$ rpki-client -vvf rpki.apnic.net/member_repository/A91EFBA1/2AD51F4C990311E7A5E95C6FC4F9AE02/43E9842C185A11EF9D0C4338C4F9AE02.roa File: 43E9842C185A11EF9D0C4338C4F9AE02.roa (raw, json) Hash identifier: UsFCc7KU3kErqZq90qGqrLGSNxNKCreDKydxFYPECGw= Subject key identifier: E9:F4:41:8C:35:71:87:9D:7C:41:D9:91:49:95:3A:6B:AE:A7:59:A2 Certificate issuer: /CN=A91EFBA1/serialNumber=415406ED80B4D927A479A8BA042116AE2D11A1A6 Certificate serial: 1820 Authority key identifier: 41:54:06:ED:80:B4:D9:27:A4:79:A8:BA:04:21:16:AE:2D:11:A1:A6 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QVQG7YC02Sekeai6BCEWri0RoaY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EFBA1/2AD51F4C990311E7A5E95C6FC4F9AE02/43E9842C185A11EF9D0C4338C4F9AE02.roa Signing time: Wed 22 May 2024 16:42:24 +0000 ROA not before: Wed 22 May 2024 16:42:24 +0000 ROA not after: Wed 28 May 2025 00:00:00 +0000 asID: 136435 IP address blocks: 103.87.248.0/23 maxlen: 23 103.87.248.0/24 maxlen: 24 103.87.249.0/24 maxlen: 24 203.96.225.0/24 maxlen: 24 203.96.226.0/23 maxlen: 23 203.96.226.0/24 maxlen: 24 203.96.227.0/24 maxlen: 24 2400:dac0::/48 maxlen: 48 2400:dac0:1::/48 maxlen: 48 2400:dac0:2::/48 maxlen: 48 2400:dac0:3::/48 maxlen: 48 2400:dac0:4::/48 maxlen: 48 2400:dac0:5::/48 maxlen: 48 2400:dac0:6::/48 maxlen: 48 2400:dac0:7::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EFBA1/2AD51F4C990311E7A5E95C6FC4F9AE02/QVQG7YC02Sekeai6BCEWri0RoaY.crl rsync://rpki.apnic.net/member_repository/A91EFBA1/2AD51F4C990311E7A5E95C6FC4F9AE02/QVQG7YC02Sekeai6BCEWri0RoaY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QVQG7YC02Sekeai6BCEWri0RoaY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Nov 2024 16:30:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6176 (0x1820) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EFBA1/serialNumber=415406ED80B4D927A479A8BA042116AE2D11A1A6 Validity Not Before: May 22 16:42:24 2024 GMT Not After : May 28 00:00:00 2025 GMT Subject: CN=664e206f-cfb4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e5:5f:d6:1c:b0:00:be:66:bb:0d:7e:f1:ef:5f: e0:22:15:8c:05:a2:d1:12:40:1e:cc:30:10:b1:07: 38:9d:db:31:f4:3c:18:fd:1d:5f:68:99:7d:cc:b0: bc:d7:c5:5f:c8:98:a9:a6:cf:82:0c:5d:cc:40:1c: dd:41:83:ab:d6:d5:08:e7:77:cc:f6:6b:d9:f8:b1: 7d:33:ad:d7:48:17:94:cc:a0:9b:c2:34:fc:af:05: 7b:d4:52:ad:f9:d2:2b:a3:aa:0a:2b:76:67:6a:51: e1:45:e9:c1:51:0c:3e:5f:70:5d:76:b0:e1:6d:ae: ac:94:1b:9f:eb:04:90:06:61:96:11:3b:64:52:02: 57:10:3d:7f:c8:c6:ff:7e:6d:e3:0a:5b:98:4b:4b: d8:45:26:1d:cd:9b:68:4d:15:78:97:8f:1b:05:95: 0b:9f:a8:f5:18:b3:6c:b0:de:e8:ed:c8:b8:a8:2f: d3:cd:c2:57:3d:8e:28:5a:db:91:58:d5:7c:a6:c3: e7:4c:dd:7a:d1:01:5b:e4:b9:ac:2c:bf:37:10:19: 83:08:e9:80:fe:16:bd:a6:99:ae:9c:c2:82:43:b2: 70:1c:88:9b:88:74:9f:61:8d:79:91:a4:f3:d0:1f: 5f:e4:5a:99:80:a2:79:6d:b4:39:12:79:3f:92:7f: 77:ef Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E9:F4:41:8C:35:71:87:9D:7C:41:D9:91:49:95:3A:6B:AE:A7:59:A2 X509v3 Authority Key Identifier: keyid:41:54:06:ED:80:B4:D9:27:A4:79:A8:BA:04:21:16:AE:2D:11:A1:A6 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EFBA1/2AD51F4C990311E7A5E95C6FC4F9AE02/QVQG7YC02Sekeai6BCEWri0RoaY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QVQG7YC02Sekeai6BCEWri0RoaY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EFBA1/2AD51F4C990311E7A5E95C6FC4F9AE02/43E9842C185A11EF9D0C4338C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.87.248.0/23 203.96.225.0-203.96.227.255 IPv6: 2400:dac0::/45 Signature Algorithm: sha256WithRSAEncryption 11:c7:dd:de:08:4f:95:75:19:f1:7f:72:4f:22:b6:fd:84:77: a9:c6:e9:b5:18:db:fa:8d:a9:3e:cb:3b:22:28:21:e8:be:b0: 1c:4b:47:ab:59:d5:a8:25:c2:ba:89:b0:bb:d7:9a:1a:c2:7e: 32:fc:c0:f3:76:66:de:12:d5:29:e0:30:34:ab:d1:2e:37:bf: f7:52:c0:2c:76:26:df:d2:96:08:00:72:6d:a0:d5:dc:7a:1f: aa:2a:cc:a3:1c:da:30:3a:db:5e:81:c3:d0:06:df:7c:60:59: 9d:bf:e4:3c:2f:f9:9a:9a:4d:98:da:fd:c2:4e:be:aa:75:2c: bd:fa:8e:ff:ff:40:dd:86:c1:b7:9e:1d:19:8c:c2:ac:8c:b9: 55:45:db:08:6c:b8:cf:ad:1f:4a:4b:c4:87:0a:50:da:01:f3: 6c:ad:9b:6f:f6:1e:45:46:87:77:ce:36:c5:7d:05:68:b1:9f: dc:01:19:4d:03:97:4f:15:c1:5a:c1:a6:13:68:39:8b:f7:9b: 3f:ab:17:a0:41:c7:9e:97:ba:7b:43:46:35:ef:93:90:ba:e0: c8:18:a2:56:a6:e5:c8:a9:54:6a:50:0d:de:bc:b4:38:92:73: 63:0a:ac:66:ac:2f:0c:76:65:61:f7:fd:4d:66:37:fe:2b:a0: 7b:c4:19:ee -----BEGIN CERTIFICATE----- MIIFkDCCBHigAwIBAgICGCAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RUZCQTExMTAvBgNVBAUTKDQxNTQwNkVEODBCNEQ5MjdBNDc5QThCQTA0MjExNkFF MkQxMUExQTYwHhcNMjQwNTIyMTY0MjI0WhcNMjUwNTI4MDAwMDAwWjAYMRYwFAYD VQQDEw02NjRlMjA2Zi1jZmI0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA5V/WHLAAvma7DX7x71/gIhWMBaLREkAezDAQsQc4ndsx9DwY/R1faJl9zLC8 18VfyJipps+CDF3MQBzdQYOr1tUI53fM9mvZ+LF9M63XSBeUzKCbwjT8rwV71FKt +dIro6oKK3ZnalHhRenBUQw+X3BddrDhba6slBuf6wSQBmGWETtkUgJXED1/yMb/ fm3jCluYS0vYRSYdzZtoTRV4l48bBZULn6j1GLNssN7o7ci4qC/TzcJXPY4oWtuR WNV8psPnTN160QFb5LmsLL83EBmDCOmA/ha9ppmunMKCQ7JwHIibiHSfYY15kaTz 0B9f5FqZgKJ5bbQ5Enk/kn937wIDAQABo4ICtDCCArAwHQYDVR0OBBYEFOn0QYw1 cYedfEHZkUmVOmuup1miMB8GA1UdIwQYMBaAFEFUBu2AtNknpHmougQhFq4tEaGm MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFRkJBMS8yQUQ1MUY0Qzk5 MDMxMUU3QTVFOTVDNkZDNEY5QUUwMi9RVlFHN1lDMDJTZWtlYWk2QkNFV3JpMFJv YVkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1FWUUc3WUMwMlNla2VhaTZCQ0VXcmkwUm9hWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RUZCQTEvMkFENTFGNEM5OTAzMTFFN0E1RTk1QzZGQzRGOUFFMDIvNDNFOTg0MkMx ODVBMTFFRjlEMEM0MzM4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwPgYIKwYBBQUHAQcBAf8E LzAtMBoEAgABMBQDBAFnV/gwDAMEAMtg4QMEAstg4DAPBAIAAjAJAwcDJADawAAA MA0GCSqGSIb3DQEBCwUAA4IBAQARx93eCE+VdRnxf3JPIrb9hHepxum1GNv6jak+ yzsiKCHovrAcS0erWdWoJcK6ibC715oawn4y/MDzdmbeEtUp4DA0q9EuN7/3UsAs dibf0pYIAHJtoNXceh+qKsyjHNowOttegcPQBt98YFmdv+Q8L/mamk2Y2v3CTr6q dSy9+o7//0DdhsG3nh0ZjMKsjLlVRdsIbLjPrR9KS8SHClDaAfNsrZtv9h5FRod3 zjbFfQVosZ/cARlNA5dPFcFawaYTaDmL95s/qxegQceel7p7Q0Y175OQuuDIGKJW puXIqVRqUA3evLQ4knNjCqxmrC8MdmVh9/1NZjf+K6B7xBnu -----END CERTIFICATE-----Generated at Fri Nov 22 17:56:22 2024 by rpki-client on console-fra.rpki-client.org