$ rpki-client -vvf rpki.apnic.net/member_repository/A91568F6/37D03DF6CE2811E9A6B6C17BC4F9AE02/50063EE8822A11EDB2081A49C4F9AE02.roa File: 50063EE8822A11EDB2081A49C4F9AE02.roa (raw, json) Hash identifier: 4WLEo+7utrf3YQ5HW1B5C1Kpj6dVRKES3SiFL4z/3Rk= Subject key identifier: EC:AF:D0:07:6E:DA:10:D4:F8:68:9F:88:0C:55:C9:F1:5B:D8:63:C7 Certificate issuer: /CN=A91568F6/serialNumber=1E329E98F67692E9B576023A2FBC557D57DD556C Certificate serial: 0CD6 Authority key identifier: 1E:32:9E:98:F6:76:92:E9:B5:76:02:3A:2F:BC:55:7D:57:DD:55:6C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HjKemPZ2kum1dgI6L7xVfVfdVWw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91568F6/37D03DF6CE2811E9A6B6C17BC4F9AE02/50063EE8822A11EDB2081A49C4F9AE02.roa Signing time: Thu 06 Jun 2024 19:33:18 +0000 ROA not before: Thu 06 Jun 2024 19:33:18 +0000 ROA not after: Wed 30 Jul 2025 00:00:00 +0000 asID: 136547 IP address blocks: 103.251.36.0/24 maxlen: 24 103.251.37.0/24 maxlen: 24 103.251.38.0/24 maxlen: 24 103.251.39.0/24 maxlen: 24 150.242.228.0/24 maxlen: 24 150.242.229.0/24 maxlen: 24 150.242.230.0/24 maxlen: 24 150.242.231.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91568F6/37D03DF6CE2811E9A6B6C17BC4F9AE02/HjKemPZ2kum1dgI6L7xVfVfdVWw.crl rsync://rpki.apnic.net/member_repository/A91568F6/37D03DF6CE2811E9A6B6C17BC4F9AE02/HjKemPZ2kum1dgI6L7xVfVfdVWw.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HjKemPZ2kum1dgI6L7xVfVfdVWw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 01 Dec 2024 17:11:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3286 (0xcd6) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91568F6/serialNumber=1E329E98F67692E9B576023A2FBC557D57DD556C Validity Not Before: Jun 6 19:33:18 2024 GMT Not After : Jul 30 00:00:00 2025 GMT Subject: CN=66620efe-d8b6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:2c:f8:b9:c7:86:73:3a:66:22:ab:cc:86:26: 73:2e:2f:cc:1a:8f:eb:5d:b3:01:db:5a:11:f3:f2: 61:50:f0:6c:90:c5:29:05:76:73:3b:49:15:e6:57: 53:3a:6e:5b:ee:c5:fe:34:f6:0d:54:46:8f:05:48: 27:95:c3:ec:13:ed:a6:60:59:6e:1c:c1:f5:72:18: 82:27:99:a3:05:ae:7d:db:16:96:dc:05:b5:08:8e: cc:80:95:93:75:c6:7d:87:51:07:aa:30:c2:3a:5a: 23:9a:b5:8c:3c:ad:8c:ca:4f:7b:86:f0:51:de:8c: c4:6a:c9:97:59:6a:e4:30:d0:3a:f9:31:1c:7a:19: e6:ff:a4:62:bb:d2:ef:2a:f2:b7:3a:e1:d1:eb:eb: 4d:ef:0e:e7:c1:cb:7d:2c:f4:ef:f6:f3:35:35:64: 99:09:7c:4f:a6:ce:a3:b1:18:a4:89:19:87:58:7c: b0:50:be:24:28:ec:f9:0f:8f:94:a2:22:77:a6:34: 1b:45:69:f0:cf:9d:63:53:3b:af:81:b2:c3:5a:6c: db:3b:71:ae:51:9b:76:32:e8:c2:69:bf:45:7a:92: b2:1f:61:33:e9:c8:60:11:40:6c:67:a6:0f:29:f4: 9c:d5:a9:7c:e4:7a:46:c0:69:8e:d6:f6:1b:c1:97: 91:4f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EC:AF:D0:07:6E:DA:10:D4:F8:68:9F:88:0C:55:C9:F1:5B:D8:63:C7 X509v3 Authority Key Identifier: keyid:1E:32:9E:98:F6:76:92:E9:B5:76:02:3A:2F:BC:55:7D:57:DD:55:6C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91568F6/37D03DF6CE2811E9A6B6C17BC4F9AE02/HjKemPZ2kum1dgI6L7xVfVfdVWw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HjKemPZ2kum1dgI6L7xVfVfdVWw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91568F6/37D03DF6CE2811E9A6B6C17BC4F9AE02/50063EE8822A11EDB2081A49C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.251.36.0/22 150.242.228.0/22 Signature Algorithm: sha256WithRSAEncryption 73:5a:2b:bc:be:47:1c:01:70:02:c9:87:9d:54:a4:65:89:c4: e7:3f:af:f8:c0:45:73:c5:ed:a5:32:ce:41:06:02:f3:1a:c1: 5c:65:0c:56:b5:85:6a:56:98:34:e7:ba:4c:58:45:71:c1:a5: f7:8c:b2:1d:0c:34:66:a7:b5:3f:47:9c:dd:f0:a0:86:e9:81: be:25:4e:60:18:02:fa:e7:93:2b:af:ad:a9:ff:73:9b:60:ad: ad:f1:81:2c:9a:a2:d8:c5:dc:52:eb:b6:2a:5a:11:ea:1c:b3: 42:09:f7:29:b2:00:a1:dc:61:05:6e:a2:f7:c6:f0:60:50:2b: b3:2b:36:85:68:be:92:b6:60:d2:99:a3:5f:16:b0:00:14:d7: b7:ce:a2:e3:ac:c6:29:e3:61:5f:bb:1f:c1:76:41:15:29:cf: b3:74:ac:cd:ac:d5:22:79:17:25:e4:70:59:b7:b8:6d:21:38: ab:4b:97:60:fa:99:00:8e:7b:1b:1c:39:1c:3d:22:82:da:2a: 6e:1f:6e:46:84:c8:99:46:a3:5a:a5:47:0f:53:6d:dd:ea:04: 16:b3:a8:83:0c:7f:9f:ab:a3:eb:e1:eb:21:51:ad:db:e7:cf: c3:d5:43:95:3a:f8:e0:60:9d:4a:8a:c8:04:d0:4d:78:07:e1: 06:de:3d:91 -----BEGIN CERTIFICATE----- MIIFdzCCBF+gAwIBAgICDNYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTY4RjYxMTAvBgNVBAUTKDFFMzI5RTk4RjY3NjkyRTlCNTc2MDIzQTJGQkM1NTdE NTdERDU1NkMwHhcNMjQwNjA2MTkzMzE4WhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD VQQDEw02NjYyMGVmZS1kOGI2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA1iz4uceGczpmIqvMhiZzLi/MGo/rXbMB21oR8/JhUPBskMUpBXZzO0kV5ldT Om5b7sX+NPYNVEaPBUgnlcPsE+2mYFluHMH1chiCJ5mjBa592xaW3AW1CI7MgJWT dcZ9h1EHqjDCOlojmrWMPK2Myk97hvBR3ozEasmXWWrkMNA6+TEcehnm/6Riu9Lv KvK3OuHR6+tN7w7nwct9LPTv9vM1NWSZCXxPps6jsRikiRmHWHywUL4kKOz5D4+U oiJ3pjQbRWnwz51jUzuvgbLDWmzbO3GuUZt2MujCab9FepKyH2Ez6chgEUBsZ6YP KfSc1al85HpGwGmO1vYbwZeRTwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFOyv0Adu 2hDU+GifiAxVyfFb2GPHMB8GA1UdIwQYMBaAFB4ynpj2dpLptXYCOi+8VX1X3VVs MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1NjhGNi8zN0QwM0RGNkNF MjgxMUU5QTZCNkMxN0JDNEY5QUUwMi9IaktlbVBaMmt1bTFkZ0k2TDd4VmZWZmRW V3cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0hqS2VtUFoya3VtMWRnSTZMN3hWZlZmZFZXdy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NTY4RjYvMzdEMDNERjZDRTI4MTFFOUE2QjZDMTdCQzRGOUFFMDIvNTAwNjNFRTg4 MjJBMTFFREIyMDgxQTQ5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E FjAUMBIEAgABMAwDBAJn+yQDBAKW8uQwDQYJKoZIhvcNAQELBQADggEBAHNaK7y+ RxwBcALJh51UpGWJxOc/r/jARXPF7aUyzkEGAvMawVxlDFa1hWpWmDTnukxYRXHB pfeMsh0MNGantT9HnN3woIbpgb4lTmAYAvrnkyuvran/c5tgra3xgSyaotjF3FLr tipaEeocs0IJ9ymyAKHcYQVuovfG8GBQK7MrNoVovpK2YNKZo18WsAAU17fOouOs xinjYV+7H8F2QRUpz7N0rM2s1SJ5FyXkcFm3uG0hOKtLl2D6mQCOexscORw9IoLa Km4fbkaEyJlGo1qlRw9Tbd3qBBazqIMMf5+ro+vh6yFRrdvnz8PVQ5U6+OBgnUqK yATQTXgH4QbePZE= -----END CERTIFICATE-----Generated at Sun Nov 24 20:09:48 2024 by rpki-client on console-ams.rpki-client.org