$ rpki-client -vvf rpki.apnic.net/member_repository/A913344F/94FFBAA0250F11E990DDE36CC4F9AE02/2CDBC1B0251111E997B74770C4F9AE02.roa File: 2CDBC1B0251111E997B74770C4F9AE02.roa (raw, json) Hash identifier: gvG1ZqQraEFhN08IlgwALzbDtTjdZshIJN/OLKpgb4Y= Subject key identifier: 0A:78:FA:E5:1C:DE:C0:3E:3F:E2:B3:74:0D:FC:66:30:6C:60:C8:60 Certificate issuer: /CN=A913344F/serialNumber=AD21E2A0887D8010588369F1478596028477CDBE Certificate serial: 0F68 Authority key identifier: AD:21:E2:A0:88:7D:80:10:58:83:69:F1:47:85:96:02:84:77:CD:BE Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rSHioIh9gBBYg2nxR4WWAoR3zb4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A913344F/94FFBAA0250F11E990DDE36CC4F9AE02/2CDBC1B0251111E997B74770C4F9AE02.roa Signing time: Sat 12 Aug 2023 17:55:02 +0000 ROA not before: Sat 12 Aug 2023 17:55:02 +0000 ROA not after: Thu 31 Oct 2024 00:00:00 +0000 asID: 137989 IP address blocks: 103.119.152.0/22 maxlen: 22 103.119.152.0/24 maxlen: 24 103.119.153.0/24 maxlen: 24 103.119.154.0/24 maxlen: 24 103.119.155.0/24 maxlen: 24 2403:45c0::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A913344F/94FFBAA0250F11E990DDE36CC4F9AE02/rSHioIh9gBBYg2nxR4WWAoR3zb4.crl rsync://rpki.apnic.net/member_repository/A913344F/94FFBAA0250F11E990DDE36CC4F9AE02/rSHioIh9gBBYg2nxR4WWAoR3zb4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rSHioIh9gBBYg2nxR4WWAoR3zb4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 31 May 2024 17:33:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3944 (0xf68) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A913344F/serialNumber=AD21E2A0887D8010588369F1478596028477CDBE Validity Not Before: Aug 12 17:55:02 2023 GMT Not After : Oct 31 00:00:00 2024 GMT Subject: CN=64d7c776-18cc Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9b:07:1b:61:70:99:57:e5:46:0e:a8:11:23:ff: 61:68:6b:39:27:46:be:52:15:e0:8f:20:76:df:61: 87:df:15:c2:7f:f8:ec:3d:13:e7:15:18:86:78:3c: d0:6b:69:45:2c:76:a8:0f:58:91:f4:28:c3:f7:67: 9e:e0:25:eb:33:5f:de:90:08:e0:41:21:3f:be:af: 16:b4:54:9d:c9:87:26:2f:74:1f:54:2b:b7:6f:c2: 87:f7:fe:20:e8:c5:54:7f:41:14:49:c6:82:92:15: 97:8e:45:f6:91:4c:0a:b1:c8:b9:0e:24:b7:8d:ff: ea:e1:3a:b0:40:f6:da:7e:d2:87:cf:58:78:f4:f8: 97:5b:b1:04:3f:61:17:3c:5f:fd:7d:a4:f7:55:2a: 33:ac:32:fe:97:1e:f3:c3:6f:3f:a0:a3:0e:9a:d8: c8:5a:65:7e:34:dd:f5:1b:7c:04:51:eb:f1:3f:1e: 8d:d6:3b:18:2d:55:ec:e6:46:c7:73:03:e6:74:40: 29:ed:b8:8e:54:06:ce:30:51:01:2d:0c:61:8a:79: 51:3c:37:70:29:65:7d:b9:e2:7c:ef:ef:b7:37:fe: 9b:7e:71:b3:36:7a:ed:47:a4:7c:24:18:15:ba:1f: 15:de:d1:30:5e:34:08:00:8e:85:b6:aa:9e:bf:d8: f4:91 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0A:78:FA:E5:1C:DE:C0:3E:3F:E2:B3:74:0D:FC:66:30:6C:60:C8:60 X509v3 Authority Key Identifier: keyid:AD:21:E2:A0:88:7D:80:10:58:83:69:F1:47:85:96:02:84:77:CD:BE X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A913344F/94FFBAA0250F11E990DDE36CC4F9AE02/rSHioIh9gBBYg2nxR4WWAoR3zb4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rSHioIh9gBBYg2nxR4WWAoR3zb4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913344F/94FFBAA0250F11E990DDE36CC4F9AE02/2CDBC1B0251111E997B74770C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.119.152.0/22 IPv6: 2403:45c0::/32 Signature Algorithm: sha256WithRSAEncryption 8e:9f:83:1b:e3:ff:eb:df:14:e9:50:5e:0b:55:b4:c9:7d:24: 20:ff:d5:72:75:31:61:28:e3:c4:20:88:f2:79:c9:45:cb:12: 82:c9:10:c3:d8:a7:f3:85:61:4f:4d:ad:a0:06:b8:b7:15:40: 8c:27:d3:45:08:fb:55:63:c1:28:56:40:da:20:d5:66:bd:0e: 35:6b:82:61:20:cc:84:7a:dd:12:58:84:21:7f:72:df:98:29: 52:d1:5d:ab:aa:c6:90:f5:fb:6c:39:5b:57:09:e8:fb:59:f6: 2c:01:d2:45:05:f8:bc:a1:5a:7e:1b:5c:09:0f:f1:90:34:8f: 13:4e:7d:49:84:f2:cc:6b:e9:e8:e9:9f:27:80:2e:d8:fd:1f: 1a:55:d3:60:aa:c5:90:b0:e9:a2:db:b2:05:aa:f7:18:ff:5f: f5:1f:02:83:34:81:e6:f6:ee:a5:36:c2:e0:91:6f:6f:88:dc: 6c:e0:a6:22:71:70:8d:73:3e:85:b2:6f:db:fe:94:0f:37:d7: 0d:d2:c2:49:93:c6:f8:64:92:2f:ad:38:42:a2:0f:1e:f2:46: f3:b3:e0:9d:20:30:65:04:d5:44:97:0a:64:e1:eb:c5:b2:99: ac:b2:49:d3:b1:e4:5f:5a:6e:31:11:c8:5e:7a:a4:d6:1e:ef: 6f:4e:95:1d -----BEGIN CERTIFICATE----- MIIFgDCCBGigAwIBAgICD2gwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MzM0NEYxMTAvBgNVBAUTKEFEMjFFMkEwODg3RDgwMTA1ODgzNjlGMTQ3ODU5NjAy ODQ3N0NEQkUwHhcNMjMwODEyMTc1NTAyWhcNMjQxMDMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NGQ3Yzc3Ni0xOGNjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAmwcbYXCZV+VGDqgRI/9haGs5J0a+UhXgjyB232GH3xXCf/jsPRPnFRiGeDzQ a2lFLHaoD1iR9CjD92ee4CXrM1/ekAjgQSE/vq8WtFSdyYcmL3QfVCu3b8KH9/4g 6MVUf0EUScaCkhWXjkX2kUwKsci5DiS3jf/q4TqwQPbaftKHz1h49PiXW7EEP2EX PF/9faT3VSozrDL+lx7zw28/oKMOmtjIWmV+NN31G3wEUevxPx6N1jsYLVXs5kbH cwPmdEAp7biOVAbOMFEBLQxhinlRPDdwKWV9ueJ87++3N/6bfnGzNnrtR6R8JBgV uh8V3tEwXjQIAI6Ftqqev9j0kQIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFAp4+uUc 3sA+P+KzdA38ZjBsYMhgMB8GA1UdIwQYMBaAFK0h4qCIfYAQWINp8UeFlgKEd82+ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzMzQ0Ri85NEZGQkFBMDI1 MEYxMUU5OTBEREUzNkNDNEY5QUUwMi9yU0hpb0loOWdCQllnMm54UjRXV0FvUjN6 YjQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3JTSGlvSWg5Z0JCWWcybnhSNFdXQW9SM3piNC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MzM0NEYvOTRGRkJBQTAyNTBGMTFFOTkwRERFMzZDQzRGOUFFMDIvMkNEQkMxQjAy NTExMTFFOTk3Qjc0NzcwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E HzAdMAwEAgABMAYDBAJnd5gwDQQCAAIwBwMFACQDRcAwDQYJKoZIhvcNAQELBQAD ggEBAI6fgxvj/+vfFOlQXgtVtMl9JCD/1XJ1MWEo48QgiPJ5yUXLEoLJEMPYp/OF YU9NraAGuLcVQIwn00UI+1VjwShWQNog1Wa9DjVrgmEgzIR63RJYhCF/ct+YKVLR XauqxpD1+2w5W1cJ6PtZ9iwB0kUF+LyhWn4bXAkP8ZA0jxNOfUmE8sxr6ejpnyeA Ltj9HxpV02CqxZCw6aLbsgWq9xj/X/UfAoM0geb27qU2wuCRb2+I3GzgpiJxcI1z PoWyb9v+lA831w3SwkmTxvhkki+tOEKiDx7yRvOz4J0gMGUE1USXCmTh68Wymayy SdOx5F9abjERyF56pNYe729OlR0= -----END CERTIFICATE-----Generated at Fri May 24 18:40:26 2024 by rpki-client on console-fra.rpki-client.org