$ rpki-client -vvf rpki.apnic.net/member_repository/A91B06CA/D2E00872776C11EC8ECA4633C4F9AE02/8EB98374776E11ECA05F7133C4F9AE02.roa File: 8EB98374776E11ECA05F7133C4F9AE02.roa (raw, json) Hash identifier: 3qw6SRNLFbiK1N2O2vWV83w9v7kQSRu9r57JuVxUd10= Subject key identifier: 3D:0F:76:CA:CA:B3:EB:92:9F:A0:F4:50:FE:07:F4:82:FC:99:05:88 Certificate issuer: /CN=A91B06CA/serialNumber=9AF0B0EF8F3EB53F14D84FA3A6106BE64BD78272 Certificate serial: 02C3 Authority key identifier: 9A:F0:B0:EF:8F:3E:B5:3F:14:D8:4F:A3:A6:10:6B:E6:4B:D7:82:72 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/mvCw748-tT8U2E-jphBr5kvXgnI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B06CA/D2E00872776C11EC8ECA4633C4F9AE02/8EB98374776E11ECA05F7133C4F9AE02.roa Signing time: Sun 01 Oct 2023 02:03:16 +0000 ROA not before: Sun 01 Oct 2023 02:03:16 +0000 ROA not after: Sun 01 Dec 2024 00:00:00 +0000 asID: 133929 IP address blocks: 103.99.72.0/22 maxlen: 22 103.99.72.0/23 maxlen: 23 103.99.72.0/24 maxlen: 24 103.99.73.0/24 maxlen: 24 103.99.74.0/23 maxlen: 23 103.99.74.0/24 maxlen: 24 103.99.75.0/24 maxlen: 24 2001:df2:5100::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B06CA/D2E00872776C11EC8ECA4633C4F9AE02/mvCw748-tT8U2E-jphBr5kvXgnI.crl rsync://rpki.apnic.net/member_repository/A91B06CA/D2E00872776C11EC8ECA4633C4F9AE02/mvCw748-tT8U2E-jphBr5kvXgnI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/mvCw748-tT8U2E-jphBr5kvXgnI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 22 May 2024 02:50:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 707 (0x2c3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B06CA/serialNumber=9AF0B0EF8F3EB53F14D84FA3A6106BE64BD78272 Validity Not Before: Oct 1 02:03:16 2023 GMT Not After : Dec 1 00:00:00 2024 GMT Subject: CN=6518d363-2998 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:5f:19:2d:f7:16:10:70:bd:d3:c7:07:8d:9f: 98:d9:cc:78:cf:22:d3:6f:72:e4:04:b5:c7:5e:f1: ce:f4:8b:bd:3a:e4:74:7a:a5:7a:ce:ab:32:74:d4: 6d:19:80:cd:f9:a0:04:65:46:a9:f6:17:05:b7:6c: fe:b2:24:9c:68:ef:94:8c:9e:8b:a2:01:d2:87:dd: 39:09:d7:0d:a0:71:af:ae:3d:75:85:6f:6d:0b:e7: 3d:1a:e9:cc:6a:62:60:2b:7e:36:74:81:49:23:31: 94:29:12:64:33:04:ac:c5:9c:34:7f:2b:e2:97:6d: 55:2c:8b:f9:e0:ed:07:e9:95:c2:f7:8c:79:79:5e: e5:5f:23:ff:93:89:bc:1d:69:b8:56:70:eb:4a:de: 6d:a6:2a:18:63:2f:cd:c4:4d:c3:0e:46:6e:c8:b2: aa:c1:a2:19:e1:2d:a5:d3:a2:a0:82:dd:08:90:fb: cf:77:6b:c4:48:27:1d:de:0c:ca:21:34:e1:21:3a: bd:72:07:3d:e2:15:07:86:c3:00:4c:82:d9:57:4f: 51:a6:f4:4d:d3:a5:d3:88:c6:41:fc:bd:68:14:12: 6d:ae:10:43:50:e7:a8:94:03:24:9d:b0:18:21:bc: 2c:4f:ac:2e:ea:d4:9e:26:40:2a:a9:fe:a7:6b:12: ad:01 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3D:0F:76:CA:CA:B3:EB:92:9F:A0:F4:50:FE:07:F4:82:FC:99:05:88 X509v3 Authority Key Identifier: keyid:9A:F0:B0:EF:8F:3E:B5:3F:14:D8:4F:A3:A6:10:6B:E6:4B:D7:82:72 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B06CA/D2E00872776C11EC8ECA4633C4F9AE02/mvCw748-tT8U2E-jphBr5kvXgnI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/mvCw748-tT8U2E-jphBr5kvXgnI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B06CA/D2E00872776C11EC8ECA4633C4F9AE02/8EB98374776E11ECA05F7133C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.99.72.0/22 IPv6: 2001:df2:5100::/48 Signature Algorithm: sha256WithRSAEncryption 3d:03:c9:5f:6b:4b:58:92:bc:6a:a7:e5:16:54:3c:a1:0c:f3: c1:80:b0:a8:c2:b4:9f:92:2c:f9:bf:7c:98:2b:bd:5d:86:3f: d9:54:6c:93:48:77:f1:29:de:69:02:b1:0b:31:e7:2f:45:5e: b7:64:01:ad:61:32:d2:b9:54:8a:f9:3a:09:d3:cb:cd:e4:a1: 2f:33:fb:10:dd:6e:bc:bf:28:67:22:99:58:4a:0b:f0:b5:de: f7:dd:5b:55:d2:99:60:fa:9f:08:9d:d4:3b:70:67:f7:f4:7b: 9c:e3:ad:35:5c:ab:3a:17:39:ed:34:24:59:6f:8a:69:44:18: ee:c5:2a:16:45:8b:0c:05:7b:45:8e:2a:c3:75:79:6e:c9:74: 50:c9:64:63:f4:4a:78:88:1c:7c:19:b7:12:ad:4c:91:32:d1: 3d:49:9c:11:ee:0b:e0:f4:8f:0e:0e:24:07:83:1e:07:50:6f: aa:cc:e2:a8:b1:17:50:78:4d:d4:79:e6:54:a0:2d:13:8c:a2: 5b:dd:ad:7e:00:85:e2:aa:b9:80:bc:28:b5:d4:e6:d3:62:f0: f5:9e:a3:62:2c:a7:39:a5:8a:b0:60:b5:ea:56:c1:a7:5b:bf: cc:5f:f6:1f:2e:9b:8c:d2:e5:12:a3:75:30:5d:18:61:7c:98: 97:68:e7:32 -----BEGIN CERTIFICATE----- MIIFgjCCBGqgAwIBAgICAsMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjA2Q0ExMTAvBgNVBAUTKDlBRjBCMEVGOEYzRUI1M0YxNEQ4NEZBM0E2MTA2QkU2 NEJENzgyNzIwHhcNMjMxMDAxMDIwMzE2WhcNMjQxMjAxMDAwMDAwWjAYMRYwFAYD VQQDEw02NTE4ZDM2My0yOTk4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvl8ZLfcWEHC908cHjZ+Y2cx4zyLTb3LkBLXHXvHO9Iu9OuR0eqV6zqsydNRt GYDN+aAEZUap9hcFt2z+siScaO+UjJ6LogHSh905CdcNoHGvrj11hW9tC+c9GunM amJgK342dIFJIzGUKRJkMwSsxZw0fyvil21VLIv54O0H6ZXC94x5eV7lXyP/k4m8 HWm4VnDrSt5tpioYYy/NxE3DDkZuyLKqwaIZ4S2l06Kggt0IkPvPd2vESCcd3gzK ITThITq9cgc94hUHhsMATILZV09RpvRN06XTiMZB/L1oFBJtrhBDUOeolAMknbAY IbwsT6wu6tSeJkAqqf6naxKtAQIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFD0PdsrK s+uSn6D0UP4H9IL8mQWIMB8GA1UdIwQYMBaAFJrwsO+PPrU/FNhPo6YQa+ZL14Jy MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCMDZDQS9EMkUwMDg3Mjc3 NkMxMUVDOEVDQTQ2MzNDNEY5QUUwMi9tdkN3NzQ4LXRUOFUyRS1qcGhCcjVrdlhn bkkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL212Q3c3NDgtdFQ4VTJFLWpwaEJyNWt2WGduSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QjA2Q0EvRDJFMDA4NzI3NzZDMTFFQzhFQ0E0NjMzQzRGOUFFMDIvOEVCOTgzNzQ3 NzZFMTFFQ0EwNUY3MTMzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E ITAfMAwEAgABMAYDBAJnY0gwDwQCAAIwCQMHACABDfJRADANBgkqhkiG9w0BAQsF AAOCAQEAPQPJX2tLWJK8aqflFlQ8oQzzwYCwqMK0n5Is+b98mCu9XYY/2VRsk0h3 8SneaQKxCzHnL0Vet2QBrWEy0rlUivk6CdPLzeShLzP7EN1uvL8oZyKZWEoL8LXe 991bVdKZYPqfCJ3UO3Bn9/R7nOOtNVyrOhc57TQkWW+KaUQY7sUqFkWLDAV7RY4q w3V5bsl0UMlkY/RKeIgcfBm3Eq1MkTLRPUmcEe4L4PSPDg4kB4MeB1BvqsziqLEX UHhN1HnmVKAtE4yiW92tfgCF4qq5gLwotdTm02Lw9Z6jYiynOaWKsGC16lbBp1u/ zF/2Hy6bjNLlEqN1MF0YYXyYl2jnMg== -----END CERTIFICATE-----Generated at Wed May 15 03:49:59 2024 by rpki-client on console-fra.rpki-client.org