$ rpki-client -vvf rpki.apnic.net/member_repository/A919DB2F/EF59CEC40ADA11EC95F5F678C4F9AE02/8A0874C0AA5211EEAFC18554C4F9AE02.roa File: 8A0874C0AA5211EEAFC18554C4F9AE02.roa (raw, json) Hash identifier: 75j2/PaU0ayu5rgNK6jGfNnOnRX5lzxllgr71zLKF/I= Subject key identifier: A6:18:EE:8B:0E:7B:80:05:05:D5:A4:95:4C:B1:EA:6A:0D:A2:E0:FB Certificate issuer: /CN=A919DB2F/serialNumber=F9C3638059F864E84AE3BF50DAAC079C68463EA7 Certificate serial: 041B Authority key identifier: F9:C3:63:80:59:F8:64:E8:4A:E3:BF:50:DA:AC:07:9C:68:46:3E:A7 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-cNjgFn4ZOhK479Q2qwHnGhGPqc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A919DB2F/EF59CEC40ADA11EC95F5F678C4F9AE02/8A0874C0AA5211EEAFC18554C4F9AE02.roa Signing time: Wed 03 Jan 2024 16:09:57 +0000 ROA not before: Wed 03 Jan 2024 16:09:57 +0000 ROA not after: Sun 01 Dec 2024 00:00:00 +0000 asID: 146961 IP address blocks: 103.172.81.0/24 maxlen: 24 2001:df7:6680::/48 maxlen: 48 2400:8da0:ea00::/44 maxlen: 48 2400:8da0:eb00::/44 maxlen: 48 2400:8da0:ec00::/44 maxlen: 48 2400:8da0:ed00::/44 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A919DB2F/EF59CEC40ADA11EC95F5F678C4F9AE02/-cNjgFn4ZOhK479Q2qwHnGhGPqc.crl rsync://rpki.apnic.net/member_repository/A919DB2F/EF59CEC40ADA11EC95F5F678C4F9AE02/-cNjgFn4ZOhK479Q2qwHnGhGPqc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-cNjgFn4ZOhK479Q2qwHnGhGPqc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 26 May 2024 01:19:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1051 (0x41b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A919DB2F/serialNumber=F9C3638059F864E84AE3BF50DAAC079C68463EA7 Validity Not Before: Jan 3 16:09:57 2024 GMT Not After : Dec 1 00:00:00 2024 GMT Subject: CN=659586d5-93a1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:06:3d:76:99:e1:fd:20:da:d7:03:66:bc:87: d6:bf:eb:7d:13:bc:af:d9:d3:d4:1a:1a:c4:c9:38: af:58:fa:f7:c7:ad:e9:c0:22:07:d7:e0:0e:e6:c3: f3:8c:38:3c:6b:23:5e:e5:17:3d:d5:71:6b:be:5d: f6:a7:51:b1:af:35:ec:2a:6c:63:da:64:0a:20:4d: e2:a9:1c:bb:7f:d9:29:2f:7c:2b:5c:49:5c:21:0d: 8a:85:54:1e:6e:b6:92:81:5b:df:74:c3:cc:06:c4: 37:13:92:c6:9b:df:3e:e5:71:01:94:72:c2:d9:01: 11:4c:f7:0a:cf:82:16:42:4b:43:a4:3a:fc:b1:87: 61:7d:df:7c:e4:96:4a:25:92:12:d2:7f:24:c9:6d: 02:a2:78:1c:f3:0d:2e:73:26:ae:a4:f3:3d:54:ec: b7:98:b4:86:de:a1:0e:39:09:39:8e:27:c8:87:cb: a4:05:6d:09:ba:d7:4e:82:db:ff:31:1a:8c:91:fa: 5a:a9:79:59:09:6b:bd:92:d0:7c:96:b4:e1:fe:df: 2d:65:e0:ee:a0:5d:e8:d7:93:68:ba:83:c5:78:a6: 51:36:13:39:71:96:b7:74:2c:dc:9c:7b:e7:ac:e8: dd:37:85:2c:9c:60:e0:ef:18:68:d0:36:59:b0:29: 37:19 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A6:18:EE:8B:0E:7B:80:05:05:D5:A4:95:4C:B1:EA:6A:0D:A2:E0:FB X509v3 Authority Key Identifier: keyid:F9:C3:63:80:59:F8:64:E8:4A:E3:BF:50:DA:AC:07:9C:68:46:3E:A7 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A919DB2F/EF59CEC40ADA11EC95F5F678C4F9AE02/-cNjgFn4ZOhK479Q2qwHnGhGPqc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-cNjgFn4ZOhK479Q2qwHnGhGPqc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919DB2F/EF59CEC40ADA11EC95F5F678C4F9AE02/8A0874C0AA5211EEAFC18554C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.172.81.0/24 IPv6: 2001:df7:6680::/48 2400:8da0:ea00::/44 2400:8da0:eb00::/44 2400:8da0:ec00::/44 2400:8da0:ed00::/44 Signature Algorithm: sha256WithRSAEncryption 9f:23:03:27:b2:54:5f:bd:7f:a7:95:4d:11:70:99:0a:15:c6: 2f:fc:c7:dd:ab:6d:04:d2:90:ce:61:56:51:ef:31:17:88:a7: f5:9c:ef:08:5e:18:76:84:00:48:88:b9:01:cc:7f:d0:60:08: 86:6d:a8:71:04:ce:f2:96:97:fc:16:f7:59:5c:0f:eb:35:8d: 70:a0:7e:e0:75:bf:5b:4e:dc:59:14:38:5a:46:26:53:17:5b: 5d:96:7c:a9:46:cf:bd:9c:d7:52:c4:6f:13:d2:f3:4d:5b:44: 5d:08:10:12:b7:f4:21:1d:44:70:8a:7c:e4:b0:1b:d5:01:74: 7a:38:98:0f:6a:11:33:14:d6:62:93:5b:78:0a:39:2f:41:9e: 07:6b:65:f2:5b:ea:27:fd:5d:e8:29:3c:77:a7:c4:37:a1:87: a9:86:bd:e4:6e:16:3c:9d:97:81:00:f4:a4:e2:53:06:33:71: 2f:da:87:f0:f3:09:11:db:4a:c2:62:63:07:26:0d:a4:47:cd: b9:25:71:e8:73:5e:d3:fe:10:fa:da:2a:f0:95:14:4b:63:81: 23:ea:59:92:b1:d5:c6:84:69:dc:46:17:23:c3:08:94:eb:1a: 85:0b:75:6b:69:e4:2e:43:ce:6d:51:83:7e:2f:a7:37:a9:58: c6:27:a9:ed -----BEGIN CERTIFICATE----- MIIFpjCCBI6gAwIBAgICBBswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OURCMkYxMTAvBgNVBAUTKEY5QzM2MzgwNTlGODY0RTg0QUUzQkY1MERBQUMwNzlD Njg0NjNFQTcwHhcNMjQwMTAzMTYwOTU3WhcNMjQxMjAxMDAwMDAwWjAYMRYwFAYD VQQDEw02NTk1ODZkNS05M2ExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAqwY9dpnh/SDa1wNmvIfWv+t9E7yv2dPUGhrEyTivWPr3x63pwCIH1+AO5sPz jDg8ayNe5Rc91XFrvl32p1GxrzXsKmxj2mQKIE3iqRy7f9kpL3wrXElcIQ2KhVQe braSgVvfdMPMBsQ3E5LGm98+5XEBlHLC2QERTPcKz4IWQktDpDr8sYdhfd985JZK JZIS0n8kyW0Congc8w0ucyaupPM9VOy3mLSG3qEOOQk5jifIh8ukBW0JutdOgtv/ MRqMkfpaqXlZCWu9ktB8lrTh/t8tZeDuoF3o15NouoPFeKZRNhM5cZa3dCzcnHvn rOjdN4UsnGDg7xho0DZZsCk3GQIDAQABo4ICyjCCAsYwHQYDVR0OBBYEFKYY7osO e4AFBdWklUyx6moNouD7MB8GA1UdIwQYMBaAFPnDY4BZ+GToSuO/UNqsB5xoRj6n MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5REIyRi9FRjU5Q0VDNDBB REExMUVDOTVGNUY2NzhDNEY5QUUwMi8tY05qZ0ZuNFpPaEs0NzlRMnF3SG5HaEdQ cWMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLy1jTmpnRm40Wk9oSzQ3OVEycXdIbkdoR1BxYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx OURCMkYvRUY1OUNFQzQwQURBMTFFQzk1RjVGNjc4QzRGOUFFMDIvOEEwODc0QzBB QTUyMTFFRUFGQzE4NTU0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwVAYIKwYBBQUHAQcBAf8E RTBDMAwEAgABMAYDBABnrFEwMwQCAAIwLQMHACABDfdmgAMHBCQAjaDqAAMHBCQA jaDrAAMHBCQAjaDsAAMHBCQAjaDtADANBgkqhkiG9w0BAQsFAAOCAQEAnyMDJ7JU X71/p5VNEXCZChXGL/zH3attBNKQzmFWUe8xF4in9ZzvCF4YdoQASIi5Acx/0GAI hm2ocQTO8paX/Bb3WVwP6zWNcKB+4HW/W07cWRQ4WkYmUxdbXZZ8qUbPvZzXUsRv E9LzTVtEXQgQErf0IR1EcIp85LAb1QF0ejiYD2oRMxTWYpNbeAo5L0GeB2tl8lvq J/1d6Ck8d6fEN6GHqYa95G4WPJ2XgQD0pOJTBjNxL9qH8PMJEdtKwmJjByYNpEfN uSVx6HNe0/4Q+toq8JUUS2OBI+pZkrHVxoRp3EYXI8MIlOsahQt1a2nkLkPObVGD fi+nN6lYxiep7Q== -----END CERTIFICATE-----Generated at Sun May 19 02:59:11 2024 by rpki-client on console-ams.rpki-client.org