$ rpki-client -vvf rpki.apnic.net/member_repository/A91BAE17/445EE09458BD11E49383AB76C4F9AE02/98845C5C54EC11E791C3F825C4F9AE02.roa File: 98845C5C54EC11E791C3F825C4F9AE02.roa (raw, json) Hash identifier: MSi3NqfJZvJeYbKlVl8T9Ife50w6CCOupwfF4p/lupg= Subject key identifier: 17:3D:7C:B4:EC:64:E7:C3:35:85:B1:32:9E:A1:A5:F2:B9:FB:AB:07 Certificate issuer: /CN=A91BAE17/serialNumber=B64B1108E98EEC87FB6B0C28BE01645C708B4AC5 Certificate serial: 2859 Authority key identifier: B6:4B:11:08:E9:8E:EC:87:FB:6B:0C:28:BE:01:64:5C:70:8B:4A:C5 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tksRCOmO7If7awwovgFkXHCLSsU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91BAE17/445EE09458BD11E49383AB76C4F9AE02/98845C5C54EC11E791C3F825C4F9AE02.roa Signing time: Wed 24 Jan 2024 16:02:22 +0000 ROA not before: Wed 24 Jan 2024 16:02:22 +0000 ROA not after: Mon 31 Mar 2025 00:00:00 +0000 asID: 58473 IP address blocks: 103.28.72.0/24 maxlen: 24 103.60.132.0/23 maxlen: 24 103.240.132.0/24 maxlen: 24 2402:df80::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91BAE17/445EE09458BD11E49383AB76C4F9AE02/tksRCOmO7If7awwovgFkXHCLSsU.crl rsync://rpki.apnic.net/member_repository/A91BAE17/445EE09458BD11E49383AB76C4F9AE02/tksRCOmO7If7awwovgFkXHCLSsU.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tksRCOmO7If7awwovgFkXHCLSsU.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Nov 2024 15:22:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 10329 (0x2859) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91BAE17/serialNumber=B64B1108E98EEC87FB6B0C28BE01645C708B4AC5 Validity Not Before: Jan 24 16:02:22 2024 GMT Not After : Mar 31 00:00:00 2025 GMT Subject: CN=65b1348e-c2ba Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:71:1f:12:f8:ac:c8:86:6f:b7:0d:2e:69:51: 19:e2:9d:f6:43:a4:ca:41:cc:30:f7:a1:e5:83:b3: b7:1a:89:16:22:93:19:a4:35:f8:9a:e3:e0:ff:eb: 40:b7:7a:b1:63:32:e7:4a:1a:a0:e4:07:bc:44:1d: 6a:f1:f1:79:ce:2d:41:77:fe:bc:95:04:d5:e3:d3: ff:7e:91:05:59:ae:42:f4:a2:72:05:64:2a:38:b5: 7b:00:da:6d:fa:88:d7:ff:d8:04:cc:6b:f9:c7:10: d6:21:77:4e:f2:4e:48:33:3f:a1:b8:33:30:02:a6: c1:11:d0:58:40:85:5f:b8:41:5e:7e:8b:d8:0e:a1: 13:1c:e0:83:35:3f:f0:5a:ab:50:6b:67:56:c8:69: 40:de:65:95:66:ad:af:7d:99:93:c8:40:9e:88:2f: 7e:89:63:8e:27:51:77:d9:32:fc:fe:05:16:f4:2b: 1d:59:91:5c:94:da:2d:ba:52:4e:ce:be:c5:f0:be: d0:16:be:e8:c0:58:f0:1c:fd:a6:33:fe:88:b0:18: c4:55:6d:37:aa:58:a7:e8:dc:9e:ba:45:24:ba:06: 24:ce:83:8b:49:ec:4c:2d:8f:21:e2:7e:37:e6:66: b6:58:9d:cc:18:fe:6e:75:0b:f4:07:cf:6f:e0:bb: 98:fd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 17:3D:7C:B4:EC:64:E7:C3:35:85:B1:32:9E:A1:A5:F2:B9:FB:AB:07 X509v3 Authority Key Identifier: keyid:B6:4B:11:08:E9:8E:EC:87:FB:6B:0C:28:BE:01:64:5C:70:8B:4A:C5 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91BAE17/445EE09458BD11E49383AB76C4F9AE02/tksRCOmO7If7awwovgFkXHCLSsU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tksRCOmO7If7awwovgFkXHCLSsU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BAE17/445EE09458BD11E49383AB76C4F9AE02/98845C5C54EC11E791C3F825C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.28.72.0/24 103.60.132.0/23 103.240.132.0/24 IPv6: 2402:df80::/32 Signature Algorithm: sha256WithRSAEncryption 0f:24:9b:48:05:01:09:0f:37:b3:a6:00:bf:20:75:ca:39:a0: 00:b4:d2:19:92:28:50:4c:b7:ce:71:22:75:d6:77:21:8d:87: 7d:3a:57:ee:20:5f:78:88:8d:c8:ec:1c:8a:4c:75:3a:c3:cc: 2e:c5:fc:fd:76:47:5d:3b:f5:8c:71:ba:4f:a1:80:41:8e:34: bc:f4:0b:8c:6b:0b:98:53:81:c1:b4:46:6f:09:8b:dd:7a:5c: f8:1b:14:6a:27:b2:3d:55:76:4b:66:92:34:04:93:00:ca:c2: 8d:1f:ed:8d:5e:a4:47:ff:45:30:ac:a4:06:e6:01:e7:ec:19: ca:9e:cf:da:5a:6c:c0:7c:24:12:b1:c4:77:c5:1c:b3:1d:0b: 07:66:89:80:66:71:9a:4e:97:6e:3d:92:c0:cd:62:83:d4:82: 92:10:f1:0b:62:ad:08:a0:cb:40:7a:18:b5:ae:3d:9c:79:31: 59:62:65:36:df:f9:e3:54:1a:b3:f2:ac:e1:0c:88:03:0b:7b: 04:7a:39:4e:66:de:59:09:30:07:5c:b3:d7:55:bc:c6:4c:c9: 3e:a8:6a:01:1a:a0:7e:a7:3c:69:45:3f:4c:ba:c4:12:86:a9: e8:c2:81:19:99:2b:b2:9a:a4:6d:fb:ec:f5:0e:cc:bb:5f:bf: eb:b5:a9:75 -----BEGIN CERTIFICATE----- MIIFjDCCBHSgAwIBAgICKFkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QkFFMTcxMTAvBgNVBAUTKEI2NEIxMTA4RTk4RUVDODdGQjZCMEMyOEJFMDE2NDVD NzA4QjRBQzUwHhcNMjQwMTI0MTYwMjIyWhcNMjUwMzMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NWIxMzQ4ZS1jMmJhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtXEfEvisyIZvtw0uaVEZ4p32Q6TKQcww96Hlg7O3GokWIpMZpDX4muPg/+tA t3qxYzLnShqg5Ae8RB1q8fF5zi1Bd/68lQTV49P/fpEFWa5C9KJyBWQqOLV7ANpt +ojX/9gEzGv5xxDWIXdO8k5IMz+huDMwAqbBEdBYQIVfuEFefovYDqETHOCDNT/w WqtQa2dWyGlA3mWVZq2vfZmTyECeiC9+iWOOJ1F32TL8/gUW9CsdWZFclNotulJO zr7F8L7QFr7owFjwHP2mM/6IsBjEVW03qlin6NyeukUkugYkzoOLSexMLY8h4n43 5ma2WJ3MGP5udQv0B89v4LuY/QIDAQABo4ICsDCCAqwwHQYDVR0OBBYEFBc9fLTs ZOfDNYWxMp6hpfK5+6sHMB8GA1UdIwQYMBaAFLZLEQjpjuyH+2sMKL4BZFxwi0rF MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCQUUxNy80NDVFRTA5NDU4 QkQxMUU0OTM4M0FCNzZDNEY5QUUwMi90a3NSQ09tTzdJZjdhd3dvdmdGa1hIQ0xT c1UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3Rrc1JDT21PN0lmN2F3d292Z0ZrWEhDTFNzVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QkFFMTcvNDQ1RUUwOTQ1OEJEMTFFNDkzODNBQjc2QzRGOUFFMDIvOTg4NDVDNUM1 NEVDMTFFNzkxQzNGODI1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOgYIKwYBBQUHAQcBAf8E KzApMBgEAgABMBIDBABnHEgDBAFnPIQDBABn8IQwDQQCAAIwBwMFACQC34AwDQYJ KoZIhvcNAQELBQADggEBAA8km0gFAQkPN7OmAL8gdco5oAC00hmSKFBMt85xInXW dyGNh306V+4gX3iIjcjsHIpMdTrDzC7F/P12R1079Yxxuk+hgEGONLz0C4xrC5hT gcG0Rm8Ji916XPgbFGonsj1VdktmkjQEkwDKwo0f7Y1epEf/RTCspAbmAefsGcqe z9pabMB8JBKxxHfFHLMdCwdmiYBmcZpOl249ksDNYoPUgpIQ8QtirQigy0B6GLWu PZx5MVliZTbf+eNUGrPyrOEMiAMLewR6OU5m3lkJMAdcs9dVvMZMyT6oagEaoH6n PGlFP0y6xBKGqejCgRmZK7KapG377PUOzLtfv+u1qXU= -----END CERTIFICATE-----Generated at Fri Nov 22 16:50:03 2024 by rpki-client on console-ams.rpki-client.org