$ rpki-client -vvf rpki.apnic.net/member_repository/A911D5F1/A95E6C02506211E9BFCB4C87C4F9AE02/F2C7080CE17A11EC93AB7473C4F9AE02.roa File: F2C7080CE17A11EC93AB7473C4F9AE02.roa (raw, json) Hash identifier: XexnyfwA0CtniI2Ujd9ZJAthg40KLsIk/EQefN1sYwQ= Subject key identifier: F4:9E:E8:DB:6F:50:97:D4:5E:4A:7B:BA:42:28:A4:B6:76:C0:2A:BB Certificate issuer: /CN=A911D5F1/serialNumber=92E848E71F7008DCC777B8E23F73DA9278C9A50E Certificate serial: 0F23 Authority key identifier: 92:E8:48:E7:1F:70:08:DC:C7:77:B8:E2:3F:73:DA:92:78:C9:A5:0E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kuhI5x9wCNzHd7jiP3PaknjJpQ4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A911D5F1/A95E6C02506211E9BFCB4C87C4F9AE02/F2C7080CE17A11EC93AB7473C4F9AE02.roa Signing time: Mon 06 May 2024 18:26:32 +0000 ROA not before: Mon 06 May 2024 18:26:32 +0000 ROA not after: Tue 01 Jul 2025 00:00:00 +0000 asID: 23678 IP address blocks: 103.137.120.0/22 maxlen: 22 103.137.120.0/24 maxlen: 24 103.137.121.0/24 maxlen: 24 103.137.122.0/24 maxlen: 24 103.137.123.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A911D5F1/A95E6C02506211E9BFCB4C87C4F9AE02/kuhI5x9wCNzHd7jiP3PaknjJpQ4.crl rsync://rpki.apnic.net/member_repository/A911D5F1/A95E6C02506211E9BFCB4C87C4F9AE02/kuhI5x9wCNzHd7jiP3PaknjJpQ4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kuhI5x9wCNzHd7jiP3PaknjJpQ4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 25 May 2024 14:50:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3875 (0xf23) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A911D5F1/serialNumber=92E848E71F7008DCC777B8E23F73DA9278C9A50E Validity Not Before: May 6 18:26:32 2024 GMT Not After : Jul 1 00:00:00 2025 GMT Subject: CN=663920d8-7b04 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9e:ed:e9:6c:2f:a3:a8:dd:f0:d2:f5:95:4e:a8: 37:f5:39:53:b1:81:b9:46:3b:e4:16:69:0b:60:a5: aa:d8:04:b8:3e:22:5b:3d:f2:7c:97:79:e2:24:aa: e1:29:f1:0c:8c:4f:32:e1:e6:e8:a8:4a:e1:27:50: ce:4a:8d:20:9f:8f:a9:0a:e5:de:a5:98:bc:84:42: 7c:8f:74:99:72:48:86:28:52:ae:d0:32:92:72:98: 2d:dc:86:38:af:90:4a:25:7c:87:24:13:5d:9a:bd: 00:53:56:6d:20:61:52:bc:08:f4:d0:ca:66:00:3f: 2a:1a:1d:3b:5e:89:7a:af:4c:d3:e6:ba:7c:0f:fb: 55:a5:fd:a4:90:32:ef:fb:c7:dc:a6:10:ba:13:63: 29:10:dc:eb:c8:64:4c:09:be:f3:f3:c4:35:af:7c: e5:49:dd:4e:70:a1:72:cc:d7:b9:33:9e:49:e8:17: ce:64:e5:3e:a0:14:4f:f0:09:f5:32:18:92:4c:ac: 9c:dc:fb:02:bf:8b:71:a8:67:c8:b1:33:15:ee:27: fd:48:d5:ed:8c:9c:bc:62:66:b3:52:74:c4:05:b5: 4a:87:87:1a:09:82:cf:78:eb:30:2a:ec:a5:71:41: f0:55:08:15:10:69:38:84:20:d4:e6:3b:c6:80:dc: 7b:41 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F4:9E:E8:DB:6F:50:97:D4:5E:4A:7B:BA:42:28:A4:B6:76:C0:2A:BB X509v3 Authority Key Identifier: keyid:92:E8:48:E7:1F:70:08:DC:C7:77:B8:E2:3F:73:DA:92:78:C9:A5:0E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A911D5F1/A95E6C02506211E9BFCB4C87C4F9AE02/kuhI5x9wCNzHd7jiP3PaknjJpQ4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kuhI5x9wCNzHd7jiP3PaknjJpQ4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911D5F1/A95E6C02506211E9BFCB4C87C4F9AE02/F2C7080CE17A11EC93AB7473C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.137.120.0/22 Signature Algorithm: sha256WithRSAEncryption 0c:bb:db:cc:92:ea:3b:4c:43:0e:fd:5a:38:a2:41:26:d1:13: 37:55:ba:3a:b3:24:10:2f:3a:b4:b8:ed:10:ec:9b:3b:c4:de: 72:48:e2:17:20:4f:6c:28:bc:3a:57:8b:24:4c:4a:b8:59:74: fa:2a:91:8b:05:96:4a:ae:19:04:14:21:11:a4:1c:90:70:64: 64:e1:c3:71:0c:15:34:ff:2e:33:41:c8:45:5a:06:9e:74:96: cf:20:c9:b8:d2:79:91:ca:dd:87:81:57:63:35:f6:17:24:c5: 0f:3a:15:6a:d8:1d:d4:32:87:03:ff:c7:45:85:88:46:c3:cf: 22:e0:c5:7b:f9:1a:38:ea:a1:b2:95:ba:c7:ad:41:32:8c:40: 89:6f:28:89:78:dc:92:11:42:79:02:4e:3b:57:89:90:5f:39: 58:74:9d:d0:a6:68:2d:fd:a4:dd:7e:9e:69:da:b1:34:37:95: 15:13:08:94:7f:32:90:ba:36:29:79:1f:d2:70:47:6c:4d:fe: 54:c1:76:00:29:99:5c:47:4f:5f:d6:44:e7:06:e5:b3:46:12: ba:02:b4:52:e8:91:e0:3c:c8:30:ac:0b:34:c8:4c:8d:5d:ed: 3c:2a:47:ab:13:67:b5:d4:21:43:f8:62:6e:d9:0d:c8:cd:1e: a8:a5:4d:e3 -----BEGIN CERTIFICATE----- MIIFcTCCBFmgAwIBAgICDyMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MUQ1RjExMTAvBgNVBAUTKDkyRTg0OEU3MUY3MDA4RENDNzc3QjhFMjNGNzNEQTky NzhDOUE1MEUwHhcNMjQwNTA2MTgyNjMyWhcNMjUwNzAxMDAwMDAwWjAYMRYwFAYD VQQDEw02NjM5MjBkOC03YjA0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAnu3pbC+jqN3w0vWVTqg39TlTsYG5RjvkFmkLYKWq2AS4PiJbPfJ8l3niJKrh KfEMjE8y4eboqErhJ1DOSo0gn4+pCuXepZi8hEJ8j3SZckiGKFKu0DKScpgt3IY4 r5BKJXyHJBNdmr0AU1ZtIGFSvAj00MpmAD8qGh07Xol6r0zT5rp8D/tVpf2kkDLv +8fcphC6E2MpENzryGRMCb7z88Q1r3zlSd1OcKFyzNe5M55J6BfOZOU+oBRP8An1 MhiSTKyc3PsCv4txqGfIsTMV7if9SNXtjJy8YmazUnTEBbVKh4caCYLPeOswKuyl cUHwVQgVEGk4hCDU5jvGgNx7QQIDAQABo4IClTCCApEwHQYDVR0OBBYEFPSe6Ntv UJfUXkp7ukIopLZ2wCq7MB8GA1UdIwQYMBaAFJLoSOcfcAjcx3e44j9z2pJ4yaUO MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExRDVGMS9BOTVFNkMwMjUw NjIxMUU5QkZDQjRDODdDNEY5QUUwMi9rdWhJNXg5d0NOekhkN2ppUDNQYWtuakpw UTQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2t1aEk1eDl3Q056SGQ3amlQM1Bha25qSnBRNC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MUQ1RjEvQTk1RTZDMDI1MDYyMTFFOUJGQ0I0Qzg3QzRGOUFFMDIvRjJDNzA4MENF MTdBMTFFQzkzQUI3NDczQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E EDAOMAwEAgABMAYDBAJniXgwDQYJKoZIhvcNAQELBQADggEBAAy728yS6jtMQw79 WjiiQSbREzdVujqzJBAvOrS47RDsmzvE3nJI4hcgT2wovDpXiyRMSrhZdPoqkYsF lkquGQQUIRGkHJBwZGThw3EMFTT/LjNByEVaBp50ls8gybjSeZHK3YeBV2M19hck xQ86FWrYHdQyhwP/x0WFiEbDzyLgxXv5GjjqobKVusetQTKMQIlvKIl43JIRQnkC TjtXiZBfOVh0ndCmaC39pN1+nmnasTQ3lRUTCJR/MpC6Nil5H9JwR2xN/lTBdgAp mVxHT1/WROcG5bNGEroCtFLokeA8yDCsCzTITI1d7TwqR6sTZ7XUIUP4Ym7ZDcjN HqilTeM= -----END CERTIFICATE-----Generated at Sat May 18 18:46:45 2024 by rpki-client on console-fra.rpki-client.org