$ rpki-client -vvf rpki.apnic.net/member_repository/A91CFA8E/61BAD8E0F87E11ED90D8445CC4F9AE02/61663178F88311EDB1DF555DC4F9AE02.roa File: 61663178F88311EDB1DF555DC4F9AE02.roa (raw, json) Hash identifier: efBSrtkTKEJgNLbcfHg15J9nYDpY9tt/H1QPBO/mZ+U= Subject key identifier: 10:59:89:04:64:32:C1:C0:8F:58:4D:26:B8:AC:4C:67:40:9C:EC:51 Certificate issuer: /CN=A91CFA8E/serialNumber=D880EF265B940E31DFED1C42AEF5144B64413717 Certificate serial: 0148 Authority key identifier: D8:80:EF:26:5B:94:0E:31:DF:ED:1C:42:AE:F5:14:4B:64:41:37:17 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2IDvJluUDjHf7RxCrvUUS2RBNxc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CFA8E/61BAD8E0F87E11ED90D8445CC4F9AE02/61663178F88311EDB1DF555DC4F9AE02.roa Signing time: Thu 05 Dec 2024 05:12:42 +0000 ROA not before: Thu 05 Dec 2024 05:12:42 +0000 ROA not after: Sun 31 Aug 2025 00:00:00 +0000 asID: 56309 IP address blocks: 43.229.148.0/22 maxlen: 24 103.13.28.0/22 maxlen: 24 103.40.118.0/23 maxlen: 24 103.99.11.0/24 maxlen: 24 103.107.52.0/22 maxlen: 24 103.117.148.0/22 maxlen: 24 117.18.124.0/22 maxlen: 24 199.21.172.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CFA8E/61BAD8E0F87E11ED90D8445CC4F9AE02/2IDvJluUDjHf7RxCrvUUS2RBNxc.crl rsync://rpki.apnic.net/member_repository/A91CFA8E/61BAD8E0F87E11ED90D8445CC4F9AE02/2IDvJluUDjHf7RxCrvUUS2RBNxc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2IDvJluUDjHf7RxCrvUUS2RBNxc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 12 Apr 2025 03:24:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 328 (0x148) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CFA8E Validity Not Before: Dec 5 05:12:42 2024 GMT Not After : Aug 31 00:00:00 2025 GMT Subject: CN=6751364a-abb4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ec:8c:46:44:77:f5:c5:de:fd:2b:dc:1d:f2:79: 9d:35:56:14:c1:bd:c7:bd:b7:3a:71:5b:0a:b2:a8: b7:9b:7e:6a:42:f2:82:bc:e9:f7:cc:c4:34:dd:ec: 5f:a8:68:35:01:46:ce:22:28:2e:9e:76:d9:af:e0: 43:cb:0c:63:b4:f4:9f:be:a1:5f:2a:93:c7:15:19: c5:fc:05:bf:7d:e1:fd:8e:ba:b9:2f:4c:85:2e:3a: 9f:88:ca:e1:cb:30:d0:bf:3c:1f:61:78:18:be:fc: 5f:38:99:8e:b2:70:8d:e3:ac:97:bb:7f:0f:a3:83: 87:73:0b:25:b4:6d:69:32:aa:56:9f:2a:e6:a5:39: 1e:b7:1b:bf:db:3f:ab:bd:71:18:82:6d:1b:e6:9d: 4f:49:51:10:0b:ef:af:63:2f:7a:f2:c4:72:50:38: 47:94:94:3f:61:c1:50:65:9f:05:e3:e9:f0:09:f2: b6:fe:8b:36:29:f2:7e:b2:2d:33:c6:61:b7:66:e7: 6e:c4:17:2a:7f:59:14:54:d4:a2:76:57:fd:27:84: ae:73:79:81:30:74:73:6b:30:4f:5b:2e:9b:cb:e5: bc:fe:bd:33:98:0d:f3:07:e8:95:fb:b4:db:41:45: 3f:75:7d:dd:16:7b:63:34:8c:2a:c5:ee:cb:ee:88: 7e:d1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 10:59:89:04:64:32:C1:C0:8F:58:4D:26:B8:AC:4C:67:40:9C:EC:51 X509v3 Authority Key Identifier: keyid:D8:80:EF:26:5B:94:0E:31:DF:ED:1C:42:AE:F5:14:4B:64:41:37:17 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CFA8E/61BAD8E0F87E11ED90D8445CC4F9AE02/2IDvJluUDjHf7RxCrvUUS2RBNxc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2IDvJluUDjHf7RxCrvUUS2RBNxc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CFA8E/61BAD8E0F87E11ED90D8445CC4F9AE02/61663178F88311EDB1DF555DC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.229.148.0/22 103.13.28.0/22 103.40.118.0/23 103.99.11.0/24 103.107.52.0/22 103.117.148.0/22 117.18.124.0/22 199.21.172.0/22 Signature Algorithm: sha256WithRSAEncryption 92:4b:5b:0c:11:70:fc:98:f3:98:26:5b:7b:b4:5e:be:2b:29: 64:ff:b0:a5:60:b9:ab:60:a2:01:c3:e9:ae:80:20:92:4c:c1: b7:ce:e6:34:d9:db:ea:b1:18:6f:85:63:26:85:a5:d8:d5:0e: 3d:d0:11:c3:76:20:42:3a:9b:bb:3f:0e:30:3f:0e:0a:d7:ca: 40:35:59:92:6e:e4:12:9d:56:d1:6f:40:a1:8c:7a:0d:34:2b: 83:3c:a2:9a:68:a1:07:57:a3:66:ad:40:29:29:16:9c:c5:18: 64:ff:17:fe:ee:68:30:a1:36:98:43:e4:70:9e:23:fb:43:a7: 1b:4a:9d:34:31:6b:21:b2:2b:c7:de:a7:f7:5b:ec:66:bf:6e: 27:2b:3a:54:f1:8c:76:0b:39:d8:6b:3d:f3:08:40:96:e3:56: e7:85:7c:7b:50:df:fa:a0:7b:b5:c6:8f:cf:86:09:e7:e2:c1: 53:1d:88:d0:44:01:c2:51:b2:46:74:db:08:54:b7:d1:db:96: 7d:76:28:07:dc:22:c7:58:1b:38:8c:7d:90:14:ba:46:c9:ba: d9:6f:7e:6c:5d:b4:20:bb:db:65:ea:6b:b6:db:74:c6:50:46: 1e:b7:e3:bf:6b:41:84:e1:bb:14:e1:4b:ef:08:25:ee:b0:1f: ed:f1:15:ba -----BEGIN CERTIFICATE----- MIIFmzCCBIOgAwIBAgICAUgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Q0ZBOEUxMTAvBgNVBAUTKEQ4ODBFRjI2NUI5NDBFMzFERkVEMUM0MkFFRjUxNDRC NjQ0MTM3MTcwHhcNMjQxMjA1MDUxMjQyWhcNMjUwODMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NzUxMzY0YS1hYmI0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA7IxGRHf1xd79K9wd8nmdNVYUwb3Hvbc6cVsKsqi3m35qQvKCvOn3zMQ03exf qGg1AUbOIigunnbZr+BDywxjtPSfvqFfKpPHFRnF/AW/feH9jrq5L0yFLjqfiMrh yzDQvzwfYXgYvvxfOJmOsnCN46yXu38Po4OHcwsltG1pMqpWnyrmpTketxu/2z+r vXEYgm0b5p1PSVEQC++vYy968sRyUDhHlJQ/YcFQZZ8F4+nwCfK2/os2KfJ+si0z xmG3ZuduxBcqf1kUVNSidlf9J4Suc3mBMHRzazBPWy6by+W8/r0zmA3zB+iV+7Tb QUU/dX3dFntjNIwqxe7L7oh+0QIDAQABo4ICvzCCArswHQYDVR0OBBYEFBBZiQRk MsHAj1hNJrisTGdAnOxRMB8GA1UdIwQYMBaAFNiA7yZblA4x3+0cQq71FEtkQTcX MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDRkE4RS82MUJBRDhFMEY4 N0UxMUVEOTBEODQ0NUNDNEY5QUUwMi8ySUR2Smx1VURqSGY3UnhDcnZVVVMyUkJO eGMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzJJRHZKbHVVRGpIZjdSeENydlVVUzJSQk54Yy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx Q0ZBOEUvNjFCQUQ4RTBGODdFMTFFRDkwRDg0NDVDQzRGOUFFMDIvNjE2NjMxNzhG ODgzMTFFREIxREY1NTVEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwSQYIKwYBBQUHAQcBAf8E OjA4MDYEAgABMDADBAIr5ZQDBAJnDRwDBAFnKHYDBABnYwsDBAJnazQDBAJndZQD BAJ1EnwDBALHFawwDQYJKoZIhvcNAQELBQADggEBAJJLWwwRcPyY85gmW3u0Xr4r KWT/sKVguatgogHD6a6AIJJMwbfO5jTZ2+qxGG+FYyaFpdjVDj3QEcN2IEI6m7s/ DjA/DgrXykA1WZJu5BKdVtFvQKGMeg00K4M8oppooQdXo2atQCkpFpzFGGT/F/7u aDChNphD5HCeI/tDpxtKnTQxayGyK8fep/db7Ga/bicrOlTxjHYLOdhrPfMIQJbj VueFfHtQ3/qge7XGj8+GCefiwVMdiNBEAcJRskZ02whUt9Hbln12KAfcIsdYGziM fZAUukbJutlvfmxdtCC722Xqa7bbdMZQRh63479rQYThuxThS+8IJe6wH+3xFbo= -----END CERTIFICATE-----Generated at Sat Apr 5 07:21:07 2025 by rpki-client