$ rpki-client -vvf rpki.apnic.net/member_repository/A91C9350/3913BCA01D8711E2B42B02DF08B02CD2/568554A2493411EF859C1D49C4F9AE02.roa File: 568554A2493411EF859C1D49C4F9AE02.roa (raw, json) Hash identifier: /KWKCJoYlSZLHI0ouCCxx6TzSSCX6xcOP12a4mUNgts= Subject key identifier: F7:54:A8:D5:24:AD:D2:DF:73:FD:A1:0E:47:FA:07:6F:B4:05:E2:F7 Certificate issuer: /CN=A91C9350/serialNumber=CF706D8147D779207D99AF9AD39DD5F2DFE59DE4 Certificate serial: 3417 Authority key identifier: CF:70:6D:81:47:D7:79:20:7D:99:AF:9A:D3:9D:D5:F2:DF:E5:9D:E4 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/z3BtgUfXeSB9ma-a053V8t_lneQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C9350/3913BCA01D8711E2B42B02DF08B02CD2/568554A2493411EF859C1D49C4F9AE02.roa Signing time: Sat 14 Sep 2024 15:00:38 +0000 ROA not before: Sat 14 Sep 2024 15:00:38 +0000 ROA not after: Tue 30 Sep 2025 00:00:00 +0000 asID: 14618 IP address blocks: 103.212.169.0/24 maxlen: 24 103.212.170.0/24 maxlen: 24 160.202.137.0/24 maxlen: 24 160.202.138.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C9350/3913BCA01D8711E2B42B02DF08B02CD2/z3BtgUfXeSB9ma-a053V8t_lneQ.crl rsync://rpki.apnic.net/member_repository/A91C9350/3913BCA01D8711E2B42B02DF08B02CD2/z3BtgUfXeSB9ma-a053V8t_lneQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/z3BtgUfXeSB9ma-a053V8t_lneQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 29 Oct 2024 14:28:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13335 (0x3417) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C9350/serialNumber=CF706D8147D779207D99AF9AD39DD5F2DFE59DE4 Validity Not Before: Sep 14 15:00:38 2024 GMT Not After : Sep 30 00:00:00 2025 GMT Subject: CN=66e5a515-6315 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:76:d1:07:71:e6:73:f2:4f:0c:09:0b:fb:ee: 9b:37:f7:b7:db:e5:30:21:c6:5b:40:40:5d:12:2a: c6:a7:fd:0a:fe:db:36:13:bd:4f:9b:51:89:7c:fd: a4:12:45:b9:f0:69:8a:5e:e2:44:fb:5e:77:e5:9d: 3a:5d:3d:66:20:a0:4f:b4:66:19:5e:26:e9:2d:06: b4:e4:4f:ce:19:b1:ef:b1:7a:86:4b:29:eb:5c:4d: c7:e0:c1:9a:3e:ff:62:c7:3b:d9:2f:18:71:b1:7e: d1:cb:a2:d5:52:ae:98:b4:d8:3e:a4:e0:69:c8:0d: 34:cc:1a:63:97:5a:fd:e0:25:28:af:38:6d:a5:88: 96:a9:9e:83:48:8f:6c:19:fb:77:d9:17:42:02:0f: c6:93:c9:9e:10:bd:c0:47:1e:93:8a:e6:05:2d:d8: c4:cc:cb:f9:b2:14:6c:38:d5:e3:5f:6c:dd:79:d3: b0:7d:e8:8b:14:f5:26:e8:94:da:a8:f2:e6:e8:eb: 40:97:d6:71:75:1e:2e:b9:b1:e1:b5:73:31:ac:0e: c5:65:24:6e:5b:60:da:b1:11:22:b7:10:6f:81:45: f3:1e:95:3e:14:73:05:38:eb:ec:d3:05:b7:06:f0: 7b:35:5c:cf:ea:d1:4c:71:43:e1:02:86:8f:fb:69: f8:79 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F7:54:A8:D5:24:AD:D2:DF:73:FD:A1:0E:47:FA:07:6F:B4:05:E2:F7 X509v3 Authority Key Identifier: keyid:CF:70:6D:81:47:D7:79:20:7D:99:AF:9A:D3:9D:D5:F2:DF:E5:9D:E4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C9350/3913BCA01D8711E2B42B02DF08B02CD2/z3BtgUfXeSB9ma-a053V8t_lneQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/z3BtgUfXeSB9ma-a053V8t_lneQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C9350/3913BCA01D8711E2B42B02DF08B02CD2/568554A2493411EF859C1D49C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.212.169.0-103.212.170.255 160.202.137.0-160.202.138.255 Signature Algorithm: sha256WithRSAEncryption 68:e8:e9:a5:81:2b:13:99:94:65:58:79:69:4f:b6:73:88:30: 64:d7:27:0e:02:5b:57:ab:af:d2:d6:7e:4c:19:b4:48:c1:6c: ab:17:59:96:6c:e2:17:cf:4f:04:f2:d3:aa:f5:78:84:fa:65: a7:c1:f7:48:32:e1:3b:8a:17:ce:7a:5a:5f:07:b6:f4:d0:d3: c8:52:53:3e:24:dc:05:f4:41:7d:13:40:fe:74:e5:17:f7:5a: 32:14:5d:67:6b:3b:34:cd:e5:52:bd:55:35:f4:42:7c:78:be: d4:d4:e9:4e:12:9d:f9:f3:eb:aa:76:44:c6:ca:bb:2e:ad:16: 2b:8f:c7:12:7e:16:63:bf:d5:57:29:03:03:69:10:fe:44:4f: 01:79:e8:3a:05:c4:15:e5:9a:a2:02:7a:02:db:78:e9:3e:63: f3:e8:52:41:3f:df:7b:bd:70:dc:6f:38:ce:ac:49:1c:8a:61: a6:06:09:02:41:50:fd:4e:62:86:4d:4c:21:e4:d5:77:1a:f3: 9f:4c:6d:6f:28:79:27:2b:28:0e:19:4b:f6:d8:28:96:2e:df: ca:03:6c:95:d9:3e:90:31:43:e3:34:36:9d:09:e8:57:ab:3e: 92:dc:02:7e:a0:a6:4d:6a:e4:02:c5:49:5c:03:5c:6a:90:28: fa:7a:d6:cc -----BEGIN CERTIFICATE----- MIIFhzCCBG+gAwIBAgICNBcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QzkzNTAxMTAvBgNVBAUTKENGNzA2RDgxNDdENzc5MjA3RDk5QUY5QUQzOURENUYy REZFNTlERTQwHhcNMjQwOTE0MTUwMDM4WhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD VQQDEw02NmU1YTUxNS02MzE1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAz3bRB3Hmc/JPDAkL++6bN/e32+UwIcZbQEBdEirGp/0K/ts2E71Pm1GJfP2k EkW58GmKXuJE+1535Z06XT1mIKBPtGYZXibpLQa05E/OGbHvsXqGSynrXE3H4MGa Pv9ixzvZLxhxsX7Ry6LVUq6YtNg+pOBpyA00zBpjl1r94CUorzhtpYiWqZ6DSI9s Gft32RdCAg/Gk8meEL3ARx6TiuYFLdjEzMv5shRsONXjX2zdedOwfeiLFPUm6JTa qPLm6OtAl9ZxdR4uubHhtXMxrA7FZSRuW2DasREitxBvgUXzHpU+FHMFOOvs0wW3 BvB7NVzP6tFMcUPhAoaP+2n4eQIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFPdUqNUk rdLfc/2hDkf6B2+0BeL3MB8GA1UdIwQYMBaAFM9wbYFH13kgfZmvmtOd1fLf5Z3k MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDOTM1MC8zOTEzQkNBMDFE ODcxMUUyQjQyQjAyREYwOEIwMkNEMi96M0J0Z1VmWGVTQjltYS1hMDUzVjh0X2xu ZVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3ozQnRnVWZYZVNCOW1hLWEwNTNWOHRfbG5lUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QzkzNTAvMzkxM0JDQTAxRDg3MTFFMkI0MkIwMkRGMDhCMDJDRDIvNTY4NTU0QTI0 OTM0MTFFRjg1OUMxRDQ5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNQYIKwYBBQUHAQcBAf8E JjAkMCIEAgABMBwwDAMEAGfUqQMEAGfUqjAMAwQAoMqJAwQAoMqKMA0GCSqGSIb3 DQEBCwUAA4IBAQBo6OmlgSsTmZRlWHlpT7ZziDBk1ycOAltXq6/S1n5MGbRIwWyr F1mWbOIXz08E8tOq9XiE+mWnwfdIMuE7ihfOelpfB7b00NPIUlM+JNwF9EF9E0D+ dOUX91oyFF1nazs0zeVSvVU19EJ8eL7U1OlOEp358+uqdkTGyrsurRYrj8cSfhZj v9VXKQMDaRD+RE8Beeg6BcQV5ZqiAnoC23jpPmPz6FJBP997vXDcbzjOrEkcimGm BgkCQVD9TmKGTUwh5NV3GvOfTG1vKHknKygOGUv22CiWLt/KA2yV2T6QMUPjNDad CehXqz6S3AJ+oKZNauQCxUlcA1xqkCj6etbM -----END CERTIFICATE-----Generated at Tue Oct 22 17:18:40 2024 by rpki-client on console-fra.rpki-client.org