$ rpki-client -vvf rpki.apnic.net/member_repository/A91D83B3/A3D3D8228A0D11EAA5059714C4F9AE02/B01A5D448A0E11EAA8C40916C4F9AE02.roa File: B01A5D448A0E11EAA8C40916C4F9AE02.roa (raw, json) Hash identifier: wep3EHpCma6Z95dtPMJHeRO9CQY07Hw/pOnNGpa1mGQ= Subject key identifier: 5D:1D:85:8D:08:98:FD:43:22:6F:70:84:8C:5D:4C:3E:01:73:D7:6D Certificate issuer: /CN=A91D83B3/serialNumber=5E057446C4961E4D26C37FFEA8AC3F7AADD83B32 Certificate serial: 0877 Authority key identifier: 5E:05:74:46:C4:96:1E:4D:26:C3:7F:FE:A8:AC:3F:7A:AD:D8:3B:32 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XgV0RsSWHk0mw3_-qKw_eq3YOzI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D83B3/A3D3D8228A0D11EAA5059714C4F9AE02/B01A5D448A0E11EAA8C40916C4F9AE02.roa Signing time: Wed 08 Nov 2023 21:29:13 +0000 ROA not before: Wed 08 Nov 2023 21:29:13 +0000 ROA not after: Mon 30 Dec 2024 00:00:00 +0000 asID: 58895 IP address blocks: 103.129.140.0/22 maxlen: 22 103.129.140.0/24 maxlen: 24 103.129.141.0/24 maxlen: 24 103.129.142.0/24 maxlen: 24 103.129.143.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D83B3/A3D3D8228A0D11EAA5059714C4F9AE02/XgV0RsSWHk0mw3_-qKw_eq3YOzI.crl rsync://rpki.apnic.net/member_repository/A91D83B3/A3D3D8228A0D11EAA5059714C4F9AE02/XgV0RsSWHk0mw3_-qKw_eq3YOzI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XgV0RsSWHk0mw3_-qKw_eq3YOzI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 29 Apr 2024 21:33:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2167 (0x877) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D83B3/serialNumber=5E057446C4961E4D26C37FFEA8AC3F7AADD83B32 Validity Not Before: Nov 8 21:29:13 2023 GMT Not After : Dec 30 00:00:00 2024 GMT Subject: CN=654bfda9-48ab Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:a7:e3:6e:9f:6c:9d:5f:a7:42:eb:1c:10:a1: 30:6d:07:e3:69:b7:a5:ab:f6:9b:0a:83:e1:34:f4: cb:0b:49:be:cb:e7:75:51:36:d4:c4:97:f6:6a:4f: db:d6:75:ed:fa:9d:9a:c6:45:4b:9a:05:64:81:b3: 0b:3c:32:b5:b2:8c:de:4a:80:d2:14:53:a9:ba:a6: 2b:85:86:da:15:eb:1c:b3:11:16:8c:81:26:89:f0: f2:7a:cd:dc:a4:1f:3b:1d:ab:f6:80:9f:f7:5b:68: c6:5a:50:c4:16:91:69:e2:e3:87:d9:67:1d:e2:e8: ce:74:3b:4e:d5:e1:db:e5:a5:5c:0a:17:77:1c:5a: ce:dd:83:34:b3:2d:6f:f9:3a:40:07:b2:35:c3:0c: 84:1c:5f:37:03:40:e1:01:8a:74:22:39:d9:3a:9b: b3:0b:d4:b2:44:fb:b1:16:3b:18:d6:45:df:d2:21: 35:c2:49:4c:66:ce:db:83:30:99:6e:3c:44:ed:b8: 24:47:1c:a3:08:08:ee:df:8f:d5:dd:64:3f:c0:c6: 58:db:38:e2:73:e9:0c:f9:a0:65:2f:0d:f9:53:7c: 97:0f:e7:42:54:91:1f:66:92:4f:4d:5f:37:f4:ea: ad:19:d7:57:67:18:02:d7:67:36:5a:4b:b5:69:6a: 07:69 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5D:1D:85:8D:08:98:FD:43:22:6F:70:84:8C:5D:4C:3E:01:73:D7:6D X509v3 Authority Key Identifier: keyid:5E:05:74:46:C4:96:1E:4D:26:C3:7F:FE:A8:AC:3F:7A:AD:D8:3B:32 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D83B3/A3D3D8228A0D11EAA5059714C4F9AE02/XgV0RsSWHk0mw3_-qKw_eq3YOzI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XgV0RsSWHk0mw3_-qKw_eq3YOzI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D83B3/A3D3D8228A0D11EAA5059714C4F9AE02/B01A5D448A0E11EAA8C40916C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.129.140.0/22 Signature Algorithm: sha256WithRSAEncryption 02:a6:1b:2a:5c:0b:16:06:33:88:0f:5b:b7:f8:d8:e0:3a:32: 41:52:43:06:ee:d5:e0:fe:ca:69:ff:3e:7a:a6:bd:de:6d:95: 0e:47:a2:76:47:e6:1e:b9:ce:1a:1e:33:49:c6:c9:1e:be:d2: a3:4c:5f:7d:a3:01:c6:d2:fc:50:1a:1c:59:ee:24:c1:1a:cb: 3a:43:19:6e:ca:fd:ad:ac:87:04:9c:28:c3:65:0e:63:87:94: 02:26:10:7b:93:9f:f0:97:bd:fa:fc:a6:07:c8:b7:ef:ba:46: b7:d1:76:4d:cf:eb:4f:ba:f1:a6:cb:d9:df:97:2e:80:7e:b1: 0d:93:6c:4b:de:87:c5:3a:cd:3d:50:39:1e:ab:3e:b9:68:e9: 9f:c3:32:98:9b:9e:54:03:76:c5:fc:e0:4b:10:3e:c8:05:39: 80:62:88:a3:81:70:bb:e8:fd:3c:02:99:cd:c2:b7:da:7a:79: 31:2d:d4:dd:79:0f:45:08:4d:cd:d5:ce:0f:f0:78:da:7c:78: 1b:28:f0:36:91:53:69:85:13:7b:cf:69:78:f4:c9:8d:1e:71: 9a:10:88:d6:9a:b2:eb:f1:e8:7d:a5:f1:d3:e7:30:0a:61:25: 0e:32:f7:4e:26:24:ed:db:b0:12:7b:00:8a:e2:0d:55:8b:45: 01:ee:36:7c -----BEGIN CERTIFICATE----- MIIFcTCCBFmgAwIBAgICCHcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDgzQjMxMTAvBgNVBAUTKDVFMDU3NDQ2QzQ5NjFFNEQyNkMzN0ZGRUE4QUMzRjdB QUREODNCMzIwHhcNMjMxMTA4MjEyOTEzWhcNMjQxMjMwMDAwMDAwWjAYMRYwFAYD VQQDEw02NTRiZmRhOS00OGFiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAx6fjbp9snV+nQuscEKEwbQfjabelq/abCoPhNPTLC0m+y+d1UTbUxJf2ak/b 1nXt+p2axkVLmgVkgbMLPDK1sozeSoDSFFOpuqYrhYbaFescsxEWjIEmifDyes3c pB87Hav2gJ/3W2jGWlDEFpFp4uOH2Wcd4ujOdDtO1eHb5aVcChd3HFrO3YM0sy1v +TpAB7I1wwyEHF83A0DhAYp0IjnZOpuzC9SyRPuxFjsY1kXf0iE1wklMZs7bgzCZ bjxE7bgkRxyjCAju34/V3WQ/wMZY2zjic+kM+aBlLw35U3yXD+dCVJEfZpJPTV83 9OqtGddXZxgC12c2Wku1aWoHaQIDAQABo4IClTCCApEwHQYDVR0OBBYEFF0dhY0I mP1DIm9whIxdTD4Bc9dtMB8GA1UdIwQYMBaAFF4FdEbElh5NJsN//qisP3qt2Dsy MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEODNCMy9BM0QzRDgyMjhB MEQxMUVBQTUwNTk3MTRDNEY5QUUwMi9YZ1YwUnNTV0hrMG13M18tcUt3X2VxM1lP ekkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1hnVjBSc1NXSGswbXczXy1xS3dfZXEzWU96SS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RDgzQjMvQTNEM0Q4MjI4QTBEMTFFQUE1MDU5NzE0QzRGOUFFMDIvQjAxQTVENDQ4 QTBFMTFFQUE4QzQwOTE2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E EDAOMAwEAgABMAYDBAJngYwwDQYJKoZIhvcNAQELBQADggEBAAKmGypcCxYGM4gP W7f42OA6MkFSQwbu1eD+ymn/Pnqmvd5tlQ5HonZH5h65zhoeM0nGyR6+0qNMX32j AcbS/FAaHFnuJMEayzpDGW7K/a2shwScKMNlDmOHlAImEHuTn/CXvfr8pgfIt++6 RrfRdk3P60+68abL2d+XLoB+sQ2TbEveh8U6zT1QOR6rPrlo6Z/DMpibnlQDdsX8 4EsQPsgFOYBiiKOBcLvo/TwCmc3Ct9p6eTEt1N15D0UITc3Vzg/weNp8eBso8DaR U2mFE3vPaXj0yY0ecZoQiNaasuvx6H2l8dPnMAphJQ4y904mJO3bsBJ7AIriDVWL RQHuNnw= -----END CERTIFICATE-----Generated at Tue Apr 23 18:44:49 2024 by rpki-client on console-ams.rpki-client.org