$ rpki-client -vvf rpki.apnic.net/member_repository/A91E5490/321F591E146211EC9868C246C4F9AE02/8608449A356511EC9715F015C4F9AE02.roa File: 8608449A356511EC9715F015C4F9AE02.roa (raw, json) Hash identifier: clmx/oQr73cJ/dvXJjULbQlKZ0MXrmzLfgGRONsfwYo= Subject key identifier: 11:18:A6:98:68:C9:BA:59:E3:48:32:6A:71:D1:21:CF:DD:FA:44:2C Certificate issuer: /CN=A91E5490/serialNumber=F96FAE288A6430ADCCF95E0EA89F085BB6E829D4 Certificate serial: 0492 Authority key identifier: F9:6F:AE:28:8A:64:30:AD:CC:F9:5E:0E:A8:9F:08:5B:B6:E8:29:D4 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-W-uKIpkMK3M-V4OqJ8IW7boKdQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E5490/321F591E146211EC9868C246C4F9AE02/8608449A356511EC9715F015C4F9AE02.roa Signing time: Fri 25 Oct 2024 00:14:54 +0000 ROA not before: Fri 25 Oct 2024 00:14:54 +0000 ROA not after: Tue 30 Dec 2025 00:00:00 +0000 asID: 147014 IP address blocks: 103.173.4.0/24 maxlen: 24 103.173.5.0/24 maxlen: 24 2407:dc40::/32 maxlen: 32 2407:dc40::/48 maxlen: 48 2407:dc40:1::/48 maxlen: 48 2407:dc40:2::/48 maxlen: 48 2407:dc40:3::/48 maxlen: 48 2407:dc40:4::/48 maxlen: 48 2407:dc40:5::/48 maxlen: 48 2407:dc40:6::/48 maxlen: 48 2407:dc40:7::/48 maxlen: 48 2407:dc40:8::/48 maxlen: 48 2407:dc40:9::/48 maxlen: 48 2407:dc40:a::/48 maxlen: 48 2407:dc40:b::/48 maxlen: 48 2407:dc40:c::/48 maxlen: 48 2407:dc40:d::/48 maxlen: 48 2407:dc40:e::/48 maxlen: 48 2407:dc40:f::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E5490/321F591E146211EC9868C246C4F9AE02/-W-uKIpkMK3M-V4OqJ8IW7boKdQ.crl rsync://rpki.apnic.net/member_repository/A91E5490/321F591E146211EC9868C246C4F9AE02/-W-uKIpkMK3M-V4OqJ8IW7boKdQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-W-uKIpkMK3M-V4OqJ8IW7boKdQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Nov 2024 20:43:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1170 (0x492) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5490/serialNumber=F96FAE288A6430ADCCF95E0EA89F085BB6E829D4 Validity Not Before: Oct 25 00:14:54 2024 GMT Not After : Dec 30 00:00:00 2025 GMT Subject: CN=671ae2fe-f6b6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:d2:9a:b6:da:cb:77:31:b7:c7:d4:31:ff:43: 6e:b9:d9:4b:4c:c9:f7:4b:8a:95:5b:09:b0:65:bd: 7c:12:5c:88:e5:7d:f4:64:a0:47:1b:ca:bf:e6:a3: b3:d1:3f:1a:87:cc:9b:9b:24:af:4a:51:e7:4d:d7: 06:88:44:a1:df:36:fe:60:2e:02:08:f4:e7:1c:59: df:d0:06:80:2e:1a:b8:73:11:de:8a:5b:66:af:47: d5:d9:58:8b:83:66:58:29:32:2d:cf:d4:d1:77:92: fc:e6:a7:ba:f2:63:8b:29:9c:62:90:27:b2:57:d0: 21:ae:67:8f:0c:01:e9:5b:68:84:de:fc:9a:e8:32: 0f:89:31:8c:e1:b7:30:58:41:6f:05:ec:8a:48:15: a7:80:dd:20:46:77:fa:28:37:dd:7d:4b:a3:cc:9e: 26:e3:fb:fb:c2:b9:79:26:15:20:8b:e1:98:a5:a7: 07:4b:a8:c5:66:2a:5a:24:72:8a:d0:a0:bc:0e:57: 05:55:c1:0e:a0:9e:99:b4:94:d2:9e:26:3a:91:1d: 2f:17:ae:2b:c0:50:31:dd:a3:c7:a2:58:fa:d0:b9: df:67:52:2f:0a:6d:a8:c6:0c:26:ed:a7:cf:36:17: 5a:56:66:cf:d1:20:17:ed:7d:3d:da:ee:9f:bf:27: 25:07 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 11:18:A6:98:68:C9:BA:59:E3:48:32:6A:71:D1:21:CF:DD:FA:44:2C X509v3 Authority Key Identifier: keyid:F9:6F:AE:28:8A:64:30:AD:CC:F9:5E:0E:A8:9F:08:5B:B6:E8:29:D4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E5490/321F591E146211EC9868C246C4F9AE02/-W-uKIpkMK3M-V4OqJ8IW7boKdQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-W-uKIpkMK3M-V4OqJ8IW7boKdQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E5490/321F591E146211EC9868C246C4F9AE02/8608449A356511EC9715F015C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.173.4.0/23 IPv6: 2407:dc40::/32 Signature Algorithm: sha256WithRSAEncryption 0d:6c:ef:a7:96:db:5b:dc:40:ee:9b:60:9e:a5:33:6d:fb:5b: 65:94:54:3d:78:7e:ad:bd:e2:6e:f0:ed:d8:37:3c:3e:b4:40: c5:57:95:d0:16:2f:80:7d:0a:35:0e:84:c6:7a:c9:dc:c2:2c: 3e:df:ed:72:8e:85:0f:48:ea:02:63:bf:cb:15:9e:e3:92:0a: 36:25:d4:f2:0e:3b:54:40:70:15:73:3f:a2:65:24:09:69:9a: 9d:7d:65:87:95:9d:3e:fe:1a:52:84:d9:9e:66:a3:ea:e6:c5: ca:62:da:eb:cb:c4:5e:8f:71:24:5e:84:fe:12:2e:5c:58:ee: 96:70:c4:77:36:60:37:7d:a9:5b:6c:4c:da:48:6e:47:94:5c: b8:ed:3b:56:d6:c1:ce:82:fc:f1:9e:7d:9c:d3:f3:e1:8d:82: 82:dd:22:69:dc:a4:c0:9a:ff:62:42:77:92:9f:f8:50:31:24: b7:af:1b:2a:2a:ee:45:b9:17:dd:1e:9f:5d:2c:63:ac:9a:ac: 9f:be:90:e7:50:21:61:e1:4c:ef:86:f0:db:60:a3:17:fb:87: 02:da:44:5f:16:06:8a:b3:bd:fa:bf:30:ff:5b:f7:ee:55:c7: 32:44:b6:be:08:58:90:6f:ad:38:57:f5:5f:de:2d:d6:8b:6b: b7:70:4e:16 -----BEGIN CERTIFICATE----- MIIFgDCCBGigAwIBAgICBJIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTU0OTAxMTAvBgNVBAUTKEY5NkZBRTI4OEE2NDMwQURDQ0Y5NUUwRUE4OUYwODVC QjZFODI5RDQwHhcNMjQxMDI1MDAxNDU0WhcNMjUxMjMwMDAwMDAwWjAYMRYwFAYD VQQDEw02NzFhZTJmZS1mNmI2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvtKattrLdzG3x9Qx/0NuudlLTMn3S4qVWwmwZb18ElyI5X30ZKBHG8q/5qOz 0T8ah8ybmySvSlHnTdcGiESh3zb+YC4CCPTnHFnf0AaALhq4cxHeiltmr0fV2ViL g2ZYKTItz9TRd5L85qe68mOLKZxikCeyV9AhrmePDAHpW2iE3vya6DIPiTGM4bcw WEFvBeyKSBWngN0gRnf6KDfdfUujzJ4m4/v7wrl5JhUgi+GYpacHS6jFZipaJHKK 0KC8DlcFVcEOoJ6ZtJTSniY6kR0vF64rwFAx3aPHolj60LnfZ1IvCm2oxgwm7afP NhdaVmbP0SAX7X092u6fvyclBwIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFBEYppho ybpZ40gyanHRIc/d+kQsMB8GA1UdIwQYMBaAFPlvriiKZDCtzPleDqifCFu26CnU MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNTQ5MC8zMjFGNTkxRTE0 NjIxMUVDOTg2OEMyNDZDNEY5QUUwMi8tVy11S0lwa01LM00tVjRPcUo4SVc3Ym9L ZFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLy1XLXVLSXBrTUszTS1WNE9xSjhJVzdib0tkUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RTU0OTAvMzIxRjU5MUUxNDYyMTFFQzk4NjhDMjQ2QzRGOUFFMDIvODYwODQ0OUEz NTY1MTFFQzk3MTVGMDE1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E HzAdMAwEAgABMAYDBAFnrQQwDQQCAAIwBwMFACQH3EAwDQYJKoZIhvcNAQELBQAD ggEBAA1s76eW21vcQO6bYJ6lM237W2WUVD14fq294m7w7dg3PD60QMVXldAWL4B9 CjUOhMZ6ydzCLD7f7XKOhQ9I6gJjv8sVnuOSCjYl1PIOO1RAcBVzP6JlJAlpmp19 ZYeVnT7+GlKE2Z5mo+rmxcpi2uvLxF6PcSRehP4SLlxY7pZwxHc2YDd9qVtsTNpI bkeUXLjtO1bWwc6C/PGefZzT8+GNgoLdImncpMCa/2JCd5Kf+FAxJLevGyoq7kW5 F90en10sY6yarJ++kOdQIWHhTO+G8Ntgoxf7hwLaRF8WBoqzvfq/MP9b9+5VxzJE tr4IWJBvrThX9V/eLdaLa7dwThY= -----END CERTIFICATE-----Generated at Sat Nov 23 01:27:29 2024 by rpki-client on console-ams.rpki-client.org