$ rpki-client -vvf rpki.apnic.net/member_repository/A91AFF15/B4785BE88D4C11EABBDD3A74C4F9AE02/B67BE8ECC13C11EE80101E73C4F9AE02.roa File: B67BE8ECC13C11EE80101E73C4F9AE02.roa (raw, json) Hash identifier: 1aQRLZv1BGCnnNcNnCRaokdzw4E8uFS548+f2rZZdFk= Subject key identifier: CD:71:1F:6A:08:28:CE:75:2F:B0:02:49:93:8D:D7:09:51:9E:80:B2 Certificate issuer: /CN=A91AFF15/serialNumber=599A78D4BBCE13D4D813DEF9167CD35747EA0260 Certificate serial: 0948 Authority key identifier: 59:9A:78:D4:BB:CE:13:D4:D8:13:DE:F9:16:7C:D3:57:47:EA:02:60 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WZp41LvOE9TYE975FnzTV0fqAmA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91AFF15/B4785BE88D4C11EABBDD3A74C4F9AE02/B67BE8ECC13C11EE80101E73C4F9AE02.roa Signing time: Sat 02 Nov 2024 20:28:33 +0000 ROA not before: Sat 02 Nov 2024 20:28:33 +0000 ROA not after: Mon 01 Dec 2025 00:00:00 +0000 asID: 141342 IP address blocks: 103.72.0.0/24 maxlen: 24 103.72.1.0/24 maxlen: 24 103.72.2.0/24 maxlen: 24 103.72.3.0/24 maxlen: 24 103.194.92.0/24 maxlen: 24 103.194.93.0/24 maxlen: 24 103.194.94.0/24 maxlen: 24 103.194.95.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91AFF15/B4785BE88D4C11EABBDD3A74C4F9AE02/WZp41LvOE9TYE975FnzTV0fqAmA.crl rsync://rpki.apnic.net/member_repository/A91AFF15/B4785BE88D4C11EABBDD3A74C4F9AE02/WZp41LvOE9TYE975FnzTV0fqAmA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WZp41LvOE9TYE975FnzTV0fqAmA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Nov 2024 20:02:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2376 (0x948) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91AFF15/serialNumber=599A78D4BBCE13D4D813DEF9167CD35747EA0260 Validity Not Before: Nov 2 20:28:33 2024 GMT Not After : Dec 1 00:00:00 2025 GMT Subject: CN=67268b70-e993 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:df:98:82:9e:67:4d:e5:7b:f0:fb:9a:b0:41:c9: bf:16:5f:7f:ae:63:11:c7:02:a5:9e:c4:2e:db:45: e4:d9:02:67:08:95:24:05:95:5d:a8:d2:17:ca:e8: 37:6c:29:e5:b5:cc:d0:8a:07:9d:08:a8:f1:ee:56: f8:78:c1:78:64:b0:0b:83:ae:ff:72:d9:5a:cd:75: e4:bc:99:82:5d:2f:87:1a:fe:10:b4:6f:ae:0c:82: 85:91:75:d2:2c:0b:cd:62:21:6b:20:3c:cd:16:d9: 5f:f2:45:7b:06:14:2f:d6:59:35:af:f3:b6:61:b1: 1b:8a:2d:f0:69:a5:4d:72:35:f0:20:30:85:3e:75: b9:5c:5c:ff:ad:6a:de:cf:92:a2:43:ea:2d:2e:74: 10:66:e5:32:db:99:24:68:24:36:16:68:02:4f:a8: 10:3c:1e:21:00:4b:e9:8e:6b:79:1a:89:94:96:62: dc:32:06:4b:9f:16:47:71:3f:4a:42:e6:04:6e:79: 95:19:47:9a:67:3b:eb:14:6f:d4:1c:3b:ba:72:c2: 7a:5d:5c:20:f4:44:51:8b:12:63:a6:18:47:69:81: 43:52:66:64:fe:02:81:37:5e:52:7e:27:64:5c:1f: fb:0c:15:da:36:25:62:44:c0:84:d7:d4:cf:62:ea: b3:7b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CD:71:1F:6A:08:28:CE:75:2F:B0:02:49:93:8D:D7:09:51:9E:80:B2 X509v3 Authority Key Identifier: keyid:59:9A:78:D4:BB:CE:13:D4:D8:13:DE:F9:16:7C:D3:57:47:EA:02:60 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91AFF15/B4785BE88D4C11EABBDD3A74C4F9AE02/WZp41LvOE9TYE975FnzTV0fqAmA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WZp41LvOE9TYE975FnzTV0fqAmA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AFF15/B4785BE88D4C11EABBDD3A74C4F9AE02/B67BE8ECC13C11EE80101E73C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.72.0.0/22 103.194.92.0/22 Signature Algorithm: sha256WithRSAEncryption 2b:0c:31:81:4c:d3:56:02:64:69:87:3e:1b:89:72:52:99:8d: da:ec:70:b5:02:e9:2b:76:84:6c:a2:a9:dd:ab:6a:07:21:be: 98:86:93:87:1e:7a:27:23:36:74:61:c1:90:69:04:6d:e9:6c: 4d:5a:6c:1c:f5:c9:23:6b:cc:6f:ff:26:ec:7b:59:0c:e6:90: 3a:66:eb:87:ee:1c:c5:83:ef:17:ce:30:d1:af:91:3e:31:5b: 5a:1f:d7:ce:02:eb:3a:86:24:4e:66:67:e1:e2:bf:22:1e:4a: 27:66:bf:25:71:80:8c:e6:2e:57:3e:c8:b2:32:c1:79:f5:9d: f0:ef:f7:60:e5:51:9b:a3:70:0a:60:58:d2:09:55:1c:e6:fb: 23:39:a6:b2:90:a2:28:08:84:79:6b:b1:55:02:78:05:35:63: 84:80:32:67:e9:3d:ff:6d:ac:22:18:f6:95:e9:69:34:6f:7f: f9:e3:3e:b7:6b:7e:e2:b1:04:e3:91:c8:04:30:31:a0:3c:23: 86:f3:72:d4:ae:21:02:6d:7f:8d:a9:f2:e0:e5:1f:98:04:d1: 22:44:e9:e7:f9:a8:17:be:12:e8:d3:12:a7:7d:81:2d:65:71: c1:a4:d8:ca:6d:42:29:26:ae:bb:18:74:fe:fd:ca:a8:52:56: 0e:0f:ba:4b -----BEGIN CERTIFICATE----- MIIFdzCCBF+gAwIBAgICCUgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QUZGMTUxMTAvBgNVBAUTKDU5OUE3OEQ0QkJDRTEzRDREODEzREVGOTE2N0NEMzU3 NDdFQTAyNjAwHhcNMjQxMTAyMjAyODMzWhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD VQQDEw02NzI2OGI3MC1lOTkzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA35iCnmdN5Xvw+5qwQcm/Fl9/rmMRxwKlnsQu20Xk2QJnCJUkBZVdqNIXyug3 bCnltczQigedCKjx7lb4eMF4ZLALg67/ctlazXXkvJmCXS+HGv4QtG+uDIKFkXXS LAvNYiFrIDzNFtlf8kV7BhQv1lk1r/O2YbEbii3waaVNcjXwIDCFPnW5XFz/rWre z5KiQ+otLnQQZuUy25kkaCQ2FmgCT6gQPB4hAEvpjmt5GomUlmLcMgZLnxZHcT9K QuYEbnmVGUeaZzvrFG/UHDu6csJ6XVwg9ERRixJjphhHaYFDUmZk/gKBN15Sfidk XB/7DBXaNiViRMCE19TPYuqzewIDAQABo4ICmzCCApcwHQYDVR0OBBYEFM1xH2oI KM51L7ACSZON1wlRnoCyMB8GA1UdIwQYMBaAFFmaeNS7zhPU2BPe+RZ801dH6gJg MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBRkYxNS9CNDc4NUJFODhE NEMxMUVBQkJERDNBNzRDNEY5QUUwMi9XWnA0MUx2T0U5VFlFOTc1Rm56VFYwZnFB bUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1dacDQxTHZPRTlUWUU5NzVGbnpUVjBmcUFtQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QUZGMTUvQjQ3ODVCRTg4RDRDMTFFQUJCREQzQTc0QzRGOUFFMDIvQjY3QkU4RUND MTNDMTFFRTgwMTAxRTczQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E FjAUMBIEAgABMAwDBAJnSAADBAJnwlwwDQYJKoZIhvcNAQELBQADggEBACsMMYFM 01YCZGmHPhuJclKZjdrscLUC6St2hGyiqd2ragchvpiGk4ceeicjNnRhwZBpBG3p bE1abBz1ySNrzG//Jux7WQzmkDpm64fuHMWD7xfOMNGvkT4xW1of184C6zqGJE5m Z+HivyIeSidmvyVxgIzmLlc+yLIywXn1nfDv92DlUZujcApgWNIJVRzm+yM5prKQ oigIhHlrsVUCeAU1Y4SAMmfpPf9trCIY9pXpaTRvf/njPrdrfuKxBOORyAQwMaA8 I4bzctSuIQJtf42p8uDlH5gE0SJE6ef5qBe+EujTEqd9gS1lccGk2MptQikmrrsY dP79yqhSVg4Puks= -----END CERTIFICATE-----Generated at Fri Nov 22 22:14:38 2024 by rpki-client on console-ams.rpki-client.org