$ rpki-client -vvf rpki.apnic.net/member_repository/A91C0BE1/E46FF490AE2B11EB95627F82C4F9AE02/0C3EAFF6F84111EC926CBF53C4F9AE02.roa File: 0C3EAFF6F84111EC926CBF53C4F9AE02.roa (raw, json) Hash identifier: zYl0L3Pm5XwW00rkJ1HhUpIXTYYJVEp8XPzPWFksfC0= Subject key identifier: 61:5E:E9:82:9D:72:E9:E8:F1:CC:E7:4A:3B:A4:2D:C8:8C:EB:2C:B4 Certificate issuer: /CN=A91C0BE1/serialNumber=AA21B690C1D63CBF441AA3BD117ED8B786882229 Certificate serial: 04C3 Authority key identifier: AA:21:B6:90:C1:D6:3C:BF:44:1A:A3:BD:11:7E:D8:B7:86:88:22:29 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qiG2kMHWPL9EGqO9EX7Yt4aIIik.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C0BE1/E46FF490AE2B11EB95627F82C4F9AE02/0C3EAFF6F84111EC926CBF53C4F9AE02.roa Signing time: Sun 15 Oct 2023 00:12:13 +0000 ROA not before: Sun 15 Oct 2023 00:12:13 +0000 ROA not after: Mon 30 Dec 2024 00:00:00 +0000 asID: 134676 IP address blocks: 103.195.204.0/23 maxlen: 23 103.195.204.0/24 maxlen: 24 103.195.205.0/24 maxlen: 24 2404:e3c0::/32 maxlen: 32 2404:e3c0::/48 maxlen: 48 2404:e3c0:1::/48 maxlen: 48 2404:e3c0:2::/48 maxlen: 48 2404:e3c0:3::/48 maxlen: 48 2404:e3c0:4::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C0BE1/E46FF490AE2B11EB95627F82C4F9AE02/qiG2kMHWPL9EGqO9EX7Yt4aIIik.crl rsync://rpki.apnic.net/member_repository/A91C0BE1/E46FF490AE2B11EB95627F82C4F9AE02/qiG2kMHWPL9EGqO9EX7Yt4aIIik.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qiG2kMHWPL9EGqO9EX7Yt4aIIik.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 03 Jun 2024 00:36:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1219 (0x4c3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C0BE1/serialNumber=AA21B690C1D63CBF441AA3BD117ED8B786882229 Validity Not Before: Oct 15 00:12:13 2023 GMT Not After : Dec 30 00:00:00 2024 GMT Subject: CN=652b2e5d-8d79 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f6:d1:74:f7:9e:c8:99:f7:62:87:7b:94:3b:57: c6:cb:e1:2c:22:ab:bb:62:d2:d8:36:77:ee:d9:6f: b8:f0:af:b2:7b:3e:e4:cb:3b:4b:fc:dd:0c:7a:9b: 80:3a:e3:bb:90:07:e7:af:42:c0:9e:ed:82:8e:56: a2:70:8b:af:4c:ba:d1:d7:44:83:aa:49:9d:d9:d7: e7:3d:c0:1b:04:71:24:77:f4:68:cf:47:df:c2:63: ea:fe:d3:6c:e1:d5:11:cc:55:41:3b:23:ca:35:c3: b0:1e:69:5e:de:49:b8:79:be:92:93:b1:be:74:2d: e5:fe:f1:7e:e1:12:6e:22:36:63:91:8f:40:59:42: 59:de:02:cb:9a:76:c6:33:c2:9f:91:21:4d:d4:41: c9:f0:6a:80:b5:b9:27:b5:8e:30:8c:80:ab:09:33: db:bc:36:07:c8:5a:96:08:02:1f:01:22:54:cd:88: f1:7f:7e:e1:cd:f9:d5:a8:93:6f:c0:29:8b:5c:9b: 58:32:23:c1:10:b2:f4:06:b2:36:10:53:cd:e9:3c: 64:ec:a5:57:43:ee:75:a6:9e:d6:9a:48:d0:8c:f7: 4f:f4:97:dc:ed:27:0c:84:b6:b6:12:80:97:fa:c3: 2a:1a:73:fa:14:35:5e:f7:f1:b0:3f:8a:35:c3:d6: 6b:59 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 61:5E:E9:82:9D:72:E9:E8:F1:CC:E7:4A:3B:A4:2D:C8:8C:EB:2C:B4 X509v3 Authority Key Identifier: keyid:AA:21:B6:90:C1:D6:3C:BF:44:1A:A3:BD:11:7E:D8:B7:86:88:22:29 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C0BE1/E46FF490AE2B11EB95627F82C4F9AE02/qiG2kMHWPL9EGqO9EX7Yt4aIIik.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qiG2kMHWPL9EGqO9EX7Yt4aIIik.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C0BE1/E46FF490AE2B11EB95627F82C4F9AE02/0C3EAFF6F84111EC926CBF53C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.195.204.0/23 IPv6: 2404:e3c0::/32 Signature Algorithm: sha256WithRSAEncryption b1:bf:44:9b:b7:1b:4b:5f:f1:0b:21:76:03:f4:cb:c8:cd:fd: 6f:7f:32:11:b5:7f:a5:ba:5b:9d:6c:b8:c4:0a:09:66:65:db: c1:f7:d8:c6:af:30:97:66:54:9e:89:5c:14:56:9a:d1:24:7a: c4:b7:93:75:53:16:39:34:9e:f1:be:42:a4:0e:51:e4:f8:8e: bd:23:c5:70:2e:a6:f6:dc:9e:a2:6b:28:31:95:4d:43:38:7c: 8d:e5:54:3f:b3:25:7e:55:b1:79:cb:76:5e:ed:37:77:8d:b2: 13:36:63:02:18:05:b6:33:1d:9f:80:21:13:18:82:0b:f9:5f: 17:c2:0b:d3:f7:87:84:04:77:01:9f:28:25:56:5d:49:e1:57: de:d6:c2:ff:d1:72:81:d7:63:74:ad:4b:7d:04:83:b1:f5:92: fc:b0:7c:2f:98:53:6f:9c:e3:75:6c:ca:ef:a6:68:cb:6b:48: 09:6b:f9:5d:9f:3d:39:1f:82:f3:97:9f:8e:22:3c:98:17:01: 68:48:8a:98:a4:7d:de:70:8d:d8:57:b0:ed:1f:79:ec:58:8d: 92:bd:98:26:a2:d4:ff:7c:42:fb:97:12:70:eb:8f:97:7f:13: be:72:fb:c9:f9:cc:a2:cb:86:01:e2:d2:64:c5:ff:48:dc:a8: 7f:d4:35:8e -----BEGIN CERTIFICATE----- MIIFgDCCBGigAwIBAgICBMMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QzBCRTExMTAvBgNVBAUTKEFBMjFCNjkwQzFENjNDQkY0NDFBQTNCRDExN0VEOEI3 ODY4ODIyMjkwHhcNMjMxMDE1MDAxMjEzWhcNMjQxMjMwMDAwMDAwWjAYMRYwFAYD VQQDEw02NTJiMmU1ZC04ZDc5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA9tF0957Imfdih3uUO1fGy+EsIqu7YtLYNnfu2W+48K+yez7kyztL/N0MepuA OuO7kAfnr0LAnu2CjlaicIuvTLrR10SDqkmd2dfnPcAbBHEkd/Roz0ffwmPq/tNs 4dURzFVBOyPKNcOwHmle3km4eb6Sk7G+dC3l/vF+4RJuIjZjkY9AWUJZ3gLLmnbG M8KfkSFN1EHJ8GqAtbkntY4wjICrCTPbvDYHyFqWCAIfASJUzYjxf37hzfnVqJNv wCmLXJtYMiPBELL0BrI2EFPN6Txk7KVXQ+51pp7WmkjQjPdP9Jfc7ScMhLa2EoCX +sMqGnP6FDVe9/GwP4o1w9ZrWQIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFGFe6YKd cuno8cznSjukLciM6yy0MB8GA1UdIwQYMBaAFKohtpDB1jy/RBqjvRF+2LeGiCIp MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDMEJFMS9FNDZGRjQ5MEFF MkIxMUVCOTU2MjdGODJDNEY5QUUwMi9xaUcya01IV1BMOUVHcU85RVg3WXQ0YUlJ aWsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3FpRzJrTUhXUEw5RUdxTzlFWDdZdDRhSUlpay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QzBCRTEvRTQ2RkY0OTBBRTJCMTFFQjk1NjI3RjgyQzRGOUFFMDIvMEMzRUFGRjZG ODQxMTFFQzkyNkNCRjUzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E HzAdMAwEAgABMAYDBAFnw8wwDQQCAAIwBwMFACQE48AwDQYJKoZIhvcNAQELBQAD ggEBALG/RJu3G0tf8QshdgP0y8jN/W9/MhG1f6W6W51suMQKCWZl28H32MavMJdm VJ6JXBRWmtEkesS3k3VTFjk0nvG+QqQOUeT4jr0jxXAupvbcnqJrKDGVTUM4fI3l VD+zJX5VsXnLdl7tN3eNshM2YwIYBbYzHZ+AIRMYggv5XxfCC9P3h4QEdwGfKCVW XUnhV97Wwv/RcoHXY3StS30Eg7H1kvywfC+YU2+c43Vsyu+maMtrSAlr+V2fPTkf gvOXn44iPJgXAWhIipikfd5wjdhXsO0feexYjZK9mCai1P98QvuXEnDrj5d/E75y +8n5zKLLhgHi0mTF/0jcqH/UNY4= -----END CERTIFICATE-----Generated at Mon May 27 01:34:45 2024 by rpki-client on console-fra.rpki-client.org