$ rpki-client -vvf rpki.apnic.net/member_repository/A91B829A/1F23E058057F11EAA5516B3FC4F9AE02/37759456617811ECBB095A62C4F9AE02.roa File: 37759456617811ECBB095A62C4F9AE02.roa (raw, json) Hash identifier: 6MjYNuehYHSmyo52GdaYKFT6NgoN+zvp+XeYBlIJd3E= Subject key identifier: 40:6E:67:65:52:BB:BF:30:7A:30:AF:5D:89:C1:35:96:7C:F5:C1:FF Certificate issuer: /CN=A91B829A/serialNumber=895E6BCA7A5C36D9F304472D0D2713A482C9DB25 Certificate serial: 0B80 Authority key identifier: 89:5E:6B:CA:7A:5C:36:D9:F3:04:47:2D:0D:27:13:A4:82:C9:DB:25 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iV5rynpcNtnzBEctDScTpILJ2yU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B829A/1F23E058057F11EAA5516B3FC4F9AE02/37759456617811ECBB095A62C4F9AE02.roa Signing time: Sun 28 Apr 2024 19:38:16 +0000 ROA not before: Sun 28 Apr 2024 19:38:16 +0000 ROA not after: Wed 30 Jul 2025 00:00:00 +0000 asID: 132169 IP address blocks: 103.138.202.0/23 maxlen: 23 103.138.202.0/24 maxlen: 24 103.138.203.0/24 maxlen: 24 2001:df0:5280::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B829A/1F23E058057F11EAA5516B3FC4F9AE02/iV5rynpcNtnzBEctDScTpILJ2yU.crl rsync://rpki.apnic.net/member_repository/A91B829A/1F23E058057F11EAA5516B3FC4F9AE02/iV5rynpcNtnzBEctDScTpILJ2yU.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iV5rynpcNtnzBEctDScTpILJ2yU.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 15 May 2024 02:42:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2944 (0xb80) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B829A/serialNumber=895E6BCA7A5C36D9F304472D0D2713A482C9DB25 Validity Not Before: Apr 28 19:38:16 2024 GMT Not After : Jul 30 00:00:00 2025 GMT Subject: CN=662ea5a8-7c5e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:ec:56:54:b7:a3:ad:52:53:d2:c4:0d:64:a8: 42:4d:85:de:5e:77:b7:8a:e6:57:29:b3:39:30:1c: 5e:5b:0d:73:9f:f9:d7:e6:d5:47:ef:b5:c1:5f:45: 5c:d2:52:0c:69:e3:35:60:cd:f3:42:85:99:8a:ca: 5c:a8:f8:36:74:84:21:db:c9:8e:a0:0e:db:74:e6: 49:52:a4:a4:57:6c:fb:23:a5:83:47:8a:bb:a9:3c: 11:3a:7e:d4:e3:20:56:75:ff:39:34:c1:02:28:d0: ca:69:0f:31:96:59:5c:6c:de:35:22:1d:b0:a3:61: 49:fc:2e:47:58:d1:29:bd:81:61:17:48:7e:86:ad: cb:9e:0d:df:f8:29:3d:3a:43:4d:0b:ef:f5:71:ac: 0a:ed:fd:86:ae:11:8d:a4:da:45:db:67:2c:a9:3f: b0:ff:48:44:84:16:20:79:ab:28:84:31:99:93:bd: a3:f3:4d:2b:32:67:91:1f:5d:84:fd:93:b6:85:0c: f8:c6:cb:e0:85:00:e0:4b:0e:1a:32:4c:0a:e1:ce: 0b:75:7c:67:a0:24:8e:43:f8:6e:7b:0f:dc:14:8b: b9:25:65:bf:fc:63:de:32:5b:6e:51:d4:ac:77:53: df:79:09:38:59:60:e7:d8:6c:44:96:8f:c8:b2:91: 39:ed Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 40:6E:67:65:52:BB:BF:30:7A:30:AF:5D:89:C1:35:96:7C:F5:C1:FF X509v3 Authority Key Identifier: keyid:89:5E:6B:CA:7A:5C:36:D9:F3:04:47:2D:0D:27:13:A4:82:C9:DB:25 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B829A/1F23E058057F11EAA5516B3FC4F9AE02/iV5rynpcNtnzBEctDScTpILJ2yU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iV5rynpcNtnzBEctDScTpILJ2yU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B829A/1F23E058057F11EAA5516B3FC4F9AE02/37759456617811ECBB095A62C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.138.202.0/23 IPv6: 2001:df0:5280::/48 Signature Algorithm: sha256WithRSAEncryption 95:be:60:3e:e5:c7:59:fb:26:4f:af:06:7e:a5:2e:53:4d:66: 1f:19:8f:32:04:fa:f0:27:37:60:af:94:52:1b:b3:25:7a:00: 81:54:72:3a:f8:c3:32:4f:49:a8:e2:c2:3b:42:4c:1a:6d:7a: 84:c5:88:7d:cb:df:8b:1d:56:67:8d:61:a1:6d:2d:36:54:36: 66:9e:76:a2:82:9d:cd:8e:0b:47:e2:1b:c4:af:80:97:82:82: cd:9d:0b:e2:52:24:c6:0c:f1:54:b6:b4:50:a8:7c:44:e8:43: f2:1c:30:9a:59:e2:31:ea:b1:17:98:49:59:a1:c0:fd:3e:c6: 28:37:a6:e5:e5:56:dd:24:b2:13:6c:a9:5f:dd:6a:a3:bd:ff: 48:5f:6b:94:c3:11:80:3e:75:db:3c:8a:4b:24:44:f3:b0:ed: 08:5d:ef:9a:62:59:4a:77:c7:56:58:26:df:42:f7:e2:05:bc: 8f:8f:76:df:9d:88:0b:43:32:92:e5:d8:68:40:ec:45:e4:43: 2a:62:c2:b7:44:53:7c:af:76:2c:7e:75:7f:98:49:71:e6:01: 70:ae:1f:63:31:c2:42:67:e3:ec:94:e1:ed:8f:fc:b8:6f:6e: db:a3:55:41:a1:b9:ce:17:7e:cc:88:f4:fa:d2:29:6d:b2:2f: 84:42:e9:34 -----BEGIN CERTIFICATE----- MIIFgjCCBGqgAwIBAgICC4AwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjgyOUExMTAvBgNVBAUTKDg5NUU2QkNBN0E1QzM2RDlGMzA0NDcyRDBEMjcxM0E0 ODJDOURCMjUwHhcNMjQwNDI4MTkzODE2WhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD VQQDEw02NjJlYTVhOC03YzVlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEApuxWVLejrVJT0sQNZKhCTYXeXne3iuZXKbM5MBxeWw1zn/nX5tVH77XBX0Vc 0lIMaeM1YM3zQoWZispcqPg2dIQh28mOoA7bdOZJUqSkV2z7I6WDR4q7qTwROn7U 4yBWdf85NMECKNDKaQ8xlllcbN41Ih2wo2FJ/C5HWNEpvYFhF0h+hq3Lng3f+Ck9 OkNNC+/1cawK7f2GrhGNpNpF22csqT+w/0hEhBYgeasohDGZk72j800rMmeRH12E /ZO2hQz4xsvghQDgSw4aMkwK4c4LdXxnoCSOQ/huew/cFIu5JWW//GPeMltuUdSs d1PfeQk4WWDn2GxElo/IspE57QIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFEBuZ2VS u78wejCvXYnBNZZ89cH/MB8GA1UdIwQYMBaAFIlea8p6XDbZ8wRHLQ0nE6SCydsl MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCODI5QS8xRjIzRTA1ODA1 N0YxMUVBQTU1MTZCM0ZDNEY5QUUwMi9pVjVyeW5wY050bnpCRWN0RFNjVHBJTEoy eVUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2lWNXJ5bnBjTnRuekJFY3REU2NUcElMSjJ5VS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QjgyOUEvMUYyM0UwNTgwNTdGMTFFQUE1NTE2QjNGQzRGOUFFMDIvMzc3NTk0NTY2 MTc4MTFFQ0JCMDk1QTYyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E ITAfMAwEAgABMAYDBAFnisowDwQCAAIwCQMHACABDfBSgDANBgkqhkiG9w0BAQsF AAOCAQEAlb5gPuXHWfsmT68GfqUuU01mHxmPMgT68Cc3YK+UUhuzJXoAgVRyOvjD Mk9JqOLCO0JMGm16hMWIfcvfix1WZ41hoW0tNlQ2Zp52ooKdzY4LR+IbxK+Al4KC zZ0L4lIkxgzxVLa0UKh8ROhD8hwwmlniMeqxF5hJWaHA/T7GKDem5eVW3SSyE2yp X91qo73/SF9rlMMRgD512zyKSyRE87DtCF3vmmJZSnfHVlgm30L34gW8j492352I C0MykuXYaEDsReRDKmLCt0RTfK92LH51f5hJceYBcK4fYzHCQmfj7JTh7Y/8uG9u 26NVQaG5zhd+zIj0+tIpbbIvhELpNA== -----END CERTIFICATE-----Generated at Fri May 10 20:45:25 2024 by rpki-client on console-ams.rpki-client.org