$ rpki-client -vvf rpki.apnic.net/member_repository/A91422D7/5B9F71D2ED3011ECBF07F012C4F9AE02/CE5F74E2BE5811EEA8C02E2AC4F9AE02.roa File: CE5F74E2BE5811EEA8C02E2AC4F9AE02.roa (raw, json) Hash identifier: k4Chq2lqiGzoqEasmQmEC+5Q++/tI0HHgdydrDE9lac= Subject key identifier: 37:82:8F:5C:73:CF:F9:94:97:6D:BE:DC:21:CE:00:FB:1A:19:3F:A6 Certificate issuer: /CN=A91422D7/serialNumber=AC6A22F1E4E1650ACFB5289F5DCB5D53920FCF34 Certificate serial: 02 Authority key identifier: AC:6A:22:F1:E4:E1:65:0A:CF:B5:28:9F:5D:CB:5D:53:92:0F:CF:34 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rGoi8eThZQrPtSifXctdU5IPzzQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91422D7/5B9F71D2ED3011ECBF07F012C4F9AE02/CE5F74E2BE5811EEA8C02E2AC4F9AE02.roa Signing time: Mon 29 Jan 2024 03:45:12 +0000 ROA not before: Mon 29 Jan 2024 03:45:12 +0000 ROA not after: Sun 01 Dec 2024 00:00:00 +0000 asID: 132686 IP address blocks: 103.73.236.0/22 maxlen: 22 103.73.236.0/24 maxlen: 24 103.73.237.0/24 maxlen: 24 103.73.238.0/24 maxlen: 24 103.73.239.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91422D7/5B9F71D2ED3011ECBF07F012C4F9AE02/rGoi8eThZQrPtSifXctdU5IPzzQ.crl rsync://rpki.apnic.net/member_repository/A91422D7/5B9F71D2ED3011ECBF07F012C4F9AE02/rGoi8eThZQrPtSifXctdU5IPzzQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rGoi8eThZQrPtSifXctdU5IPzzQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 05 Jun 2024 04:34:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2 (0x2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91422D7/serialNumber=AC6A22F1E4E1650ACFB5289F5DCB5D53920FCF34 Validity Not Before: Jan 29 03:45:12 2024 GMT Not After : Dec 1 00:00:00 2024 GMT Subject: CN=65b71f48-7d21 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ea:b9:88:97:15:1e:ef:d2:6c:7f:b1:6d:7c:99: ae:e5:34:0e:f8:a2:b9:fb:15:6f:75:2f:41:12:15: 10:b0:a4:07:bf:50:d6:fb:ac:74:81:72:db:0b:c6: cc:35:28:ab:e3:7b:32:9b:c5:4f:b6:a1:7f:55:48: 1b:82:b7:02:bf:d9:cc:53:8d:0f:f0:d6:18:55:75: e7:bc:40:06:15:17:e3:9d:b6:65:cb:af:45:44:a8: a8:c5:44:e6:f5:52:27:9d:98:9f:84:09:62:9b:15: f2:a2:ca:77:5c:b1:ad:04:3a:c9:81:7d:de:8d:1e: b1:cc:f2:61:3c:e1:76:14:b9:07:57:bf:e9:76:af: b4:d2:e0:88:e0:94:7f:fb:9d:29:4f:47:ab:f6:bd: 2f:8d:dc:cb:4f:c9:38:c3:99:d9:9e:24:09:e4:3c: c8:d1:42:57:b2:a7:e7:f2:a7:eb:c6:de:eb:97:cf: df:60:78:1e:c5:56:d6:68:4c:b3:2a:20:78:04:f2: 66:d0:6e:1b:24:eb:7d:dc:34:a4:8c:bc:fc:54:5d: 5b:03:ad:72:d5:ab:3f:60:0f:ce:b1:3d:65:9d:a4: 7f:a4:3b:42:80:e4:04:2b:3e:bb:b7:97:53:95:b7: 7a:e6:a7:da:77:f1:b6:bc:53:81:f0:5d:6d:72:59: 69:fb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 37:82:8F:5C:73:CF:F9:94:97:6D:BE:DC:21:CE:00:FB:1A:19:3F:A6 X509v3 Authority Key Identifier: keyid:AC:6A:22:F1:E4:E1:65:0A:CF:B5:28:9F:5D:CB:5D:53:92:0F:CF:34 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91422D7/5B9F71D2ED3011ECBF07F012C4F9AE02/rGoi8eThZQrPtSifXctdU5IPzzQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rGoi8eThZQrPtSifXctdU5IPzzQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91422D7/5B9F71D2ED3011ECBF07F012C4F9AE02/CE5F74E2BE5811EEA8C02E2AC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.73.236.0/22 Signature Algorithm: sha256WithRSAEncryption b3:a3:96:f7:f7:05:5b:98:84:32:6b:5c:bd:4c:c6:d9:72:38: 23:8b:1b:68:db:ef:51:23:01:1d:4d:a0:8e:27:3d:c7:b7:54: f2:e9:e7:62:f0:bc:44:02:a2:7d:0d:7a:e5:94:44:e7:a5:a4: 2c:5c:f8:83:e9:f2:87:70:3b:f0:65:c6:dd:50:00:24:66:2b: a9:d5:85:3d:6a:19:f9:b3:18:56:11:ff:53:56:2a:da:b5:2d: a1:09:16:de:e0:bf:1f:ee:aa:60:33:01:69:38:95:56:98:b1: 26:fb:3b:46:69:93:e0:5c:71:46:3c:1e:90:e9:8a:64:75:31: 0e:10:9b:1b:32:2d:7b:49:65:a9:e2:73:89:91:de:bf:68:b8: e4:e4:c4:dd:5a:92:1b:a6:f9:58:18:84:42:53:8d:9c:7c:30: 63:3a:ac:5c:0c:6f:6f:04:fb:5e:46:6d:da:94:0d:4f:1b:cc: a4:db:cc:6c:d8:c1:38:59:05:a4:f8:48:24:ab:9a:1a:f4:c4: e8:e7:9b:4a:a5:7a:3a:6f:72:79:14:09:f2:ca:de:38:24:0f: 8e:33:77:f3:75:98:24:1a:bb:db:d9:49:c5:85:5d:fb:c9:0f: a3:81:f1:7c:c5:1e:44:e5:f3:7e:ee:70:9c:2d:09:8d:e0:3a: f3:cd:43:22 -----BEGIN CERTIFICATE----- MIIFcDCCBFigAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE0 MjJENzExMC8GA1UEBRMoQUM2QTIyRjFFNEUxNjUwQUNGQjUyODlGNURDQjVENTM5 MjBGQ0YzNDAeFw0yNDAxMjkwMzQ1MTJaFw0yNDEyMDEwMDAwMDBaMBgxFjAUBgNV BAMTDTY1YjcxZjQ4LTdkMjEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDquYiXFR7v0mx/sW18ma7lNA74orn7FW91L0ESFRCwpAe/UNb7rHSBctsLxsw1 KKvjezKbxU+2oX9VSBuCtwK/2cxTjQ/w1hhVdee8QAYVF+OdtmXLr0VEqKjFROb1 UiedmJ+ECWKbFfKiyndcsa0EOsmBfd6NHrHM8mE84XYUuQdXv+l2r7TS4IjglH/7 nSlPR6v2vS+N3MtPyTjDmdmeJAnkPMjRQleyp+fyp+vG3uuXz99geB7FVtZoTLMq IHgE8mbQbhsk633cNKSMvPxUXVsDrXLVqz9gD86xPWWdpH+kO0KA5AQrPru3l1OV t3rmp9p38ba8U4HwXW1yWWn7AgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUN4KPXHPP +ZSXbb7cIc4A+xoZP6YwHwYDVR0jBBgwFoAUrGoi8eThZQrPtSifXctdU5IPzzQw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTQyMkQ3LzVCOUY3MUQyRUQz MDExRUNCRjA3RjAxMkM0RjlBRTAyL3JHb2k4ZVRoWlFyUHRTaWZYY3RkVTVJUHp6 US5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvckdvaThlVGhaUXJQdFNpZlhjdGRVNUlQenpRLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 MjJENy81QjlGNzFEMkVEMzAxMUVDQkYwN0YwMTJDNEY5QUUwMi9DRTVGNzRFMkJF NTgxMUVFQThDMDJFMkFDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ MA4wDAQCAAEwBgMEAmdJ7DANBgkqhkiG9w0BAQsFAAOCAQEAs6OW9/cFW5iEMmtc vUzG2XI4I4sbaNvvUSMBHU2gjic9x7dU8unnYvC8RAKifQ165ZRE56WkLFz4g+ny h3A78GXG3VAAJGYrqdWFPWoZ+bMYVhH/U1Yq2rUtoQkW3uC/H+6qYDMBaTiVVpix Jvs7RmmT4FxxRjwekOmKZHUxDhCbGzIte0llqeJziZHev2i45OTE3VqSG6b5WBiE QlONnHwwYzqsXAxvbwT7XkZt2pQNTxvMpNvMbNjBOFkFpPhIJKuaGvTE6OebSqV6 Om9yeRQJ8sreOCQPjjN383WYJBq729lJxYVd+8kPo4HxfMUeROXzfu5wnC0JjeA6 881DIg== -----END CERTIFICATE-----Generated at Wed May 29 05:26:28 2024 by rpki-client on console-fra.rpki-client.org