$ rpki-client -vvf rpki.apnic.net/member_repository/A917E475/DBFB3EB4E41A11E9AD79B811C4F9AE02/3A8AC908E41C11E9AD4A8D16C4F9AE02.roa File: 3A8AC908E41C11E9AD4A8D16C4F9AE02.roa (raw, json) Hash identifier: ZkUb8/k/pyJN1dk2SCWgY4ayBh/tGOA1WybYiVcrjIs= Subject key identifier: 8D:43:D3:E0:8C:8B:13:85:05:F4:B4:CA:20:91:49:DD:62:1D:49:C7 Certificate issuer: /CN=A917E475/serialNumber=FF08530952971BA065224B521F56563B6D2124ED Certificate serial: 0BCB Authority key identifier: FF:08:53:09:52:97:1B:A0:65:22:4B:52:1F:56:56:3B:6D:21:24:ED Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_whTCVKXG6BlIktSH1ZWO20hJO0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917E475/DBFB3EB4E41A11E9AD79B811C4F9AE02/3A8AC908E41C11E9AD4A8D16C4F9AE02.roa Signing time: Tue 14 Nov 2023 19:06:18 +0000 ROA not before: Tue 14 Nov 2023 19:06:18 +0000 ROA not after: Sun 02 Mar 2025 00:00:00 +0000 asID: 63914 IP address blocks: 103.23.31.0/24 maxlen: 24 103.43.230.0/24 maxlen: 24 103.228.134.0/23 maxlen: 23 202.0.94.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917E475/DBFB3EB4E41A11E9AD79B811C4F9AE02/_whTCVKXG6BlIktSH1ZWO20hJO0.crl rsync://rpki.apnic.net/member_repository/A917E475/DBFB3EB4E41A11E9AD79B811C4F9AE02/_whTCVKXG6BlIktSH1ZWO20hJO0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_whTCVKXG6BlIktSH1ZWO20hJO0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 29 May 2024 19:00:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3019 (0xbcb) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917E475/serialNumber=FF08530952971BA065224B521F56563B6D2124ED Validity Not Before: Nov 14 19:06:18 2023 GMT Not After : Mar 2 00:00:00 2025 GMT Subject: CN=6553c529-b0a8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:9e:b2:ab:60:48:5c:e9:fb:32:e3:7c:f7:b9: 49:00:ef:18:7b:4e:be:e0:e9:77:da:75:08:cf:77: 07:df:27:54:23:06:fa:06:3d:75:95:35:91:ff:98: 55:9e:4b:3c:90:b8:ed:59:a0:63:51:54:5b:8c:32: 18:02:8d:d0:44:ea:29:2e:a1:f0:f0:16:bc:5f:09: ce:6e:a8:d1:e7:18:ef:cf:61:06:03:68:1d:0a:c1: 37:28:64:1c:86:c8:a1:5f:ff:c9:d9:86:b1:5b:88: 33:3a:0a:b6:6e:fb:9f:0c:ef:be:0f:4f:ff:1b:3f: 48:2e:80:ab:2f:20:f4:be:df:8a:29:34:cf:07:3d: 35:5c:23:64:21:e3:c7:f3:04:bc:29:95:61:3c:0c: 7b:dd:bb:2a:73:02:1b:8b:be:75:85:3d:1b:1f:8c: 26:da:bf:38:b2:d4:3f:ea:13:75:c3:d2:e9:65:fd: 28:fc:0a:dc:7b:e8:1b:e4:17:d5:cd:65:2b:6c:e1: 0d:ac:86:3b:67:68:e7:b1:cf:ee:84:f9:be:09:b4: 35:33:b3:ac:45:4f:be:d4:69:65:fa:1d:68:dd:da: d1:cd:6b:6c:6e:8f:81:62:70:63:4c:85:e0:62:94: a2:14:c6:c2:ed:65:56:32:e0:30:7b:cb:70:17:88: ee:d3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8D:43:D3:E0:8C:8B:13:85:05:F4:B4:CA:20:91:49:DD:62:1D:49:C7 X509v3 Authority Key Identifier: keyid:FF:08:53:09:52:97:1B:A0:65:22:4B:52:1F:56:56:3B:6D:21:24:ED X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917E475/DBFB3EB4E41A11E9AD79B811C4F9AE02/_whTCVKXG6BlIktSH1ZWO20hJO0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_whTCVKXG6BlIktSH1ZWO20hJO0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917E475/DBFB3EB4E41A11E9AD79B811C4F9AE02/3A8AC908E41C11E9AD4A8D16C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.23.31.0/24 103.43.230.0/24 103.228.134.0/23 202.0.94.0/24 Signature Algorithm: sha256WithRSAEncryption 67:e9:f5:16:e6:21:a3:85:73:f4:03:20:ae:e6:cd:58:a2:42: e7:83:8d:ba:8f:c1:33:44:d2:d5:73:bc:8b:8d:b1:a5:7e:97: 4f:5d:b4:f2:36:37:79:ac:3e:f0:1e:32:4d:8d:56:ab:ef:8d: a8:d5:0d:ce:65:58:d4:ae:ee:c7:e6:8d:58:02:89:54:75:c8: 69:3a:dd:53:a3:f6:5e:4e:7c:34:d9:3b:5c:82:8b:5a:53:f2: 89:48:fc:6b:3d:a3:9d:2e:64:92:48:96:7d:43:06:7d:e7:f3: 03:0b:14:69:a4:83:61:44:a1:a9:31:4b:a0:f5:1d:5b:5e:16: e2:e0:20:6a:1b:b9:78:0c:bc:db:3d:75:16:5c:24:f2:2a:de: b0:2d:ee:1d:85:29:d8:e4:a2:58:b4:80:50:d4:05:62:9e:8e: 4b:69:5f:ba:43:29:95:cf:0a:64:72:90:f2:ac:a7:69:ff:90: c1:38:71:11:40:53:39:7c:07:e2:0a:8a:3c:58:1c:53:3b:1b: 6f:33:63:e1:f5:16:f3:ff:ac:fa:07:da:5c:cd:de:40:d5:31: b8:2e:c2:c3:3a:4f:d4:7e:e5:6b:b3:52:7e:6e:47:8c:7f:b1: 67:fe:ae:36:73:06:b7:c9:f6:81:aa:10:03:e6:55:0a:3c:57: c1:6e:47:c6 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgICC8swDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0U0NzUxMTAvBgNVBAUTKEZGMDg1MzA5NTI5NzFCQTA2NTIyNEI1MjFGNTY1NjNC NkQyMTI0RUQwHhcNMjMxMTE0MTkwNjE4WhcNMjUwMzAyMDAwMDAwWjAYMRYwFAYD VQQDEw02NTUzYzUyOS1iMGE4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAoZ6yq2BIXOn7MuN897lJAO8Ye06+4Ol32nUIz3cH3ydUIwb6Bj11lTWR/5hV nks8kLjtWaBjUVRbjDIYAo3QROopLqHw8Ba8XwnObqjR5xjvz2EGA2gdCsE3KGQc hsihX//J2YaxW4gzOgq2bvufDO++D0//Gz9ILoCrLyD0vt+KKTTPBz01XCNkIePH 8wS8KZVhPAx73bsqcwIbi751hT0bH4wm2r84stQ/6hN1w9LpZf0o/Arce+gb5BfV zWUrbOENrIY7Z2jnsc/uhPm+CbQ1M7OsRU++1Gll+h1o3drRzWtsbo+BYnBjTIXg YpSiFMbC7WVWMuAwe8twF4ju0wIDAQABo4ICpzCCAqMwHQYDVR0OBBYEFI1D0+CM ixOFBfS0yiCRSd1iHUnHMB8GA1UdIwQYMBaAFP8IUwlSlxugZSJLUh9WVjttISTt MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3RTQ3NS9EQkZCM0VCNEU0 MUExMUU5QUQ3OUI4MTFDNEY5QUUwMi9fd2hUQ1ZLWEc2QmxJa3RTSDFaV08yMGhK TzAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL193aFRDVktYRzZCbElrdFNIMVpXTzIwaEpPMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx N0U0NzUvREJGQjNFQjRFNDFBMTFFOUFENzlCODExQzRGOUFFMDIvM0E4QUM5MDhF NDFDMTFFOUFENEE4RDE2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMQYIKwYBBQUHAQcBAf8E IjAgMB4EAgABMBgDBABnFx8DBABnK+YDBAFn5IYDBADKAF4wDQYJKoZIhvcNAQEL BQADggEBAGfp9RbmIaOFc/QDIK7mzViiQueDjbqPwTNE0tVzvIuNsaV+l09dtPI2 N3msPvAeMk2NVqvvjajVDc5lWNSu7sfmjVgCiVR1yGk63VOj9l5OfDTZO1yCi1pT 8olI/Gs9o50uZJJIln1DBn3n8wMLFGmkg2FEoakxS6D1HVteFuLgIGobuXgMvNs9 dRZcJPIq3rAt7h2FKdjkoli0gFDUBWKejktpX7pDKZXPCmRykPKsp2n/kME4cRFA Uzl8B+IKijxYHFM7G28zY+H1FvP/rPoH2lzN3kDVMbguwsM6T9R+5WuzUn5uR4x/ sWf+rjZzBrfJ9oGqEAPmVQo8V8FuR8Y= -----END CERTIFICATE-----Generated at Wed May 22 20:42:48 2024 by rpki-client on console-fra.rpki-client.org