$ rpki-client -vvf rpki.apnic.net/member_repository/A9188F6D/9A5B1A9EF66A11E9BF50697AC4F9AE02/BA4B6EF2FFC611EEBEC2A923C4F9AE02.roa File: BA4B6EF2FFC611EEBEC2A923C4F9AE02.roa (raw, json) Hash identifier: zVCHn+B16uovb8iYfGPRv1+3pqv5L/1tF4Jgj3AV9zo= Subject key identifier: 5F:D3:7A:1E:B2:00:11:EC:49:9F:AE:B4:29:78:DA:99:2D:89:F6:CA Certificate issuer: /CN=A9188F6D/serialNumber=FD06B1508557F65F68CCBA3C203ECAAD075DD19B Certificate serial: 0C50 Authority key identifier: FD:06:B1:50:85:57:F6:5F:68:CC:BA:3C:20:3E:CA:AD:07:5D:D1:9B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_QaxUIVX9l9ozLo8ID7KrQdd0Zs.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9188F6D/9A5B1A9EF66A11E9BF50697AC4F9AE02/BA4B6EF2FFC611EEBEC2A923C4F9AE02.roa Signing time: Sun 21 Apr 2024 10:05:49 +0000 ROA not before: Sun 21 Apr 2024 10:05:49 +0000 ROA not after: Thu 01 May 2025 00:00:00 +0000 asID: 137453 IP address blocks: 103.109.93.0/24 maxlen: 24 103.109.94.0/24 maxlen: 24 144.48.151.0/24 maxlen: 24 2404:4c0:a::/48 maxlen: 48 2404:4c0:b::/48 maxlen: 48 2404:4c0:c::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9188F6D/9A5B1A9EF66A11E9BF50697AC4F9AE02/_QaxUIVX9l9ozLo8ID7KrQdd0Zs.crl rsync://rpki.apnic.net/member_repository/A9188F6D/9A5B1A9EF66A11E9BF50697AC4F9AE02/_QaxUIVX9l9ozLo8ID7KrQdd0Zs.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_QaxUIVX9l9ozLo8ID7KrQdd0Zs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 25 May 2024 14:50:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3152 (0xc50) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9188F6D/serialNumber=FD06B1508557F65F68CCBA3C203ECAAD075DD19B Validity Not Before: Apr 21 10:05:49 2024 GMT Not After : May 1 00:00:00 2025 GMT Subject: CN=6624e4fd-d036 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:5b:b0:f3:b0:e1:72:3b:67:4e:63:17:77:98: bc:40:97:08:c6:f4:6f:31:4a:c1:cc:d7:ed:85:32: e4:b6:15:f1:19:47:c2:96:ec:e2:19:6a:5d:4c:e4: 62:bb:ca:bf:86:8d:8d:cb:44:c6:fc:57:0d:59:f3: 82:4c:12:12:c5:23:43:31:28:8f:3d:01:92:73:e6: 0f:3c:f6:ab:3e:f0:33:cd:f0:18:73:bd:c0:bd:11: 08:b9:cb:bb:76:14:c8:10:c8:b3:b6:b8:ba:71:2d: b4:bd:88:2f:a9:23:ae:65:9c:74:da:34:18:64:2d: 00:7d:f7:d5:56:52:36:74:6a:d4:8c:99:fc:c5:f6: 4c:ac:1d:23:74:81:17:0c:f0:5d:51:ec:9b:69:63: 19:e3:8f:e4:0d:94:46:8a:31:f7:54:4c:41:9a:0c: 20:2a:1c:a6:8b:36:75:ac:0f:5a:1c:74:63:05:04: b6:17:ae:f7:06:38:fb:62:0c:06:a6:5f:51:63:09: cb:7f:f2:5e:1c:7f:e8:79:7e:6c:c5:5c:80:c6:68: 7a:e8:39:c7:8e:26:86:d2:82:56:30:4d:1e:c5:ed: e7:69:ad:8c:6c:8c:c6:46:67:d0:a9:cd:e3:8b:06: cf:66:c6:9b:41:5e:dc:91:f5:05:e0:8e:02:6e:20: df:27 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5F:D3:7A:1E:B2:00:11:EC:49:9F:AE:B4:29:78:DA:99:2D:89:F6:CA X509v3 Authority Key Identifier: keyid:FD:06:B1:50:85:57:F6:5F:68:CC:BA:3C:20:3E:CA:AD:07:5D:D1:9B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9188F6D/9A5B1A9EF66A11E9BF50697AC4F9AE02/_QaxUIVX9l9ozLo8ID7KrQdd0Zs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_QaxUIVX9l9ozLo8ID7KrQdd0Zs.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9188F6D/9A5B1A9EF66A11E9BF50697AC4F9AE02/BA4B6EF2FFC611EEBEC2A923C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.109.93.0-103.109.94.255 144.48.151.0/24 IPv6: 2404:4c0:a::-2404:4c0:c:ffff:ffff:ffff:ffff:ffff Signature Algorithm: sha256WithRSAEncryption a3:9c:ab:c3:ae:2d:f7:fb:c0:3e:0c:da:97:3f:09:7d:5b:ec: 19:c2:4e:b9:93:38:b7:e0:a5:53:2e:a2:89:42:12:70:b8:30: eb:7c:e5:50:6a:ff:43:45:f5:7f:96:b6:e4:cf:08:21:c0:b8: 5c:a3:23:a0:da:cb:58:dc:30:c5:ca:8a:cc:3d:2f:57:50:56: 40:2f:11:9e:03:03:2a:d2:39:05:85:47:69:7d:c5:fd:7b:06: 76:63:57:ec:f7:4e:a7:17:d6:c8:ec:f8:2f:61:07:7d:b4:62: 65:75:d4:1a:4c:5c:c4:aa:dc:99:f0:d0:75:2c:cf:a1:44:40: e3:b0:5b:a4:cf:e8:ae:01:08:e9:45:98:71:2f:18:d6:df:66: 81:b7:e0:8f:cb:87:e7:c6:9c:80:cb:7f:83:e9:1f:a2:f1:a1: dd:51:e6:d2:24:9d:06:d6:c8:b0:9a:b5:0e:2b:02:c6:a9:b8: e6:89:cd:11:6d:5f:ec:97:db:d4:86:c4:dc:be:5e:ba:49:73: dc:87:7c:ba:c6:2a:c3:ea:cf:3b:c5:2b:2f:cc:d1:5e:8b:f9: 25:0d:e6:dd:b3:75:58:3f:42:5d:c6:2e:cf:d1:9f:dd:e6:e5: c5:9c:fa:a1:fd:39:c0:bb:95:10:62:c0:9c:36:29:1a:54:0b: e0:f4:10:e1 -----BEGIN CERTIFICATE----- MIIFmzCCBIOgAwIBAgICDFAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx ODhGNkQxMTAvBgNVBAUTKEZEMDZCMTUwODU1N0Y2NUY2OENDQkEzQzIwM0VDQUFE MDc1REQxOUIwHhcNMjQwNDIxMTAwNTQ5WhcNMjUwNTAxMDAwMDAwWjAYMRYwFAYD VQQDEw02NjI0ZTRmZC1kMDM2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvFuw87DhcjtnTmMXd5i8QJcIxvRvMUrBzNfthTLkthXxGUfCluziGWpdTORi u8q/ho2Ny0TG/FcNWfOCTBISxSNDMSiPPQGSc+YPPParPvAzzfAYc73AvREIucu7 dhTIEMiztri6cS20vYgvqSOuZZx02jQYZC0AfffVVlI2dGrUjJn8xfZMrB0jdIEX DPBdUeybaWMZ44/kDZRGijH3VExBmgwgKhymizZ1rA9aHHRjBQS2F673Bjj7YgwG pl9RYwnLf/JeHH/oeX5sxVyAxmh66DnHjiaG0oJWME0exe3naa2MbIzGRmfQqc3j iwbPZsabQV7ckfUF4I4CbiDfJwIDAQABo4ICvzCCArswHQYDVR0OBBYEFF/Teh6y ABHsSZ+utCl42pktifbKMB8GA1UdIwQYMBaAFP0GsVCFV/ZfaMy6PCA+yq0HXdGb MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4OEY2RC85QTVCMUE5RUY2 NkExMUU5QkY1MDY5N0FDNEY5QUUwMi9fUWF4VUlWWDlsOW96TG84SUQ3S3JRZGQw WnMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL19RYXhVSVZYOWw5b3pMbzhJRDdLclFkZDBacy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx ODhGNkQvOUE1QjFBOUVGNjZBMTFFOUJGNTA2OTdBQzRGOUFFMDIvQkE0QjZFRjJG RkM2MTFFRUJFQzJBOTIzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwSQYIKwYBBQUHAQcBAf8E OjA4MBoEAgABMBQwDAMEAGdtXQMEAGdtXgMEAJAwlzAaBAIAAjAUMBIDBwEkBATA AAoDBwAkBATAAAwwDQYJKoZIhvcNAQELBQADggEBAKOcq8OuLff7wD4M2pc/CX1b 7BnCTrmTOLfgpVMuoolCEnC4MOt85VBq/0NF9X+WtuTPCCHAuFyjI6Day1jcMMXK isw9L1dQVkAvEZ4DAyrSOQWFR2l9xf17BnZjV+z3TqcX1sjs+C9hB320YmV11BpM XMSq3Jnw0HUsz6FEQOOwW6TP6K4BCOlFmHEvGNbfZoG34I/Lh+fGnIDLf4PpH6Lx od1R5tIknQbWyLCatQ4rAsapuOaJzRFtX+yX29SGxNy+XrpJc9yHfLrGKsPqzzvF Ky/M0V6L+SUN5t2zdVg/Ql3GLs/Rn93m5cWc+qH9OcC7lRBiwJw2KRpUC+D0EOE= -----END CERTIFICATE-----Generated at Sat May 18 20:16:00 2024 by rpki-client on console-ams.rpki-client.org