$ rpki-client -vvf rpki.apnic.net/member_repository/A91E0425/5FC8AADC06A811EBBDFEB970C4F9AE02/8F4AF01606A911EBB5828C71C4F9AE02.roa File: 8F4AF01606A911EBB5828C71C4F9AE02.roa (raw, json) Hash identifier: eM7aF4ymH6aDPZBOyFk/6QJ9vCpU8peuNx+mA0a7hNg= Subject key identifier: FA:FE:9B:B8:5E:3F:DA:1C:BC:28:3D:CD:97:7D:B8:C0:6E:1F:FD:A8 Certificate issuer: /CN=A91E0425/serialNumber=1549F9494714A8A2D704FDE9A0463BBC34B5F4E0 Certificate serial: 0698 Authority key identifier: 15:49:F9:49:47:14:A8:A2:D7:04:FD:E9:A0:46:3B:BC:34:B5:F4:E0 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FUn5SUcUqKLXBP3poEY7vDS19OA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E0425/5FC8AADC06A811EBBDFEB970C4F9AE02/8F4AF01606A911EBB5828C71C4F9AE02.roa Signing time: Thu 28 Dec 2023 22:40:50 +0000 ROA not before: Thu 28 Dec 2023 22:40:50 +0000 ROA not after: Sun 02 Mar 2025 00:00:00 +0000 asID: 55720 IP address blocks: 103.253.108.0/24 maxlen: 24 103.253.109.0/24 maxlen: 24 103.253.110.0/24 maxlen: 24 103.253.111.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E0425/5FC8AADC06A811EBBDFEB970C4F9AE02/FUn5SUcUqKLXBP3poEY7vDS19OA.crl rsync://rpki.apnic.net/member_repository/A91E0425/5FC8AADC06A811EBBDFEB970C4F9AE02/FUn5SUcUqKLXBP3poEY7vDS19OA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FUn5SUcUqKLXBP3poEY7vDS19OA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 07 May 2024 22:38:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1688 (0x698) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E0425/serialNumber=1549F9494714A8A2D704FDE9A0463BBC34B5F4E0 Validity Not Before: Dec 28 22:40:50 2023 GMT Not After : Mar 2 00:00:00 2025 GMT Subject: CN=658df972-f685 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:9c:29:d7:52:27:d5:84:a8:84:55:b2:c9:b6: b8:f2:36:2f:b7:7e:e3:70:00:c7:28:91:d5:61:64: fb:71:2a:a2:f6:b9:dd:79:41:f0:7b:d4:ed:1e:24: 21:3c:d1:7c:ab:b9:56:fb:57:ca:33:32:20:da:05: dc:d8:22:6a:0e:39:ea:91:98:ff:4a:52:60:68:57: 2f:8c:b2:10:94:87:d6:e2:a2:51:bd:94:1b:f8:52: b5:bc:3a:79:61:93:dd:e8:3f:01:f1:71:0a:82:19: ba:a0:60:6c:5b:1e:77:b7:cd:e5:82:b1:56:37:41: c7:fc:63:d9:b1:7e:b6:a0:71:82:1c:a8:d8:ec:58: ce:61:60:50:a1:87:aa:fc:6a:aa:4d:f5:4e:85:92: 7f:9f:cc:db:e4:e8:e7:44:db:dd:36:ad:76:55:48: 22:78:b4:90:6a:29:24:58:06:6b:3d:f7:83:97:84: 30:be:8f:45:ae:92:ea:4a:ff:21:27:99:ac:a1:5f: 0a:2c:6e:af:f3:e9:51:87:26:2f:04:08:4c:03:98: 67:8d:e1:ad:2d:98:f2:f8:4c:3e:e8:33:24:a1:3e: 6a:0f:d5:5d:a6:6f:cc:5d:e1:e5:7f:fd:20:57:d8: 20:2b:96:f4:60:3b:6a:16:4b:5a:77:9c:29:91:3c: 1b:ab Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FA:FE:9B:B8:5E:3F:DA:1C:BC:28:3D:CD:97:7D:B8:C0:6E:1F:FD:A8 X509v3 Authority Key Identifier: keyid:15:49:F9:49:47:14:A8:A2:D7:04:FD:E9:A0:46:3B:BC:34:B5:F4:E0 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E0425/5FC8AADC06A811EBBDFEB970C4F9AE02/FUn5SUcUqKLXBP3poEY7vDS19OA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FUn5SUcUqKLXBP3poEY7vDS19OA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E0425/5FC8AADC06A811EBBDFEB970C4F9AE02/8F4AF01606A911EBB5828C71C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.253.108.0/22 Signature Algorithm: sha256WithRSAEncryption 30:0a:d8:95:83:86:7e:c4:03:81:f8:69:1f:06:a5:33:a0:d9: 72:91:79:0a:c0:86:57:cc:71:cb:87:0c:a3:56:7b:c7:cc:f9: 46:d2:b5:49:a2:fd:8c:9c:a1:e2:f7:a9:12:ea:81:09:11:7f: 85:9a:0e:bc:00:c8:a9:11:65:d5:8c:cc:20:d6:1e:46:58:ac: 34:54:56:65:4c:96:e3:43:b4:26:d1:dd:dc:f2:3f:22:8f:f3: ec:31:77:09:97:e5:6f:f6:e9:c7:5d:18:36:f3:96:d3:1b:4d: 95:57:af:61:5c:b6:01:ec:32:83:ef:4c:0a:09:c2:46:df:13: 1e:7f:2e:19:7d:cc:1d:6d:21:55:4c:dc:1d:d9:94:9b:91:93: 80:3c:83:ac:4d:74:7f:7f:78:bf:5e:59:d9:bd:67:5f:75:f8: 66:12:5e:3e:02:4b:e3:8c:98:92:f7:c9:af:1f:a0:df:a2:2d: b1:03:44:47:7e:9b:3e:e5:97:be:e2:08:70:ca:e4:f0:67:bb: f0:58:af:11:91:b3:99:9c:73:4e:8c:67:49:9a:e0:24:d2:1c: ad:5d:6b:3e:ea:53:84:97:73:6c:82:33:c1:3b:21:dd:e1:a4: d8:f1:d8:bd:ed:ba:c5:87:e0:bc:de:c0:66:74:5b:77:39:2e: ad:72:e9:38 -----BEGIN CERTIFICATE----- MIIFcTCCBFmgAwIBAgICBpgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTA0MjUxMTAvBgNVBAUTKDE1NDlGOTQ5NDcxNEE4QTJENzA0RkRFOUEwNDYzQkJD MzRCNUY0RTAwHhcNMjMxMjI4MjI0MDUwWhcNMjUwMzAyMDAwMDAwWjAYMRYwFAYD VQQDEw02NThkZjk3Mi1mNjg1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwpwp11In1YSohFWyyba48jYvt37jcADHKJHVYWT7cSqi9rndeUHwe9TtHiQh PNF8q7lW+1fKMzIg2gXc2CJqDjnqkZj/SlJgaFcvjLIQlIfW4qJRvZQb+FK1vDp5 YZPd6D8B8XEKghm6oGBsWx53t83lgrFWN0HH/GPZsX62oHGCHKjY7FjOYWBQoYeq /GqqTfVOhZJ/n8zb5OjnRNvdNq12VUgieLSQaikkWAZrPfeDl4Qwvo9FrpLqSv8h J5msoV8KLG6v8+lRhyYvBAhMA5hnjeGtLZjy+Ew+6DMkoT5qD9Vdpm/MXeHlf/0g V9ggK5b0YDtqFktad5wpkTwbqwIDAQABo4IClTCCApEwHQYDVR0OBBYEFPr+m7he P9ocvCg9zZd9uMBuH/2oMB8GA1UdIwQYMBaAFBVJ+UlHFKii1wT96aBGO7w0tfTg MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFMDQyNS81RkM4QUFEQzA2 QTgxMUVCQkRGRUI5NzBDNEY5QUUwMi9GVW41U1VjVXFLTFhCUDNwb0VZN3ZEUzE5 T0EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0ZVbjVTVWNVcUtMWEJQM3BvRVk3dkRTMTlPQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RTA0MjUvNUZDOEFBREMwNkE4MTFFQkJERkVCOTcwQzRGOUFFMDIvOEY0QUYwMTYw NkE5MTFFQkI1ODI4QzcxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E EDAOMAwEAgABMAYDBAJn/WwwDQYJKoZIhvcNAQELBQADggEBADAK2JWDhn7EA4H4 aR8GpTOg2XKReQrAhlfMccuHDKNWe8fM+UbStUmi/YycoeL3qRLqgQkRf4WaDrwA yKkRZdWMzCDWHkZYrDRUVmVMluNDtCbR3dzyPyKP8+wxdwmX5W/26cddGDbzltMb TZVXr2FctgHsMoPvTAoJwkbfEx5/Lhl9zB1tIVVM3B3ZlJuRk4A8g6xNdH9/eL9e Wdm9Z191+GYSXj4CS+OMmJL3ya8foN+iLbEDREd+mz7ll77iCHDK5PBnu/BYrxGR s5mcc06MZ0ma4CTSHK1daz7qU4SXc2yCM8E7Id3hpNjx2L3tusWH4LzewGZ0W3c5 Lq1y6Tg= -----END CERTIFICATE-----Generated at Tue Apr 30 23:40:17 2024 by rpki-client on console-fra.rpki-client.org