$ rpki-client -vvf rpki.apnic.net/member_repository/A91C2663/B8AEF138A94C11E58291CA67C4F9AE02/A163C5C869A111ECA4837D28C4F9AE02.roa File: A163C5C869A111ECA4837D28C4F9AE02.roa (raw, json) Hash identifier: 9UC6aZiqBYbXRSE3p9u+q/vO1rK8XINzV0Z6f+Roz8Y= Subject key identifier: CF:65:55:3F:04:78:CA:2B:7E:5F:6F:69:D9:9C:15:8C:6F:FB:5A:99 Certificate issuer: /CN=A91C2663/serialNumber=1A97C2F4711F7BC802E268AC66F110862BE57888 Certificate serial: 21D0 Authority key identifier: 1A:97:C2:F4:71:1F:7B:C8:02:E2:68:AC:66:F1:10:86:2B:E5:78:88 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GpfC9HEfe8gC4misZvEQhivleIg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C2663/B8AEF138A94C11E58291CA67C4F9AE02/A163C5C869A111ECA4837D28C4F9AE02.roa Signing time: Sun 31 Dec 2023 16:13:15 +0000 ROA not before: Sun 31 Dec 2023 16:13:15 +0000 ROA not after: Sun 02 Mar 2025 00:00:00 +0000 asID: 30456 IP address blocks: 103.241.212.0/22 maxlen: 24 202.165.124.0/22 maxlen: 22 202.165.126.0/24 maxlen: 24 202.165.127.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C2663/B8AEF138A94C11E58291CA67C4F9AE02/GpfC9HEfe8gC4misZvEQhivleIg.crl rsync://rpki.apnic.net/member_repository/A91C2663/B8AEF138A94C11E58291CA67C4F9AE02/GpfC9HEfe8gC4misZvEQhivleIg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GpfC9HEfe8gC4misZvEQhivleIg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 01 May 2024 16:14:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8656 (0x21d0) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C2663/serialNumber=1A97C2F4711F7BC802E268AC66F110862BE57888 Validity Not Before: Dec 31 16:13:15 2023 GMT Not After : Mar 2 00:00:00 2025 GMT Subject: CN=6591931a-ffce Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:6e:bf:a9:b2:d9:be:2b:7b:a8:4f:ba:dc:8e: 61:6f:62:4a:29:61:76:19:ed:a4:37:a0:8d:1b:8d: 3b:aa:9b:70:96:c5:5a:15:24:8f:fd:8e:a2:55:b3: bb:d7:76:04:38:64:3b:ae:bc:02:ba:2f:71:00:ec: ca:5b:85:69:cf:eb:70:13:29:25:c1:3a:66:41:1f: 6b:85:e3:96:a2:3b:11:c2:96:3f:25:97:61:2a:a0: 25:6a:48:4f:48:95:17:ef:11:8c:58:de:5a:a7:b7: 29:1b:df:02:b2:18:ad:0d:38:d7:b3:cc:b6:a4:1f: 04:43:3d:f4:01:9d:9a:44:20:1d:f9:24:3d:e9:cb: 3e:ae:79:fc:5a:ea:b0:08:6b:e8:d3:1f:06:f0:c5: ab:fd:88:c7:ae:6a:a5:be:75:cf:12:26:ee:01:15: 64:74:fd:72:66:17:7e:72:43:cd:53:78:2b:4d:10: 5a:0b:47:72:72:65:5c:27:b0:5f:4f:f8:e1:c4:e8: aa:79:d2:f5:28:07:41:81:1f:7a:90:04:74:fc:b1: c4:9b:9d:00:ca:c4:a8:fc:61:b8:31:41:ac:1d:bf: 79:40:00:42:42:bc:4f:92:5b:27:51:8f:37:81:27: 13:9a:2d:28:97:07:3c:5c:e6:f0:5f:fe:e1:5f:4f: 19:ff Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CF:65:55:3F:04:78:CA:2B:7E:5F:6F:69:D9:9C:15:8C:6F:FB:5A:99 X509v3 Authority Key Identifier: keyid:1A:97:C2:F4:71:1F:7B:C8:02:E2:68:AC:66:F1:10:86:2B:E5:78:88 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C2663/B8AEF138A94C11E58291CA67C4F9AE02/GpfC9HEfe8gC4misZvEQhivleIg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GpfC9HEfe8gC4misZvEQhivleIg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C2663/B8AEF138A94C11E58291CA67C4F9AE02/A163C5C869A111ECA4837D28C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.241.212.0/22 202.165.124.0/22 Signature Algorithm: sha256WithRSAEncryption 15:d9:8e:b1:39:d1:f8:ac:d8:b9:51:7c:f7:44:47:dc:57:fe: b2:b2:e4:58:85:a4:dc:14:dd:3b:53:8f:78:b1:20:f0:63:c0: 38:ff:8e:11:02:e9:f7:f7:83:b7:18:cb:1b:90:35:09:87:df: c9:8c:42:a7:76:9a:49:74:ad:7a:35:cf:da:88:0c:40:88:2d: 0a:e8:55:ae:67:fb:ff:c9:d8:71:7d:f5:9f:39:cf:c0:04:13: 9a:b0:81:e2:ff:c2:1f:bc:22:e1:c3:08:da:17:54:b4:e6:82: 77:c4:5f:f3:9e:b4:c6:43:ff:ce:76:d1:f3:e1:07:88:c1:2c: 0b:77:d4:cb:09:a3:66:61:1f:e1:17:cb:ab:55:29:a1:a3:46: 7b:f2:1c:7d:f0:b7:bf:b8:83:ad:9f:d1:b4:62:a1:e3:d3:98: 46:7a:ff:b1:97:c2:e9:23:81:52:59:29:9b:6b:79:9a:e8:9b: 4c:42:97:67:4e:69:fb:28:a7:72:76:0d:b0:8a:cd:14:a6:d0: d5:81:64:dc:fa:be:99:a7:30:54:b4:00:e7:b0:d5:7f:b9:d9: ae:cf:24:9d:a6:cc:18:fc:fd:fa:d6:27:f8:6d:7c:5f:c3:42: 5e:ff:25:ed:48:71:50:4b:82:c9:84:48:98:b4:db:c8:ab:1a: 62:73:e2:70 -----BEGIN CERTIFICATE----- MIIFdzCCBF+gAwIBAgICIdAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QzI2NjMxMTAvBgNVBAUTKDFBOTdDMkY0NzExRjdCQzgwMkUyNjhBQzY2RjExMDg2 MkJFNTc4ODgwHhcNMjMxMjMxMTYxMzE1WhcNMjUwMzAyMDAwMDAwWjAYMRYwFAYD VQQDEw02NTkxOTMxYS1mZmNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxG6/qbLZvit7qE+63I5hb2JKKWF2Ge2kN6CNG407qptwlsVaFSSP/Y6iVbO7 13YEOGQ7rrwCui9xAOzKW4Vpz+twEyklwTpmQR9rheOWojsRwpY/JZdhKqAlakhP SJUX7xGMWN5ap7cpG98CshitDTjXs8y2pB8EQz30AZ2aRCAd+SQ96cs+rnn8Wuqw CGvo0x8G8MWr/YjHrmqlvnXPEibuARVkdP1yZhd+ckPNU3grTRBaC0dycmVcJ7Bf T/jhxOiqedL1KAdBgR96kAR0/LHEm50AysSo/GG4MUGsHb95QABCQrxPklsnUY83 gScTmi0olwc8XObwX/7hX08Z/wIDAQABo4ICmzCCApcwHQYDVR0OBBYEFM9lVT8E eMorfl9vadmcFYxv+1qZMB8GA1UdIwQYMBaAFBqXwvRxH3vIAuJorGbxEIYr5XiI MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDMjY2My9COEFFRjEzOEE5 NEMxMUU1ODI5MUNBNjdDNEY5QUUwMi9HcGZDOUhFZmU4Z0M0bWlzWnZFUWhpdmxl SWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0dwZkM5SEVmZThnQzRtaXNadkVRaGl2bGVJZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QzI2NjMvQjhBRUYxMzhBOTRDMTFFNTgyOTFDQTY3QzRGOUFFMDIvQTE2M0M1Qzg2 OUExMTFFQ0E0ODM3RDI4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E FjAUMBIEAgABMAwDBAJn8dQDBALKpXwwDQYJKoZIhvcNAQELBQADggEBABXZjrE5 0fis2LlRfPdER9xX/rKy5FiFpNwU3TtTj3ixIPBjwDj/jhEC6ff3g7cYyxuQNQmH 38mMQqd2mkl0rXo1z9qIDECILQroVa5n+//J2HF99Z85z8AEE5qwgeL/wh+8IuHD CNoXVLTmgnfEX/OetMZD/8520fPhB4jBLAt31MsJo2ZhH+EXy6tVKaGjRnvyHH3w t7+4g62f0bRioePTmEZ6/7GXwukjgVJZKZtreZrom0xCl2dOafsop3J2DbCKzRSm 0NWBZNz6vpmnMFS0AOew1X+52a7PJJ2mzBj8/frWJ/htfF/DQl7/Je1IcVBLgsmE SJi028irGmJz4nA= -----END CERTIFICATE-----Generated at Wed Apr 24 18:31:05 2024 by rpki-client on console-fra.rpki-client.org