$ rpki-client -vvf rpki.apnic.net/member_repository/A9130A53/71B7D470AB4A11EA89D16359C4F9AE02/F2CD89AAAB4B11EAA2CA585BC4F9AE02.roa File: F2CD89AAAB4B11EAA2CA585BC4F9AE02.roa (raw, json) Hash identifier: 2VI2hY5UlARHpwuBqnULVT3ahtdexijvR2j0GUq/pso= Subject key identifier: FC:44:70:ED:EC:A4:A6:7C:22:B1:D4:67:0B:A0:C0:54:0B:1C:13:CD Certificate issuer: /CN=A9130A53/serialNumber=6E4E69BE13D613A70274C0CE77383923F156272D Certificate serial: 07C8 Authority key identifier: 6E:4E:69:BE:13:D6:13:A7:02:74:C0:CE:77:38:39:23:F1:56:27:2D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bk5pvhPWE6cCdMDOdzg5I_FWJy0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9130A53/71B7D470AB4A11EA89D16359C4F9AE02/F2CD89AAAB4B11EAA2CA585BC4F9AE02.roa Signing time: Wed 18 Oct 2023 21:29:00 +0000 ROA not before: Wed 18 Oct 2023 21:29:00 +0000 ROA not after: Sun 01 Dec 2024 00:00:00 +0000 asID: 136565 IP address blocks: 103.20.122.0/24 maxlen: 24 103.20.123.0/24 maxlen: 24 2405:2500:25::/48 maxlen: 48 2405:2500:26::/48 maxlen: 48 2405:2500:65::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9130A53/71B7D470AB4A11EA89D16359C4F9AE02/bk5pvhPWE6cCdMDOdzg5I_FWJy0.crl rsync://rpki.apnic.net/member_repository/A9130A53/71B7D470AB4A11EA89D16359C4F9AE02/bk5pvhPWE6cCdMDOdzg5I_FWJy0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bk5pvhPWE6cCdMDOdzg5I_FWJy0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 27 May 2024 21:22:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1992 (0x7c8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9130A53/serialNumber=6E4E69BE13D613A70274C0CE77383923F156272D Validity Not Before: Oct 18 21:29:00 2023 GMT Not After : Dec 1 00:00:00 2024 GMT Subject: CN=65304e1c-5df5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9d:b0:dc:27:07:ca:e0:17:44:74:39:4e:7b:d5: 78:9f:a9:88:05:f4:df:89:3f:f4:6f:7b:80:55:5e: 07:eb:b7:69:b4:74:a6:31:9d:33:b3:d3:59:25:e2: d0:43:7d:6b:bc:37:96:f2:d1:75:b0:a8:03:dd:48: fa:a2:1d:a9:a7:af:fa:50:7e:97:63:e6:54:cc:2a: fc:84:b7:7b:cd:95:19:52:71:45:89:df:6d:0a:38: 99:29:ce:5d:d7:ec:84:03:32:70:6b:0e:e5:a2:17: 80:a9:52:9e:7d:bb:2a:56:97:7f:a3:a7:68:fc:54: 0f:1e:a4:b4:e0:cf:ab:05:52:9f:52:13:b1:a7:e8: 8a:08:b0:a5:e0:4a:cc:52:d7:09:99:1e:42:cf:2a: 59:9f:a9:ad:d7:a8:51:fa:69:73:6c:b3:09:43:5d: 6e:6c:b4:c0:cb:23:7b:43:dc:ae:ba:4c:f2:f2:f1: c1:a3:e5:66:aa:b9:2a:4c:53:f1:6c:ef:c5:7b:78: a6:e6:f4:18:41:a6:c4:17:50:c4:3f:15:7f:ac:b6: 1c:7e:32:cf:51:a8:c9:50:f4:bb:52:af:f3:8d:0d: 0a:89:9c:f0:2b:1a:e1:17:74:64:b3:05:36:3d:22: ac:57:08:da:02:a8:72:5b:5f:de:cf:4a:47:2f:1b: db:b9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FC:44:70:ED:EC:A4:A6:7C:22:B1:D4:67:0B:A0:C0:54:0B:1C:13:CD X509v3 Authority Key Identifier: keyid:6E:4E:69:BE:13:D6:13:A7:02:74:C0:CE:77:38:39:23:F1:56:27:2D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9130A53/71B7D470AB4A11EA89D16359C4F9AE02/bk5pvhPWE6cCdMDOdzg5I_FWJy0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bk5pvhPWE6cCdMDOdzg5I_FWJy0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9130A53/71B7D470AB4A11EA89D16359C4F9AE02/F2CD89AAAB4B11EAA2CA585BC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.20.122.0/23 IPv6: 2405:2500:25::-2405:2500:26:ffff:ffff:ffff:ffff:ffff 2405:2500:65::/48 Signature Algorithm: sha256WithRSAEncryption 13:72:d7:05:8f:d5:1f:74:ef:0d:8d:99:3a:09:9d:58:32:1f: 85:a6:6e:b9:56:51:e2:7f:3d:73:0b:7e:33:ad:fa:eb:3e:a5: 71:a0:9e:ac:9b:90:12:47:9a:de:e3:b2:5e:5f:6c:21:98:92: 9f:36:f0:64:58:c8:83:64:e5:71:4e:cb:c1:fc:b6:e0:08:73: bb:05:04:a6:c3:e8:4b:17:98:cf:f3:7b:f8:e8:30:53:94:2d: ab:a2:1e:4c:9a:34:60:49:4a:69:5e:ca:87:2e:71:16:be:15: 6f:ad:69:30:5f:fa:7f:ae:96:ea:7c:90:e8:68:09:d1:33:a6: 1b:31:e4:98:96:28:d2:a4:21:b2:26:64:97:9d:7a:4d:b7:da: 49:2c:9c:db:44:a1:35:c8:e2:da:e8:85:fe:32:f6:53:2f:a5: 66:75:33:b9:77:6a:5e:7b:cf:c9:b5:21:2d:4f:ae:da:93:bb: 15:3c:12:18:c1:2f:d2:fd:f6:da:2e:00:11:fc:d9:74:bb:ab: 49:18:00:48:f5:39:d4:f5:9e:22:57:bc:f1:a4:39:55:8b:c2: 49:1b:54:78:bf:f2:d2:5b:de:09:61:18:02:95:60:f2:a8:65: 09:36:25:9f:d5:f5:ea:34:e3:da:ab:a6:84:06:37:64:ae:52: 33:c8:5f:32 -----BEGIN CERTIFICATE----- MIIFljCCBH6gAwIBAgICB8gwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MzBBNTMxMTAvBgNVBAUTKDZFNEU2OUJFMTNENjEzQTcwMjc0QzBDRTc3MzgzOTIz RjE1NjI3MkQwHhcNMjMxMDE4MjEyOTAwWhcNMjQxMjAxMDAwMDAwWjAYMRYwFAYD VQQDEw02NTMwNGUxYy01ZGY1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAnbDcJwfK4BdEdDlOe9V4n6mIBfTfiT/0b3uAVV4H67dptHSmMZ0zs9NZJeLQ Q31rvDeW8tF1sKgD3Uj6oh2pp6/6UH6XY+ZUzCr8hLd7zZUZUnFFid9tCjiZKc5d 1+yEAzJwaw7loheAqVKefbsqVpd/o6do/FQPHqS04M+rBVKfUhOxp+iKCLCl4ErM UtcJmR5CzypZn6mt16hR+mlzbLMJQ11ubLTAyyN7Q9yuukzy8vHBo+VmqrkqTFPx bO/Fe3im5vQYQabEF1DEPxV/rLYcfjLPUajJUPS7Uq/zjQ0KiZzwKxrhF3RkswU2 PSKsVwjaAqhyW1/ez0pHLxvbuQIDAQABo4ICujCCArYwHQYDVR0OBBYEFPxEcO3s pKZ8IrHUZwugwFQLHBPNMB8GA1UdIwQYMBaAFG5Oab4T1hOnAnTAznc4OSPxVict MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzMEE1My83MUI3RDQ3MEFC NEExMUVBODlEMTYzNTlDNEY5QUUwMi9iazVwdmhQV0U2Y0NkTURPZHpnNUlfRldK eTAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2JrNXB2aFBXRTZjQ2RNRE9kemc1SV9GV0p5MC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MzBBNTMvNzFCN0Q0NzBBQjRBMTFFQTg5RDE2MzU5QzRGOUFFMDIvRjJDRDg5QUFB QjRCMTFFQUEyQ0E1ODVCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwRAYIKwYBBQUHAQcBAf8E NTAzMAwEAgABMAYDBAFnFHowIwQCAAIwHTASAwcAJAUlAAAlAwcAJAUlAAAmAwcA JAUlAABlMA0GCSqGSIb3DQEBCwUAA4IBAQATctcFj9UfdO8NjZk6CZ1YMh+Fpm65 VlHifz1zC34zrfrrPqVxoJ6sm5ASR5re47JeX2whmJKfNvBkWMiDZOVxTsvB/Lbg CHO7BQSmw+hLF5jP83v46DBTlC2roh5MmjRgSUppXsqHLnEWvhVvrWkwX/p/rpbq fJDoaAnRM6YbMeSYlijSpCGyJmSXnXpNt9pJLJzbRKE1yOLa6IX+MvZTL6VmdTO5 d2pee8/JtSEtT67ak7sVPBIYwS/S/fbaLgAR/Nl0u6tJGABI9TnU9Z4iV7zxpDlV i8JJG1R4v/LSW94JYRgClWDyqGUJNiWf1fXqNOPaq6aEBjdkrlIzyF8y -----END CERTIFICATE-----Generated at Mon May 20 22:57:16 2024 by rpki-client on console-ams.rpki-client.org