$ rpki-client -vvf rpki.apnic.net/member_repository/A91D5320/78CCFE4E2DC811EE9370D348C4F9AE02/E7B472CE2DC811EEBADF8E61C4F9AE02.roa File: E7B472CE2DC811EEBADF8E61C4F9AE02.roa (raw, json) Hash identifier: 5Q25UCh0k+HcT+bVmBbgnql+OtM49EW3g9wv+fI2f98= Subject key identifier: BD:2B:2D:FB:A4:91:8C:63:6B:0A:67:44:49:2A:45:F1:44:34:F8:16 Certificate issuer: /CN=A91D5320/serialNumber=B191AE2068146F9C739BEA6CD59E792C4F897B76 Certificate serial: 5D Authority key identifier: B1:91:AE:20:68:14:6F:9C:73:9B:EA:6C:D5:9E:79:2C:4F:89:7B:76 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sZGuIGgUb5xzm-ps1Z55LE-Je3Y.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D5320/78CCFE4E2DC811EE9370D348C4F9AE02/E7B472CE2DC811EEBADF8E61C4F9AE02.roa Signing time: Sun 07 Jan 2024 03:50:11 +0000 ROA not before: Sun 07 Jan 2024 03:50:11 +0000 ROA not after: Sun 01 Dec 2024 00:00:00 +0000 asID: 150285 IP address blocks: 103.38.8.0/24 maxlen: 24 103.250.76.0/24 maxlen: 24 2400:e160::/32 maxlen: 32 2400:e160::/36 maxlen: 36 2400:e160:1000::/36 maxlen: 36 2400:e160:2000::/36 maxlen: 36 2400:e160:3000::/36 maxlen: 36 2400:e160:4000::/36 maxlen: 36 2400:e160:5000::/36 maxlen: 36 2400:e160:6000::/36 maxlen: 36 2400:e160:7000::/36 maxlen: 36 2400:e160:8000::/36 maxlen: 36 2400:e160:9000::/36 maxlen: 36 2400:e160:a000::/36 maxlen: 36 2400:e160:b000::/36 maxlen: 36 2400:e160:c000::/36 maxlen: 36 2400:e160:d000::/36 maxlen: 36 2400:e160:e000::/36 maxlen: 36 2400:e160:f000::/36 maxlen: 36 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D5320/78CCFE4E2DC811EE9370D348C4F9AE02/sZGuIGgUb5xzm-ps1Z55LE-Je3Y.crl rsync://rpki.apnic.net/member_repository/A91D5320/78CCFE4E2DC811EE9370D348C4F9AE02/sZGuIGgUb5xzm-ps1Z55LE-Je3Y.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sZGuIGgUb5xzm-ps1Z55LE-Je3Y.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 08 Jun 2024 08:09:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 93 (0x5d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D5320/serialNumber=B191AE2068146F9C739BEA6CD59E792C4F897B76 Validity Not Before: Jan 7 03:50:11 2024 GMT Not After : Dec 1 00:00:00 2024 GMT Subject: CN=659a1f73-46b2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:ac:cb:03:ac:7b:10:7a:da:1f:64:f7:72:e8: 63:5e:41:83:d6:50:d1:24:c6:79:86:49:dd:cc:d4: 5a:ea:b4:85:9b:3c:84:73:c1:34:59:82:a7:0c:f3: 7d:66:85:16:b0:84:5d:6f:73:5e:8b:61:dd:b4:df: 3a:6d:a8:10:76:0f:a9:56:ef:cb:6f:b9:53:7a:aa: 5b:5c:66:bd:fb:c4:8c:29:5f:c1:0d:ab:46:fc:01: 6f:b2:0f:55:b9:84:8c:2b:30:5c:63:b6:c9:ed:2c: 1a:34:e9:ed:5f:14:db:57:f2:47:c8:49:ef:9e:25: b6:cb:88:0e:53:90:ee:53:6a:74:96:d9:05:80:3c: 37:92:5a:d1:f6:90:4d:04:a7:ad:5c:1c:fc:f1:b5: 9f:11:55:5d:dc:31:0b:78:24:10:ec:77:18:06:e1: 57:d2:e7:76:40:a0:17:8a:66:6c:7b:e0:58:56:a3: 26:28:72:0f:b2:29:35:ab:cb:06:78:d7:54:97:88: 0f:23:80:a4:0b:cd:76:50:be:04:e9:2b:12:80:f8: b2:93:21:db:5e:82:4b:a3:82:23:62:e0:af:e3:23: 7e:6f:10:5d:7a:0d:39:12:d1:fd:ec:80:ad:1e:a9: 25:3c:42:5a:09:c6:4c:6a:f1:7a:76:fa:32:6a:2a: 5d:e5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BD:2B:2D:FB:A4:91:8C:63:6B:0A:67:44:49:2A:45:F1:44:34:F8:16 X509v3 Authority Key Identifier: keyid:B1:91:AE:20:68:14:6F:9C:73:9B:EA:6C:D5:9E:79:2C:4F:89:7B:76 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D5320/78CCFE4E2DC811EE9370D348C4F9AE02/sZGuIGgUb5xzm-ps1Z55LE-Je3Y.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sZGuIGgUb5xzm-ps1Z55LE-Je3Y.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D5320/78CCFE4E2DC811EE9370D348C4F9AE02/E7B472CE2DC811EEBADF8E61C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.38.8.0/24 103.250.76.0/24 IPv6: 2400:e160::/32 Signature Algorithm: sha256WithRSAEncryption 57:dd:d9:94:9c:a4:f6:44:07:d6:d3:40:2a:a1:75:3e:98:21: 66:a2:62:59:3c:4d:ff:2b:1a:bd:d1:86:29:e5:82:e2:a6:44: 6e:71:7a:49:d2:8b:b6:49:01:17:a7:7c:0e:44:5b:c0:9f:f6: 14:09:28:3d:ba:b1:31:bc:a5:d8:73:6c:8f:b4:e9:46:63:4e: 1e:9d:7a:30:0e:a7:11:56:de:7a:3f:66:40:5e:76:89:db:96: 49:6d:d9:68:d7:4d:41:18:c4:4b:a7:87:8f:bb:e0:6e:93:33: ce:8b:5b:11:6d:84:6a:00:13:18:3b:bd:85:05:5d:9f:2f:5b: 2f:e3:06:93:57:ed:1d:10:bf:cb:42:36:57:dd:96:b1:45:53: 3c:52:ed:d4:91:d6:b2:e2:ee:c5:46:ce:c7:1e:c6:2c:aa:c2: bb:ce:24:b8:c6:45:e1:ca:50:26:06:dc:0e:58:37:b7:34:e0: bb:ce:b6:10:7c:a7:97:23:86:c4:f7:00:8c:90:36:39:d4:65: 22:53:d5:33:44:51:2a:b6:e0:4e:4f:40:b5:7f:7c:3a:ca:f8: 43:a7:e5:02:d8:d4:be:28:77:f6:68:a0:5e:74:8c:ce:86:d7: cf:1c:b5:f2:ac:24:18:f2:f3:09:5e:23:af:3e:d9:7f:0e:0c: 5b:88:c8:7f -----BEGIN CERTIFICATE----- MIIFhTCCBG2gAwIBAgIBXTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFE NTMyMDExMC8GA1UEBRMoQjE5MUFFMjA2ODE0NkY5QzczOUJFQTZDRDU5RTc5MkM0 Rjg5N0I3NjAeFw0yNDAxMDcwMzUwMTFaFw0yNDEyMDEwMDAwMDBaMBgxFjAUBgNV BAMTDTY1OWExZjczLTQ2YjIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDErMsDrHsQetofZPdy6GNeQYPWUNEkxnmGSd3M1FrqtIWbPIRzwTRZgqcM831m hRawhF1vc16LYd203zptqBB2D6lW78tvuVN6qltcZr37xIwpX8ENq0b8AW+yD1W5 hIwrMFxjtsntLBo06e1fFNtX8kfISe+eJbbLiA5TkO5TanSW2QWAPDeSWtH2kE0E p61cHPzxtZ8RVV3cMQt4JBDsdxgG4VfS53ZAoBeKZmx74FhWoyYocg+yKTWrywZ4 11SXiA8jgKQLzXZQvgTpKxKA+LKTIdtegkujgiNi4K/jI35vEF16DTkS0f3sgK0e qSU8QloJxkxq8Xp2+jJqKl3lAgMBAAGjggKqMIICpjAdBgNVHQ4EFgQUvSst+6SR jGNrCmdESSpF8UQ0+BYwHwYDVR0jBBgwFoAUsZGuIGgUb5xzm+ps1Z55LE+Je3Yw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUQ1MzIwLzc4Q0NGRTRFMkRD ODExRUU5MzcwRDM0OEM0RjlBRTAyL3NaR3VJR2dVYjV4em0tcHMxWjU1TEUtSmUz WS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvc1pHdUlHZ1ViNXh6bS1wczFaNTVMRS1KZTNZLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE NTMyMC83OENDRkU0RTJEQzgxMUVFOTM3MEQzNDhDNEY5QUUwMi9FN0I0NzJDRTJE QzgxMUVFQkFERjhFNjFDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDA0BggrBgEFBQcBBwEB/wQl MCMwEgQCAAEwDAMEAGcmCAMEAGf6TDANBAIAAjAHAwUAJADhYDANBgkqhkiG9w0B AQsFAAOCAQEAV93ZlJyk9kQH1tNAKqF1PpghZqJiWTxN/ysavdGGKeWC4qZEbnF6 SdKLtkkBF6d8DkRbwJ/2FAkoPbqxMbyl2HNsj7TpRmNOHp16MA6nEVbeej9mQF52 iduWSW3ZaNdNQRjES6eHj7vgbpMzzotbEW2EagATGDu9hQVdny9bL+MGk1ftHRC/ y0I2V92WsUVTPFLt1JHWsuLuxUbOxx7GLKrCu84kuMZF4cpQJgbcDlg3tzTgu862 EHynlyOGxPcAjJA2OdRlIlPVM0RRKrbgTk9AtX98Osr4Q6flAtjUvih39migXnSM zobXzxy18qwkGPLzCV4jrz7Zfw4MW4jIfw== -----END CERTIFICATE-----Generated at Sat Jun 1 11:47:33 2024 by rpki-client on console-ams.rpki-client.org