$ rpki-client -vvf rpki.apnic.net/member_repository/A91E868C/3FB93368A9DB11E984285286C4F9AE02/427DCF0C3D8211EEA0E4DD46C4F9AE02.roa File: 427DCF0C3D8211EEA0E4DD46C4F9AE02.roa (raw, json) Hash identifier: ovSA2wmqnVri8Bae8yZNqfuQWsSrO5RS1cz+upo4tCM= Subject key identifier: B7:00:03:F4:CE:B1:69:FA:28:FE:E1:38:42:05:9C:66:17:B3:E4:B9 Certificate issuer: /CN=A91E868C/serialNumber=28E670C2E37012F05C63BB566E203C51DC45E2B2 Certificate serial: 0D39 Authority key identifier: 28:E6:70:C2:E3:70:12:F0:5C:63:BB:56:6E:20:3C:51:DC:45:E2:B2 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KOZwwuNwEvBcY7tWbiA8UdxF4rI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E868C/3FB93368A9DB11E984285286C4F9AE02/427DCF0C3D8211EEA0E4DD46C4F9AE02.roa Signing time: Fri 08 Sep 2023 18:25:47 +0000 ROA not before: Fri 08 Sep 2023 18:25:47 +0000 ROA not after: Thu 31 Oct 2024 00:00:00 +0000 asID: 138970 IP address blocks: 103.5.0.0/22 maxlen: 22 103.5.0.0/23 maxlen: 23 103.5.0.0/24 maxlen: 24 103.5.1.0/24 maxlen: 24 103.5.2.0/23 maxlen: 23 103.5.2.0/24 maxlen: 24 103.5.3.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E868C/3FB93368A9DB11E984285286C4F9AE02/KOZwwuNwEvBcY7tWbiA8UdxF4rI.crl rsync://rpki.apnic.net/member_repository/A91E868C/3FB93368A9DB11E984285286C4F9AE02/KOZwwuNwEvBcY7tWbiA8UdxF4rI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KOZwwuNwEvBcY7tWbiA8UdxF4rI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 15 May 2024 02:42:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3385 (0xd39) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E868C/serialNumber=28E670C2E37012F05C63BB566E203C51DC45E2B2 Validity Not Before: Sep 8 18:25:47 2023 GMT Not After : Oct 31 00:00:00 2024 GMT Subject: CN=64fb672b-53ad Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:85:aa:00:38:8c:9e:cf:e6:a8:c4:55:04:65: 2f:7f:a8:20:fd:c6:2f:5d:7c:40:50:2b:32:40:ac: 4f:b2:9d:4d:36:c6:aa:34:80:1c:2d:87:6f:62:ce: 4d:b1:2f:6d:69:ea:6e:40:d4:8a:42:b9:26:f1:b4: 69:6c:5b:b4:bf:74:fa:b8:a8:a9:0c:b3:ab:5f:74: 1c:67:b4:98:e3:a2:1b:71:6b:a5:8a:72:94:5b:55: e9:6c:a0:a3:53:07:ab:99:76:99:96:ef:35:2d:9f: bb:12:85:d4:21:f3:a0:fe:d9:60:00:7d:67:70:e5: 8d:72:dd:ae:d5:ce:b3:eb:04:77:91:a3:ba:dd:6e: 40:f5:5a:37:3e:bf:a9:5f:b1:b3:ac:c3:54:77:64: 12:60:ff:5c:3e:03:f2:14:52:54:b0:a7:c6:cd:82: 58:cd:02:a6:f9:86:3d:7e:98:5f:2e:32:fb:6b:84: e6:35:24:00:50:81:2c:05:a2:b0:f7:dd:06:e3:b3: 8e:4c:cd:5f:1b:17:eb:0b:89:65:a1:5e:e8:41:a9: 0d:cf:e6:ea:4e:82:a0:29:41:cd:63:e8:21:56:66: d8:f1:96:7f:ed:51:a5:f6:a1:b0:07:37:14:62:c3: 4b:e6:28:27:9b:6a:b6:4d:2e:64:9d:53:49:c9:ee: 6e:f5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B7:00:03:F4:CE:B1:69:FA:28:FE:E1:38:42:05:9C:66:17:B3:E4:B9 X509v3 Authority Key Identifier: keyid:28:E6:70:C2:E3:70:12:F0:5C:63:BB:56:6E:20:3C:51:DC:45:E2:B2 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E868C/3FB93368A9DB11E984285286C4F9AE02/KOZwwuNwEvBcY7tWbiA8UdxF4rI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KOZwwuNwEvBcY7tWbiA8UdxF4rI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E868C/3FB93368A9DB11E984285286C4F9AE02/427DCF0C3D8211EEA0E4DD46C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.5.0.0/22 Signature Algorithm: sha256WithRSAEncryption ae:3e:4a:84:cc:bd:26:ff:74:f4:4e:a2:79:63:d1:46:a8:68: a3:aa:74:c0:80:ae:ba:54:c8:95:85:71:49:60:c3:12:08:73: 54:c8:71:21:4b:47:b9:86:79:67:3c:de:e6:39:85:b4:3d:3f: fb:97:9d:a6:c3:2e:3d:53:11:43:60:41:f5:2e:49:6c:1b:a1: aa:48:ab:97:4d:18:0c:1d:2c:4e:36:63:fd:b6:00:43:ca:48: 9e:e9:75:92:6e:4f:82:9a:5a:15:86:26:95:0b:75:a2:ab:04: 15:37:5d:2a:c5:ff:ae:44:da:ea:70:f6:56:51:c1:70:f1:13: 49:4d:d5:55:23:8c:96:ae:75:dc:31:45:90:74:9c:8b:ae:cf: 79:98:fc:31:31:42:2e:f4:53:45:b8:f4:27:06:93:08:85:e2: 91:f4:95:73:7b:c1:f6:a6:88:39:1c:5a:2d:92:9c:ee:13:a4: 43:3e:ef:24:e6:98:a3:19:c4:a0:c1:50:d1:9f:61:1e:99:3f: 95:f3:c4:12:ef:4e:e4:1a:98:f9:cd:a9:91:38:f1:64:c4:78: 77:c2:3c:31:86:94:6f:89:ca:36:bc:c6:c8:46:98:be:d5:00: 3c:fd:c8:d5:5c:4d:68:5e:5b:1b:1f:f1:13:dc:d7:a0:83:93: d8:15:b5:4c -----BEGIN CERTIFICATE----- MIIFcTCCBFmgAwIBAgICDTkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTg2OEMxMTAvBgNVBAUTKDI4RTY3MEMyRTM3MDEyRjA1QzYzQkI1NjZFMjAzQzUx REM0NUUyQjIwHhcNMjMwOTA4MTgyNTQ3WhcNMjQxMDMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NGZiNjcyYi01M2FkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA1YWqADiMns/mqMRVBGUvf6gg/cYvXXxAUCsyQKxPsp1NNsaqNIAcLYdvYs5N sS9taepuQNSKQrkm8bRpbFu0v3T6uKipDLOrX3QcZ7SY46IbcWulinKUW1XpbKCj UwermXaZlu81LZ+7EoXUIfOg/tlgAH1ncOWNct2u1c6z6wR3kaO63W5A9Vo3Pr+p X7GzrMNUd2QSYP9cPgPyFFJUsKfGzYJYzQKm+YY9fphfLjL7a4TmNSQAUIEsBaKw 990G47OOTM1fGxfrC4lloV7oQakNz+bqToKgKUHNY+ghVmbY8ZZ/7VGl9qGwBzcU YsNL5ignm2q2TS5knVNJye5u9QIDAQABo4IClTCCApEwHQYDVR0OBBYEFLcAA/TO sWn6KP7hOEIFnGYXs+S5MB8GA1UdIwQYMBaAFCjmcMLjcBLwXGO7Vm4gPFHcReKy MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFODY4Qy8zRkI5MzM2OEE5 REIxMUU5ODQyODUyODZDNEY5QUUwMi9LT1p3d3VOd0V2QmNZN3RXYmlBOFVkeEY0 ckkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0tPWnd3dU53RXZCY1k3dFdiaUE4VWR4RjRySS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RTg2OEMvM0ZCOTMzNjhBOURCMTFFOTg0Mjg1Mjg2QzRGOUFFMDIvNDI3RENGMEMz RDgyMTFFRUEwRTRERDQ2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E EDAOMAwEAgABMAYDBAJnBQAwDQYJKoZIhvcNAQELBQADggEBAK4+SoTMvSb/dPRO onlj0UaoaKOqdMCArrpUyJWFcUlgwxIIc1TIcSFLR7mGeWc83uY5hbQ9P/uXnabD Lj1TEUNgQfUuSWwboapIq5dNGAwdLE42Y/22AEPKSJ7pdZJuT4KaWhWGJpULdaKr BBU3XSrF/65E2upw9lZRwXDxE0lN1VUjjJauddwxRZB0nIuuz3mY/DExQi70U0W4 9CcGkwiF4pH0lXN7wfamiDkcWi2SnO4TpEM+7yTmmKMZxKDBUNGfYR6ZP5XzxBLv TuQamPnNqZE48WTEeHfCPDGGlG+Jyja8xshGmL7VADz9yNVcTWheWxsf8RPc16CD k9gVtUw= -----END CERTIFICATE-----Generated at Fri May 10 19:18:49 2024 by rpki-client on console-ams.rpki-client.org