$ rpki-client -vvf rpki.apnic.net/member_repository/A9189311/13AFF6F6B24D11E4B67F185FC4F9AE02/F5BBEA5AF6A611E7B40C7427C4F9AE02.roa File: F5BBEA5AF6A611E7B40C7427C4F9AE02.roa (raw, json) Hash identifier: jZ94Uq8FHCXXnitnDn5/qXCMyoMAkxZffV3TIDmL9po= Subject key identifier: 11:0F:82:E7:AA:38:92:2A:88:9D:F9:2C:DB:01:2C:1D:B7:68:70:70 Certificate issuer: /CN=A9189311/serialNumber=7B7754A82DD063A47E8EC35D163EF6B2448D12DB Certificate serial: 267B Authority key identifier: 7B:77:54:A8:2D:D0:63:A4:7E:8E:C3:5D:16:3E:F6:B2:44:8D:12:DB Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/e3dUqC3QY6R-jsNdFj72skSNEts.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9189311/13AFF6F6B24D11E4B67F185FC4F9AE02/F5BBEA5AF6A611E7B40C7427C4F9AE02.roa Signing time: Wed 20 Dec 2023 16:02:28 +0000 ROA not before: Wed 20 Dec 2023 16:02:28 +0000 ROA not after: Sun 02 Mar 2025 00:00:00 +0000 asID: 23991 IP address blocks: 103.35.108.0/22 maxlen: 24 202.40.176.0/20 maxlen: 24 2401:e900::/32 maxlen: 32 2401:e900::/48 maxlen: 48 2401:e900:1::/48 maxlen: 48 2401:e900:2::/48 maxlen: 48 2401:e900:3::/48 maxlen: 48 2401:e900:4::/48 maxlen: 48 2401:e900:5::/48 maxlen: 48 2401:e900:6::/48 maxlen: 48 2401:e900:7::/48 maxlen: 48 2401:e900:8::/48 maxlen: 48 2401:e900:9::/48 maxlen: 48 2401:e900:a::/48 maxlen: 48 2401:e900:b::/48 maxlen: 48 2401:e900:c::/48 maxlen: 48 2401:e900:d::/48 maxlen: 48 2401:e900:e::/48 maxlen: 48 2401:e900:f::/48 maxlen: 48 2401:e900:10::/48 maxlen: 48 2401:e900:11::/48 maxlen: 48 2401:e900:12::/48 maxlen: 48 2401:e900:1000::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9189311/13AFF6F6B24D11E4B67F185FC4F9AE02/e3dUqC3QY6R-jsNdFj72skSNEts.crl rsync://rpki.apnic.net/member_repository/A9189311/13AFF6F6B24D11E4B67F185FC4F9AE02/e3dUqC3QY6R-jsNdFj72skSNEts.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/e3dUqC3QY6R-jsNdFj72skSNEts.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 25 May 2024 14:50:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 9851 (0x267b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9189311/serialNumber=7B7754A82DD063A47E8EC35D163EF6B2448D12DB Validity Not Before: Dec 20 16:02:28 2023 GMT Not After : Mar 2 00:00:00 2025 GMT Subject: CN=65831014-5134 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:43:42:6b:80:01:d7:c3:4e:35:43:60:67:b9: 0c:f1:2e:7d:cb:9b:97:1d:72:ed:a6:02:f7:c1:ce: 2d:eb:29:ed:f4:cc:7c:eb:88:e4:12:ca:91:9e:c7: 5b:e6:bb:b1:7a:05:6f:86:24:20:a8:a9:09:41:8e: b3:23:eb:de:56:2b:49:5e:a8:74:47:ec:b0:70:9e: e2:10:43:ee:e1:41:19:c1:6a:78:a5:80:2b:29:eb: 15:93:5a:5f:62:37:77:b6:c7:49:33:fa:53:a0:a0: e7:f3:53:51:13:80:2a:8c:a9:9f:d7:8b:60:8b:f1: 8f:c4:b9:fe:bd:95:a3:c9:f2:40:a3:e1:7b:76:b9: 40:7a:a2:ac:14:09:95:1e:51:a7:48:3a:30:3e:c1: 96:c4:92:97:19:ba:af:e2:39:05:3f:34:6f:ec:52: 8c:8e:34:f6:9d:6c:d3:f4:93:22:a9:8b:d9:d5:15: e0:e5:cf:43:2b:58:79:71:16:a0:d7:3b:d7:04:91: 3f:da:4c:e1:19:d6:fa:ed:ff:76:55:34:6d:93:0f: 03:9a:b0:06:fa:97:36:0f:49:d0:e8:d3:0d:22:7e: c5:6d:30:72:80:95:1f:12:21:62:8e:da:89:f1:0c: 48:ba:81:fc:f7:6f:f3:48:6f:94:8b:f1:ea:3d:d1: 7b:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 11:0F:82:E7:AA:38:92:2A:88:9D:F9:2C:DB:01:2C:1D:B7:68:70:70 X509v3 Authority Key Identifier: keyid:7B:77:54:A8:2D:D0:63:A4:7E:8E:C3:5D:16:3E:F6:B2:44:8D:12:DB X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9189311/13AFF6F6B24D11E4B67F185FC4F9AE02/e3dUqC3QY6R-jsNdFj72skSNEts.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/e3dUqC3QY6R-jsNdFj72skSNEts.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9189311/13AFF6F6B24D11E4B67F185FC4F9AE02/F5BBEA5AF6A611E7B40C7427C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.35.108.0/22 202.40.176.0/20 IPv6: 2401:e900::/32 Signature Algorithm: sha256WithRSAEncryption 75:22:ef:82:0f:a1:b4:1b:f9:10:88:ea:79:ae:73:af:3a:e8: fe:54:21:84:f4:9e:ba:45:46:90:ec:e5:2a:07:ce:32:83:89: 6e:ed:70:8d:4a:31:db:68:d7:27:17:c0:a3:f0:ae:5e:e4:9d: f8:39:ba:36:8f:8e:45:ab:7a:2b:93:82:2c:57:24:d6:9c:23: c2:86:e6:35:51:00:d5:b3:c6:c8:23:2d:c0:b4:48:82:c9:9e: 87:d1:93:86:fb:91:fd:db:a7:03:fc:1f:86:63:00:8e:5f:db: 6e:21:10:ed:be:9d:da:4f:1c:53:8f:4d:d0:46:dd:0f:83:82: 48:7c:d5:3d:83:13:98:7e:de:81:c5:23:2b:27:3d:e4:44:52: 8f:77:2e:e3:c2:77:97:52:55:b9:48:5e:a3:95:75:92:b2:c2: 7b:e0:39:35:72:c2:74:0d:07:d1:b1:43:c4:11:a2:7f:14:14: cb:15:98:9f:e5:80:85:19:88:40:d8:0b:a7:2e:03:b8:1a:b9: a8:72:94:d8:7f:4d:d8:af:e0:23:1b:af:80:c8:05:74:61:b7: 87:12:64:4f:94:00:6e:f2:44:04:2a:f4:bc:6d:b9:86:28:0a: 2e:fe:0e:42:20:13:e8:b7:dc:1c:d6:56:d8:c0:77:f8:73:4f: 02:87:d0:59 -----BEGIN CERTIFICATE----- MIIFhjCCBG6gAwIBAgICJnswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx ODkzMTExMTAvBgNVBAUTKDdCNzc1NEE4MkREMDYzQTQ3RThFQzM1RDE2M0VGNkIy NDQ4RDEyREIwHhcNMjMxMjIwMTYwMjI4WhcNMjUwMzAyMDAwMDAwWjAYMRYwFAYD VQQDEw02NTgzMTAxNC01MTM0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtkNCa4AB18NONUNgZ7kM8S59y5uXHXLtpgL3wc4t6ynt9Mx864jkEsqRnsdb 5ruxegVvhiQgqKkJQY6zI+veVitJXqh0R+ywcJ7iEEPu4UEZwWp4pYArKesVk1pf Yjd3tsdJM/pToKDn81NRE4AqjKmf14tgi/GPxLn+vZWjyfJAo+F7drlAeqKsFAmV HlGnSDowPsGWxJKXGbqv4jkFPzRv7FKMjjT2nWzT9JMiqYvZ1RXg5c9DK1h5cRag 1zvXBJE/2kzhGdb67f92VTRtkw8DmrAG+pc2D0nQ6NMNIn7FbTBygJUfEiFijtqJ 8QxIuoH892/zSG+Ui/HqPdF7awIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFBEPgueq OJIqiJ35LNsBLB23aHBwMB8GA1UdIwQYMBaAFHt3VKgt0GOkfo7DXRY+9rJEjRLb MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4OTMxMS8xM0FGRjZGNkIy NEQxMUU0QjY3RjE4NUZDNEY5QUUwMi9lM2RVcUMzUVk2Ui1qc05kRmo3MnNrU05F dHMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2UzZFVxQzNRWTZSLWpzTmRGajcyc2tTTkV0cy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx ODkzMTEvMTNBRkY2RjZCMjREMTFFNEI2N0YxODVGQzRGOUFFMDIvRjVCQkVBNUFG NkE2MTFFN0I0MEM3NDI3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E JTAjMBIEAgABMAwDBAJnI2wDBATKKLAwDQQCAAIwBwMFACQB6QAwDQYJKoZIhvcN AQELBQADggEBAHUi74IPobQb+RCI6nmuc6866P5UIYT0nrpFRpDs5SoHzjKDiW7t cI1KMdto1ycXwKPwrl7knfg5ujaPjkWreiuTgixXJNacI8KG5jVRANWzxsgjLcC0 SILJnofRk4b7kf3bpwP8H4ZjAI5f224hEO2+ndpPHFOPTdBG3Q+Dgkh81T2DE5h+ 3oHFIysnPeREUo93LuPCd5dSVblIXqOVdZKywnvgOTVywnQNB9GxQ8QRon8UFMsV mJ/lgIUZiEDYC6cuA7gauahylNh/Tdiv4CMbr4DIBXRht4cSZE+UAG7yRAQq9Lxt uYYoCi7+DkIgE+i33BzWVtjAd/hzTwKH0Fk= -----END CERTIFICATE-----Generated at Sat May 18 16:57:54 2024 by rpki-client on console-fra.rpki-client.org