$ rpki-client -vvf rpki.apnic.net/member_repository/A916B02F/D7C33AB87FBB11EEA6983925C4F9AE02/27178D9E7FBC11EEAF80B825C4F9AE02.roa File: 27178D9E7FBC11EEAF80B825C4F9AE02.roa (raw, json) Hash identifier: tVR4eS6BAk11ESI+gtbO8xp2r33dkwzxIV+WLCTc1kU= Subject key identifier: E3:6D:58:3F:D1:62:D7:48:EF:25:7B:C7:5D:2D:B7:40:AC:20:66:0D Certificate issuer: /CN=A916B02F/serialNumber=87F31B201BDD187581540C5B8B864438C29990B9 Certificate serial: 04 Authority key identifier: 87:F3:1B:20:1B:DD:18:75:81:54:0C:5B:8B:86:44:38:C2:99:90:B9 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/h_MbIBvdGHWBVAxbi4ZEOMKZkLk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A916B02F/D7C33AB87FBB11EEA6983925C4F9AE02/27178D9E7FBC11EEAF80B825C4F9AE02.roa Signing time: Fri 10 Nov 2023 11:29:11 +0000 ROA not before: Fri 10 Nov 2023 11:29:11 +0000 ROA not after: Sat 31 Aug 2024 00:00:00 +0000 asID: 134484 IP address blocks: 103.197.156.0/23 maxlen: 23 103.197.156.0/24 maxlen: 24 103.197.157.0/24 maxlen: 24 2001:df2:6f40::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A916B02F/D7C33AB87FBB11EEA6983925C4F9AE02/h_MbIBvdGHWBVAxbi4ZEOMKZkLk.crl rsync://rpki.apnic.net/member_repository/A916B02F/D7C33AB87FBB11EEA6983925C4F9AE02/h_MbIBvdGHWBVAxbi4ZEOMKZkLk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/h_MbIBvdGHWBVAxbi4ZEOMKZkLk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 14 Jun 2024 07:17:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4 (0x4) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A916B02F/serialNumber=87F31B201BDD187581540C5B8B864438C29990B9 Validity Not Before: Nov 10 11:29:11 2023 GMT Not After : Aug 31 00:00:00 2024 GMT Subject: CN=654e1407-f976 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:49:5a:78:67:a3:dc:d2:64:71:a9:7c:8b:86: f8:77:3e:05:39:83:f4:a2:77:b0:75:a1:0c:08:a9: ce:40:58:8e:64:3c:8a:a0:ac:21:ff:4a:13:b8:4c: f8:fa:7b:6c:ce:4a:39:1b:9f:fd:55:7e:6a:62:3a: 34:76:55:cb:2f:1c:43:b3:3b:ae:2d:42:9b:ee:cc: ca:58:9f:54:72:a1:8c:60:fa:f5:83:5a:4a:72:57: 0e:0e:9a:7c:aa:aa:69:60:2d:a5:3e:8f:de:5f:0d: 5e:50:d2:51:64:e2:c9:ce:3d:ff:62:92:db:6a:95: 32:a3:48:b8:0d:f0:de:ac:74:c0:8b:53:bb:58:60: 00:bc:e3:9c:48:c2:e1:50:13:c1:32:fc:86:47:44: 80:aa:e4:2e:94:99:03:04:bb:4b:46:ab:fc:f9:9d: 33:fc:48:e0:51:bc:3d:38:31:2f:0e:cb:43:32:59: 3a:90:fa:cd:ef:e5:b9:c1:e0:2e:3e:00:7e:68:59: 1f:0f:c2:95:ab:94:e8:77:b1:ed:d7:e6:59:40:84: e3:c4:ba:ee:e0:6d:42:b1:f5:21:80:56:76:4b:2a: 05:f7:19:65:ed:df:71:38:6f:30:1a:4a:a5:6c:88: 14:ca:5c:c2:88:46:02:6b:04:28:d6:ca:da:9d:64: df:85 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E3:6D:58:3F:D1:62:D7:48:EF:25:7B:C7:5D:2D:B7:40:AC:20:66:0D X509v3 Authority Key Identifier: keyid:87:F3:1B:20:1B:DD:18:75:81:54:0C:5B:8B:86:44:38:C2:99:90:B9 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A916B02F/D7C33AB87FBB11EEA6983925C4F9AE02/h_MbIBvdGHWBVAxbi4ZEOMKZkLk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/h_MbIBvdGHWBVAxbi4ZEOMKZkLk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916B02F/D7C33AB87FBB11EEA6983925C4F9AE02/27178D9E7FBC11EEAF80B825C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.197.156.0/23 IPv6: 2001:df2:6f40::/48 Signature Algorithm: sha256WithRSAEncryption 05:57:19:3d:f9:d3:61:07:49:11:bf:fe:ab:8e:35:51:07:c9: 63:ae:0a:d4:57:91:eb:21:6a:81:69:99:8f:e6:d8:a7:9f:5b: 09:95:a2:26:15:aa:f9:76:d8:55:ba:a0:96:7a:14:d0:2b:b7: 6b:fe:0b:94:c8:25:73:25:ae:e3:41:68:97:56:8b:9f:a1:4f: 74:ce:fd:a0:90:23:c0:4c:7a:72:e8:12:aa:97:e1:ae:1b:d2: c0:36:72:59:a4:7b:c4:b6:ec:27:18:08:c0:a4:34:e4:7b:6b: 83:ba:a5:72:de:87:d8:19:0f:db:ac:50:15:6d:ee:b4:8f:df: dc:74:6d:bd:dc:13:fd:bd:cf:3e:a9:5c:e0:2c:07:8d:3d:37: f8:24:28:2a:10:39:de:3d:33:2b:25:e4:94:c7:fa:59:e4:4e: e8:70:f6:a8:1a:c5:0b:99:8f:6c:b1:4f:0a:ee:47:f3:f8:29: 23:b9:d8:fb:a3:71:52:89:07:d5:b5:90:b8:32:14:d3:92:f1: d3:1c:ae:f0:90:26:05:c1:24:40:00:db:27:ed:bc:b5:dc:3a: 07:7b:48:13:03:96:2a:17:5d:6f:3a:89:69:a2:e1:50:be:8a: b9:03:5a:82:9e:c9:af:2a:a5:6f:9d:3a:5c:01:de:5a:7e:16: 95:97:a9:ea -----BEGIN CERTIFICATE----- MIIFgTCCBGmgAwIBAgIBBDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE2 QjAyRjExMC8GA1UEBRMoODdGMzFCMjAxQkREMTg3NTgxNTQwQzVCOEI4NjQ0MzhD Mjk5OTBCOTAeFw0yMzExMTAxMTI5MTFaFw0yNDA4MzEwMDAwMDBaMBgxFjAUBgNV BAMTDTY1NGUxNDA3LWY5NzYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQC8SVp4Z6Pc0mRxqXyLhvh3PgU5g/Sid7B1oQwIqc5AWI5kPIqgrCH/ShO4TPj6 e2zOSjkbn/1VfmpiOjR2VcsvHEOzO64tQpvuzMpYn1RyoYxg+vWDWkpyVw4Omnyq qmlgLaU+j95fDV5Q0lFk4snOPf9ikttqlTKjSLgN8N6sdMCLU7tYYAC845xIwuFQ E8Ey/IZHRICq5C6UmQMEu0tGq/z5nTP8SOBRvD04MS8Oy0MyWTqQ+s3v5bnB4C4+ AH5oWR8PwpWrlOh3se3X5llAhOPEuu7gbUKx9SGAVnZLKgX3GWXt33E4bzAaSqVs iBTKXMKIRgJrBCjWytqdZN+FAgMBAAGjggKmMIICojAdBgNVHQ4EFgQU421YP9Fi 10jvJXvHXS23QKwgZg0wHwYDVR0jBBgwFoAUh/MbIBvdGHWBVAxbi4ZEOMKZkLkw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTZCMDJGL0Q3QzMzQUI4N0ZC QjExRUVBNjk4MzkyNUM0RjlBRTAyL2hfTWJJQnZkR0hXQlZBeGJpNFpFT01LWmtM ay5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvaF9NYklCdmRHSFdCVkF4Ymk0WkVPTUtaa0xrLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2 QjAyRi9EN0MzM0FCODdGQkIxMUVFQTY5ODM5MjVDNEY5QUUwMi8yNzE3OEQ5RTdG QkMxMUVFQUY4MEI4MjVDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAwBggrBgEFBQcBBwEB/wQh MB8wDAQCAAEwBgMEAWfFnDAPBAIAAjAJAwcAIAEN8m9AMA0GCSqGSIb3DQEBCwUA A4IBAQAFVxk9+dNhB0kRv/6rjjVRB8ljrgrUV5HrIWqBaZmP5tinn1sJlaImFar5 dthVuqCWehTQK7dr/guUyCVzJa7jQWiXVoufoU90zv2gkCPATHpy6BKql+GuG9LA NnJZpHvEtuwnGAjApDTke2uDuqVy3ofYGQ/brFAVbe60j9/cdG293BP9vc8+qVzg LAeNPTf4JCgqEDnePTMrJeSUx/pZ5E7ocPaoGsULmY9ssU8K7kfz+Ckjudj7o3FS iQfVtZC4MhTTkvHTHK7wkCYFwSRAANsn7by13DoHe0gTA5YqF11vOolpouFQvoq5 A1qCnsmvKqVvnTpcAd5afhaVl6nq -----END CERTIFICATE-----Generated at Fri Jun 7 11:02:23 2024 by rpki-client on console-fra.rpki-client.org