$ rpki-client -vvf rpki.apnic.net/member_repository/A91C9945/BC00C8F2F09E11ECAEE73E19C4F9AE02/95F8FAF82D6611EDA13CDE35C4F9AE02.roa File: 95F8FAF82D6611EDA13CDE35C4F9AE02.roa (raw, json) Hash identifier: c3kqFuEDOkXh4pc38GjdONAZUVx5T7cW1xT+v6G4Wvw= Subject key identifier: 4E:C9:75:06:AC:87:98:E0:25:BA:DD:50:B2:AA:90:14:04:D6:2F:B9 Certificate issuer: /CN=A91C9945/serialNumber=868ECB6425DA83328892E57BB0DF644E1AEB73B3 Certificate serial: 0208 Authority key identifier: 86:8E:CB:64:25:DA:83:32:88:92:E5:7B:B0:DF:64:4E:1A:EB:73:B3 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ho7LZCXagzKIkuV7sN9kThrrc7M.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C9945/BC00C8F2F09E11ECAEE73E19C4F9AE02/95F8FAF82D6611EDA13CDE35C4F9AE02.roa Signing time: Wed 03 Apr 2024 05:19:54 +0000 ROA not before: Wed 03 Apr 2024 05:19:54 +0000 ROA not after: Tue 30 Jul 2024 00:00:00 +0000 asID: 9009 IP address blocks: 103.216.196.0/24 maxlen: 24 103.216.197.0/24 maxlen: 24 103.216.198.0/24 maxlen: 24 2404:f980:4::/48 maxlen: 48 2404:f980:5::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C9945/BC00C8F2F09E11ECAEE73E19C4F9AE02/ho7LZCXagzKIkuV7sN9kThrrc7M.crl rsync://rpki.apnic.net/member_repository/A91C9945/BC00C8F2F09E11ECAEE73E19C4F9AE02/ho7LZCXagzKIkuV7sN9kThrrc7M.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ho7LZCXagzKIkuV7sN9kThrrc7M.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 24 Apr 2024 04:08:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 520 (0x208) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C9945/serialNumber=868ECB6425DA83328892E57BB0DF644E1AEB73B3 Validity Not Before: Apr 3 05:19:54 2024 GMT Not After : Jul 30 00:00:00 2024 GMT Subject: CN=660ce6f9-a6c9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:cc:00:c4:a1:10:c9:ab:0b:cc:56:d5:a8:24: a2:1c:65:67:63:cb:56:81:de:95:cc:a1:94:03:8d: 67:64:0a:a2:0f:2a:fd:1d:69:95:cb:3d:c9:db:63: a5:9a:0d:3e:96:fa:3b:88:22:56:cd:2f:fb:02:b5: 7c:c2:dc:0d:04:b6:c3:37:c7:c7:5f:09:cd:1c:4d: d6:c5:8f:a6:b5:3d:f8:92:c3:46:9a:85:50:a2:78: 7e:5a:f0:c9:a0:89:40:50:8b:1a:70:51:74:38:96: f7:4d:3f:2b:51:35:d8:be:a9:05:4e:80:af:07:03: ab:e6:50:3e:3b:e8:a0:d8:8e:41:a5:d1:7d:23:1e: 7e:f0:1f:0e:03:a9:13:e3:b3:4b:82:d9:7c:a9:b3: d3:65:26:0b:e3:f9:d3:95:32:3a:f0:75:5c:ba:15: 06:10:1b:2f:32:17:79:00:59:20:10:29:c6:6a:92: e3:fc:25:56:b2:fb:88:3d:8d:c2:96:d5:29:2a:d3: 35:ee:25:d8:f8:f9:d3:ee:b5:25:08:c4:1b:bb:e8: 37:e4:2f:c9:9c:13:52:2b:1f:c1:76:78:ad:13:56: c1:68:4b:35:f2:00:17:be:8e:af:cb:42:e4:38:a0: 3b:64:c8:5b:b3:49:2c:63:7c:0d:19:ed:cd:c1:82: d6:f1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4E:C9:75:06:AC:87:98:E0:25:BA:DD:50:B2:AA:90:14:04:D6:2F:B9 X509v3 Authority Key Identifier: keyid:86:8E:CB:64:25:DA:83:32:88:92:E5:7B:B0:DF:64:4E:1A:EB:73:B3 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C9945/BC00C8F2F09E11ECAEE73E19C4F9AE02/ho7LZCXagzKIkuV7sN9kThrrc7M.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ho7LZCXagzKIkuV7sN9kThrrc7M.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C9945/BC00C8F2F09E11ECAEE73E19C4F9AE02/95F8FAF82D6611EDA13CDE35C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.216.196.0-103.216.198.255 IPv6: 2404:f980:4::/47 Signature Algorithm: sha256WithRSAEncryption 57:ce:d7:f4:50:4f:5a:45:db:0b:fe:11:27:67:58:6c:50:44: 8f:22:8f:7b:82:e9:94:8f:99:74:67:bf:e5:9a:5b:44:ae:06: 41:f0:2e:14:f4:95:77:17:6f:62:30:97:62:a9:17:1f:8f:81: 60:ea:ec:4a:ee:5f:a1:08:2f:52:8e:7b:c9:be:11:4f:4e:fc: 56:46:18:85:cb:6d:fd:19:db:e2:1b:fb:c6:96:63:1b:62:27: 68:22:be:d4:93:85:b5:d0:c9:0e:7e:64:77:3d:a1:a9:72:5a: f2:8e:b6:59:af:0a:3c:45:e1:65:7c:d0:fb:3b:24:7b:35:51: d7:0e:e1:fb:68:11:1e:18:0f:0b:08:50:50:64:c2:10:76:15: e2:27:e2:e7:76:8b:19:c5:94:4e:53:0c:10:d8:60:ba:ec:ee: 27:a9:5d:46:02:9c:12:be:38:81:de:32:17:de:fa:00:82:0d: 0e:49:57:a9:12:4e:8a:03:bf:41:3e:8a:2a:3a:7d:c3:4f:3a: 6b:2b:88:ed:29:09:49:8f:5f:13:66:0c:35:7b:a5:1c:64:b5: 2b:65:0d:f4:16:dd:7c:85:93:4a:de:5e:04:a5:27:5a:c2:35: 9a:49:60:b9:41:a3:e8:7f:cc:3b:a9:3a:e2:93:81:30:f1:41: c8:65:b7:42 -----BEGIN CERTIFICATE----- MIIFijCCBHKgAwIBAgICAggwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Qzk5NDUxMTAvBgNVBAUTKDg2OEVDQjY0MjVEQTgzMzI4ODkyRTU3QkIwREY2NDRF MUFFQjczQjMwHhcNMjQwNDAzMDUxOTU0WhcNMjQwNzMwMDAwMDAwWjAYMRYwFAYD VQQDEw02NjBjZTZmOS1hNmM5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA0swAxKEQyasLzFbVqCSiHGVnY8tWgd6VzKGUA41nZAqiDyr9HWmVyz3J22Ol mg0+lvo7iCJWzS/7ArV8wtwNBLbDN8fHXwnNHE3WxY+mtT34ksNGmoVQonh+WvDJ oIlAUIsacFF0OJb3TT8rUTXYvqkFToCvBwOr5lA+O+ig2I5BpdF9Ix5+8B8OA6kT 47NLgtl8qbPTZSYL4/nTlTI68HVcuhUGEBsvMhd5AFkgECnGapLj/CVWsvuIPY3C ltUpKtM17iXY+PnT7rUlCMQbu+g35C/JnBNSKx/BdnitE1bBaEs18gAXvo6vy0Lk OKA7ZMhbs0ksY3wNGe3NwYLW8QIDAQABo4ICrjCCAqowHQYDVR0OBBYEFE7JdQas h5jgJbrdULKqkBQE1i+5MB8GA1UdIwQYMBaAFIaOy2Ql2oMyiJLle7DfZE4a63Oz MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDOTk0NS9CQzAwQzhGMkYw OUUxMUVDQUVFNzNFMTlDNEY5QUUwMi9obzdMWkNYYWd6S0lrdVY3c045a1RocnJj N00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2hvN0xaQ1hhZ3pLSWt1VjdzTjlrVGhycmM3TS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx Qzk5NDUvQkMwMEM4RjJGMDlFMTFFQ0FFRTczRTE5QzRGOUFFMDIvOTVGOEZBRjgy RDY2MTFFREExM0NERTM1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOAYIKwYBBQUHAQcBAf8E KTAnMBQEAgABMA4wDAMEAmfYxAMEAGfYxjAPBAIAAjAJAwcBJAT5gAAEMA0GCSqG SIb3DQEBCwUAA4IBAQBXztf0UE9aRdsL/hEnZ1hsUESPIo97gumUj5l0Z7/lmltE rgZB8C4U9JV3F29iMJdiqRcfj4Fg6uxK7l+hCC9SjnvJvhFPTvxWRhiFy239Gdvi G/vGlmMbYidoIr7Uk4W10MkOfmR3PaGpclryjrZZrwo8ReFlfND7OyR7NVHXDuH7 aBEeGA8LCFBQZMIQdhXiJ+LndosZxZROUwwQ2GC67O4nqV1GApwSvjiB3jIX3voA gg0OSVepEk6KA79BPooqOn3DTzprK4jtKQlJj18TZgw1e6UcZLUrZQ30Ft18hZNK 3l4EpSdawjWaSWC5QaPof8w7qTrik4Ew8UHIZbdC -----END CERTIFICATE-----Generated at Wed Apr 17 04:53:01 2024 by rpki-client on console-fra.rpki-client.org