94:1b:79:b6:47:17:9d:f5:74:cd:fe:07:7e:21:7e:e3:34: ca:6d:e4:87:19:29:e8:37:06:ca:da:a4:39:d0:71:7e:61:e1: d1:3d:dd:cc:80:48:7c:7e:4d:47:2a:84:9d:18:90:f8:12:73: 7a:a2:fa:1b:32:5c:d4:b8:42:43:2f:cf:c7:39:44:0f:e7:a0: ec:ab:95:d4:c4:68:2f:d7:2d:0e:eb:06:c1:ec:75:68:b9:8c: 38:62:96:04:15:b9:44:c4:83:fa:85:5a:a5:15:a2:08:98:0b: 76:9a:d3:40:d2:1f:a5:d9:ce:65:70:67:a9:c4:5b:40:f1:b8: 1c:59:48:73:0d:d1:2d:0b:71:4e:ab:40:14:67:b9:69:ca:41: bf:9f:0a:6b:7c:79:61:3c:90:ec:a9:06:a6:a5:ab:be:06:13: 6d:c7:cd:e4:93:4d:c2:d5:f8:ff:66:03:6a:bd:48:0e:a5:f5: 69:0b:0c:dd:9c:cf:1f:52:61:cb:89:b7:d1:03:a7:f6:26:b7: 75:bf:9f:f7:d1:40:25:63:7a:d4:e8:24:b6:4a:c9:1f:57:80: e7:4b:e4:d6:f2:86:2d:f2:95:70:5d:7c:cb:72:30:64:bb:2e: 75:1e:8e:36:66:7c:e4:61:17:dd:5e:90:9a:e4:70:87:f5:81: 61:13:6c:00 -----BEGIN CERTIFICATE----- MIIFcDCCBFigAwIBAgIBIzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFF OTZCQzExMC8GA1UEBRMoRUQxMUVCNEMzNDgwNDE5OUVBNzc1MDBFRERCQkVFRTEw Qjc1NDlBQjAeFw0yNDA0MTEwNzM2NTlaFw0yNDEyMzAwMDAwMDBaMBgxFjAUBgNV BAMTDTY2MTc5MzFiLTdmYTcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCu3649CXa1DljP3gGtnieb5J4LbTgcYPLhahoTIqLAg7FRKgo4SwlEfTBxlN7B +0XgsI/0a/GJCPe3TrfuWbInY0BRNoMsrHXqLSj2BD/qtWy5okaECYDHAyhIBfNz 5zifvveQK8RdnxeqJCkCpgvTrUx2Q2pVZZfnyOau8jxOUMo9nClOJRt4cnlAGGv9 zUtweC8Tc4Oez+pr+c6h9kL91pCp8fxikSR+a/Me+pNzz2J6ZF0bkEgQsQ4zOILO /QTyra8e9aOkKUEScKBnMnWK8iKMfQ0NHP9tZ1ZqlvkG0kLNRdl54DrOQ45hC13H qtrYNqxvKPfCwQ35jyLSclc5AgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUcVy1nkNY 2BsqvfpnxgaP99jSwOswHwYDVR0jBBgwFoAU7RHrTDSAQZnqd1AO3bvu4Qt1Sasw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUU5NkJDLzY2ODdFRjIyRDE0 RDExRUU5REI0MTgwRkM0RjlBRTAyLzdSSHJURFNBUVpucWQxQU8zYnZ1NFF0MVNh cy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvN1JIclREU0FRWm5xZDFBTzNidnU0UXQxU2FzLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF OTZCQy82Njg3RUYyMkQxNEQxMUVFOURCNDE4MEZDNEY5QUUwMi8yOUUxRDhBQUU4 MjUxMUVFOUU1MTM0MkVDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ MA4wDAQCAAEwBgMEAWePDjANBgkqhkiG9w0BAQsFAAOCAQEAC5QbebZHF531dM3+ B34hfuM0ym3khxkp6DcGytqkOdBxfmHh0T3dzIBIfH5NRyqEnRiQ+BJzeqL6GzJc 1LhCQy/PxzlED+eg7KuV1MRoL9ctDusGwex1aLmMOGKWBBW5RMSD+oVapRWiCJgL dprTQNIfpdnOZXBnqcRbQPG4HFlIcw3RLQtxTqtAFGe5acpBv58Ka3x5YTyQ7KkG pqWrvgYTbcfN5JNNwtX4/2YDar1IDqX1aQsM3ZzPH1Jhy4m30QOn9ia3db+f99FA JWN61OgktkrJH1eA50vk1vKGLfKVcF18y3IwZLsudR6ONmZ85GEX3V6QmuRwh/WB YRNsAA== -----END CERTIFICATE-----Generated at Sat Jun 1 11:14:33 2024 by rpki-client on console-fra.rpki-client.org