$ rpki-client -vvf rpki.apnic.net/member_repository/A91AE9F7/379EC742544A11E9A350C127C4F9AE02/1585570A544C11E9BDFF2B2DC4F9AE02.roa File: 1585570A544C11E9BDFF2B2DC4F9AE02.roa (raw, json) Hash identifier: jZa47LQUiVvIxoLDSyE/2t1CJaYFtRO42+/jeT3MONo= Subject key identifier: 67:35:C6:98:6A:AC:A9:7E:7F:8D:33:8F:11:E4:BF:DC:C6:D5:84:C5 Certificate issuer: /CN=A91AE9F7/serialNumber=0170B0E0D06E31473CAC164E4B0B6D21BDF4D237 Certificate serial: 0F74 Authority key identifier: 01:70:B0:E0:D0:6E:31:47:3C:AC:16:4E:4B:0B:6D:21:BD:F4:D2:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AXCw4NBuMUc8rBZOSwttIb300jc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91AE9F7/379EC742544A11E9A350C127C4F9AE02/1585570A544C11E9BDFF2B2DC4F9AE02.roa Signing time: Wed 06 Nov 2024 17:36:05 +0000 ROA not before: Wed 06 Nov 2024 17:36:05 +0000 ROA not after: Tue 30 Dec 2025 00:00:00 +0000 asID: 138191 IP address blocks: 58.84.32.0/24 maxlen: 24 103.129.200.0/24 maxlen: 24 103.129.201.0/24 maxlen: 24 103.129.202.0/24 maxlen: 24 103.129.203.0/24 maxlen: 24 103.197.48.0/24 maxlen: 24 2403:8540::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91AE9F7/379EC742544A11E9A350C127C4F9AE02/AXCw4NBuMUc8rBZOSwttIb300jc.crl rsync://rpki.apnic.net/member_repository/A91AE9F7/379EC742544A11E9A350C127C4F9AE02/AXCw4NBuMUc8rBZOSwttIb300jc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AXCw4NBuMUc8rBZOSwttIb300jc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Nov 2024 17:32:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3956 (0xf74) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91AE9F7/serialNumber=0170B0E0D06E31473CAC164E4B0B6D21BDF4D237 Validity Not Before: Nov 6 17:36:05 2024 GMT Not After : Dec 30 00:00:00 2025 GMT Subject: CN=672ba905-57b4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dd:f4:14:c9:27:aa:53:2b:67:54:14:f3:d8:4f: 76:14:94:83:f3:d4:df:bc:75:fe:d3:9b:9d:31:a6: eb:02:81:53:98:00:2a:f2:3b:15:60:0e:56:e1:0e: 10:8c:11:fc:eb:6f:df:e9:d9:a3:2f:da:e9:59:61: c1:bb:08:85:cc:19:71:c6:ea:d1:ad:7a:0d:c5:73: e5:c9:f5:59:da:ae:c3:5e:0c:34:12:2e:38:e2:74: f5:7b:ee:0c:65:9e:90:70:f1:5a:73:25:f1:cc:3b: 22:26:78:42:ad:d0:e9:19:52:e8:a5:02:bf:22:74: 1d:e7:a0:60:0c:1d:ac:97:0f:ac:d4:fc:31:81:4c: b8:90:8c:d7:45:91:c4:d3:89:a4:ab:8c:ff:f5:3f: 00:15:ce:73:86:44:62:16:09:92:b4:b2:43:78:8a: 86:f1:7a:2f:f0:d6:1c:e1:be:27:f8:c5:14:d0:90: 62:8f:3d:0b:6f:bb:74:33:3d:d8:ad:6b:1f:b2:ad: 5e:e3:8d:eb:04:42:4d:92:fb:e3:4d:53:92:a9:b6: 6d:37:34:17:1b:b2:d7:65:8e:6d:0a:72:60:d0:82: b7:7e:50:a4:19:ff:38:74:3a:68:2b:1c:13:40:8f: 38:72:65:18:8d:c6:ee:5a:64:09:41:e7:66:39:6c: b9:a1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 67:35:C6:98:6A:AC:A9:7E:7F:8D:33:8F:11:E4:BF:DC:C6:D5:84:C5 X509v3 Authority Key Identifier: keyid:01:70:B0:E0:D0:6E:31:47:3C:AC:16:4E:4B:0B:6D:21:BD:F4:D2:37 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91AE9F7/379EC742544A11E9A350C127C4F9AE02/AXCw4NBuMUc8rBZOSwttIb300jc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AXCw4NBuMUc8rBZOSwttIb300jc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AE9F7/379EC742544A11E9A350C127C4F9AE02/1585570A544C11E9BDFF2B2DC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 58.84.32.0/24 103.129.200.0/22 103.197.48.0/24 IPv6: 2403:8540::/32 Signature Algorithm: sha256WithRSAEncryption 87:4c:de:b0:ed:c0:8c:80:fa:95:20:82:09:f8:d2:e8:98:0d: e6:40:51:b8:a3:ba:b5:34:64:72:17:5a:51:54:dc:02:5d:e0: d3:47:4e:d5:31:cb:b1:18:7a:9f:5f:08:ce:68:05:ab:c3:7c: f5:15:e6:58:30:67:ac:27:96:ce:53:d6:dc:50:4a:62:0b:05: f0:3e:4e:e4:fc:92:34:3e:eb:68:43:ff:54:16:5d:77:2a:32: e3:fd:31:af:11:bd:d0:e3:02:cc:93:f6:5e:f9:1b:b4:12:27: 75:47:4b:d6:a6:a1:e4:1f:73:bb:5a:09:e0:3f:b5:09:67:51: 46:69:b4:36:28:a8:05:84:1a:ef:6b:b8:ae:20:1e:69:2c:a1: 66:a6:e8:e4:8d:1f:e5:87:fc:3a:15:05:83:5a:83:ac:fb:1a: a1:94:13:75:7d:47:3b:f8:41:fc:6a:d4:cf:29:57:25:13:ae: 36:1e:c5:97:87:f1:7e:a6:0a:43:e6:36:41:70:04:e4:75:71: 9e:f8:53:d6:2e:c9:98:2b:1a:4d:fd:5b:77:06:f2:eb:48:67: a1:08:39:f5:28:b8:5a:9a:a2:ee:a6:62:ca:dd:a6:48:70:88: e5:14:4c:fd:0b:2f:ea:a7:37:00:ed:e5:3b:0f:13:28:94:a0: 16:90:83:8c -----BEGIN CERTIFICATE----- MIIFjDCCBHSgAwIBAgICD3QwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QUU5RjcxMTAvBgNVBAUTKDAxNzBCMEUwRDA2RTMxNDczQ0FDMTY0RTRCMEI2RDIx QkRGNEQyMzcwHhcNMjQxMTA2MTczNjA1WhcNMjUxMjMwMDAwMDAwWjAYMRYwFAYD VQQDEw02NzJiYTkwNS01N2I0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA3fQUySeqUytnVBTz2E92FJSD89TfvHX+05udMabrAoFTmAAq8jsVYA5W4Q4Q jBH862/f6dmjL9rpWWHBuwiFzBlxxurRrXoNxXPlyfVZ2q7DXgw0Ei444nT1e+4M ZZ6QcPFacyXxzDsiJnhCrdDpGVLopQK/InQd56BgDB2slw+s1PwxgUy4kIzXRZHE 04mkq4z/9T8AFc5zhkRiFgmStLJDeIqG8Xov8NYc4b4n+MUU0JBijz0Lb7t0Mz3Y rWsfsq1e443rBEJNkvvjTVOSqbZtNzQXG7LXZY5tCnJg0IK3flCkGf84dDpoKxwT QI84cmUYjcbuWmQJQedmOWy5oQIDAQABo4ICsDCCAqwwHQYDVR0OBBYEFGc1xphq rKl+f40zjxHkv9zG1YTFMB8GA1UdIwQYMBaAFAFwsODQbjFHPKwWTksLbSG99NI3 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBRTlGNy8zNzlFQzc0MjU0 NEExMUU5QTM1MEMxMjdDNEY5QUUwMi9BWEN3NE5CdU1VYzhyQlpPU3d0dEliMzAw amMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0FYQ3c0TkJ1TVVjOHJCWk9Td3R0SWIzMDBqYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QUU5RjcvMzc5RUM3NDI1NDRBMTFFOUEzNTBDMTI3QzRGOUFFMDIvMTU4NTU3MEE1 NDRDMTFFOUJERkYyQjJEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOgYIKwYBBQUHAQcBAf8E KzApMBgEAgABMBIDBAA6VCADBAJngcgDBABnxTAwDQQCAAIwBwMFACQDhUAwDQYJ KoZIhvcNAQELBQADggEBAIdM3rDtwIyA+pUgggn40uiYDeZAUbijurU0ZHIXWlFU 3AJd4NNHTtUxy7EYep9fCM5oBavDfPUV5lgwZ6wnls5T1txQSmILBfA+TuT8kjQ+ 62hD/1QWXXcqMuP9Ma8RvdDjAsyT9l75G7QSJ3VHS9amoeQfc7taCeA/tQlnUUZp tDYoqAWEGu9ruK4gHmksoWam6OSNH+WH/DoVBYNag6z7GqGUE3V9Rzv4Qfxq1M8p VyUTrjYexZeH8X6mCkPmNkFwBOR1cZ74U9YuyZgrGk39W3cG8utIZ6EIOfUouFqa ou6mYsrdpkhwiOUUTP0LL+qnNwDt5TsPEyiUoBaQg4w= -----END CERTIFICATE-----Generated at Fri Nov 22 19:50:15 2024 by rpki-client on console-ams.rpki-client.org