$ rpki-client -vvf rpki.apnic.net/member_repository/A9149F3E/AC52B7481D8211E2BC6417D708B02CD2/4E211A5C408A11EE91A09746C4F9AE02.roa File: 4E211A5C408A11EE91A09746C4F9AE02.roa (raw, json) Hash identifier: j0ZJiNEdhad5gcAQx0kFDN85kG9IdmI9c0llM8kl948= Subject key identifier: A7:40:35:0F:DF:46:08:06:30:87:CD:DE:F7:9A:D2:06:22:E3:B4:33 Certificate issuer: /CN=A9149F3E/serialNumber=EB389FB339B3908D549A65390C92E15F9DF7C54B Certificate serial: 350B Authority key identifier: EB:38:9F:B3:39:B3:90:8D:54:9A:65:39:0C:92:E1:5F:9D:F7:C5:4B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6zifszmzkI1UmmU5DJLhX533xUs.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9149F3E/AC52B7481D8211E2BC6417D708B02CD2/4E211A5C408A11EE91A09746C4F9AE02.roa Signing time: Wed 08 Nov 2023 00:18:19 +0000 ROA not before: Wed 08 Nov 2023 00:18:19 +0000 ROA not after: Sat 31 Aug 2024 00:00:00 +0000 asID: 16509 IP address blocks: 103.104.86.0/24 maxlen: 24 103.182.250.0/24 maxlen: 24 103.182.251.0/24 maxlen: 24 103.188.89.0/24 maxlen: 24 144.48.40.0/22 maxlen: 24 203.191.134.0/24 maxlen: 24 203.191.135.0/24 maxlen: 24 211.44.103.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9149F3E/AC52B7481D8211E2BC6417D708B02CD2/6zifszmzkI1UmmU5DJLhX533xUs.crl rsync://rpki.apnic.net/member_repository/A9149F3E/AC52B7481D8211E2BC6417D708B02CD2/6zifszmzkI1UmmU5DJLhX533xUs.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6zifszmzkI1UmmU5DJLhX533xUs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 09 May 2024 14:23:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13579 (0x350b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9149F3E/serialNumber=EB389FB339B3908D549A65390C92E15F9DF7C54B Validity Not Before: Nov 8 00:18:19 2023 GMT Not After : Aug 31 00:00:00 2024 GMT Subject: CN=654ad3cb-416e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:b5:d5:e3:3d:84:c2:56:31:79:25:8b:20:2c: 57:af:5a:a2:6f:15:0d:8b:78:a7:c0:55:53:73:1a: 49:e8:12:5c:8f:20:7f:5d:e0:d5:83:4a:4d:9b:20: 08:56:37:48:d1:ea:78:50:cd:2c:af:d3:bf:40:3b: 63:1d:e3:f5:47:a0:c9:5d:8b:17:50:0c:26:b7:d7: 25:0e:73:89:2e:f6:45:cf:b2:51:48:a8:28:2d:92: c4:64:3a:cd:2c:9c:27:55:c9:42:38:d8:38:f9:44: 57:79:59:bc:68:86:96:82:0c:24:1e:6d:9a:4c:6c: 39:2e:c0:56:b9:30:11:3e:eb:09:ab:55:c1:8e:de: 0c:34:a8:8b:a5:50:83:12:a4:8a:af:c1:94:68:6c: 7e:29:14:76:40:58:80:14:3f:9e:22:4b:12:6b:5b: 86:a9:d8:0d:b9:85:c5:87:99:22:70:f1:53:76:31: e4:42:77:2e:a9:06:11:16:31:86:5e:69:05:32:47: 30:32:c8:9e:57:69:71:0f:84:4d:9f:9a:9d:f8:ea: 84:d0:cf:6a:93:c5:75:92:03:48:ef:16:b4:95:60: 55:6b:ae:b0:32:8f:ca:6a:03:bb:5a:eb:99:9f:da: 38:bc:ff:a0:a8:bb:9a:6f:ff:e1:2b:fb:81:e2:d4: 6b:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A7:40:35:0F:DF:46:08:06:30:87:CD:DE:F7:9A:D2:06:22:E3:B4:33 X509v3 Authority Key Identifier: keyid:EB:38:9F:B3:39:B3:90:8D:54:9A:65:39:0C:92:E1:5F:9D:F7:C5:4B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9149F3E/AC52B7481D8211E2BC6417D708B02CD2/6zifszmzkI1UmmU5DJLhX533xUs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6zifszmzkI1UmmU5DJLhX533xUs.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9149F3E/AC52B7481D8211E2BC6417D708B02CD2/4E211A5C408A11EE91A09746C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.104.86.0/24 103.182.250.0/23 103.188.89.0/24 144.48.40.0/22 203.191.134.0/23 211.44.103.0/24 Signature Algorithm: sha256WithRSAEncryption a1:36:ea:7e:d4:07:39:45:a7:8a:af:9c:2a:b1:a2:17:7a:df: c6:0d:d9:56:f6:77:c5:f2:9a:40:ea:b5:3b:1b:b8:99:18:84: ab:9b:19:45:ce:cf:cc:a4:37:41:51:53:84:8f:5d:21:23:5d: 91:c9:58:8d:38:80:c9:bf:ca:3f:17:b6:22:04:b6:82:52:ea: 6b:a0:22:1a:70:83:8e:7b:43:9f:d5:7c:9c:15:2c:88:23:c1: 46:ec:cc:2d:c5:28:f3:53:18:b6:d3:f3:06:72:11:7f:ac:0e: 6e:f0:e7:e9:2a:08:70:31:96:0b:fa:3a:1a:ac:f8:1c:91:00: ad:ba:db:f7:16:c0:71:27:8d:db:f0:2d:f7:cf:1e:37:e0:09: b4:13:f8:dc:2a:ad:1f:44:59:49:b9:cf:42:d6:c1:5a:db:43: 22:85:b5:83:c9:8b:07:2f:0b:6d:27:04:cb:17:5b:d1:34:c8: d2:51:4a:0a:32:85:1f:f2:c6:30:cb:0c:f4:58:9b:01:ee:fd: df:67:5f:45:f2:0b:d6:ae:17:02:6c:0f:a3:0d:d2:5e:80:67: f0:65:4d:20:a6:ac:45:f6:20:20:77:9f:67:05:e6:43:35:8b: f8:66:a4:f0:fa:23:3c:1c:36:71:1b:c1:70:f8:ed:c6:9d:a4: 15:eb:9c:e0 -----BEGIN CERTIFICATE----- MIIFjzCCBHegAwIBAgICNQswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDlGM0UxMTAvBgNVBAUTKEVCMzg5RkIzMzlCMzkwOEQ1NDlBNjUzOTBDOTJFMTVG OURGN0M1NEIwHhcNMjMxMTA4MDAxODE5WhcNMjQwODMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NTRhZDNjYi00MTZlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwLXV4z2EwlYxeSWLICxXr1qibxUNi3inwFVTcxpJ6BJcjyB/XeDVg0pNmyAI VjdI0ep4UM0sr9O/QDtjHeP1R6DJXYsXUAwmt9clDnOJLvZFz7JRSKgoLZLEZDrN LJwnVclCONg4+URXeVm8aIaWggwkHm2aTGw5LsBWuTARPusJq1XBjt4MNKiLpVCD EqSKr8GUaGx+KRR2QFiAFD+eIksSa1uGqdgNuYXFh5kicPFTdjHkQncuqQYRFjGG XmkFMkcwMsieV2lxD4RNn5qd+OqE0M9qk8V1kgNI7xa0lWBVa66wMo/KagO7WuuZ n9o4vP+gqLuab//hK/uB4tRrRQIDAQABo4ICszCCAq8wHQYDVR0OBBYEFKdANQ/f RggGMIfN3vea0gYi47QzMB8GA1UdIwQYMBaAFOs4n7M5s5CNVJplOQyS4V+d98VL MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0OUYzRS9BQzUyQjc0ODFE ODIxMUUyQkM2NDE3RDcwOEIwMkNEMi82emlmc3ptemtJMVVtbVU1REpMaFg1MzN4 VXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzZ6aWZzem16a0kxVW1tVTVESkxoWDUzM3hVcy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NDlGM0UvQUM1MkI3NDgxRDgyMTFFMkJDNjQxN0Q3MDhCMDJDRDIvNEUyMTFBNUM0 MDhBMTFFRTkxQTA5NzQ2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwPQYIKwYBBQUHAQcBAf8E LjAsMCoEAgABMCQDBABnaFYDBAFntvoDBABnvFkDBAKQMCgDBAHLv4YDBADTLGcw DQYJKoZIhvcNAQELBQADggEBAKE26n7UBzlFp4qvnCqxohd638YN2Vb2d8XymkDq tTsbuJkYhKubGUXOz8ykN0FRU4SPXSEjXZHJWI04gMm/yj8XtiIEtoJS6mugIhpw g457Q5/VfJwVLIgjwUbszC3FKPNTGLbT8wZyEX+sDm7w5+kqCHAxlgv6Ohqs+ByR AK262/cWwHEnjdvwLffPHjfgCbQT+NwqrR9EWUm5z0LWwVrbQyKFtYPJiwcvC20n BMsXW9E0yNJRSgoyhR/yxjDLDPRYmwHu/d9nX0XyC9auFwJsD6MN0l6AZ/BlTSCm rEX2ICB3n2cF5kM1i/hmpPD6IzwcNnEbwXD47cadpBXrnOA= -----END CERTIFICATE-----Generated at Thu May 2 17:18:28 2024 by rpki-client on console-ams.rpki-client.org