$ rpki-client -vvf rpki.apnic.net/member_repository/A91C9286/CA961C02208D11EA9FB7CA3FC4F9AE02/4F0E3CBCD22411ED99FF3546C4F9AE02.roa File: 4F0E3CBCD22411ED99FF3546C4F9AE02.roa (raw, json) Hash identifier: 6hGRoFYLuqxbuAAlLDWuQCUMm7hrsrq5mOgxjk9mNq8= Subject key identifier: 2A:66:2F:1D:60:23:DF:62:35:DF:15:59:B2:CD:20:8C:24:E2:6F:D8 Certificate issuer: /CN=A91C9286/serialNumber=C8912DF4C47F8A66BC489EC84272480A211B0682 Certificate serial: 0B05 Authority key identifier: C8:91:2D:F4:C4:7F:8A:66:BC:48:9E:C8:42:72:48:0A:21:1B:06:82 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yJEt9MR_ima8SJ7IQnJICiEbBoI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C9286/CA961C02208D11EA9FB7CA3FC4F9AE02/4F0E3CBCD22411ED99FF3546C4F9AE02.roa Signing time: Wed 27 Mar 2024 10:16:50 +0000 ROA not before: Wed 27 Mar 2024 10:16:50 +0000 ROA not after: Sun 02 Mar 2025 00:00:00 +0000 asID: 139881 IP address blocks: 103.146.150.0/24 maxlen: 24 103.146.151.0/24 maxlen: 24 2001:df2:6580::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C9286/CA961C02208D11EA9FB7CA3FC4F9AE02/yJEt9MR_ima8SJ7IQnJICiEbBoI.crl rsync://rpki.apnic.net/member_repository/A91C9286/CA961C02208D11EA9FB7CA3FC4F9AE02/yJEt9MR_ima8SJ7IQnJICiEbBoI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yJEt9MR_ima8SJ7IQnJICiEbBoI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Nov 2024 18:50:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2821 (0xb05) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C9286/serialNumber=C8912DF4C47F8A66BC489EC84272480A211B0682 Validity Not Before: Mar 27 10:16:50 2024 GMT Not After : Mar 2 00:00:00 2025 GMT Subject: CN=6603f212-f13f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:12:44:29:c8:bd:a6:c1:05:03:c3:cb:cf:16: 2e:e0:62:c1:cf:49:0e:7c:d7:e8:2f:57:e7:07:f0: 64:61:7b:f4:5d:74:b7:34:df:31:fa:2f:48:06:d9: 36:92:e7:f8:a6:34:80:92:05:5e:56:5d:e7:14:6b: c2:5d:31:b8:34:42:62:0d:ee:ec:33:5e:7b:80:c9: c4:c0:58:79:f8:62:93:41:0e:f4:4e:28:07:91:b7: 40:41:1a:f0:b4:e4:45:57:ed:55:67:c2:2c:ed:f7: 56:b8:07:35:91:c2:41:d4:6b:2b:30:e7:6f:39:b0: 22:8b:b1:14:9f:f8:30:4c:8c:d0:72:c0:c3:d9:a3: 84:a6:bb:7e:24:94:ee:f3:c3:5c:91:8a:1b:23:f4: 68:56:7f:0c:97:cf:a0:a9:17:1a:ab:27:d0:ae:5c: 1f:5b:03:70:80:a0:f5:6d:97:81:eb:dd:25:d5:a5: 16:52:81:b6:fc:84:85:c0:cb:c2:bf:86:cb:51:8b: 99:23:ea:d6:88:1c:d7:c7:97:94:79:6d:b5:13:3b: 5b:64:19:56:7f:52:df:58:f2:e3:9f:82:cd:5e:05: a2:1d:20:b2:d6:ed:5a:77:b5:4d:13:b2:90:96:70: 73:63:c9:91:50:2e:81:55:80:45:43:74:55:99:b8: e5:8f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2A:66:2F:1D:60:23:DF:62:35:DF:15:59:B2:CD:20:8C:24:E2:6F:D8 X509v3 Authority Key Identifier: keyid:C8:91:2D:F4:C4:7F:8A:66:BC:48:9E:C8:42:72:48:0A:21:1B:06:82 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C9286/CA961C02208D11EA9FB7CA3FC4F9AE02/yJEt9MR_ima8SJ7IQnJICiEbBoI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yJEt9MR_ima8SJ7IQnJICiEbBoI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C9286/CA961C02208D11EA9FB7CA3FC4F9AE02/4F0E3CBCD22411ED99FF3546C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.146.150.0/23 IPv6: 2001:df2:6580::/48 Signature Algorithm: sha256WithRSAEncryption 1a:fb:c1:00:ea:55:a5:2f:01:d3:f0:d0:60:8a:10:3d:c2:a4: 65:c4:fd:39:37:5e:fe:33:32:71:9e:17:ca:06:e8:f4:d5:bd: 1f:40:2e:9f:ef:b1:fe:ba:ff:50:82:44:9d:84:f2:02:2f:1c: b4:0f:dd:69:7b:6b:00:af:61:f0:04:a7:19:1c:90:7b:6a:46: 0e:0f:f3:a9:f8:05:8c:e1:2f:c6:cd:0c:c8:06:e4:47:e7:a2: b7:01:52:75:17:e1:ec:0e:66:56:af:51:df:54:cb:29:6a:7b: b1:5a:7c:2d:e3:ec:09:39:c0:ed:8e:be:1d:a8:c2:f4:bc:46: 73:5a:6d:cd:6b:3e:9e:03:da:1f:af:76:d6:91:ee:a5:24:9e: df:67:55:09:2a:7a:ec:01:45:a8:a7:36:50:7f:74:91:b8:8c: 29:7d:3f:ce:20:36:54:eb:1f:9f:0a:2e:5e:8c:2b:80:6b:3d: f5:e5:e7:fd:38:d8:26:07:2f:dc:dd:bd:a3:87:56:ca:d3:26: 81:2f:f7:06:02:85:28:6b:44:d1:f2:c4:8e:f7:2c:22:65:96: 97:2b:66:c3:17:99:0e:75:14:53:37:b1:a4:05:4f:97:13:71: b7:4b:46:5c:82:bd:d8:27:9b:4e:4b:4d:99:e2:59:a5:4b:16: 35:c5:57:e3 -----BEGIN CERTIFICATE----- MIIFgjCCBGqgAwIBAgICCwUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QzkyODYxMTAvBgNVBAUTKEM4OTEyREY0QzQ3RjhBNjZCQzQ4OUVDODQyNzI0ODBB MjExQjA2ODIwHhcNMjQwMzI3MTAxNjUwWhcNMjUwMzAyMDAwMDAwWjAYMRYwFAYD VQQDEw02NjAzZjIxMi1mMTNmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwBJEKci9psEFA8PLzxYu4GLBz0kOfNfoL1fnB/BkYXv0XXS3NN8x+i9IBtk2 kuf4pjSAkgVeVl3nFGvCXTG4NEJiDe7sM157gMnEwFh5+GKTQQ70TigHkbdAQRrw tORFV+1VZ8Is7fdWuAc1kcJB1GsrMOdvObAii7EUn/gwTIzQcsDD2aOEprt+JJTu 88NckYobI/RoVn8Ml8+gqRcaqyfQrlwfWwNwgKD1bZeB690l1aUWUoG2/ISFwMvC v4bLUYuZI+rWiBzXx5eUeW21EztbZBlWf1LfWPLjn4LNXgWiHSCy1u1ad7VNE7KQ lnBzY8mRUC6BVYBFQ3RVmbjljwIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFCpmLx1g I99iNd8VWbLNIIwk4m/YMB8GA1UdIwQYMBaAFMiRLfTEf4pmvEieyEJySAohGwaC MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDOTI4Ni9DQTk2MUMwMjIw OEQxMUVBOUZCN0NBM0ZDNEY5QUUwMi95SkV0OU1SX2ltYThTSjdJUW5KSUNpRWJC b0kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3lKRXQ5TVJfaW1hOFNKN0lRbkpJQ2lFYkJvSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QzkyODYvQ0E5NjFDMDIyMDhEMTFFQTlGQjdDQTNGQzRGOUFFMDIvNEYwRTNDQkNE MjI0MTFFRDk5RkYzNTQ2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E ITAfMAwEAgABMAYDBAFnkpYwDwQCAAIwCQMHACABDfJlgDANBgkqhkiG9w0BAQsF AAOCAQEAGvvBAOpVpS8B0/DQYIoQPcKkZcT9OTde/jMycZ4Xygbo9NW9H0Aun++x /rr/UIJEnYTyAi8ctA/daXtrAK9h8ASnGRyQe2pGDg/zqfgFjOEvxs0MyAbkR+ei twFSdRfh7A5mVq9R31TLKWp7sVp8LePsCTnA7Y6+HajC9LxGc1ptzWs+ngPaH692 1pHupSSe32dVCSp67AFFqKc2UH90kbiMKX0/ziA2VOsfnwouXowrgGs99eXn/TjY Jgcv3N29o4dWytMmgS/3BgKFKGtE0fLEjvcsImWWlytmwxeZDnUUUzexpAVPlxNx t0tGXIK92CebTktNmeJZpUsWNcVX4w== -----END CERTIFICATE-----Generated at Fri Nov 22 19:45:03 2024 by rpki-client on console-fra.rpki-client.org