$ rpki-client -vvf rpki.apnic.net/member_repository/A91813F1/D0CAF384BA5911EA904FF91DC4F9AE02/0A8890FE2F4C11EDB0375D6CC4F9AE02.roa File: 0A8890FE2F4C11EDB0375D6CC4F9AE02.roa (raw, json) Hash identifier: sSNo+/dLUh/bje18BPzZPQTxMEMoTmVIKuRUAdfqRAo= Subject key identifier: FE:9D:9D:6F:EC:BB:0F:87:CA:62:95:F9:97:1D:51:45:40:A0:CE:C0 Certificate issuer: /CN=A91813F1/serialNumber=9EFEAA724D708CFE82C6B6BF270CBB5DD4306F20 Certificate serial: 0844 Authority key identifier: 9E:FE:AA:72:4D:70:8C:FE:82:C6:B6:BF:27:0C:BB:5D:D4:30:6F:20 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nv6qck1wjP6Cxra_Jwy7XdQwbyA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91813F1/D0CAF384BA5911EA904FF91DC4F9AE02/0A8890FE2F4C11EDB0375D6CC4F9AE02.roa Signing time: Mon 02 Sep 2024 21:29:50 +0000 ROA not before: Mon 02 Sep 2024 21:29:50 +0000 ROA not after: Fri 31 Oct 2025 00:00:00 +0000 asID: 6939 IP address blocks: 103.253.24.0/24 maxlen: 24 103.253.25.0/24 maxlen: 24 103.253.26.0/24 maxlen: 24 103.253.27.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91813F1/D0CAF384BA5911EA904FF91DC4F9AE02/nv6qck1wjP6Cxra_Jwy7XdQwbyA.crl rsync://rpki.apnic.net/member_repository/A91813F1/D0CAF384BA5911EA904FF91DC4F9AE02/nv6qck1wjP6Cxra_Jwy7XdQwbyA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nv6qck1wjP6Cxra_Jwy7XdQwbyA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 01 Dec 2024 17:11:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2116 (0x844) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91813F1/serialNumber=9EFEAA724D708CFE82C6B6BF270CBB5DD4306F20 Validity Not Before: Sep 2 21:29:50 2024 GMT Not After : Oct 31 00:00:00 2025 GMT Subject: CN=66d62e4d-1ec8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:6f:c0:83:ee:f4:be:53:c8:55:28:ce:9b:f2: 97:bb:8f:41:fd:77:0a:28:39:9d:02:ac:fe:a3:8c: 21:a7:63:f0:ed:71:dc:c0:8c:17:1c:ca:b8:03:ae: 8e:26:42:0f:93:0b:91:cf:53:28:f4:0a:22:45:54: 0d:00:74:96:37:69:47:d2:5a:ea:38:55:27:d0:c9: 0a:3d:49:ac:34:de:2a:4d:9f:22:09:b2:07:10:b0: 8a:e4:21:8c:33:9b:cf:5c:09:ac:ae:32:51:26:68: 6f:2a:e9:72:c8:72:72:12:7a:7c:bd:47:56:c5:32: 94:cb:5d:aa:a4:2d:6c:11:30:ec:c3:3a:69:5d:da: 5f:66:61:f6:ba:fd:96:da:95:78:b5:85:96:a8:ee: 37:21:37:3d:41:f0:18:22:cc:7b:a6:de:cc:ed:70: c2:7e:38:fc:8a:7a:18:73:0e:a1:65:a0:5a:19:7f: b2:2b:9d:e4:a9:21:51:df:44:b6:39:d1:78:81:c9: 58:85:87:16:90:ab:40:72:bd:1b:99:e2:2d:45:87: 14:6d:ac:49:04:08:42:a2:2c:f7:cf:bf:c2:9b:3a: 60:7a:6e:14:3b:de:61:3e:02:d3:44:c0:01:26:21: 8c:98:c4:8a:b8:1e:99:5d:11:3a:fb:77:b6:37:50: f3:b5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FE:9D:9D:6F:EC:BB:0F:87:CA:62:95:F9:97:1D:51:45:40:A0:CE:C0 X509v3 Authority Key Identifier: keyid:9E:FE:AA:72:4D:70:8C:FE:82:C6:B6:BF:27:0C:BB:5D:D4:30:6F:20 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91813F1/D0CAF384BA5911EA904FF91DC4F9AE02/nv6qck1wjP6Cxra_Jwy7XdQwbyA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nv6qck1wjP6Cxra_Jwy7XdQwbyA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91813F1/D0CAF384BA5911EA904FF91DC4F9AE02/0A8890FE2F4C11EDB0375D6CC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.253.24.0/22 Signature Algorithm: sha256WithRSAEncryption 38:5f:f3:37:bf:76:03:5e:78:73:0d:12:14:82:2b:82:d9:8e: 62:99:85:4b:c8:e2:c8:3b:df:79:4d:fe:86:72:50:63:ae:c4: 55:75:ab:87:82:dd:b5:0d:4c:76:f6:52:0c:22:48:da:cb:14: 8e:f2:c7:2a:53:74:b0:b6:89:41:ba:6e:fe:9d:8c:02:f9:8d: 2d:0d:87:54:c4:2f:5c:3a:97:6a:ad:34:7c:22:b9:f4:c6:12: fc:95:dd:66:47:dd:f1:a1:2d:0f:9f:39:fc:ee:64:7c:9d:66: dc:f9:0b:82:8c:d0:4b:3e:4a:d0:c8:25:a4:b7:b4:32:3a:cc: 6e:ae:60:6f:4d:4e:6b:54:17:fb:21:94:e2:c2:c5:a6:66:0c: 13:4a:36:0a:49:f2:2d:42:81:44:ef:bd:fb:c8:37:82:a6:e6: cb:f2:9c:37:76:fe:ee:62:59:d5:00:e1:6a:79:a4:fe:5d:b5: 83:14:f6:18:2e:71:db:d1:f0:07:d9:85:46:2a:6f:75:da:69: 3c:16:fd:24:05:96:36:ff:9b:d7:9b:b8:fe:f8:24:25:aa:18: f5:bb:fa:9e:1e:d6:a7:46:cc:e2:a9:e9:90:d7:4a:87:30:cc: 6e:e3:d7:12:6c:20:7d:51:05:8f:26:fb:55:25:df:9d:37:74: a6:02:86:12 -----BEGIN CERTIFICATE----- MIIFcTCCBFmgAwIBAgICCEQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx ODEzRjExMTAvBgNVBAUTKDlFRkVBQTcyNEQ3MDhDRkU4MkM2QjZCRjI3MENCQjVE RDQzMDZGMjAwHhcNMjQwOTAyMjEyOTUwWhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NmQ2MmU0ZC0xZWM4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAy2/Ag+70vlPIVSjOm/KXu49B/XcKKDmdAqz+o4whp2Pw7XHcwIwXHMq4A66O JkIPkwuRz1Mo9AoiRVQNAHSWN2lH0lrqOFUn0MkKPUmsNN4qTZ8iCbIHELCK5CGM M5vPXAmsrjJRJmhvKulyyHJyEnp8vUdWxTKUy12qpC1sETDswzppXdpfZmH2uv2W 2pV4tYWWqO43ITc9QfAYIsx7pt7M7XDCfjj8inoYcw6hZaBaGX+yK53kqSFR30S2 OdF4gclYhYcWkKtAcr0bmeItRYcUbaxJBAhCoiz3z7/Cmzpgem4UO95hPgLTRMAB JiGMmMSKuB6ZXRE6+3e2N1DztQIDAQABo4IClTCCApEwHQYDVR0OBBYEFP6dnW/s uw+HymKV+ZcdUUVAoM7AMB8GA1UdIwQYMBaAFJ7+qnJNcIz+gsa2vycMu13UMG8g MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4MTNGMS9EMENBRjM4NEJB NTkxMUVBOTA0RkY5MURDNEY5QUUwMi9udjZxY2sxd2pQNkN4cmFfSnd5N1hkUXdi eUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL252NnFjazF3alA2Q3hyYV9Kd3k3WGRRd2J5QS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx ODEzRjEvRDBDQUYzODRCQTU5MTFFQTkwNEZGOTFEQzRGOUFFMDIvMEE4ODkwRkUy RjRDMTFFREIwMzc1RDZDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E EDAOMAwEAgABMAYDBAJn/RgwDQYJKoZIhvcNAQELBQADggEBADhf8ze/dgNeeHMN EhSCK4LZjmKZhUvI4sg733lN/oZyUGOuxFV1q4eC3bUNTHb2UgwiSNrLFI7yxypT dLC2iUG6bv6djAL5jS0Nh1TEL1w6l2qtNHwiufTGEvyV3WZH3fGhLQ+fOfzuZHyd Ztz5C4KM0Es+StDIJaS3tDI6zG6uYG9NTmtUF/shlOLCxaZmDBNKNgpJ8i1CgUTv vfvIN4Km5svynDd2/u5iWdUA4Wp5pP5dtYMU9hgucdvR8AfZhUYqb3XaaTwW/SQF ljb/m9ebuP74JCWqGPW7+p4e1qdGzOKp6ZDXSocwzG7j1xJsIH1RBY8m+1Ul3503 dKYChhI= -----END CERTIFICATE-----