$ rpki-client -vvf rpki.apnic.net/member_repository/A9136EC5/2DECAE560E5611E4B6F1953AC4F9AE02/8B903A32353211EBB3D0487FC4F9AE02.roa File: 8B903A32353211EBB3D0487FC4F9AE02.roa (raw, json) Hash identifier: x+l1AZhaE2EQsLNkr34oVRQM5UjzndUuKfVANsc9uB0= Subject key identifier: 7E:86:B6:A1:F2:BA:40:28:70:2F:71:5C:5E:14:50:0D:59:40:B7:6E Certificate issuer: /CN=A9136EC5/serialNumber=9FCE28914C50DC99755F108AB4334F772CBEA0E2 Certificate serial: 29CA Authority key identifier: 9F:CE:28:91:4C:50:DC:99:75:5F:10:8A:B4:33:4F:77:2C:BE:A0:E2 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/n84okUxQ3Jl1XxCKtDNPdyy-oOI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9136EC5/2DECAE560E5611E4B6F1953AC4F9AE02/8B903A32353211EBB3D0487FC4F9AE02.roa Signing time: Wed 20 Sep 2023 15:52:01 +0000 ROA not before: Wed 20 Sep 2023 15:52:01 +0000 ROA not after: Sun 01 Dec 2024 00:00:00 +0000 asID: 38719 IP address blocks: 43.245.96.0/22 maxlen: 24 43.245.108.0/22 maxlen: 24 43.245.252.0/22 maxlen: 24 101.100.192.0/18 maxlen: 24 103.9.100.0/22 maxlen: 24 103.11.188.0/22 maxlen: 24 103.15.232.0/22 maxlen: 24 103.245.92.0/22 maxlen: 24 111.235.136.0/22 maxlen: 24 119.31.232.0/21 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9136EC5/2DECAE560E5611E4B6F1953AC4F9AE02/n84okUxQ3Jl1XxCKtDNPdyy-oOI.crl rsync://rpki.apnic.net/member_repository/A9136EC5/2DECAE560E5611E4B6F1953AC4F9AE02/n84okUxQ3Jl1XxCKtDNPdyy-oOI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/n84okUxQ3Jl1XxCKtDNPdyy-oOI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 23 May 2024 15:54:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 10698 (0x29ca) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9136EC5/serialNumber=9FCE28914C50DC99755F108AB4334F772CBEA0E2 Validity Not Before: Sep 20 15:52:01 2023 GMT Not After : Dec 1 00:00:00 2024 GMT Subject: CN=650b1520-0bbb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:e1:95:dc:ae:be:bc:b9:d8:b0:ad:89:4c:d9: bd:2d:3d:b2:5f:d8:c2:50:f8:44:9e:9a:3b:97:e3: fd:df:06:71:6e:c6:6b:d7:d5:a5:13:44:dd:9d:dd: 6d:fb:40:2b:20:c6:78:d5:c9:9b:b9:95:e4:83:22: 5d:32:b4:25:39:35:4e:48:cf:de:c5:10:4f:bd:e8: fc:3d:e8:41:99:87:ee:2d:28:63:8b:33:dc:72:5d: c4:6f:7b:6d:09:ef:ee:75:79:fe:16:b7:3d:ec:aa: 22:3c:2f:4e:9d:04:1c:b7:bc:53:e0:4b:b0:ff:39: 90:4c:18:60:29:68:11:e8:1a:9b:6f:50:c8:2c:55: b5:ff:a1:c8:d0:bc:30:6b:03:07:dc:9e:4f:b1:76: be:ee:b0:93:81:80:40:91:b3:a4:d2:c4:d2:34:0a: 75:a8:dd:8b:06:16:23:df:cf:82:97:43:30:f1:a5: 2c:68:dd:43:21:ad:13:44:7f:f1:bb:c6:77:35:72: 61:50:8b:c5:77:b7:54:79:b9:6d:2f:79:6b:40:29: 74:b0:49:d4:ac:34:ef:33:1a:3b:00:53:33:39:09: c5:a0:ca:db:8e:8b:e9:2e:16:4f:05:55:1d:94:c2: 37:c9:b5:99:63:bc:d4:ef:84:fc:29:ee:0a:29:f7: 23:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7E:86:B6:A1:F2:BA:40:28:70:2F:71:5C:5E:14:50:0D:59:40:B7:6E X509v3 Authority Key Identifier: keyid:9F:CE:28:91:4C:50:DC:99:75:5F:10:8A:B4:33:4F:77:2C:BE:A0:E2 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9136EC5/2DECAE560E5611E4B6F1953AC4F9AE02/n84okUxQ3Jl1XxCKtDNPdyy-oOI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/n84okUxQ3Jl1XxCKtDNPdyy-oOI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9136EC5/2DECAE560E5611E4B6F1953AC4F9AE02/8B903A32353211EBB3D0487FC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.245.96.0/22 43.245.108.0/22 43.245.252.0/22 101.100.192.0/18 103.9.100.0/22 103.11.188.0/22 103.15.232.0/22 103.245.92.0/22 111.235.136.0/22 119.31.232.0/21 Signature Algorithm: sha256WithRSAEncryption b7:f4:b8:ae:69:ee:0a:0e:d5:07:b3:c1:76:f3:a2:9d:cb:e8: 46:79:a8:a2:2c:5f:f7:51:3c:ed:53:11:ae:8b:25:0e:26:7e: 57:00:a1:c4:65:77:29:4c:df:52:62:d4:45:b2:8e:0a:cd:25: ad:b5:2d:e5:1d:68:e6:df:4f:7a:ed:f5:db:ee:41:b2:03:92: bd:2e:d2:14:75:be:4b:17:4a:7c:24:94:39:3b:89:09:8f:0e: be:24:35:67:af:22:fd:eb:cb:d0:ec:92:3c:fc:81:8f:9f:24: 7b:c3:4b:40:54:61:da:b2:04:e7:a9:19:dd:f6:c5:8b:88:97: 69:5b:7f:03:c8:cd:91:64:4e:de:dc:ec:b1:7e:44:31:e1:4c: 5b:6c:a7:91:9e:1b:09:5e:33:92:67:8e:d6:6d:dc:f9:28:0a: 86:be:e0:58:08:10:f2:4c:ba:45:ca:86:eb:9c:dd:1f:7f:fa: 24:a6:9d:02:6f:cd:5d:b5:15:93:2a:74:46:4f:2d:08:0e:6b: 38:60:1f:f4:07:33:7f:40:26:0d:22:f4:52:1d:27:11:c3:b7: 5a:01:61:b0:1f:b2:8e:6b:7a:2c:bc:ec:02:47:00:c9:81:1f: 9c:9c:bf:9f:c2:be:36:1d:33:19:94:02:2a:4b:1c:1d:90:50: 7a:64:2b:d2 -----BEGIN CERTIFICATE----- MIIFpzCCBI+gAwIBAgICKcowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MzZFQzUxMTAvBgNVBAUTKDlGQ0UyODkxNEM1MERDOTk3NTVGMTA4QUI0MzM0Rjc3 MkNCRUEwRTIwHhcNMjMwOTIwMTU1MjAxWhcNMjQxMjAxMDAwMDAwWjAYMRYwFAYD VQQDEw02NTBiMTUyMC0wYmJiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAt+GV3K6+vLnYsK2JTNm9LT2yX9jCUPhEnpo7l+P93wZxbsZr19WlE0Tdnd1t +0ArIMZ41cmbuZXkgyJdMrQlOTVOSM/exRBPvej8PehBmYfuLShjizPccl3Eb3tt Ce/udXn+Frc97KoiPC9OnQQct7xT4Euw/zmQTBhgKWgR6Bqbb1DILFW1/6HI0Lww awMH3J5PsXa+7rCTgYBAkbOk0sTSNAp1qN2LBhYj38+Cl0Mw8aUsaN1DIa0TRH/x u8Z3NXJhUIvFd7dUebltL3lrQCl0sEnUrDTvMxo7AFMzOQnFoMrbjovpLhZPBVUd lMI3ybWZY7zU74T8Ke4KKfcjawIDAQABo4ICyzCCAscwHQYDVR0OBBYEFH6GtqHy ukAocC9xXF4UUA1ZQLduMB8GA1UdIwQYMBaAFJ/OKJFMUNyZdV8QirQzT3csvqDi MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzNkVDNS8yREVDQUU1NjBF NTYxMUU0QjZGMTk1M0FDNEY5QUUwMi9uODRva1V4UTNKbDFYeENLdEROUGR5eS1v T0kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL244NG9rVXhRM0psMVh4Q0t0RE5QZHl5LW9PSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MzZFQzUvMkRFQ0FFNTYwRTU2MTFFNEI2RjE5NTNBQzRGOUFFMDIvOEI5MDNBMzIz NTMyMTFFQkIzRDA0ODdGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwVQYIKwYBBQUHAQcBAf8E RjBEMEIEAgABMDwDBAIr9WADBAIr9WwDBAIr9fwDBAZlZMADBAJnCWQDBAJnC7wD BAJnD+gDBAJn9VwDBAJv64gDBAN3H+gwDQYJKoZIhvcNAQELBQADggEBALf0uK5p 7goO1QezwXbzop3L6EZ5qKIsX/dRPO1TEa6LJQ4mflcAocRldylM31Ji1EWyjgrN Ja21LeUdaObfT3rt9dvuQbIDkr0u0hR1vksXSnwklDk7iQmPDr4kNWevIv3ry9Ds kjz8gY+fJHvDS0BUYdqyBOepGd32xYuIl2lbfwPIzZFkTt7c7LF+RDHhTFtsp5Ge GwleM5JnjtZt3PkoCoa+4FgIEPJMukXKhuuc3R9/+iSmnQJvzV21FZMqdEZPLQgO azhgH/QHM39AJg0i9FIdJxHDt1oBYbAfso5reiy87AJHAMmBH5ycv5/CvjYdMxmU AipLHB2QUHpkK9I= -----END CERTIFICATE-----Generated at Thu May 16 17:51:18 2024 by rpki-client on console-ams.rpki-client.org