$ rpki-client -vvf rpki.apnic.net/member_repository/A91A56E7/7860F8BA11C111EA858EE682C4F9AE02/2157C3E011C211EA93417583C4F9AE02.roa File: 2157C3E011C211EA93417583C4F9AE02.roa (raw, json) Hash identifier: 85Scolzp9wypOjOnR9zpu7pztxFge5H6WD9ZJw41pbI= Subject key identifier: 33:08:45:E6:8B:FC:69:59:15:05:79:B8:6C:5D:D5:F7:48:30:8E:85 Certificate issuer: /CN=A91A56E7/serialNumber=347636F0E98AF824826B1BCF96F3C776D812F55B Certificate serial: 0B51 Authority key identifier: 34:76:36:F0:E9:8A:F8:24:82:6B:1B:CF:96:F3:C7:76:D8:12:F5:5B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NHY28OmK-CSCaxvPlvPHdtgS9Vs.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A56E7/7860F8BA11C111EA858EE682C4F9AE02/2157C3E011C211EA93417583C4F9AE02.roa Signing time: Wed 12 Jun 2024 20:24:49 +0000 ROA not before: Wed 12 Jun 2024 20:24:49 +0000 ROA not after: Sun 31 Aug 2025 00:00:00 +0000 asID: 139197 IP address blocks: 103.139.164.0/23 maxlen: 23 103.139.164.0/24 maxlen: 24 103.139.165.0/24 maxlen: 24 2001:df0:8580::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A56E7/7860F8BA11C111EA858EE682C4F9AE02/NHY28OmK-CSCaxvPlvPHdtgS9Vs.crl rsync://rpki.apnic.net/member_repository/A91A56E7/7860F8BA11C111EA858EE682C4F9AE02/NHY28OmK-CSCaxvPlvPHdtgS9Vs.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NHY28OmK-CSCaxvPlvPHdtgS9Vs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Nov 2024 18:35:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2897 (0xb51) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A56E7/serialNumber=347636F0E98AF824826B1BCF96F3C776D812F55B Validity Not Before: Jun 12 20:24:49 2024 GMT Not After : Aug 31 00:00:00 2025 GMT Subject: CN=666a0411-6359 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:c5:97:3a:56:b9:7f:0b:95:f6:b1:ad:e0:05: 2e:8f:d4:b7:fe:99:47:3d:89:33:cb:ab:44:de:ef: 5d:0b:89:28:17:b4:2e:39:e5:93:bd:5d:f9:c8:21: 26:dd:b8:a7:89:ff:96:8e:5f:ca:11:6d:23:97:48: 2d:ae:c2:de:83:3b:96:96:3d:c8:9a:56:90:b9:8a: 54:0f:dd:af:42:cd:3d:f0:ae:85:ef:77:84:42:e9: 5f:0a:b4:5c:92:19:99:48:bf:d2:0b:3a:fe:ad:63: f2:0c:92:87:a1:57:3f:01:6f:26:9a:a2:9c:6e:97: 6f:11:7d:9b:b5:53:44:a8:60:82:c3:02:a0:6b:ce: 1a:7e:55:21:f7:44:47:ad:41:2f:2b:d3:de:a7:9a: 41:f9:03:e4:58:a0:6d:da:9c:32:78:7e:e9:7c:2a: 3d:c6:57:bf:59:87:46:c0:58:c4:a5:ad:85:2b:8b: ec:44:55:82:df:79:e3:49:e8:dd:78:7e:64:d6:26: aa:b4:62:6a:ff:fe:3f:5e:84:4b:64:4f:e6:18:21: 63:e0:04:81:bc:a9:6c:ed:41:c6:21:5c:27:4d:45: 3b:b9:e5:0d:cb:f6:f1:6a:86:c1:46:86:fc:0e:7b: a1:1b:f4:a0:6f:79:eb:ba:fe:5d:cb:ac:4e:93:b0: 2e:d3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 33:08:45:E6:8B:FC:69:59:15:05:79:B8:6C:5D:D5:F7:48:30:8E:85 X509v3 Authority Key Identifier: keyid:34:76:36:F0:E9:8A:F8:24:82:6B:1B:CF:96:F3:C7:76:D8:12:F5:5B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A56E7/7860F8BA11C111EA858EE682C4F9AE02/NHY28OmK-CSCaxvPlvPHdtgS9Vs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NHY28OmK-CSCaxvPlvPHdtgS9Vs.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A56E7/7860F8BA11C111EA858EE682C4F9AE02/2157C3E011C211EA93417583C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.139.164.0/23 IPv6: 2001:df0:8580::/48 Signature Algorithm: sha256WithRSAEncryption 1e:8e:b0:15:35:0d:11:f2:10:96:b5:cf:72:df:34:23:48:4c: 0e:33:5f:ba:5c:20:25:bb:09:4a:34:0b:85:3e:67:22:b1:39: 0e:93:83:1e:4d:bd:d3:87:57:1d:10:8c:db:ad:67:d0:67:c3: 63:f2:aa:31:26:c5:c9:a2:d1:44:54:3b:14:ea:74:6d:ae:d2: 90:42:dd:d9:a3:e6:61:73:f9:5e:2c:59:12:01:d4:a7:23:5f: 66:0c:42:0c:66:ab:22:8e:c8:4f:25:62:65:59:1f:51:2c:d9: f5:1e:80:24:63:82:1f:d4:e9:b3:a8:2e:f6:98:b6:57:32:2c: 9e:39:01:8a:d2:83:c6:89:58:65:00:b9:1f:02:66:36:e6:3d: d4:9e:4a:55:f5:82:a9:d9:ae:72:07:b9:42:66:3a:a5:6a:01: 49:99:6f:a5:83:0b:c1:5a:b6:f1:48:af:01:c8:f9:29:ad:cf: bf:40:be:c0:97:d6:2c:ed:3f:a2:1b:e7:4e:e3:c2:a6:70:93: ac:81:00:b5:41:0d:f6:d0:2e:66:a4:cd:f0:7f:d6:d7:fe:c9: 86:8f:22:df:30:8a:59:ff:32:c5:e6:af:18:15:2f:36:e3:2e: 0f:28:f9:6e:51:92:a9:08:0f:11:47:fb:c6:9d:8d:af:f4:d4: d6:03:0a:4e -----BEGIN CERTIFICATE----- MIIFgjCCBGqgAwIBAgICC1EwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTU2RTcxMTAvBgNVBAUTKDM0NzYzNkYwRTk4QUY4MjQ4MjZCMUJDRjk2RjNDNzc2 RDgxMkY1NUIwHhcNMjQwNjEyMjAyNDQ5WhcNMjUwODMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NjZhMDQxMS02MzU5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAzcWXOla5fwuV9rGt4AUuj9S3/plHPYkzy6tE3u9dC4koF7QuOeWTvV35yCEm 3binif+Wjl/KEW0jl0gtrsLegzuWlj3ImlaQuYpUD92vQs098K6F73eEQulfCrRc khmZSL/SCzr+rWPyDJKHoVc/AW8mmqKcbpdvEX2btVNEqGCCwwKga84aflUh90RH rUEvK9Pep5pB+QPkWKBt2pwyeH7pfCo9xle/WYdGwFjEpa2FK4vsRFWC33njSejd eH5k1iaqtGJq//4/XoRLZE/mGCFj4ASBvKls7UHGIVwnTUU7ueUNy/bxaobBRob8 DnuhG/Sgb3nruv5dy6xOk7Au0wIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFDMIReaL /GlZFQV5uGxd1fdIMI6FMB8GA1UdIwQYMBaAFDR2NvDpivgkgmsbz5bzx3bYEvVb MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTZFNy83ODYwRjhCQTEx QzExMUVBODU4RUU2ODJDNEY5QUUwMi9OSFkyOE9tSy1DU0NheHZQbHZQSGR0Z1M5 VnMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL05IWTI4T21LLUNTQ2F4dlBsdlBIZHRnUzlWcy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QTU2RTcvNzg2MEY4QkExMUMxMTFFQTg1OEVFNjgyQzRGOUFFMDIvMjE1N0MzRTAx MUMyMTFFQTkzNDE3NTgzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E ITAfMAwEAgABMAYDBAFni6QwDwQCAAIwCQMHACABDfCFgDANBgkqhkiG9w0BAQsF AAOCAQEAHo6wFTUNEfIQlrXPct80I0hMDjNfulwgJbsJSjQLhT5nIrE5DpODHk29 04dXHRCM261n0GfDY/KqMSbFyaLRRFQ7FOp0ba7SkELd2aPmYXP5XixZEgHUpyNf ZgxCDGarIo7ITyViZVkfUSzZ9R6AJGOCH9Tps6gu9pi2VzIsnjkBitKDxolYZQC5 HwJmNuY91J5KVfWCqdmucge5QmY6pWoBSZlvpYMLwVq28UivAcj5Ka3Pv0C+wJfW LO0/ohvnTuPCpnCTrIEAtUEN9tAuZqTN8H/W1/7Jho8i3zCKWf8yxeavGBUvNuMu Dyj5blGSqQgPEUf7xp2Nr/TU1gMKTg== -----END CERTIFICATE-----Generated at Fri Nov 22 19:50:14 2024 by rpki-client on console-ams.rpki-client.org