$ rpki-client -vvf rpki.apnic.net/member_repository/A91C1FAC/6819BF4205FE11EA8763C243C4F9AE02/86B7FE9005FF11EAB499A845C4F9AE02.roa File: 86B7FE9005FF11EAB499A845C4F9AE02.roa (raw, json) Hash identifier: 66edL3EK4gSIu1IxUHMffIvk4CS8RvRB57qwlvzFqfM= Subject key identifier: 3D:F5:FF:2F:40:A5:F3:09:A6:19:C1:69:8B:24:CF:66:F3:7F:4A:2F Certificate issuer: /CN=A91C1FAC/serialNumber=54D3A955CC341A841815A8CDEA190AEA5102DFCE Certificate serial: 0B06 Authority key identifier: 54:D3:A9:55:CC:34:1A:84:18:15:A8:CD:EA:19:0A:EA:51:02:DF:CE Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VNOpVcw0GoQYFajN6hkK6lEC384.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C1FAC/6819BF4205FE11EA8763C243C4F9AE02/86B7FE9005FF11EAB499A845C4F9AE02.roa Signing time: Tue 26 Sep 2023 19:17:05 +0000 ROA not before: Tue 26 Sep 2023 19:17:05 +0000 ROA not after: Sun 01 Dec 2024 00:00:00 +0000 asID: 136901 IP address blocks: 103.98.64.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C1FAC/6819BF4205FE11EA8763C243C4F9AE02/VNOpVcw0GoQYFajN6hkK6lEC384.crl rsync://rpki.apnic.net/member_repository/A91C1FAC/6819BF4205FE11EA8763C243C4F9AE02/VNOpVcw0GoQYFajN6hkK6lEC384.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VNOpVcw0GoQYFajN6hkK6lEC384.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 02 Jun 2024 19:30:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2822 (0xb06) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C1FAC/serialNumber=54D3A955CC341A841815A8CDEA190AEA5102DFCE Validity Not Before: Sep 26 19:17:05 2023 GMT Not After : Dec 1 00:00:00 2024 GMT Subject: CN=65132e31-3d51 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:eb:93:fd:85:2d:56:2f:3b:0b:b0:1a:2a:b2: ad:52:30:bc:cc:b9:0a:50:dc:ee:6d:90:f7:13:e2: 9d:7e:49:8b:3b:a1:07:53:f1:55:ba:7d:33:a5:13: af:b7:a9:9d:d4:98:a0:4d:67:15:04:b1:a5:7a:2b: 0b:cd:dc:62:02:02:cc:11:2a:9f:89:4e:21:5e:59: b4:df:4a:67:68:a6:83:17:46:53:d6:88:25:da:c5: 9b:55:d8:ef:6c:a1:23:7d:cd:7d:ae:ee:47:2d:50: bb:b3:c0:71:2f:13:76:58:dc:f9:54:ee:0d:b9:fc: 9a:ee:c9:06:06:5c:ca:4e:56:b8:08:61:31:9a:6e: 26:ff:d0:0f:19:e0:01:a9:d5:c4:00:be:b7:c7:64: 50:75:6a:0b:2d:ef:62:b1:d3:c3:cb:98:b1:06:3e: 4d:33:6f:0f:c5:76:62:e4:f7:47:f7:75:80:46:a8: d0:51:36:9f:70:11:84:f8:04:0f:e5:60:42:da:e1: 62:43:07:41:c0:fb:c7:9c:49:d7:52:d7:ab:01:2f: 1d:68:ca:af:6f:a9:69:d5:4f:7d:16:2f:f9:09:ef: d9:eb:fc:34:1d:12:24:d6:84:53:c3:f8:f9:65:3e: a8:b7:c6:46:db:d0:d9:3a:49:85:ad:26:a2:18:91: 2b:37 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3D:F5:FF:2F:40:A5:F3:09:A6:19:C1:69:8B:24:CF:66:F3:7F:4A:2F X509v3 Authority Key Identifier: keyid:54:D3:A9:55:CC:34:1A:84:18:15:A8:CD:EA:19:0A:EA:51:02:DF:CE X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C1FAC/6819BF4205FE11EA8763C243C4F9AE02/VNOpVcw0GoQYFajN6hkK6lEC384.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VNOpVcw0GoQYFajN6hkK6lEC384.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C1FAC/6819BF4205FE11EA8763C243C4F9AE02/86B7FE9005FF11EAB499A845C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.98.64.0/22 Signature Algorithm: sha256WithRSAEncryption 99:2d:f5:67:b9:81:ff:1b:aa:fe:e1:02:1e:75:43:e8:5e:4b: 77:5a:2e:b3:c1:20:2e:46:ee:a5:44:b8:aa:a3:52:31:a3:f0: 27:57:f4:05:5c:e2:e0:40:40:0b:a6:c9:85:03:9b:3f:a5:22: 13:9b:18:1c:7b:fe:da:4f:06:de:cc:c2:3f:b3:c1:bb:4b:26: db:f8:f7:25:be:9a:9c:37:f4:ad:02:b8:8a:14:ee:63:e0:9f: ea:6e:d1:e8:98:80:32:63:1b:07:a5:74:6b:25:ef:32:33:c1: 2a:96:94:70:d2:c3:c5:d4:05:17:3b:54:1c:12:30:b8:77:c2: 82:06:f7:b4:f9:b0:23:cb:a5:7f:f7:48:ac:80:a5:9c:65:49: f6:39:8e:0c:b5:ab:35:8b:85:4e:25:46:b8:30:8a:d5:bc:fa: 70:0a:5b:24:da:27:56:e2:e3:59:0c:3e:1c:f5:f5:3d:d9:ff: 88:e7:7f:f5:3e:88:73:bd:40:e9:fa:f5:77:4d:aa:f7:73:70: 6f:22:03:95:cc:35:a9:1f:fa:85:56:0d:ee:03:23:0e:fc:f2: 92:38:46:89:3a:18:3c:68:40:ed:ad:e5:7d:15:5d:28:5a:11: a3:e6:64:5c:25:8b:57:53:33:a3:f7:57:71:2b:4c:2b:8b:90: d7:8a:13:08 -----BEGIN CERTIFICATE----- MIIFcTCCBFmgAwIBAgICCwYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QzFGQUMxMTAvBgNVBAUTKDU0RDNBOTU1Q0MzNDFBODQxODE1QThDREVBMTkwQUVB NTEwMkRGQ0UwHhcNMjMwOTI2MTkxNzA1WhcNMjQxMjAxMDAwMDAwWjAYMRYwFAYD VQQDEw02NTEzMmUzMS0zZDUxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAzeuT/YUtVi87C7AaKrKtUjC8zLkKUNzubZD3E+KdfkmLO6EHU/FVun0zpROv t6md1JigTWcVBLGleisLzdxiAgLMESqfiU4hXlm030pnaKaDF0ZT1ogl2sWbVdjv bKEjfc19ru5HLVC7s8BxLxN2WNz5VO4Nufya7skGBlzKTla4CGExmm4m/9APGeAB qdXEAL63x2RQdWoLLe9isdPDy5ixBj5NM28PxXZi5PdH93WARqjQUTafcBGE+AQP 5WBC2uFiQwdBwPvHnEnXUterAS8daMqvb6lp1U99Fi/5Ce/Z6/w0HRIk1oRTw/j5 ZT6ot8ZG29DZOkmFrSaiGJErNwIDAQABo4IClTCCApEwHQYDVR0OBBYEFD31/y9A pfMJphnBaYskz2bzf0ovMB8GA1UdIwQYMBaAFFTTqVXMNBqEGBWozeoZCupRAt/O MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDMUZBQy82ODE5QkY0MjA1 RkUxMUVBODc2M0MyNDNDNEY5QUUwMi9WTk9wVmN3MEdvUVlGYWpONmhrSzZsRUMz ODQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1ZOT3BWY3cwR29RWUZhak42aGtLNmxFQzM4NC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QzFGQUMvNjgxOUJGNDIwNUZFMTFFQTg3NjNDMjQzQzRGOUFFMDIvODZCN0ZFOTAw NUZGMTFFQUI0OTlBODQ1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E EDAOMAwEAgABMAYDBAJnYkAwDQYJKoZIhvcNAQELBQADggEBAJkt9We5gf8bqv7h Ah51Q+heS3daLrPBIC5G7qVEuKqjUjGj8CdX9AVc4uBAQAumyYUDmz+lIhObGBx7 /tpPBt7Mwj+zwbtLJtv49yW+mpw39K0CuIoU7mPgn+pu0eiYgDJjGweldGsl7zIz wSqWlHDSw8XUBRc7VBwSMLh3woIG97T5sCPLpX/3SKyApZxlSfY5jgy1qzWLhU4l RrgwitW8+nAKWyTaJ1bi41kMPhz19T3Z/4jnf/U+iHO9QOn69XdNqvdzcG8iA5XM Nakf+oVWDe4DIw788pI4Rok6GDxoQO2t5X0VXShaEaPmZFwli1dTM6P3V3ErTCuL kNeKEwg= -----END CERTIFICATE-----Generated at Sun May 26 23:05:39 2024 by rpki-client on console-ams.rpki-client.org