$ rpki-client -vvf rpki.apnic.net/member_repository/A91AF01C/E5D9E734FACB11EDB8F97D85C4F9AE02/3474AD64FAD311ED9CEE0E29C4F9AE02.roa File: 3474AD64FAD311ED9CEE0E29C4F9AE02.roa (raw, json) Hash identifier: Ij8n0A7jJx7QKOhE7hk56zcntIaXQI6rZH6/sGN7Fvk= Subject key identifier: 44:A8:41:8B:5F:06:56:C4:5F:BB:09:4A:40:89:36:4A:A0:13:3B:AB Certificate issuer: /CN=A91AF01C/serialNumber=5DD4685A2E96B1416F7CD335CDEB4AD1822F7DEB Certificate serial: 10 Authority key identifier: 5D:D4:68:5A:2E:96:B1:41:6F:7C:D3:35:CD:EB:4A:D1:82:2F:7D:EB Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XdRoWi6WsUFvfNM1zetK0YIvfes.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91AF01C/E5D9E734FACB11EDB8F97D85C4F9AE02/3474AD64FAD311ED9CEE0E29C4F9AE02.roa Signing time: Sun 28 May 2023 17:18:36 +0000 ROA not before: Sun 28 May 2023 17:18:36 +0000 ROA not after: Tue 30 Jul 2024 00:00:00 +0000 asID: 138611 IP address blocks: 103.206.16.0/23 maxlen: 23 103.206.16.0/24 maxlen: 24 103.206.17.0/24 maxlen: 24 2401:160::/32 maxlen: 32 2401:160::/46 maxlen: 46 2401:160::/48 maxlen: 48 2401:160:1::/48 maxlen: 48 2401:160:2::/48 maxlen: 48 2401:160:3::/48 maxlen: 48 2401:160:4::/46 maxlen: 46 2401:160:4::/48 maxlen: 48 2401:160:5::/48 maxlen: 48 2401:160:6::/48 maxlen: 48 2401:160:7::/48 maxlen: 48 2401:160:8::/48 maxlen: 48 2401:160:9::/48 maxlen: 48 2401:160:10::/48 maxlen: 48 2401:160:11::/48 maxlen: 48 2401:160:12::/48 maxlen: 48 2401:160:13::/48 maxlen: 48 2401:160:14::/48 maxlen: 48 2401:160:15::/48 maxlen: 48 2401:160:200::/42 maxlen: 42 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91AF01C/E5D9E734FACB11EDB8F97D85C4F9AE02/XdRoWi6WsUFvfNM1zetK0YIvfes.crl rsync://rpki.apnic.net/member_repository/A91AF01C/E5D9E734FACB11EDB8F97D85C4F9AE02/XdRoWi6WsUFvfNM1zetK0YIvfes.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XdRoWi6WsUFvfNM1zetK0YIvfes.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 May 2024 06:33:24 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 16 (0x10) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91AF01C/serialNumber=5DD4685A2E96B1416F7CD335CDEB4AD1822F7DEB Validity Not Before: May 28 17:18:36 2023 GMT Not After : Jul 30 00:00:00 2024 GMT Subject: CN=64738cec-3930 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:7f:3d:88:b0:11:a0:e1:b5:d1:5a:e8:29:79: 06:72:9c:17:8e:50:cb:88:bd:d4:e1:c4:ce:0a:fb: 5f:c4:a5:06:6d:d0:27:67:6f:66:ab:42:42:67:ed: a6:3b:b3:60:9b:a1:5b:8e:eb:fc:c0:b0:72:68:b8: 4e:9d:7a:c9:56:fe:00:55:c6:e6:57:b3:0a:c0:2f: de:03:2f:68:28:f2:b1:d5:ad:a8:53:bb:0d:e6:90: 09:11:46:53:68:0b:b5:ec:3e:89:f2:5b:28:5e:34: 8d:04:6e:f7:10:7c:9c:8e:9b:ba:00:9e:0f:e6:b9: 18:ac:78:fb:73:51:2c:ce:33:3e:7c:70:d1:e1:c3: bb:52:ec:6c:38:60:04:61:66:6c:8a:18:ff:a6:5e: 32:fe:2e:47:49:a4:ef:b6:e8:45:ef:73:7d:e6:69: 75:fb:06:fd:ba:20:c2:86:f9:73:d7:05:09:44:9c: bb:b3:ba:c4:8a:8f:09:a7:f8:58:8d:21:79:ed:ee: e7:78:78:fc:35:50:7c:d8:1e:87:fb:08:b9:3a:cc: 88:8e:cd:ac:b2:23:00:63:3e:f0:82:47:e0:85:1e: 4f:e4:69:bb:c6:24:5a:25:95:79:ae:89:6b:ae:0c: 3c:ca:25:67:71:02:95:91:2d:8a:88:74:21:80:80: c9:2f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 44:A8:41:8B:5F:06:56:C4:5F:BB:09:4A:40:89:36:4A:A0:13:3B:AB X509v3 Authority Key Identifier: keyid:5D:D4:68:5A:2E:96:B1:41:6F:7C:D3:35:CD:EB:4A:D1:82:2F:7D:EB X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91AF01C/E5D9E734FACB11EDB8F97D85C4F9AE02/XdRoWi6WsUFvfNM1zetK0YIvfes.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XdRoWi6WsUFvfNM1zetK0YIvfes.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AF01C/E5D9E734FACB11EDB8F97D85C4F9AE02/3474AD64FAD311ED9CEE0E29C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.206.16.0/23 IPv6: 2401:160::/32 Signature Algorithm: sha256WithRSAEncryption 96:25:ac:61:fd:12:e7:11:8e:f0:24:0b:83:9a:53:12:58:b5: 81:5a:60:b2:52:e2:59:e3:d9:51:ed:3e:1a:d9:49:23:6f:65: 12:8f:5b:7f:2e:c9:a6:02:77:4f:40:c6:05:4c:b8:53:72:11: 90:3a:3b:0b:80:da:38:5f:f2:0c:6f:3f:62:2d:f1:f9:35:ff: 1d:03:ea:84:39:ff:d1:cc:33:75:a6:cd:59:77:78:49:dd:de: e1:cc:a6:49:40:7a:cf:fe:48:a0:d1:cb:a8:9e:ca:af:54:80: af:46:cc:18:92:db:1c:17:70:1f:79:65:ba:f5:84:1f:bc:a8: 68:bc:30:19:06:d1:2e:9c:c2:c3:87:c7:12:2b:7d:53:6b:54: 62:73:02:c4:2b:d5:e8:79:74:2b:64:74:ec:57:f2:2d:73:38: 9c:c4:d3:74:81:36:36:f0:36:f0:52:82:87:c7:6f:10:88:31: 7e:7d:08:10:9f:d8:53:8f:ac:f6:48:60:05:8e:3a:40:70:76: d6:5a:b4:4e:58:62:9a:93:2c:6c:a2:7d:e5:4a:5f:67:e6:42: a4:2c:cf:81:56:0a:ca:78:a7:ad:1a:6f:0e:74:f7:4b:aa:95: c0:15:2d:8d:94:1f:49:f5:b0:c9:69:5b:58:03:66:ca:b1:3c: 68:60:51:dc -----BEGIN CERTIFICATE----- MIIFfzCCBGegAwIBAgIBEDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFB RjAxQzExMC8GA1UEBRMoNURENDY4NUEyRTk2QjE0MTZGN0NEMzM1Q0RFQjRBRDE4 MjJGN0RFQjAeFw0yMzA1MjgxNzE4MzZaFw0yNDA3MzAwMDAwMDBaMBgxFjAUBgNV BAMTDTY0NzM4Y2VjLTM5MzAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDGfz2IsBGg4bXRWugpeQZynBeOUMuIvdThxM4K+1/EpQZt0Cdnb2arQkJn7aY7 s2CboVuO6/zAsHJouE6deslW/gBVxuZXswrAL94DL2go8rHVrahTuw3mkAkRRlNo C7XsPonyWyheNI0EbvcQfJyOm7oAng/muRisePtzUSzOMz58cNHhw7tS7Gw4YARh ZmyKGP+mXjL+LkdJpO+26EXvc33maXX7Bv26IMKG+XPXBQlEnLuzusSKjwmn+FiN IXnt7ud4ePw1UHzYHof7CLk6zIiOzayyIwBjPvCCR+CFHk/kabvGJFollXmuiWuu DDzKJWdxApWRLYqIdCGAgMkvAgMBAAGjggKkMIICoDAdBgNVHQ4EFgQURKhBi18G VsRfuwlKQIk2SqATO6swHwYDVR0jBBgwFoAUXdRoWi6WsUFvfNM1zetK0YIvfesw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUFGMDFDL0U1RDlFNzM0RkFD QjExRURCOEY5N0Q4NUM0RjlBRTAyL1hkUm9XaTZXc1VGdmZOTTF6ZXRLMFlJdmZl cy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvWGRSb1dpNldzVUZ2Zk5NMXpldEswWUl2ZmVzLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB RjAxQy9FNUQ5RTczNEZBQ0IxMUVEQjhGOTdEODVDNEY5QUUwMi8zNDc0QUQ2NEZB RDMxMUVEOUNFRTBFMjlDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAuBggrBgEFBQcBBwEB/wQf MB0wDAQCAAEwBgMEAWfOEDANBAIAAjAHAwUAJAEBYDANBgkqhkiG9w0BAQsFAAOC AQEAliWsYf0S5xGO8CQLg5pTEli1gVpgslLiWePZUe0+GtlJI29lEo9bfy7JpgJ3 T0DGBUy4U3IRkDo7C4DaOF/yDG8/Yi3x+TX/HQPqhDn/0cwzdabNWXd4Sd3e4cym SUB6z/5IoNHLqJ7Kr1SAr0bMGJLbHBdwH3lluvWEH7yoaLwwGQbRLpzCw4fHEit9 U2tUYnMCxCvV6Hl0K2R07FfyLXM4nMTTdIE2NvA28FKCh8dvEIgxfn0IEJ/YU4+s 9khgBY46QHB21lq0TlhimpMsbKJ95UpfZ+ZCpCzPgVYKyninrRpvDnT3S6qVwBUt jZQfSfWwyWlbWANmyrE8aGBR3A== -----END CERTIFICATE-----Generated at Fri May 17 08:52:52 2024 by rpki-client on console-ams.rpki-client.org