$ rpki-client -vvf rpki.apnic.net/member_repository/A91149C8/2FC46590FF2B11E9BF20BF1DC4F9AE02/A2A7584ACA7F11EAB343722AC4F9AE02.roa File: A2A7584ACA7F11EAB343722AC4F9AE02.roa (raw, json) Hash identifier: mvYo+h5Nn35EgX86xIvICgq41pXxREG1bc5pyoPj450= Subject key identifier: 5A:9C:31:16:D2:2A:8A:61:28:E7:1F:7F:19:C8:83:7C:95:18:E5:B5 Certificate issuer: /CN=A91149C8/serialNumber=D2F6B7A5865856C3F2C4461636031FB05B60606A Certificate serial: 0BF7 Authority key identifier: D2:F6:B7:A5:86:58:56:C3:F2:C4:46:16:36:03:1F:B0:5B:60:60:6A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0va3pYZYVsPyxEYWNgMfsFtgYGo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91149C8/2FC46590FF2B11E9BF20BF1DC4F9AE02/A2A7584ACA7F11EAB343722AC4F9AE02.roa Signing time: Thu 10 Oct 2024 18:56:53 +0000 ROA not before: Thu 10 Oct 2024 18:56:53 +0000 ROA not after: Tue 30 Dec 2025 00:00:00 +0000 asID: 134750 IP address blocks: 103.106.201.0/24 maxlen: 24 103.199.168.0/23 maxlen: 23 103.199.168.0/24 maxlen: 24 103.199.169.0/24 maxlen: 24 2001:df1:3b00::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91149C8/2FC46590FF2B11E9BF20BF1DC4F9AE02/0va3pYZYVsPyxEYWNgMfsFtgYGo.crl rsync://rpki.apnic.net/member_repository/A91149C8/2FC46590FF2B11E9BF20BF1DC4F9AE02/0va3pYZYVsPyxEYWNgMfsFtgYGo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0va3pYZYVsPyxEYWNgMfsFtgYGo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Nov 2024 18:17:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3063 (0xbf7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91149C8/serialNumber=D2F6B7A5865856C3F2C4461636031FB05B60606A Validity Not Before: Oct 10 18:56:53 2024 GMT Not After : Dec 30 00:00:00 2025 GMT Subject: CN=67082374-ce53 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:5e:3e:20:9d:70:ee:62:7a:92:3c:c1:47:bd: ec:4f:b9:06:dd:f2:6c:33:f3:94:57:82:20:9d:fa: 66:44:34:22:38:a7:da:eb:ce:db:54:98:d8:8e:6d: 90:cd:71:92:68:93:e0:9c:a0:c0:b3:34:04:b4:99: 32:25:58:16:da:fd:59:3e:8e:e2:68:5c:66:72:59: a5:05:11:a6:f5:30:ff:1f:35:b0:70:ac:fa:12:1c: e9:4f:ab:8f:14:0f:3a:c3:4e:9e:f0:1d:26:c0:61: e5:68:7e:4b:3e:e4:b1:51:b2:84:90:6b:89:30:23: f0:1d:64:c2:2f:4e:50:74:7f:f8:33:7b:2d:f0:7a: 12:16:db:ab:53:d0:50:6a:f3:d8:8d:de:39:54:7d: 4f:7a:1c:71:ee:ce:e4:72:a7:61:43:ce:43:32:3e: f0:82:64:58:d6:42:a5:e9:5c:d6:bf:75:7f:eb:b1: 75:fa:32:ec:97:79:eb:cd:b1:84:e6:92:94:57:ef: d6:f3:d2:03:71:76:1c:03:b5:eb:36:cc:91:25:8a: b3:bb:e2:98:83:63:26:23:96:f1:68:aa:56:25:50: 0a:85:4d:e4:84:87:e9:5c:2b:18:41:7e:91:0f:6c: 35:f1:02:7f:1a:b9:8a:10:83:ae:05:13:1d:4d:96: 59:df Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5A:9C:31:16:D2:2A:8A:61:28:E7:1F:7F:19:C8:83:7C:95:18:E5:B5 X509v3 Authority Key Identifier: keyid:D2:F6:B7:A5:86:58:56:C3:F2:C4:46:16:36:03:1F:B0:5B:60:60:6A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91149C8/2FC46590FF2B11E9BF20BF1DC4F9AE02/0va3pYZYVsPyxEYWNgMfsFtgYGo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0va3pYZYVsPyxEYWNgMfsFtgYGo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91149C8/2FC46590FF2B11E9BF20BF1DC4F9AE02/A2A7584ACA7F11EAB343722AC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.106.201.0/24 103.199.168.0/23 IPv6: 2001:df1:3b00::/48 Signature Algorithm: sha256WithRSAEncryption a8:62:7e:a4:7b:88:dc:45:69:10:d4:2a:16:26:e8:56:72:4a: b1:93:b8:9a:71:11:c2:6e:d7:63:2e:34:be:63:08:ce:5b:29: b0:77:44:35:df:a5:4a:be:bf:d5:fd:84:f4:29:79:46:27:e0: d8:31:bb:2e:d7:57:57:a2:be:0f:3b:fc:e0:2f:97:9d:8a:28: dd:4b:5b:29:0c:f7:53:cb:5e:7e:77:31:e3:90:b0:12:0a:71: 83:f1:8e:a1:48:ef:b1:cd:5f:4c:b6:bf:2b:43:db:57:6d:06: e5:e0:45:8b:0b:d1:e1:7e:15:72:d9:24:c5:4e:d5:1f:b7:f5: 8f:49:be:e5:84:2f:55:23:38:83:bf:27:0d:f7:59:ee:42:8c: 87:d4:e7:4e:92:78:c5:50:0c:e8:d9:31:13:01:aa:9e:3c:20: c3:dc:35:f4:78:f1:12:08:8f:ae:9c:00:92:24:a8:69:06:f9: 44:ab:a6:f4:5e:e2:94:0b:1b:96:4c:c3:4c:68:d9:62:70:d8: 65:fe:d1:fb:d8:71:45:c7:10:d8:86:99:6c:74:e9:3b:b5:01: 3c:ab:2d:3b:16:9e:0d:31:4b:54:03:d6:48:ec:48:1c:f6:28: 5a:b6:73:52:4b:1c:e0:57:45:98:57:bd:9a:63:a7:51:b6:0c: 6c:46:8f:7d -----BEGIN CERTIFICATE----- MIIFiDCCBHCgAwIBAgICC/cwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MTQ5QzgxMTAvBgNVBAUTKEQyRjZCN0E1ODY1ODU2QzNGMkM0NDYxNjM2MDMxRkIw NUI2MDYwNkEwHhcNMjQxMDEwMTg1NjUzWhcNMjUxMjMwMDAwMDAwWjAYMRYwFAYD VQQDEw02NzA4MjM3NC1jZTUzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAv14+IJ1w7mJ6kjzBR73sT7kG3fJsM/OUV4IgnfpmRDQiOKfa687bVJjYjm2Q zXGSaJPgnKDAszQEtJkyJVgW2v1ZPo7iaFxmclmlBRGm9TD/HzWwcKz6EhzpT6uP FA86w06e8B0mwGHlaH5LPuSxUbKEkGuJMCPwHWTCL05QdH/4M3st8HoSFturU9BQ avPYjd45VH1Pehxx7s7kcqdhQ85DMj7wgmRY1kKl6VzWv3V/67F1+jLsl3nrzbGE 5pKUV+/W89IDcXYcA7XrNsyRJYqzu+KYg2MmI5bxaKpWJVAKhU3khIfpXCsYQX6R D2w18QJ/GrmKEIOuBRMdTZZZ3wIDAQABo4ICrDCCAqgwHQYDVR0OBBYEFFqcMRbS KophKOcffxnIg3yVGOW1MB8GA1UdIwQYMBaAFNL2t6WGWFbD8sRGFjYDH7BbYGBq MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExNDlDOC8yRkM0NjU5MEZG MkIxMUU5QkYyMEJGMURDNEY5QUUwMi8wdmEzcFlaWVZzUHl4RVlXTmdNZnNGdGdZ R28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzB2YTNwWVpZVnNQeXhFWVdOZ01mc0Z0Z1lHby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MTQ5QzgvMkZDNDY1OTBGRjJCMTFFOUJGMjBCRjFEQzRGOUFFMDIvQTJBNzU4NEFD QTdGMTFFQUIzNDM3MjJBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNgYIKwYBBQUHAQcBAf8E JzAlMBIEAgABMAwDBABnaskDBAFnx6gwDwQCAAIwCQMHACABDfE7ADANBgkqhkiG 9w0BAQsFAAOCAQEAqGJ+pHuI3EVpENQqFiboVnJKsZO4mnERwm7XYy40vmMIzlsp sHdENd+lSr6/1f2E9Cl5Rifg2DG7LtdXV6K+Dzv84C+XnYoo3UtbKQz3U8tefncx 45CwEgpxg/GOoUjvsc1fTLa/K0PbV20G5eBFiwvR4X4VctkkxU7VH7f1j0m+5YQv VSM4g78nDfdZ7kKMh9TnTpJ4xVAM6NkxEwGqnjwgw9w19HjxEgiPrpwAkiSoaQb5 RKum9F7ilAsblkzDTGjZYnDYZf7R+9hxRccQ2IaZbHTpO7UBPKstOxaeDTFLVAPW SOxIHPYoWrZzUksc4FdFmFe9mmOnUbYMbEaPfQ== -----END CERTIFICATE-----Generated at Fri Nov 22 19:44:55 2024 by rpki-client on console-fra.rpki-client.org