$ rpki-client -vvf rpki.apnic.net/member_repository/A91E0EF8/C938D106CB5411EBA3D36C5BC4F9AE02/16A4DFE893C711EDB3D8A867C4F9AE02.roa File: 16A4DFE893C711EDB3D8A867C4F9AE02.roa (raw, json) Hash identifier: BMRoArOkK6XKfXiCgVXjRFI7Ts9ZVPZguMrIduSzckU= Subject key identifier: 43:95:B0:5C:66:74:78:01:71:36:5B:60:69:D2:C9:3E:DB:58:36:21 Certificate issuer: /CN=A91E0EF8/serialNumber=A04E743AD31F4F83F09DC5D2F7EF4FABE1EF687B Certificate serial: 0535 Authority key identifier: A0:4E:74:3A:D3:1F:4F:83:F0:9D:C5:D2:F7:EF:4F:AB:E1:EF:68:7B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oE50OtMfT4PwncXS9-9Pq-HvaHs.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E0EF8/C938D106CB5411EBA3D36C5BC4F9AE02/16A4DFE893C711EDB3D8A867C4F9AE02.roa Signing time: Sat 31 Aug 2024 01:04:00 +0000 ROA not before: Sat 31 Aug 2024 01:04:00 +0000 ROA not after: Tue 30 Sep 2025 00:00:00 +0000 asID: 20473 IP address blocks: 103.168.42.0/24 maxlen: 24 103.168.43.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E0EF8/C938D106CB5411EBA3D36C5BC4F9AE02/oE50OtMfT4PwncXS9-9Pq-HvaHs.crl rsync://rpki.apnic.net/member_repository/A91E0EF8/C938D106CB5411EBA3D36C5BC4F9AE02/oE50OtMfT4PwncXS9-9Pq-HvaHs.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oE50OtMfT4PwncXS9-9Pq-HvaHs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 15 May 2025 23:01:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1333 (0x535) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E0EF8, serialNumber=A04E743AD31F4F83F09DC5D2F7EF4FABE1EF687B Validity Not Before: Aug 31 01:04:00 2024 GMT Not After : Sep 30 00:00:00 2025 GMT Subject: CN=66d26bff-3ff5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:0b:85:99:7b:82:d9:02:9e:03:b5:1b:60:4b: bf:8f:76:2e:61:26:9e:4f:45:74:47:eb:97:ed:be: 22:6f:fa:c8:3a:72:d2:45:df:c2:2e:20:ea:1a:9c: 1d:ea:70:4d:85:49:68:b0:d7:23:40:42:f9:82:f4: 44:9a:de:9e:ec:52:80:5f:4f:99:1e:92:da:a6:2b: 46:bf:f7:24:76:ba:9c:71:d2:3d:7b:4e:58:3c:0d: 30:73:d4:e5:c8:7c:ff:28:b6:b8:eb:cb:35:ac:1e: ce:f9:de:6c:de:dc:eb:63:a3:8e:94:80:c3:00:6b: a1:db:2a:cb:51:08:b7:ca:8a:21:f5:1e:13:1e:ea: ca:b9:bf:6f:40:24:77:5c:17:d9:12:91:2e:02:8e: 36:26:9e:52:e4:e5:6f:2f:9f:d6:b9:1c:22:55:06: e4:f6:60:3d:32:83:54:b5:07:e0:c9:e8:9d:d1:bd: 72:da:76:3d:06:9c:17:1a:9c:5f:32:6c:68:f2:d4: 11:07:e2:b0:46:45:66:e0:19:6a:3a:db:7a:22:2d: 9e:5b:14:53:c9:89:8c:ec:98:f1:ee:e4:33:e6:c0: a7:19:6e:d3:a2:0b:44:e1:c5:3a:2f:33:c4:5f:62: 1e:01:e3:30:d8:7c:8b:2f:89:ad:35:9a:b7:33:01: 4c:49 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 43:95:B0:5C:66:74:78:01:71:36:5B:60:69:D2:C9:3E:DB:58:36:21 X509v3 Authority Key Identifier: keyid:A0:4E:74:3A:D3:1F:4F:83:F0:9D:C5:D2:F7:EF:4F:AB:E1:EF:68:7B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E0EF8/C938D106CB5411EBA3D36C5BC4F9AE02/oE50OtMfT4PwncXS9-9Pq-HvaHs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oE50OtMfT4PwncXS9-9Pq-HvaHs.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E0EF8/C938D106CB5411EBA3D36C5BC4F9AE02/16A4DFE893C711EDB3D8A867C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.168.42.0/23 Signature Algorithm: sha256WithRSAEncryption 38:e9:1d:ec:93:af:70:23:b8:3c:a8:c7:1c:54:dc:58:a9:39: a6:34:e8:6a:80:f4:87:35:2d:ed:4d:91:48:a4:1d:80:c2:5c: e7:fb:4e:3a:c1:92:be:2a:6b:1c:4c:cc:bc:66:1b:47:8f:fc: 2d:a8:61:fa:e8:28:a3:b0:09:d9:de:cc:f3:31:23:18:b5:60: 5a:39:a7:89:6d:97:4c:29:6a:86:19:58:c3:d7:9b:55:3a:e3: d8:6d:f5:30:71:e9:05:74:4c:74:d5:4d:4b:02:24:10:0e:47: 68:46:84:53:79:f2:1a:c8:1d:2b:45:4a:d8:bd:75:ed:f3:3e: 74:69:f1:7e:71:40:95:d3:0f:c6:13:b7:4e:a5:08:0a:3b:14: b8:fd:ed:82:8d:8f:33:ea:7c:0c:39:15:92:f8:ec:48:3f:3e: bf:74:6f:73:b4:14:cb:16:38:29:e9:d9:57:f3:e5:ec:cc:c9: 0c:27:06:46:fd:fb:5f:e7:5e:81:50:25:d1:65:d5:00:18:f1: 5e:50:04:15:a2:0b:34:0c:67:0a:1b:04:c2:90:94:44:8f:d5: f2:3c:5b:54:04:1c:cd:13:20:ec:56:45:7a:2f:e7:b5:50:59: 72:58:8e:98:e8:93:1c:6d:44:5c:6f:8e:fd:ff:4f:70:6d:92: 5e:6a:34:b5 -----BEGIN CERTIFICATE----- MIIFcTCCBFmgAwIBAgICBTUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTBFRjgxMTAvBgNVBAUTKEEwNEU3NDNBRDMxRjRGODNGMDlEQzVEMkY3RUY0RkFC RTFFRjY4N0IwHhcNMjQwODMxMDEwNDAwWhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD VQQDEw02NmQyNmJmZi0zZmY1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAzQuFmXuC2QKeA7UbYEu/j3YuYSaeT0V0R+uX7b4ib/rIOnLSRd/CLiDqGpwd 6nBNhUlosNcjQEL5gvREmt6e7FKAX0+ZHpLapitGv/ckdrqccdI9e05YPA0wc9Tl yHz/KLa468s1rB7O+d5s3tzrY6OOlIDDAGuh2yrLUQi3yooh9R4THurKub9vQCR3 XBfZEpEuAo42Jp5S5OVvL5/WuRwiVQbk9mA9MoNUtQfgyeid0b1y2nY9BpwXGpxf Mmxo8tQRB+KwRkVm4BlqOtt6Ii2eWxRTyYmM7Jjx7uQz5sCnGW7TogtE4cU6LzPE X2IeAeMw2HyLL4mtNZq3MwFMSQIDAQABo4IClTCCApEwHQYDVR0OBBYEFEOVsFxm dHgBcTZbYGnSyT7bWDYhMB8GA1UdIwQYMBaAFKBOdDrTH0+D8J3F0vfvT6vh72h7 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFMEVGOC9DOTM4RDEwNkNC NTQxMUVCQTNEMzZDNUJDNEY5QUUwMi9vRTUwT3RNZlQ0UHduY1hTOS05UHEtSHZh SHMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL29FNTBPdE1mVDRQd25jWFM5LTlQcS1IdmFIcy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RTBFRjgvQzkzOEQxMDZDQjU0MTFFQkEzRDM2QzVCQzRGOUFFMDIvMTZBNERGRTg5 M0M3MTFFREIzRDhBODY3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E EDAOMAwEAgABMAYDBAFnqCowDQYJKoZIhvcNAQELBQADggEBADjpHeyTr3AjuDyo xxxU3FipOaY06GqA9Ic1Le1NkUikHYDCXOf7TjrBkr4qaxxMzLxmG0eP/C2oYfro KKOwCdnezPMxIxi1YFo5p4ltl0wpaoYZWMPXm1U649ht9TBx6QV0THTVTUsCJBAO R2hGhFN58hrIHStFSti9de3zPnRp8X5xQJXTD8YTt06lCAo7FLj97YKNjzPqfAw5 FZL47Eg/Pr90b3O0FMsWOCnp2Vfz5ezMyQwnBkb9+1/nXoFQJdFl1QAY8V5QBBWi CzQMZwobBMKQlESP1fI8W1QEHM0TIOxWRXov57VQWXJYjpjokxxtRFxvjv3/T3Bt kl5qNLU= -----END CERTIFICATE-----Generated at Fri May 9 21:56:12 2025 by rpki-client