$ rpki-client -vvf rpki.apnic.net/member_repository/A91CFE07/962C4B7ED2BF11E9A84D6622C4F9AE02/A95EC0B2C9FA11EBB7F2E749C4F9AE02.roa File: A95EC0B2C9FA11EBB7F2E749C4F9AE02.roa (raw, json) Hash identifier: OnFCf8eAnEgvVp62T6YJKDeJaAnBLzi/6x3jgrk0jAY= Subject key identifier: E7:7D:34:5A:7E:FC:BC:7F:1D:4F:F4:D1:A8:41:05:A2:F2:BE:F7:5B Certificate issuer: /CN=A91CFE07/serialNumber=C8EBA334BD7DA6E92E67C408BD03787BAEAE0CAD Certificate serial: 0C75 Authority key identifier: C8:EB:A3:34:BD:7D:A6:E9:2E:67:C4:08:BD:03:78:7B:AE:AE:0C:AD Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yOujNL19pukuZ8QIvQN4e66uDK0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CFE07/962C4B7ED2BF11E9A84D6622C4F9AE02/A95EC0B2C9FA11EBB7F2E749C4F9AE02.roa Signing time: Wed 06 Mar 2024 19:07:06 +0000 ROA not before: Wed 06 Mar 2024 19:07:06 +0000 ROA not after: Thu 01 May 2025 00:00:00 +0000 asID: 132602 IP address blocks: 103.16.152.0/22 maxlen: 22 103.16.152.0/24 maxlen: 24 103.16.153.0/24 maxlen: 24 103.16.154.0/23 maxlen: 24 163.47.80.0/22 maxlen: 24 2406:4b00::/32 maxlen: 32 2406:4b00:a::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CFE07/962C4B7ED2BF11E9A84D6622C4F9AE02/yOujNL19pukuZ8QIvQN4e66uDK0.crl rsync://rpki.apnic.net/member_repository/A91CFE07/962C4B7ED2BF11E9A84D6622C4F9AE02/yOujNL19pukuZ8QIvQN4e66uDK0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yOujNL19pukuZ8QIvQN4e66uDK0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Nov 2024 18:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3189 (0xc75) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CFE07/serialNumber=C8EBA334BD7DA6E92E67C408BD03787BAEAE0CAD Validity Not Before: Mar 6 19:07:06 2024 GMT Not After : May 1 00:00:00 2025 GMT Subject: CN=65e8bed9-db47 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:a6:3d:57:5e:17:5f:9e:af:70:cc:9f:d7:87: 52:dd:e4:c4:9b:96:eb:98:60:46:87:2f:f7:82:23: 74:db:ce:f9:a3:53:39:a0:97:9c:58:7e:33:d6:db: ea:4a:1f:64:22:06:ed:b6:9a:f6:0a:3a:47:84:c4: 00:df:fe:0f:0d:57:1d:8a:3f:79:05:d6:d1:c1:c2: 59:e6:12:ec:be:f9:7f:18:21:ad:67:df:75:81:01: ed:5e:74:23:0f:3e:da:15:54:7d:3d:e5:c9:4d:b9: 2e:e8:ed:b8:45:02:62:9c:b7:1e:ce:d5:73:a3:e6: 4b:ce:c1:58:a2:3f:38:e5:0d:17:b7:ba:46:ad:ed: 6f:28:e9:82:81:0a:f7:9b:54:e6:5d:b8:9e:b4:bd: 77:a4:5c:9c:52:a3:ed:82:8f:e5:29:2f:21:0f:82: 9a:7f:d4:ac:c4:e7:b8:4a:da:13:b4:e9:36:b9:fd: d5:e8:0e:05:02:c4:0f:10:43:a2:2b:03:88:d5:cf: 51:dc:61:f8:60:8a:9a:c8:e7:61:f0:37:1e:76:04: 1d:dc:17:ba:e5:02:83:3c:89:85:d8:8f:c3:a4:4f: d9:a8:39:35:6f:bb:12:c8:5f:d2:fe:e5:54:f3:22: 84:1b:25:a4:06:90:df:c7:49:3f:de:88:c8:84:0b: 53:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E7:7D:34:5A:7E:FC:BC:7F:1D:4F:F4:D1:A8:41:05:A2:F2:BE:F7:5B X509v3 Authority Key Identifier: keyid:C8:EB:A3:34:BD:7D:A6:E9:2E:67:C4:08:BD:03:78:7B:AE:AE:0C:AD X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CFE07/962C4B7ED2BF11E9A84D6622C4F9AE02/yOujNL19pukuZ8QIvQN4e66uDK0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yOujNL19pukuZ8QIvQN4e66uDK0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CFE07/962C4B7ED2BF11E9A84D6622C4F9AE02/A95EC0B2C9FA11EBB7F2E749C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.16.152.0/22 163.47.80.0/22 IPv6: 2406:4b00::/32 Signature Algorithm: sha256WithRSAEncryption 5d:e8:18:6d:4a:43:b6:7d:d3:8f:fb:0e:eb:86:dd:25:ff:c4: 0c:91:19:d5:6d:36:c8:5a:77:a2:c2:e2:e3:18:51:81:e8:46: bb:3e:af:7c:86:cf:c9:bf:63:cf:c9:f5:a4:74:46:de:a3:5e: c6:dd:b5:eb:6a:4f:ed:4f:97:2e:36:e2:1b:01:48:a8:d6:a6: 8d:65:e1:81:fd:92:92:97:01:2b:dd:02:12:aa:28:56:0e:4f: 81:6a:cb:8b:76:35:cf:69:6b:89:17:c8:94:17:f3:ae:2e:9b: 5f:7f:18:78:11:b5:a6:3e:70:94:68:53:44:dc:09:bb:b7:ec: 6a:79:7e:44:78:a0:d5:82:59:6b:40:55:fb:16:e4:08:e6:e1: e8:2b:c9:f5:52:9d:c9:dc:51:42:a4:b1:da:9a:36:15:0f:25: 09:da:ad:84:8a:33:14:97:c9:a6:cb:81:14:0e:bf:a9:5f:67: 8e:e1:ec:3f:40:43:d0:ea:7d:21:e7:28:4b:b5:6c:9e:20:98: c6:84:56:b4:6c:fd:60:f2:06:b8:c2:7a:3b:7a:dc:58:da:e0: e5:f6:56:07:90:20:cb:53:55:a2:aa:e5:50:7a:32:96:a1:da: 03:70:c8:9f:ea:8d:74:3a:76:a2:7a:16:c9:f7:59:8e:0a:c6: 5b:06:ea:e6 -----BEGIN CERTIFICATE----- MIIFhjCCBG6gAwIBAgICDHUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Q0ZFMDcxMTAvBgNVBAUTKEM4RUJBMzM0QkQ3REE2RTkyRTY3QzQwOEJEMDM3ODdC QUVBRTBDQUQwHhcNMjQwMzA2MTkwNzA2WhcNMjUwNTAxMDAwMDAwWjAYMRYwFAYD VQQDEw02NWU4YmVkOS1kYjQ3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwaY9V14XX56vcMyf14dS3eTEm5brmGBGhy/3giN02875o1M5oJecWH4z1tvq Sh9kIgbttpr2CjpHhMQA3/4PDVcdij95BdbRwcJZ5hLsvvl/GCGtZ991gQHtXnQj Dz7aFVR9PeXJTbku6O24RQJinLceztVzo+ZLzsFYoj845Q0Xt7pGre1vKOmCgQr3 m1TmXbietL13pFycUqPtgo/lKS8hD4Kaf9SsxOe4StoTtOk2uf3V6A4FAsQPEEOi KwOI1c9R3GH4YIqayOdh8DcedgQd3Be65QKDPImF2I/DpE/ZqDk1b7sSyF/S/uVU 8yKEGyWkBpDfx0k/3ojIhAtTRQIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFOd9NFp+ /Lx/HU/00ahBBaLyvvdbMB8GA1UdIwQYMBaAFMjrozS9fabpLmfECL0DeHuurgyt MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDRkUwNy85NjJDNEI3RUQy QkYxMUU5QTg0RDY2MjJDNEY5QUUwMi95T3VqTkwxOXB1a3VaOFFJdlFONGU2NnVE SzAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3lPdWpOTDE5cHVrdVo4UUl2UU40ZTY2dURLMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx Q0ZFMDcvOTYyQzRCN0VEMkJGMTFFOUE4NEQ2NjIyQzRGOUFFMDIvQTk1RUMwQjJD OUZBMTFFQkI3RjJFNzQ5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E JTAjMBIEAgABMAwDBAJnEJgDBAKjL1AwDQQCAAIwBwMFACQGSwAwDQYJKoZIhvcN AQELBQADggEBAF3oGG1KQ7Z904/7DuuG3SX/xAyRGdVtNshad6LC4uMYUYHoRrs+ r3yGz8m/Y8/J9aR0Rt6jXsbdtetqT+1Ply424hsBSKjWpo1l4YH9kpKXASvdAhKq KFYOT4Fqy4t2Nc9pa4kXyJQX864um19/GHgRtaY+cJRoU0TcCbu37Gp5fkR4oNWC WWtAVfsW5Ajm4egryfVSncncUUKksdqaNhUPJQnarYSKMxSXyabLgRQOv6lfZ47h 7D9AQ9DqfSHnKEu1bJ4gmMaEVrRs/WDyBrjCejt63Fja4OX2VgeQIMtTVaKq5VB6 Mpah2gNwyJ/qjXQ6dqJ6Fsn3WY4KxlsG6uY= -----END CERTIFICATE-----Generated at Fri Nov 22 19:45:03 2024 by rpki-client on console-fra.rpki-client.org