$ rpki-client -vvf rpki.apnic.net/member_repository/A91590E3/DA18B1849A4911E79A9F3030C4F9AE02/4A4CE204D49A11EEAB1AF055C4F9AE02.roa File: 4A4CE204D49A11EEAB1AF055C4F9AE02.roa (raw, json) Hash identifier: SOUm4aPJA1GCSoMKe9nddwVZGI48xiZHVEoBS1OglGY= Subject key identifier: 4E:DD:E9:19:E6:DC:2B:53:0F:0D:A2:56:9F:44:B8:F6:52:5D:40:CA Certificate issuer: /CN=A91590E3/serialNumber=BB976A598E5ECB05E37FAC00A5B7888E57F51C52 Certificate serial: 17F8 Authority key identifier: BB:97:6A:59:8E:5E:CB:05:E3:7F:AC:00:A5:B7:88:8E:57:F5:1C:52 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/u5dqWY5eywXjf6wApbeIjlf1HFI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91590E3/DA18B1849A4911E79A9F3030C4F9AE02/4A4CE204D49A11EEAB1AF055C4F9AE02.roa Signing time: Fri 01 Mar 2024 10:18:52 +0000 ROA not before: Fri 01 Mar 2024 10:18:52 +0000 ROA not after: Sun 01 Dec 2024 00:00:00 +0000 asID: 136948 IP address blocks: 103.99.248.0/22 maxlen: 23 103.99.248.0/24 maxlen: 24 103.99.249.0/24 maxlen: 24 103.99.250.0/24 maxlen: 24 103.99.251.0/24 maxlen: 24 2401:b640::/32 maxlen: 32 2401:b640::/48 maxlen: 48 2401:b640:1::/48 maxlen: 48 2401:b640:2::/48 maxlen: 48 2401:b640:3::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91590E3/DA18B1849A4911E79A9F3030C4F9AE02/u5dqWY5eywXjf6wApbeIjlf1HFI.crl rsync://rpki.apnic.net/member_repository/A91590E3/DA18B1849A4911E79A9F3030C4F9AE02/u5dqWY5eywXjf6wApbeIjlf1HFI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/u5dqWY5eywXjf6wApbeIjlf1HFI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 25 May 2024 14:50:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6136 (0x17f8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91590E3/serialNumber=BB976A598E5ECB05E37FAC00A5B7888E57F51C52 Validity Not Before: Mar 1 10:18:52 2024 GMT Not After : Dec 1 00:00:00 2024 GMT Subject: CN=65e1ab8b-e754 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:9c:75:bf:93:19:69:8a:c8:80:43:eb:b9:3b: 7c:77:68:0c:7e:bf:ac:c8:35:54:fe:40:85:90:f2: 04:af:64:89:cf:24:17:17:7b:8d:95:e2:d4:a1:9d: 01:a9:ce:c4:91:8c:29:af:df:1d:4c:63:45:bd:bd: 64:a2:64:a2:4f:b1:60:0b:d6:37:0e:0e:4b:2a:de: 2f:07:55:4e:b6:ff:f3:61:62:aa:da:e2:51:ec:e6: 0f:92:d5:42:6c:c4:30:81:8c:c3:7e:9b:68:64:6d: ec:80:d7:7b:35:7f:c8:98:41:e6:f4:8d:3a:2b:12: b7:8d:01:a6:1e:2a:d6:dc:f0:28:16:cc:b5:ea:a8: a9:71:03:dd:93:55:d4:b4:77:58:8e:72:63:af:5e: 4c:da:99:83:ac:c6:da:f5:34:90:c7:71:37:02:4e: 2b:e9:46:a8:32:b1:c6:80:4b:f3:aa:34:de:cc:7b: 4e:f1:2f:cc:a7:34:3f:e7:ab:7f:aa:dc:4e:cd:70: fb:97:94:e9:c8:d0:5f:b9:1c:fc:f5:92:fa:3d:61: 18:cc:88:f9:f3:97:5e:c3:16:8f:92:b4:76:39:d7: 92:21:9e:e7:82:bb:8c:79:0d:cb:1b:18:d2:00:56: 4d:47:70:72:d0:52:ca:4a:12:71:e0:23:b2:af:2c: 4b:03 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4E:DD:E9:19:E6:DC:2B:53:0F:0D:A2:56:9F:44:B8:F6:52:5D:40:CA X509v3 Authority Key Identifier: keyid:BB:97:6A:59:8E:5E:CB:05:E3:7F:AC:00:A5:B7:88:8E:57:F5:1C:52 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91590E3/DA18B1849A4911E79A9F3030C4F9AE02/u5dqWY5eywXjf6wApbeIjlf1HFI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/u5dqWY5eywXjf6wApbeIjlf1HFI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91590E3/DA18B1849A4911E79A9F3030C4F9AE02/4A4CE204D49A11EEAB1AF055C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.99.248.0/22 IPv6: 2401:b640::/32 Signature Algorithm: sha256WithRSAEncryption 10:18:94:87:25:ac:fd:25:13:10:89:9e:89:9e:b5:23:62:53: ab:ac:ba:57:c0:3a:e0:42:73:2a:75:7d:f6:6e:84:75:62:3c: ed:61:46:5a:1c:9d:50:97:6d:30:40:d9:d6:93:b4:76:87:1f: 52:5a:9f:74:c4:27:dc:ef:d5:ff:50:35:ea:22:d9:89:d0:a9: 9e:08:71:c4:fc:21:68:d9:47:3a:47:23:af:6e:b4:3b:8f:d1: 9f:19:84:1c:f5:62:7d:45:8f:d0:2a:fd:87:01:3a:ff:c7:ce: c0:36:b1:a1:dc:c8:3d:28:bb:81:a5:56:78:19:de:9b:05:76: 93:97:b8:6c:20:df:21:c7:73:06:0a:22:09:2a:1d:75:56:9e: 99:72:c9:73:5b:ff:08:67:3f:4a:0e:ac:f2:b8:3a:a0:b3:8a: a9:70:63:d9:f4:46:5e:fb:e3:cc:d1:a8:76:63:a5:83:b0:9a: 6c:89:9a:24:53:0d:3f:97:21:38:1e:6e:a3:c1:57:2d:0e:a5: 09:62:93:c4:9d:ce:a2:ee:fb:2e:0d:bf:c3:65:40:b6:95:39: f6:6b:b6:2c:4d:4e:2a:6a:a7:71:1f:68:cf:8f:4f:36:1c:2a: 73:85:3b:f7:06:45:c9:8b:27:63:9c:0d:df:6e:9c:f5:bc:f0: 00:2c:7c:58 -----BEGIN CERTIFICATE----- MIIFgDCCBGigAwIBAgICF/gwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTkwRTMxMTAvBgNVBAUTKEJCOTc2QTU5OEU1RUNCMDVFMzdGQUMwMEE1Qjc4ODhF NTdGNTFDNTIwHhcNMjQwMzAxMTAxODUyWhcNMjQxMjAxMDAwMDAwWjAYMRYwFAYD VQQDEw02NWUxYWI4Yi1lNzU0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAw5x1v5MZaYrIgEPruTt8d2gMfr+syDVU/kCFkPIEr2SJzyQXF3uNleLUoZ0B qc7EkYwpr98dTGNFvb1komSiT7FgC9Y3Dg5LKt4vB1VOtv/zYWKq2uJR7OYPktVC bMQwgYzDfptoZG3sgNd7NX/ImEHm9I06KxK3jQGmHirW3PAoFsy16qipcQPdk1XU tHdYjnJjr15M2pmDrMba9TSQx3E3Ak4r6UaoMrHGgEvzqjTezHtO8S/MpzQ/56t/ qtxOzXD7l5TpyNBfuRz89ZL6PWEYzIj585dewxaPkrR2OdeSIZ7ngruMeQ3LGxjS AFZNR3By0FLKShJx4COyryxLAwIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFE7d6Rnm 3CtTDw2iVp9EuPZSXUDKMB8GA1UdIwQYMBaAFLuXalmOXssF43+sAKW3iI5X9RxS MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1OTBFMy9EQTE4QjE4NDlB NDkxMUU3OUE5RjMwMzBDNEY5QUUwMi91NWRxV1k1ZXl3WGpmNndBcGJlSWpsZjFI RkkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3U1ZHFXWTVleXdYamY2d0FwYmVJamxmMUhGSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NTkwRTMvREExOEIxODQ5QTQ5MTFFNzlBOUYzMDMwQzRGOUFFMDIvNEE0Q0UyMDRE NDlBMTFFRUFCMUFGMDU1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E HzAdMAwEAgABMAYDBAJnY/gwDQQCAAIwBwMFACQBtkAwDQYJKoZIhvcNAQELBQAD ggEBABAYlIclrP0lExCJnometSNiU6usulfAOuBCcyp1ffZuhHViPO1hRlocnVCX bTBA2daTtHaHH1Jan3TEJ9zv1f9QNeoi2YnQqZ4IccT8IWjZRzpHI69utDuP0Z8Z hBz1Yn1Fj9Aq/YcBOv/HzsA2saHcyD0ou4GlVngZ3psFdpOXuGwg3yHHcwYKIgkq HXVWnplyyXNb/whnP0oOrPK4OqCziqlwY9n0Rl7748zRqHZjpYOwmmyJmiRTDT+X ITgebqPBVy0OpQlik8SdzqLu+y4Nv8NlQLaVOfZrtixNTipqp3EfaM+PTzYcKnOF O/cGRcmLJ2OcDd9unPW88AAsfFg= -----END CERTIFICATE-----Generated at Sat May 18 17:37:32 2024 by rpki-client on console-fra.rpki-client.org