$ rpki-client -vvf rpki.apnic.net/member_repository/A916DB3F/D3910134895311E68A854923C4F9AE02/7E8D9A52895411E6B3538424C4F9AE02.roa File: 7E8D9A52895411E6B3538424C4F9AE02.roa (raw, json) Hash identifier: LRWvTtYikJeeVBMhJG8Jnv9JOZtUpM468k7wuutlizY= Subject key identifier: C5:95:B1:BE:AA:7C:76:5E:0D:5E:4A:B0:CA:99:E7:11:A7:83:DD:CF Certificate issuer: /CN=A916DB3F/serialNumber=1AB1DE8EC891AFA2D4E1C91AF5583490BFBBC209 Certificate serial: 1CAB Authority key identifier: 1A:B1:DE:8E:C8:91:AF:A2:D4:E1:C9:1A:F5:58:34:90:BF:BB:C2:09 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GrHejsiRr6LU4cka9Vg0kL-7wgk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A916DB3F/D3910134895311E68A854923C4F9AE02/7E8D9A52895411E6B3538424C4F9AE02.roa Signing time: Thu 06 Jul 2023 16:33:00 +0000 ROA not before: Thu 06 Jul 2023 16:33:00 +0000 ROA not after: Tue 30 Jul 2024 00:00:00 +0000 asID: 135524 IP address blocks: 103.221.252.0/22 maxlen: 22 103.221.252.0/23 maxlen: 23 103.221.252.0/24 maxlen: 24 103.221.253.0/24 maxlen: 24 103.221.254.0/23 maxlen: 23 103.221.254.0/24 maxlen: 24 103.221.255.0/24 maxlen: 24 2405:ac80::/32 maxlen: 36 2405:ac80::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A916DB3F/D3910134895311E68A854923C4F9AE02/GrHejsiRr6LU4cka9Vg0kL-7wgk.crl rsync://rpki.apnic.net/member_repository/A916DB3F/D3910134895311E68A854923C4F9AE02/GrHejsiRr6LU4cka9Vg0kL-7wgk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GrHejsiRr6LU4cka9Vg0kL-7wgk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 04 Jun 2024 16:34:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7339 (0x1cab) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A916DB3F/serialNumber=1AB1DE8EC891AFA2D4E1C91AF5583490BFBBC209 Validity Not Before: Jul 6 16:33:00 2023 GMT Not After : Jul 30 00:00:00 2024 GMT Subject: CN=64a6ecbc-e1f2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:6f:2a:3b:73:d2:48:34:d4:62:5f:fb:ac:d4: ad:2c:5f:8d:3a:f7:2c:2a:2b:21:14:bf:87:db:bd: f4:35:43:ac:93:14:5b:71:6f:47:d8:cc:80:a3:23: 6f:e2:6b:a8:b8:6e:53:4a:63:ac:04:fa:a2:39:0f: 8a:e9:d9:24:1b:32:81:9b:42:ea:fa:f7:c7:be:db: 44:d1:d4:51:0f:77:dc:54:28:dc:96:57:f3:97:0e: 79:e9:9c:7d:87:6f:0c:f6:b7:41:f2:bf:d4:33:86: eb:78:be:ce:bf:e9:8f:cc:27:bc:ea:0e:30:72:20: 62:5b:d1:4a:6e:70:dd:de:be:7f:08:d8:e6:9e:ec: ab:57:62:4a:d5:3e:6a:07:00:20:58:d7:59:0f:08: 82:af:fc:35:85:10:ff:ca:88:20:21:17:64:a5:fd: fd:43:ef:e4:9c:16:e9:85:45:9f:65:0b:5f:8d:48: 3c:3a:6e:6d:97:6e:1d:65:b1:64:b9:f5:da:90:03: 96:41:62:42:20:21:9b:af:c7:44:04:86:f8:67:f1: 0e:6b:ce:20:49:8b:d5:c5:01:f9:85:29:f7:ab:fb: 53:8c:dc:44:3e:53:8b:ca:88:da:4e:7d:e7:ae:6b: 4c:ee:66:e4:fb:89:ca:33:0f:f2:cc:5b:ae:e2:6b: 3d:a1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C5:95:B1:BE:AA:7C:76:5E:0D:5E:4A:B0:CA:99:E7:11:A7:83:DD:CF X509v3 Authority Key Identifier: keyid:1A:B1:DE:8E:C8:91:AF:A2:D4:E1:C9:1A:F5:58:34:90:BF:BB:C2:09 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A916DB3F/D3910134895311E68A854923C4F9AE02/GrHejsiRr6LU4cka9Vg0kL-7wgk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GrHejsiRr6LU4cka9Vg0kL-7wgk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916DB3F/D3910134895311E68A854923C4F9AE02/7E8D9A52895411E6B3538424C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.221.252.0/22 IPv6: 2405:ac80::/32 Signature Algorithm: sha256WithRSAEncryption 48:26:9e:05:e1:16:16:e8:7a:bf:53:0b:91:a4:91:fb:d4:50: f1:8c:f6:2e:77:13:d4:b4:f1:88:c3:78:1d:bc:78:5b:a0:c7: 39:c3:d2:a4:10:45:a2:21:51:39:28:25:01:11:17:09:bf:ee: 95:80:ab:f9:c3:1d:78:dd:26:07:91:66:ae:23:fd:04:59:19: a2:dc:7a:05:12:84:3b:b2:bc:48:04:28:e3:c2:09:77:98:42: cd:d7:07:bf:b8:c3:52:e0:54:00:fc:8e:5c:8a:dd:69:74:b9: 55:7c:58:45:bd:77:54:65:1d:85:5f:fd:8c:4d:57:70:d7:4a: ca:c8:7d:2b:12:2e:35:99:64:fd:66:1a:77:4a:38:e1:f8:57: 86:34:2d:e5:f4:b1:1c:c8:37:30:e7:bd:bd:51:92:04:a4:ba: 0c:77:25:0b:08:f3:27:4b:70:be:d0:86:94:9a:93:b9:5d:b9: 45:64:9e:3c:2a:10:78:be:5a:c8:7c:ac:7d:de:28:23:3d:0b: a4:58:bf:2a:49:e7:e4:99:57:1f:01:61:61:1f:fa:b1:93:89: 91:6a:8f:75:30:d0:0f:ca:4e:ef:1d:b0:4e:29:10:6a:52:36: 5b:ff:74:fc:61:fb:54:4e:58:56:34:cb:e6:08:1c:40:63:17: 83:0a:f7:1e -----BEGIN CERTIFICATE----- MIIFgDCCBGigAwIBAgICHKswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NkRCM0YxMTAvBgNVBAUTKDFBQjFERThFQzg5MUFGQTJENEUxQzkxQUY1NTgzNDkw QkZCQkMyMDkwHhcNMjMwNzA2MTYzMzAwWhcNMjQwNzMwMDAwMDAwWjAYMRYwFAYD VQQDEw02NGE2ZWNiYy1lMWYyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvG8qO3PSSDTUYl/7rNStLF+NOvcsKishFL+H2730NUOskxRbcW9H2MyAoyNv 4muouG5TSmOsBPqiOQ+K6dkkGzKBm0Lq+vfHvttE0dRRD3fcVCjcllfzlw556Zx9 h28M9rdB8r/UM4breL7Ov+mPzCe86g4wciBiW9FKbnDd3r5/CNjmnuyrV2JK1T5q BwAgWNdZDwiCr/w1hRD/yoggIRdkpf39Q+/knBbphUWfZQtfjUg8Om5tl24dZbFk ufXakAOWQWJCICGbr8dEBIb4Z/EOa84gSYvVxQH5hSn3q/tTjNxEPlOLyojaTn3n rmtM7mbk+4nKMw/yzFuu4ms9oQIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFMWVsb6q fHZeDV5KsMqZ5xGng93PMB8GA1UdIwQYMBaAFBqx3o7Ika+i1OHJGvVYNJC/u8IJ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2REIzRi9EMzkxMDEzNDg5 NTMxMUU2OEE4NTQ5MjNDNEY5QUUwMi9HckhlanNpUnI2TFU0Y2thOVZnMGtMLTd3 Z2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0dySGVqc2lScjZMVTRja2E5Vmcwa0wtN3dnay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NkRCM0YvRDM5MTAxMzQ4OTUzMTFFNjhBODU0OTIzQzRGOUFFMDIvN0U4RDlBNTI4 OTU0MTFFNkIzNTM4NDI0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E HzAdMAwEAgABMAYDBAJn3fwwDQQCAAIwBwMFACQFrIAwDQYJKoZIhvcNAQELBQAD ggEBAEgmngXhFhboer9TC5GkkfvUUPGM9i53E9S08YjDeB28eFugxznD0qQQRaIh UTkoJQERFwm/7pWAq/nDHXjdJgeRZq4j/QRZGaLcegUShDuyvEgEKOPCCXeYQs3X B7+4w1LgVAD8jlyK3Wl0uVV8WEW9d1RlHYVf/YxNV3DXSsrIfSsSLjWZZP1mGndK OOH4V4Y0LeX0sRzINzDnvb1RkgSkugx3JQsI8ydLcL7QhpSak7lduUVknjwqEHi+ Wsh8rH3eKCM9C6RYvypJ5+SZVx8BYWEf+rGTiZFqj3Uw0A/KTu8dsE4pEGpSNlv/ dPxh+1ROWFY0y+YIHEBjF4MK9x4= -----END CERTIFICATE-----Generated at Tue May 28 19:32:34 2024 by rpki-client on console-ams.rpki-client.org