$ rpki-client -vvf rpki.apnic.net/member_repository/A91C7B68/53A7B92CB0A511EA8F92ED17C4F9AE02/F1F41742F91711EEB4D4960FC4F9AE02.roa File: F1F41742F91711EEB4D4960FC4F9AE02.roa (raw, json) Hash identifier: 4Wx5BAzgU3ePTAdMo6bGkUuV7+XCauHDkc2tE7IrGq8= Subject key identifier: CD:22:47:DC:7F:94:80:B8:EB:E0:A8:94:DA:D9:F1:29:BE:92:28:E3 Certificate issuer: /CN=A91C7B68/serialNumber=9ACB806663FB0FCF6EBC43C010B935E05214FC9F Certificate serial: 02 Authority key identifier: 9A:CB:80:66:63:FB:0F:CF:6E:BC:43:C0:10:B9:35:E0:52:14:FC:9F Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/msuAZmP7D89uvEPAELk14FIU_J8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C7B68/53A7B92CB0A511EA8F92ED17C4F9AE02/F1F41742F91711EEB4D4960FC4F9AE02.roa Signing time: Fri 12 Apr 2024 21:59:33 +0000 ROA not before: Fri 12 Apr 2024 21:59:33 +0000 ROA not after: Tue 30 Jul 2024 00:00:00 +0000 asID: 135339 IP address blocks: 103.214.156.0/22 maxlen: 22 103.214.156.0/23 maxlen: 23 103.214.156.0/24 maxlen: 24 103.214.157.0/24 maxlen: 24 103.214.158.0/24 maxlen: 24 144.48.112.0/22 maxlen: 22 144.48.112.0/23 maxlen: 23 144.48.112.0/24 maxlen: 24 144.48.113.0/24 maxlen: 24 144.48.114.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C7B68/53A7B92CB0A511EA8F92ED17C4F9AE02/msuAZmP7D89uvEPAELk14FIU_J8.crl rsync://rpki.apnic.net/member_repository/A91C7B68/53A7B92CB0A511EA8F92ED17C4F9AE02/msuAZmP7D89uvEPAELk14FIU_J8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/msuAZmP7D89uvEPAELk14FIU_J8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 25 May 2024 19:51:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2 (0x2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C7B68/serialNumber=9ACB806663FB0FCF6EBC43C010B935E05214FC9F Validity Not Before: Apr 12 21:59:33 2024 GMT Not After : Jul 30 00:00:00 2024 GMT Subject: CN=6619aec5-728f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:f3:b0:a9:1d:b5:c4:47:29:cf:0c:e5:30:8c: 26:68:c3:1c:cf:78:f1:db:e4:1b:18:5b:ce:a2:cd: 7f:cf:c3:d0:d9:ce:1c:f9:97:25:5a:83:56:16:e0: 1b:93:af:74:31:4d:f8:7c:a4:04:7a:29:2d:fc:84: 8f:4c:18:21:60:09:a5:f0:4a:41:db:c7:66:2a:0d: 16:63:c0:37:11:99:49:fd:e1:93:44:3a:9c:02:79: e3:fe:06:ad:43:c6:96:a9:41:8c:ad:6f:de:51:e0: 95:72:c6:a6:21:48:a8:d5:2b:4e:24:34:fc:b8:49: c8:2a:ee:56:b3:5a:32:20:1a:55:a2:ca:e1:5f:4e: 90:21:5d:95:c2:2d:24:78:de:0d:48:cb:f2:4b:52: 42:95:a5:f4:21:3b:85:85:8d:dc:d3:e7:1f:fc:1b: 5d:52:51:f1:8a:8c:3a:b3:e4:97:f8:55:fd:cd:6b: f2:12:0c:8d:63:2c:68:b9:36:da:a2:ae:5e:eb:ad: fc:a7:29:01:2e:6f:67:c1:e7:be:36:11:55:c2:cd: 20:61:cd:7b:2c:61:ed:2c:44:d1:82:85:4f:82:54: 3c:0e:7e:f6:1e:54:a8:06:3a:5d:14:0d:48:44:ad: 7e:49:47:a2:06:4d:92:4f:8e:f5:16:c9:f7:20:dc: 90:83 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CD:22:47:DC:7F:94:80:B8:EB:E0:A8:94:DA:D9:F1:29:BE:92:28:E3 X509v3 Authority Key Identifier: keyid:9A:CB:80:66:63:FB:0F:CF:6E:BC:43:C0:10:B9:35:E0:52:14:FC:9F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C7B68/53A7B92CB0A511EA8F92ED17C4F9AE02/msuAZmP7D89uvEPAELk14FIU_J8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/msuAZmP7D89uvEPAELk14FIU_J8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C7B68/53A7B92CB0A511EA8F92ED17C4F9AE02/F1F41742F91711EEB4D4960FC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.214.156.0/22 144.48.112.0/22 Signature Algorithm: sha256WithRSAEncryption 4e:c1:4a:96:5e:12:ba:a8:11:31:ab:f6:63:e2:0d:cc:81:ee: 23:19:b7:d5:3f:34:41:e8:51:48:d0:f6:2e:ce:88:27:7c:bf: 3a:19:96:d1:37:9f:0a:39:0b:68:32:87:d0:e0:1b:02:52:42: 4e:4f:9f:7b:fe:9a:5b:11:82:37:17:48:9d:b1:bf:69:ea:f8: b4:5d:f7:29:10:1a:b7:8f:05:00:0e:88:a3:10:fc:0a:19:24: 24:3e:63:fe:dc:c0:53:92:d7:a5:db:ff:93:5b:3d:81:36:dd: 57:d4:f1:9c:dd:ce:6b:e9:d4:6a:60:77:9c:25:23:d4:f8:48: 64:c8:d0:11:78:8e:7d:7d:53:b1:a2:94:bb:5a:f3:15:85:ad: 6b:95:82:b9:eb:61:80:bb:fc:c8:de:55:7d:8c:0c:19:b9:fa: e6:38:70:c6:3b:32:0d:53:db:63:62:54:f8:89:79:37:9f:a8: 1f:e3:c9:23:f6:7f:9d:ce:15:0c:d8:d5:d8:53:18:c8:9c:0d: 76:21:e0:bd:98:03:66:a6:40:88:3d:42:2d:be:f5:04:40:b9: 0f:e9:bd:78:25:8c:17:68:c3:00:aa:0b:f6:6a:18:07:8d:f0: 51:29:2d:c7:8c:74:0c:bf:a4:74:a6:62:09:d5:9a:6e:9f:58: 4e:cb:bf:76 -----BEGIN CERTIFICATE----- MIIFdjCCBF6gAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFD N0I2ODExMC8GA1UEBRMoOUFDQjgwNjY2M0ZCMEZDRjZFQkM0M0MwMTBCOTM1RTA1 MjE0RkM5RjAeFw0yNDA0MTIyMTU5MzNaFw0yNDA3MzAwMDAwMDBaMBgxFjAUBgNV BAMTDTY2MTlhZWM1LTcyOGYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDH87CpHbXERynPDOUwjCZowxzPePHb5BsYW86izX/Pw9DZzhz5lyVag1YW4BuT r3QxTfh8pAR6KS38hI9MGCFgCaXwSkHbx2YqDRZjwDcRmUn94ZNEOpwCeeP+Bq1D xpapQYytb95R4JVyxqYhSKjVK04kNPy4Scgq7lazWjIgGlWiyuFfTpAhXZXCLSR4 3g1Iy/JLUkKVpfQhO4WFjdzT5x/8G11SUfGKjDqz5Jf4Vf3Na/ISDI1jLGi5Ntqi rl7rrfynKQEub2fB5742EVXCzSBhzXssYe0sRNGChU+CVDwOfvYeVKgGOl0UDUhE rX5JR6IGTZJPjvUWyfcg3JCDAgMBAAGjggKbMIIClzAdBgNVHQ4EFgQUzSJH3H+U gLjr4KiU2tnxKb6SKOMwHwYDVR0jBBgwFoAUmsuAZmP7D89uvEPAELk14FIU/J8w DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUM3QjY4LzUzQTdCOTJDQjBB NTExRUE4RjkyRUQxN0M0RjlBRTAyL21zdUFabVA3RDg5dXZFUEFFTGsxNEZJVV9K OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvbXN1QVptUDdEODl1dkVQQUVMazE0RklVX0o4LmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD N0I2OC81M0E3QjkyQ0IwQTUxMUVBOEY5MkVEMTdDNEY5QUUwMi9GMUY0MTc0MkY5 MTcxMUVFQjRENDk2MEZDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAlBggrBgEFBQcBBwEB/wQW MBQwEgQCAAEwDAMEAmfWnAMEApAwcDANBgkqhkiG9w0BAQsFAAOCAQEATsFKll4S uqgRMav2Y+INzIHuIxm31T80QehRSND2Ls6IJ3y/OhmW0TefCjkLaDKH0OAbAlJC Tk+fe/6aWxGCNxdInbG/aer4tF33KRAat48FAA6IoxD8ChkkJD5j/tzAU5LXpdv/ k1s9gTbdV9TxnN3Oa+nUamB3nCUj1PhIZMjQEXiOfX1TsaKUu1rzFYWta5WCueth gLv8yN5VfYwMGbn65jhwxjsyDVPbY2JU+Il5N5+oH+PJI/Z/nc4VDNjV2FMYyJwN diHgvZgDZqZAiD1CLb71BEC5D+m9eCWMF2jDAKoL9moYB43wUSktx4x0DL+kdKZi CdWabp9YTsu/dg== -----END CERTIFICATE-----Generated at Sun May 19 00:16:19 2024 by rpki-client on console-fra.rpki-client.org