$ rpki-client -vvf rpki.apnic.net/member_repository/A91813F1/D0CAF384BA5911EA904FF91DC4F9AE02/0A8890FE2F4C11EDB0375D6CC4F9AE02.roa File: 0A8890FE2F4C11EDB0375D6CC4F9AE02.roa (raw, json) Hash identifier: TOoycVQLqh121NlJvNyjynwJnmqYx7f7wGx8GbND+mU= Subject key identifier: 5F:FA:5E:B2:07:55:3B:71:73:04:20:B8:41:03:38:85:42:41:FA:23 Certificate issuer: /CN=A91813F1/serialNumber=9EFEAA724D708CFE82C6B6BF270CBB5DD4306F20 Certificate serial: 0786 Authority key identifier: 9E:FE:AA:72:4D:70:8C:FE:82:C6:B6:BF:27:0C:BB:5D:D4:30:6F:20 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nv6qck1wjP6Cxra_Jwy7XdQwbyA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91813F1/D0CAF384BA5911EA904FF91DC4F9AE02/0A8890FE2F4C11EDB0375D6CC4F9AE02.roa Signing time: Wed 06 Sep 2023 21:29:02 +0000 ROA not before: Wed 06 Sep 2023 21:29:02 +0000 ROA not after: Thu 31 Oct 2024 00:00:00 +0000 asID: 6939 IP address blocks: 103.253.24.0/24 maxlen: 24 103.253.25.0/24 maxlen: 24 103.253.26.0/24 maxlen: 24 103.253.27.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91813F1/D0CAF384BA5911EA904FF91DC4F9AE02/nv6qck1wjP6Cxra_Jwy7XdQwbyA.crl rsync://rpki.apnic.net/member_repository/A91813F1/D0CAF384BA5911EA904FF91DC4F9AE02/nv6qck1wjP6Cxra_Jwy7XdQwbyA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nv6qck1wjP6Cxra_Jwy7XdQwbyA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 01 May 2024 21:46:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1926 (0x786) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91813F1/serialNumber=9EFEAA724D708CFE82C6B6BF270CBB5DD4306F20 Validity Not Before: Sep 6 21:29:02 2023 GMT Not After : Oct 31 00:00:00 2024 GMT Subject: CN=64f8ef1e-49cd Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f5:c2:b1:0e:a2:33:1f:b2:01:62:d8:34:33:84: 35:96:1d:6d:1c:62:77:dc:f7:62:ad:52:b7:c4:99: ca:db:14:97:09:c8:8f:01:e1:e4:2f:e3:83:64:3c: 15:49:8f:59:53:e3:66:b4:6f:c4:79:47:df:f3:17: 88:aa:6d:2e:6c:94:83:73:f6:09:d3:b3:c4:0f:9c: dd:d9:8e:de:b7:46:1a:20:f5:dd:aa:1e:a8:08:d5: 57:a9:56:ab:9d:96:54:08:15:69:1a:d7:98:76:74: dc:ec:ab:c7:54:71:6e:b1:96:28:0f:75:2c:f2:7f: ff:e0:27:7b:fb:78:dc:97:5a:93:9e:af:23:97:46: 2e:51:e5:6f:cb:ec:db:bc:39:f1:55:82:e8:67:95: bd:75:9a:e1:85:c2:86:10:d9:f3:51:5f:a1:ed:f2: 3b:0a:11:b0:35:fe:f9:b6:9a:30:fe:91:c2:33:ce: bb:74:2b:e3:bc:58:97:14:c8:77:71:b9:50:2b:75: 3f:65:63:71:b8:61:4d:08:dc:3f:f9:af:66:1f:8e: cd:2f:fa:94:31:89:c1:cf:8b:00:48:e5:90:a8:64: f4:aa:00:6e:a5:b9:93:fb:ed:53:e4:a1:1d:0b:02: a7:6b:85:8a:79:69:03:70:dc:b3:05:b8:ea:bf:b6: c2:99 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5F:FA:5E:B2:07:55:3B:71:73:04:20:B8:41:03:38:85:42:41:FA:23 X509v3 Authority Key Identifier: keyid:9E:FE:AA:72:4D:70:8C:FE:82:C6:B6:BF:27:0C:BB:5D:D4:30:6F:20 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91813F1/D0CAF384BA5911EA904FF91DC4F9AE02/nv6qck1wjP6Cxra_Jwy7XdQwbyA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nv6qck1wjP6Cxra_Jwy7XdQwbyA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91813F1/D0CAF384BA5911EA904FF91DC4F9AE02/0A8890FE2F4C11EDB0375D6CC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.253.24.0/22 Signature Algorithm: sha256WithRSAEncryption 7d:77:7b:b7:7d:f9:d0:56:90:b9:f2:bf:2b:35:d0:2a:08:da: db:55:16:33:fc:63:dc:6d:17:67:37:ce:6e:4e:55:56:c0:11: f4:24:ce:7e:29:b9:6b:da:51:77:a8:ef:a3:ea:6c:84:5d:4b: b4:79:11:45:59:12:03:cd:34:e9:1a:37:6d:38:b8:10:f2:bd: 42:fe:5e:6c:ac:d9:66:6b:99:8a:60:1f:b1:63:13:29:e1:f0: 8e:94:b2:86:48:2f:ae:fa:d6:fd:4f:a6:b5:08:03:51:0f:79: 80:60:6c:65:c7:03:8d:56:c6:4d:89:16:fa:0b:1a:6b:96:b9: e0:5b:e1:86:4f:8c:62:d9:f4:de:dd:28:01:be:27:6e:fc:3f: ab:75:71:d1:c5:a3:ce:72:75:85:8a:40:0b:a1:be:64:03:6a: 33:68:15:7c:23:68:86:a2:1a:7a:f6:bc:86:2c:4f:1f:3e:b2: 7c:8c:12:81:32:1b:91:cb:5c:27:ae:f2:90:d9:0e:3f:95:55: 0b:cd:5c:47:48:c5:d8:42:b5:59:66:5d:f6:0f:1f:bf:92:14: 12:59:d8:a1:18:b9:da:88:fd:e9:18:0b:29:d6:c6:fe:df:bb: f7:66:c3:7a:21:53:31:d5:d1:cd:0c:ab:6c:c1:35:90:d6:c0: 81:b5:83:65 -----BEGIN CERTIFICATE----- MIIFcTCCBFmgAwIBAgICB4YwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx ODEzRjExMTAvBgNVBAUTKDlFRkVBQTcyNEQ3MDhDRkU4MkM2QjZCRjI3MENCQjVE RDQzMDZGMjAwHhcNMjMwOTA2MjEyOTAyWhcNMjQxMDMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NGY4ZWYxZS00OWNkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA9cKxDqIzH7IBYtg0M4Q1lh1tHGJ33PdirVK3xJnK2xSXCciPAeHkL+ODZDwV SY9ZU+NmtG/EeUff8xeIqm0ubJSDc/YJ07PED5zd2Y7et0YaIPXdqh6oCNVXqVar nZZUCBVpGteYdnTc7KvHVHFusZYoD3Us8n//4Cd7+3jcl1qTnq8jl0YuUeVvy+zb vDnxVYLoZ5W9dZrhhcKGENnzUV+h7fI7ChGwNf75tpow/pHCM867dCvjvFiXFMh3 cblQK3U/ZWNxuGFNCNw/+a9mH47NL/qUMYnBz4sASOWQqGT0qgBupbmT++1T5KEd CwKna4WKeWkDcNyzBbjqv7bCmQIDAQABo4IClTCCApEwHQYDVR0OBBYEFF/6XrIH VTtxcwQguEEDOIVCQfojMB8GA1UdIwQYMBaAFJ7+qnJNcIz+gsa2vycMu13UMG8g MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4MTNGMS9EMENBRjM4NEJB NTkxMUVBOTA0RkY5MURDNEY5QUUwMi9udjZxY2sxd2pQNkN4cmFfSnd5N1hkUXdi eUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL252NnFjazF3alA2Q3hyYV9Kd3k3WGRRd2J5QS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx ODEzRjEvRDBDQUYzODRCQTU5MTFFQTkwNEZGOTFEQzRGOUFFMDIvMEE4ODkwRkUy RjRDMTFFREIwMzc1RDZDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E EDAOMAwEAgABMAYDBAJn/RgwDQYJKoZIhvcNAQELBQADggEBAH13e7d9+dBWkLny vys10CoI2ttVFjP8Y9xtF2c3zm5OVVbAEfQkzn4puWvaUXeo76PqbIRdS7R5EUVZ EgPNNOkaN204uBDyvUL+Xmys2WZrmYpgH7FjEynh8I6UsoZIL6761v1PprUIA1EP eYBgbGXHA41Wxk2JFvoLGmuWueBb4YZPjGLZ9N7dKAG+J278P6t1cdHFo85ydYWK QAuhvmQDajNoFXwjaIaiGnr2vIYsTx8+snyMEoEyG5HLXCeu8pDZDj+VVQvNXEdI xdhCtVlmXfYPH7+SFBJZ2KEYudqI/ekYCynWxv7fu/dmw3ohUzHV0c0Mq2zBNZDW wIG1g2U= -----END CERTIFICATE-----Generated at Wed Apr 24 22:30:02 2024 by rpki-client on console-fra.rpki-client.org