$ rpki-client -vvf rpki.apnic.net/member_repository/A91CF77D/11E259D0D22D11EA8AE73D27C4F9AE02/D24575B2D22E11EA9D4DDE29C4F9AE02.roa File: D24575B2D22E11EA9D4DDE29C4F9AE02.roa (raw, json) Hash identifier: OISPqX+sjE+FviBwbW316CZ6fba2RRqY67rA1yB66hs= Subject key identifier: C2:2C:E8:C8:53:56:25:B5:62:7E:F5:39:81:AF:01:1F:45:31:16:9E Certificate issuer: /CN=A91CF77D/serialNumber=983D783002C54DA8F8A6E295838B9CAF01364358 Certificate serial: 0779 Authority key identifier: 98:3D:78:30:02:C5:4D:A8:F8:A6:E2:95:83:8B:9C:AF:01:36:43:58 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/mD14MALFTaj4puKVg4ucrwE2Q1g.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CF77D/11E259D0D22D11EA8AE73D27C4F9AE02/D24575B2D22E11EA9D4DDE29C4F9AE02.roa Signing time: Thu 06 Jun 2024 23:00:48 +0000 ROA not before: Thu 06 Jun 2024 23:00:48 +0000 ROA not after: Wed 30 Jul 2025 00:00:00 +0000 asID: 139067 IP address blocks: 103.139.62.0/24 maxlen: 24 103.210.224.0/24 maxlen: 24 2001:df0:6c80::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CF77D/11E259D0D22D11EA8AE73D27C4F9AE02/mD14MALFTaj4puKVg4ucrwE2Q1g.crl rsync://rpki.apnic.net/member_repository/A91CF77D/11E259D0D22D11EA8AE73D27C4F9AE02/mD14MALFTaj4puKVg4ucrwE2Q1g.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/mD14MALFTaj4puKVg4ucrwE2Q1g.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 23 Jun 2024 20:06:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1913 (0x779) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CF77D/serialNumber=983D783002C54DA8F8A6E295838B9CAF01364358 Validity Not Before: Jun 6 23:00:48 2024 GMT Not After : Jul 30 00:00:00 2025 GMT Subject: CN=66623fa0-43b3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:f6:db:56:7f:17:71:84:64:9c:b6:ab:6d:cd: f7:9e:8c:fe:e7:80:34:36:76:94:fb:05:da:9a:53: 2b:62:c1:88:94:2d:9a:bc:9d:5e:43:37:88:b9:47: 1d:13:e7:04:0c:11:7b:ce:e6:24:be:b1:8e:bc:13: c2:74:c6:5f:4d:d1:b4:3e:c7:b1:4d:aa:d5:8a:78: 29:c1:82:7c:96:1d:d7:f9:58:08:07:dc:76:a7:3d: 8c:c8:f1:15:83:8a:3e:7d:cc:ee:15:16:11:08:6c: 25:db:2c:b7:85:ff:0f:e4:c5:46:24:0b:de:e7:53: 5e:2d:1f:dd:48:17:9f:1d:b9:4a:1b:15:51:fc:3e: c4:2e:41:2f:02:6a:ad:a0:87:78:eb:55:51:e3:a0: ef:ac:b9:80:ce:65:7f:f1:b0:f8:b3:ce:dd:a9:3e: e6:db:6c:a7:8a:d3:ee:e3:da:65:f6:31:28:3b:0c: 53:1e:fa:61:71:b4:d3:ca:80:52:bd:24:01:49:6f: 51:c4:0c:52:a2:60:c8:78:4c:8c:d4:f9:b0:57:d3: f8:c1:f5:1d:fa:c1:0e:45:38:bc:a7:aa:ba:ad:a4: ce:92:d6:65:00:b4:12:15:ac:ba:c3:59:69:39:61: a4:68:7e:8f:fb:fe:9a:d9:d7:88:ab:fa:29:6e:85: 2d:e5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C2:2C:E8:C8:53:56:25:B5:62:7E:F5:39:81:AF:01:1F:45:31:16:9E X509v3 Authority Key Identifier: keyid:98:3D:78:30:02:C5:4D:A8:F8:A6:E2:95:83:8B:9C:AF:01:36:43:58 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CF77D/11E259D0D22D11EA8AE73D27C4F9AE02/mD14MALFTaj4puKVg4ucrwE2Q1g.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/mD14MALFTaj4puKVg4ucrwE2Q1g.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CF77D/11E259D0D22D11EA8AE73D27C4F9AE02/D24575B2D22E11EA9D4DDE29C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.139.62.0/24 103.210.224.0/24 IPv6: 2001:df0:6c80::/48 Signature Algorithm: sha256WithRSAEncryption 5e:11:46:6a:b2:1e:a1:1b:ff:1a:2e:15:67:a4:63:fe:03:f7: cf:37:ff:53:5b:dc:7e:8a:8d:c2:8e:e8:d4:f6:2f:6d:97:9d: 8b:e2:6e:b3:d4:63:20:f0:6a:8f:11:1b:27:d6:ff:cd:52:8a: 06:31:eb:bd:67:30:c9:c8:1b:f5:a4:f2:25:96:2e:77:e9:d0: 2d:4c:49:53:bc:aa:e2:39:52:34:c5:65:f5:ce:44:f3:3b:80: f7:70:0a:86:9c:8e:7d:b0:77:06:38:69:b5:cd:b2:89:84:14: 3e:bb:73:4d:55:61:95:c0:c3:63:f3:56:a3:63:0d:75:29:35: 44:97:d4:4d:ae:3f:43:5d:f4:03:de:9a:05:f9:4c:fd:30:2c: cf:23:b5:0e:54:11:b7:3d:c3:df:49:a3:bf:df:e3:30:83:d5: 72:d0:86:e8:77:2f:3d:52:92:4b:aa:18:97:c6:7e:56:e6:f9: e1:54:9c:3d:d3:46:99:fa:40:c3:c8:74:4a:ff:5b:6b:6c:a4: e9:f0:d6:8a:1c:1c:3a:05:c6:c5:9a:de:6d:70:62:02:67:f5: f2:a2:aa:0a:ab:67:3c:e8:e0:86:9b:fb:ef:43:c9:9c:e8:2e: b0:7c:6a:ce:7c:3d:4a:ee:23:a6:6e:97:ec:69:fd:36:d6:bd: 41:14:f2:49 -----BEGIN CERTIFICATE----- MIIFiDCCBHCgAwIBAgICB3kwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Q0Y3N0QxMTAvBgNVBAUTKDk4M0Q3ODMwMDJDNTREQThGOEE2RTI5NTgzOEI5Q0FG MDEzNjQzNTgwHhcNMjQwNjA2MjMwMDQ4WhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD VQQDEw02NjYyM2ZhMC00M2IzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA0vbbVn8XcYRknLarbc33noz+54A0NnaU+wXamlMrYsGIlC2avJ1eQzeIuUcd E+cEDBF7zuYkvrGOvBPCdMZfTdG0PsexTarVingpwYJ8lh3X+VgIB9x2pz2MyPEV g4o+fczuFRYRCGwl2yy3hf8P5MVGJAve51NeLR/dSBefHblKGxVR/D7ELkEvAmqt oId461VR46DvrLmAzmV/8bD4s87dqT7m22ynitPu49pl9jEoOwxTHvphcbTTyoBS vSQBSW9RxAxSomDIeEyM1PmwV9P4wfUd+sEORTi8p6q6raTOktZlALQSFay6w1lp OWGkaH6P+/6a2deIq/opboUt5QIDAQABo4ICrDCCAqgwHQYDVR0OBBYEFMIs6MhT ViW1Yn71OYGvAR9FMRaeMB8GA1UdIwQYMBaAFJg9eDACxU2o+KbilYOLnK8BNkNY MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDRjc3RC8xMUUyNTlEMEQy MkQxMUVBOEFFNzNEMjdDNEY5QUUwMi9tRDE0TUFMRlRhajRwdUtWZzR1Y3J3RTJR MWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL21EMTRNQUxGVGFqNHB1S1ZnNHVjcndFMlExZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx Q0Y3N0QvMTFFMjU5RDBEMjJEMTFFQThBRTczRDI3QzRGOUFFMDIvRDI0NTc1QjJE MjJFMTFFQTlENERERTI5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNgYIKwYBBQUHAQcBAf8E JzAlMBIEAgABMAwDBABniz4DBABn0uAwDwQCAAIwCQMHACABDfBsgDANBgkqhkiG 9w0BAQsFAAOCAQEAXhFGarIeoRv/Gi4VZ6Rj/gP3zzf/U1vcfoqNwo7o1PYvbZed i+Jus9RjIPBqjxEbJ9b/zVKKBjHrvWcwycgb9aTyJZYud+nQLUxJU7yq4jlSNMVl 9c5E8zuA93AKhpyOfbB3Bjhptc2yiYQUPrtzTVVhlcDDY/NWo2MNdSk1RJfUTa4/ Q130A96aBflM/TAszyO1DlQRtz3D30mjv9/jMIPVctCG6HcvPVKSS6oYl8Z+Vub5 4VScPdNGmfpAw8h0Sv9ba2yk6fDWihwcOgXGxZrebXBiAmf18qKqCqtnPOjghpv7 70PJnOgusHxqznw9Su4jpm6X7Gn9Nta9QRTySQ== -----END CERTIFICATE-----Generated at Sun Jun 16 23:13:12 2024 by rpki-client on console-ams.rpki-client.org