$ rpki-client -vvf rpki.apnic.net/member_repository/A91D0432/E3CA18EC7B8711EDB59E3B80C4F9AE02/539DF534D1FB11EDA0A31C2FC4F9AE02.roa File: 539DF534D1FB11EDA0A31C2FC4F9AE02.roa (raw, json) Hash identifier: qQaRN6iJWqfARGQzig/oXJzFgb+4hZU6lQ132h02tnc= Subject key identifier: 8E:20:41:36:46:76:08:44:09:18:32:08:FE:C0:F7:42:BD:EE:3C:65 Certificate issuer: /CN=A91D0432/serialNumber=BE37704B8C7DF3975617194AF2ADEEDA1CC9BCF6 Certificate serial: 0114 Authority key identifier: BE:37:70:4B:8C:7D:F3:97:56:17:19:4A:F2:AD:EE:DA:1C:C9:BC:F6 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vjdwS4x985dWFxlK8q3u2hzJvPY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D0432/E3CA18EC7B8711EDB59E3B80C4F9AE02/539DF534D1FB11EDA0A31C2FC4F9AE02.roa Signing time: Tue 21 May 2024 05:41:09 +0000 ROA not before: Tue 21 May 2024 05:41:09 +0000 ROA not after: Tue 01 Jul 2025 00:00:00 +0000 asID: 132080 IP address blocks: 103.136.20.0/22 maxlen: 22 103.136.20.0/24 maxlen: 24 103.136.21.0/24 maxlen: 24 103.136.22.0/24 maxlen: 24 103.136.23.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D0432/E3CA18EC7B8711EDB59E3B80C4F9AE02/vjdwS4x985dWFxlK8q3u2hzJvPY.crl rsync://rpki.apnic.net/member_repository/A91D0432/E3CA18EC7B8711EDB59E3B80C4F9AE02/vjdwS4x985dWFxlK8q3u2hzJvPY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vjdwS4x985dWFxlK8q3u2hzJvPY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 30 Nov 2024 02:14:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 276 (0x114) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D0432/serialNumber=BE37704B8C7DF3975617194AF2ADEEDA1CC9BCF6 Validity Not Before: May 21 05:41:09 2024 GMT Not After : Jul 1 00:00:00 2025 GMT Subject: CN=664c33f5-741d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:39:57:52:26:6b:54:5f:e9:c3:7e:36:25:2f: 44:37:07:87:a4:a6:5d:8a:92:06:84:cc:5b:aa:bc: ef:a7:db:42:f1:c6:99:ca:77:b7:bb:df:06:9d:51: 76:f6:f6:b2:ad:98:cf:ca:95:fc:e6:07:39:5e:41: 5d:37:9a:ec:c3:e3:fa:a7:20:40:16:bc:89:33:09: 59:8c:74:cf:91:bb:f2:a9:a3:be:07:87:44:61:0a: 74:49:ed:c8:41:c5:07:1c:3a:27:d3:65:54:6c:04: 5a:09:20:90:f2:a0:ec:d5:be:c6:87:1d:28:28:3b: 27:c5:99:1a:69:85:4a:35:c4:15:da:bd:a2:46:df: c3:bf:e3:18:65:9f:0b:2e:39:8b:ad:bc:de:2f:38: 33:89:60:29:ec:a4:6d:cf:30:28:e8:06:96:d1:02: 42:6a:08:ea:90:bc:9e:1c:49:92:ac:69:16:fc:37: bd:b4:91:a2:0a:23:f8:84:fa:ad:52:81:45:1f:92: 5d:03:6f:05:06:c3:13:c0:e0:6b:93:ac:51:09:73: 87:6d:27:d3:72:94:65:dd:f3:8f:3e:16:60:0c:15: bf:36:50:07:65:4e:ee:8b:6a:18:dc:c3:48:ad:ec: a2:b0:ef:e0:8e:d2:35:10:b2:dd:ab:5d:1e:05:42: 13:09 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8E:20:41:36:46:76:08:44:09:18:32:08:FE:C0:F7:42:BD:EE:3C:65 X509v3 Authority Key Identifier: keyid:BE:37:70:4B:8C:7D:F3:97:56:17:19:4A:F2:AD:EE:DA:1C:C9:BC:F6 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D0432/E3CA18EC7B8711EDB59E3B80C4F9AE02/vjdwS4x985dWFxlK8q3u2hzJvPY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vjdwS4x985dWFxlK8q3u2hzJvPY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D0432/E3CA18EC7B8711EDB59E3B80C4F9AE02/539DF534D1FB11EDA0A31C2FC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.136.20.0/22 Signature Algorithm: sha256WithRSAEncryption 21:c2:fc:3a:31:84:5b:5d:ba:ce:94:9b:79:47:c1:0f:4b:ce: 8b:e5:d4:ae:f1:35:0b:3d:d4:73:ba:ff:83:4c:ff:09:eb:e9: da:0f:68:8e:39:52:20:a6:49:ca:20:0a:b4:2c:10:ff:07:b0: 78:f6:5f:36:dd:3b:b1:21:be:68:db:75:ee:08:19:c5:29:86: 42:ca:e3:62:cc:fb:b6:b6:0c:a7:e1:c1:07:90:30:d0:5c:df: 64:ea:9e:fa:7a:80:a0:16:d4:10:0d:68:7f:c0:c1:e3:fb:0c: 1e:d0:ad:1d:5b:55:a1:e7:6d:d1:8b:7a:84:7c:1f:3f:c0:af: 27:f9:d9:f7:1b:a9:ce:a8:f4:ed:05:99:cf:25:c8:4d:03:1e: 36:cc:8a:c9:d9:4e:30:d7:95:ee:a5:87:31:aa:a9:7a:64:74: 86:67:fd:a9:96:e5:6c:e2:8d:ee:be:08:1b:27:76:cc:b5:ed: 35:86:7d:4e:4b:13:2c:0c:6d:65:ed:42:53:6a:c0:1d:45:47: 6c:4b:19:01:31:eb:26:7c:55:0c:80:4a:22:20:d6:f2:6e:b8: 99:af:e6:f1:b7:08:f9:bd:e2:7a:42:98:50:83:f4:81:82:2a: 74:cb:c5:28:7d:e5:e3:d5:97:ee:37:2f:4b:eb:c0:30:d5:97: 7e:d6:89:25 -----BEGIN CERTIFICATE----- MIIFcTCCBFmgAwIBAgICARQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDA0MzIxMTAvBgNVBAUTKEJFMzc3MDRCOEM3REYzOTc1NjE3MTk0QUYyQURFRURB MUNDOUJDRjYwHhcNMjQwNTIxMDU0MTA5WhcNMjUwNzAxMDAwMDAwWjAYMRYwFAYD VQQDEw02NjRjMzNmNS03NDFkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAuzlXUiZrVF/pw342JS9ENweHpKZdipIGhMxbqrzvp9tC8caZyne3u98GnVF2 9vayrZjPypX85gc5XkFdN5rsw+P6pyBAFryJMwlZjHTPkbvyqaO+B4dEYQp0Se3I QcUHHDon02VUbARaCSCQ8qDs1b7Ghx0oKDsnxZkaaYVKNcQV2r2iRt/Dv+MYZZ8L LjmLrbzeLzgziWAp7KRtzzAo6AaW0QJCagjqkLyeHEmSrGkW/De9tJGiCiP4hPqt UoFFH5JdA28FBsMTwOBrk6xRCXOHbSfTcpRl3fOPPhZgDBW/NlAHZU7ui2oY3MNI reyisO/gjtI1ELLdq10eBUITCQIDAQABo4IClTCCApEwHQYDVR0OBBYEFI4gQTZG dghECRgyCP7A90K97jxlMB8GA1UdIwQYMBaAFL43cEuMffOXVhcZSvKt7tocybz2 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEMDQzMi9FM0NBMThFQzdC ODcxMUVEQjU5RTNCODBDNEY5QUUwMi92amR3UzR4OTg1ZFdGeGxLOHEzdTJoekp2 UFkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3ZqZHdTNHg5ODVkV0Z4bEs4cTN1Mmh6SnZQWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RDA0MzIvRTNDQTE4RUM3Qjg3MTFFREI1OUUzQjgwQzRGOUFFMDIvNTM5REY1MzRE MUZCMTFFREEwQTMxQzJGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E EDAOMAwEAgABMAYDBAJniBQwDQYJKoZIhvcNAQELBQADggEBACHC/DoxhFtdus6U m3lHwQ9Lzovl1K7xNQs91HO6/4NM/wnr6doPaI45UiCmScogCrQsEP8HsHj2Xzbd O7Ehvmjbde4IGcUphkLK42LM+7a2DKfhwQeQMNBc32Tqnvp6gKAW1BANaH/AweP7 DB7QrR1bVaHnbdGLeoR8Hz/Aryf52fcbqc6o9O0Fmc8lyE0DHjbMisnZTjDXle6l hzGqqXpkdIZn/amW5Wzije6+CBsndsy17TWGfU5LEywMbWXtQlNqwB1FR2xLGQEx 6yZ8VQyASiIg1vJuuJmv5vG3CPm94npCmFCD9IGCKnTLxSh95ePVl+43L0vrwDDV l37WiSU= -----END CERTIFICATE-----Generated at Sat Nov 23 03:58:52 2024 by rpki-client on console-ams.rpki-client.org