$ rpki-client -vvf rpki.apnic.net/member_repository/A91B35BB/5789B1A43C0011EAB8179734C4F9AE02/8F9F2F823C0111EAB6CB9936C4F9AE02.roa File: 8F9F2F823C0111EAB6CB9936C4F9AE02.roa (raw, json) Hash identifier: mdWU9Nw7uLjUwxluWYPCfhZ2OHszlUXX70G/VFtrvgE= Subject key identifier: 8E:2D:04:A5:B2:34:A3:A6:FF:17:D3:4D:2A:B1:28:2E:9E:09:32:CF Certificate issuer: /CN=A91B35BB/serialNumber=35F58D861C41BDFEA46B8C7290B1AAC670E7CC1B Certificate serial: 0A70 Authority key identifier: 35:F5:8D:86:1C:41:BD:FE:A4:6B:8C:72:90:B1:AA:C6:70:E7:CC:1B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NfWNhhxBvf6ka4xykLGqxnDnzBs.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B35BB/5789B1A43C0011EAB8179734C4F9AE02/8F9F2F823C0111EAB6CB9936C4F9AE02.roa Signing time: Fri 10 May 2024 20:30:11 +0000 ROA not before: Fri 10 May 2024 20:30:11 +0000 ROA not after: Tue 01 Jul 2025 00:00:00 +0000 asID: 14618 IP address blocks: 103.136.10.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B35BB/5789B1A43C0011EAB8179734C4F9AE02/NfWNhhxBvf6ka4xykLGqxnDnzBs.crl rsync://rpki.apnic.net/member_repository/A91B35BB/5789B1A43C0011EAB8179734C4F9AE02/NfWNhhxBvf6ka4xykLGqxnDnzBs.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NfWNhhxBvf6ka4xykLGqxnDnzBs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 21 Feb 2025 05:15:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2672 (0xa70) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B35BB Validity Not Before: May 10 20:30:11 2024 GMT Not After : Jul 1 00:00:00 2025 GMT Subject: CN=663e83d2-3787 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:18:f0:62:fa:42:93:b1:7a:8a:09:e7:40:47: ac:b7:56:50:8c:f1:66:7a:31:c8:c8:87:00:65:a0: 54:70:58:d4:56:1f:46:34:f5:70:88:ae:42:67:39: 83:e7:87:50:76:b4:b5:5d:fd:b3:e8:d7:4e:f6:44: c4:a8:23:bc:be:17:ae:dd:7f:35:ef:37:d0:5f:c1: 9e:94:b9:b3:7a:73:48:3a:ea:c6:52:18:d2:50:a4: 17:15:da:9c:3c:0a:c3:25:c4:08:bf:32:04:95:ed: eb:54:58:90:1d:b4:be:16:58:06:dc:db:3f:f7:ac: 94:51:66:78:cc:96:5f:7e:a4:64:45:85:53:5e:89: 68:34:cf:b3:c2:5d:32:47:5a:3f:2d:24:9e:94:8e: 66:7c:98:2d:9d:d8:ab:92:10:95:b3:8e:cb:00:45: f2:8c:c0:a0:c6:5a:1f:45:98:48:1a:65:54:08:b6: 4d:54:45:6a:d8:2f:fe:6a:20:16:95:4f:be:a5:d9: 8c:ad:59:4c:54:eb:19:a4:35:bc:2a:29:19:27:13: f6:b8:de:d3:97:4c:81:df:5c:a6:f4:46:3e:14:c5: ac:b8:65:e4:b3:62:50:a9:c7:94:2e:8d:aa:05:6d: b9:2f:d5:30:bb:8b:dd:67:63:08:10:7a:b6:fe:b4: 86:c9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8E:2D:04:A5:B2:34:A3:A6:FF:17:D3:4D:2A:B1:28:2E:9E:09:32:CF X509v3 Authority Key Identifier: keyid:35:F5:8D:86:1C:41:BD:FE:A4:6B:8C:72:90:B1:AA:C6:70:E7:CC:1B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B35BB/5789B1A43C0011EAB8179734C4F9AE02/NfWNhhxBvf6ka4xykLGqxnDnzBs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NfWNhhxBvf6ka4xykLGqxnDnzBs.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B35BB/5789B1A43C0011EAB8179734C4F9AE02/8F9F2F823C0111EAB6CB9936C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.136.10.0/24 Signature Algorithm: sha256WithRSAEncryption 9d:90:01:68:e1:b4:4f:83:7c:7d:fc:a3:f9:60:fb:d2:ce:13: 16:f4:02:50:6b:7c:55:ec:15:57:a0:3e:10:a9:8e:35:b7:19: 0f:2f:0d:fa:7f:22:aa:e3:ff:72:c4:5f:c8:d6:ed:38:fb:03: a4:a6:21:d4:9f:0f:ba:38:51:b5:04:32:ad:9d:be:3e:f8:a8: 35:ed:3e:f4:0f:44:f1:0b:6d:2c:59:04:48:80:9a:12:4c:39: df:45:b7:27:c7:af:96:08:40:3e:8a:48:57:51:96:15:50:7d: 87:9f:2a:05:9c:05:57:f3:f7:5c:1b:f9:79:d0:ae:1f:cb:f2: e5:6c:39:a4:fa:15:d3:7c:49:ad:db:72:79:3e:49:80:22:51: 54:a3:0c:9a:d6:8b:eb:a7:4e:e5:91:c5:b2:e6:c4:82:88:b2: be:8f:ff:9c:ff:41:70:ba:6b:93:f3:ac:71:a0:36:5f:f3:bb: 92:57:07:a4:16:ef:a9:02:5f:24:92:86:49:29:8c:01:0d:62: c6:fa:68:91:10:36:03:f6:cf:6e:63:7a:5f:4c:47:1b:23:e5: e2:e9:75:15:9b:d7:b0:9c:38:e8:ea:d5:a0:07:8c:f0:d4:a7: c8:65:01:7b:b4:ae:6f:63:1f:b3:9f:30:c7:09:2d:3b:58:1c: e9:6d:f2:6f -----BEGIN CERTIFICATE----- MIIFcTCCBFmgAwIBAgICCnAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjM1QkIxMTAvBgNVBAUTKDM1RjU4RDg2MUM0MUJERkVBNDZCOEM3MjkwQjFBQUM2 NzBFN0NDMUIwHhcNMjQwNTEwMjAzMDExWhcNMjUwNzAxMDAwMDAwWjAYMRYwFAYD VQQDEw02NjNlODNkMi0zNzg3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAyxjwYvpCk7F6ignnQEest1ZQjPFmejHIyIcAZaBUcFjUVh9GNPVwiK5CZzmD 54dQdrS1Xf2z6NdO9kTEqCO8vheu3X817zfQX8GelLmzenNIOurGUhjSUKQXFdqc PArDJcQIvzIEle3rVFiQHbS+FlgG3Ns/96yUUWZ4zJZffqRkRYVTXoloNM+zwl0y R1o/LSSelI5mfJgtndirkhCVs47LAEXyjMCgxlofRZhIGmVUCLZNVEVq2C/+aiAW lU++pdmMrVlMVOsZpDW8KikZJxP2uN7Tl0yB31ym9EY+FMWsuGXks2JQqceULo2q BW25L9Uwu4vdZ2MIEHq2/rSGyQIDAQABo4IClTCCApEwHQYDVR0OBBYEFI4tBKWy NKOm/xfTTSqxKC6eCTLPMB8GA1UdIwQYMBaAFDX1jYYcQb3+pGuMcpCxqsZw58wb MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCMzVCQi81Nzg5QjFBNDND MDAxMUVBQjgxNzk3MzRDNEY5QUUwMi9OZldOaGh4QnZmNmthNHh5a0xHcXhuRG56 QnMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL05mV05oaHhCdmY2a2E0eHlrTEdxeG5EbnpCcy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QjM1QkIvNTc4OUIxQTQzQzAwMTFFQUI4MTc5NzM0QzRGOUFFMDIvOEY5RjJGODIz QzAxMTFFQUI2Q0I5OTM2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E EDAOMAwEAgABMAYDBABniAowDQYJKoZIhvcNAQELBQADggEBAJ2QAWjhtE+DfH38 o/lg+9LOExb0AlBrfFXsFVegPhCpjjW3GQ8vDfp/Iqrj/3LEX8jW7Tj7A6SmIdSf D7o4UbUEMq2dvj74qDXtPvQPRPELbSxZBEiAmhJMOd9FtyfHr5YIQD6KSFdRlhVQ fYefKgWcBVfz91wb+XnQrh/L8uVsOaT6FdN8Sa3bcnk+SYAiUVSjDJrWi+unTuWR xbLmxIKIsr6P/5z/QXC6a5PzrHGgNl/zu5JXB6QW76kCXySShkkpjAENYsb6aJEQ NgP2z25jel9MRxsj5eLpdRWb17CcOOjq1aAHjPDUp8hlAXu0rm9jH7OfMMcJLTtY HOlt8m8= -----END CERTIFICATE-----Generated at Sun Feb 16 15:15:07 2025 by rpki-client