$ rpki-client -vvf rpki.apnic.net/member_repository/A91546FB/1E5C938A01E511EDBA7BA90EC4F9AE02/398C7DEE01E711EDB2C82D0FC4F9AE02.roa File: 398C7DEE01E711EDB2C82D0FC4F9AE02.roa (raw, json) Hash identifier: JkpAwyv1JWftgTjDfw5ndQKqelICGQqXBkAqr19Xf7o= Subject key identifier: 27:B8:54:E9:D6:C4:91:89:85:F0:86:9D:21:9D:DE:DD:02:17:5F:76 Certificate issuer: /CN=A91546FB/serialNumber=DA5C8F2728408FEEF8256E20388DEB9601E5B510 Certificate serial: 011A Authority key identifier: DA:5C:8F:27:28:40:8F:EE:F8:25:6E:20:38:8D:EB:96:01:E5:B5:10 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2lyPJyhAj-74JW4gOI3rlgHltRA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91546FB/1E5C938A01E511EDBA7BA90EC4F9AE02/398C7DEE01E711EDB2C82D0FC4F9AE02.roa Signing time: Sat 13 May 2023 06:25:24 +0000 ROA not before: Sat 13 May 2023 06:25:24 +0000 ROA not after: Mon 01 Jul 2024 00:00:00 +0000 asID: 17483 IP address blocks: 103.227.156.0/24 maxlen: 24 103.227.157.0/24 maxlen: 24 103.227.158.0/24 maxlen: 24 103.227.159.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91546FB/1E5C938A01E511EDBA7BA90EC4F9AE02/2lyPJyhAj-74JW4gOI3rlgHltRA.crl rsync://rpki.apnic.net/member_repository/A91546FB/1E5C938A01E511EDBA7BA90EC4F9AE02/2lyPJyhAj-74JW4gOI3rlgHltRA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2lyPJyhAj-74JW4gOI3rlgHltRA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 08 Jun 2024 05:33:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 282 (0x11a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91546FB/serialNumber=DA5C8F2728408FEEF8256E20388DEB9601E5B510 Validity Not Before: May 13 06:25:24 2023 GMT Not After : Jul 1 00:00:00 2024 GMT Subject: CN=645f2d54-7e29 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d1:9e:45:79:2d:3e:5e:81:76:97:12:cf:3b:c3: e7:49:e6:9a:c3:03:08:b1:a8:06:e0:80:0b:10:60: a9:aa:5f:89:e2:90:63:f6:a7:a2:75:0a:ed:f5:57: 96:db:40:01:c5:5d:bb:20:a5:56:b7:b9:c6:02:9f: b0:a0:9c:8c:c1:87:c4:2f:97:05:3b:9c:b0:88:48: 40:bb:cf:1b:9f:a8:7f:d8:31:a4:6a:84:78:4c:fc: ab:65:2b:80:5a:fa:8c:6a:f1:ef:a4:b8:1f:de:d6: c1:b7:2d:f8:b8:cb:7a:19:4a:77:b0:73:e0:b5:33: 15:0f:b6:16:45:9f:e9:66:73:f9:93:5f:ae:68:df: d2:95:b7:47:75:a1:2a:70:0f:33:fb:91:51:f4:23: 06:dc:5c:61:a9:bb:d8:08:49:88:04:34:00:f0:e5: 79:86:03:6b:d7:9c:75:8c:74:14:25:0f:94:b0:60: 61:8b:06:e8:95:e0:e2:44:9c:47:63:61:83:cd:38: 11:27:7c:a7:5a:fa:b8:32:0a:64:11:76:ee:68:b2: a8:22:39:6f:2b:8d:65:f6:35:6d:cb:39:d5:51:d8: 09:e3:ea:d5:73:f5:48:e2:35:be:77:1c:19:cd:b7: 26:a4:49:69:56:66:af:49:f0:a3:b2:2e:57:20:45: 00:b9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 27:B8:54:E9:D6:C4:91:89:85:F0:86:9D:21:9D:DE:DD:02:17:5F:76 X509v3 Authority Key Identifier: keyid:DA:5C:8F:27:28:40:8F:EE:F8:25:6E:20:38:8D:EB:96:01:E5:B5:10 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91546FB/1E5C938A01E511EDBA7BA90EC4F9AE02/2lyPJyhAj-74JW4gOI3rlgHltRA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2lyPJyhAj-74JW4gOI3rlgHltRA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91546FB/1E5C938A01E511EDBA7BA90EC4F9AE02/398C7DEE01E711EDB2C82D0FC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.227.156.0/22 Signature Algorithm: sha256WithRSAEncryption 23:61:cb:f8:64:a6:8f:b9:40:c9:31:cc:16:e4:ae:6a:38:66: d6:40:ef:71:2a:5c:1d:86:43:3d:87:f2:4d:c7:75:12:68:08: 7a:06:e6:9e:82:26:54:75:82:64:f9:26:b3:a1:dc:3c:80:b2: 8d:61:eb:69:b0:8a:b2:52:8a:e6:c0:47:90:4d:03:5f:7b:65: 28:bd:bb:9c:20:ed:ce:bf:2b:29:27:73:a9:0e:87:66:8f:cf: 74:a0:df:3b:89:79:cd:63:10:6a:42:04:99:ec:07:65:8f:6e: 62:df:20:d8:99:09:77:ef:a3:8a:9d:c6:4e:a7:4b:65:1c:67: 52:57:fd:6d:d3:05:5b:63:04:14:ef:6d:ab:96:a6:9c:f2:90: 4a:93:10:d4:aa:ed:c8:ff:17:6f:76:d1:0b:6b:11:71:ef:9a: 63:f5:c5:95:42:de:98:f0:3c:1c:d2:0d:33:ac:2c:c3:b6:79: 0a:1b:4d:a8:9a:73:0a:fb:40:6e:8d:e4:ae:ba:3a:a6:db:d7: e9:f2:54:b9:2a:81:6b:fe:3c:c5:b1:dc:eb:24:44:86:59:75: af:7b:86:66:e7:fe:fb:ae:98:8e:17:e2:90:f2:6e:d0:73:38: d9:f8:aa:c5:fa:c7:b1:b0:6d:4e:3a:b5:32:5f:ec:d8:7d:74: fe:b4:28:ec -----BEGIN CERTIFICATE----- MIIFcTCCBFmgAwIBAgICARowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTQ2RkIxMTAvBgNVBAUTKERBNUM4RjI3Mjg0MDhGRUVGODI1NkUyMDM4OERFQjk2 MDFFNUI1MTAwHhcNMjMwNTEzMDYyNTI0WhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD VQQDEw02NDVmMmQ1NC03ZTI5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA0Z5FeS0+XoF2lxLPO8PnSeaawwMIsagG4IALEGCpql+J4pBj9qeidQrt9VeW 20ABxV27IKVWt7nGAp+woJyMwYfEL5cFO5ywiEhAu88bn6h/2DGkaoR4TPyrZSuA WvqMavHvpLgf3tbBty34uMt6GUp3sHPgtTMVD7YWRZ/pZnP5k1+uaN/SlbdHdaEq cA8z+5FR9CMG3FxhqbvYCEmIBDQA8OV5hgNr15x1jHQUJQ+UsGBhiwboleDiRJxH Y2GDzTgRJ3ynWvq4MgpkEXbuaLKoIjlvK41l9jVtyznVUdgJ4+rVc/VI4jW+dxwZ zbcmpElpVmavSfCjsi5XIEUAuQIDAQABo4IClTCCApEwHQYDVR0OBBYEFCe4VOnW xJGJhfCGnSGd3t0CF192MB8GA1UdIwQYMBaAFNpcjycoQI/u+CVuIDiN65YB5bUQ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1NDZGQi8xRTVDOTM4QTAx RTUxMUVEQkE3QkE5MEVDNEY5QUUwMi8ybHlQSnloQWotNzRKVzRnT0kzcmxnSGx0 UkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzJseVBKeWhBai03NEpXNGdPSTNybGdIbHRSQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NTQ2RkIvMUU1QzkzOEEwMUU1MTFFREJBN0JBOTBFQzRGOUFFMDIvMzk4QzdERUUw MUU3MTFFREIyQzgyRDBGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E EDAOMAwEAgABMAYDBAJn45wwDQYJKoZIhvcNAQELBQADggEBACNhy/hkpo+5QMkx zBbkrmo4ZtZA73EqXB2GQz2H8k3HdRJoCHoG5p6CJlR1gmT5JrOh3DyAso1h62mw irJSiubAR5BNA197ZSi9u5wg7c6/Kyknc6kOh2aPz3Sg3zuJec1jEGpCBJnsB2WP bmLfINiZCXfvo4qdxk6nS2UcZ1JX/W3TBVtjBBTvbauWppzykEqTENSq7cj/F292 0QtrEXHvmmP1xZVC3pjwPBzSDTOsLMO2eQobTaiacwr7QG6N5K66Oqbb1+nyVLkq gWv+PMWx3OskRIZZda97hmbn/vuumI4X4pDybtBzONn4qsX6x7GwbU46tTJf7Nh9 dP60KOw= -----END CERTIFICATE-----Generated at Sat Jun 1 07:08:16 2024 by rpki-client on console-ams.rpki-client.org