$ rpki-client -vvf rpki.apnic.net/member_repository/A91FA92A/45797C5C5A4D11E799F46B74C4F9AE02/3A1C441A5A4E11E7965D9A75C4F9AE02.roa File: 3A1C441A5A4E11E7965D9A75C4F9AE02.roa (raw, json) Hash identifier: Pn8qccQRQVn2V5b6lFX/FWa2+EXb/L20S5gebLb7vvU= Subject key identifier: C8:31:03:6C:49:98:84:C6:83:F8:C3:CF:12:55:FB:E3:19:0D:C8:60 Certificate issuer: /CN=A91FA92A/serialNumber=A7EC2258682F6FAE9F8438FA2627189E542F4DEF Certificate serial: 198B Authority key identifier: A7:EC:22:58:68:2F:6F:AE:9F:84:38:FA:26:27:18:9E:54:2F:4D:EF Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/p-wiWGgvb66fhDj6JicYnlQvTe8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91FA92A/45797C5C5A4D11E799F46B74C4F9AE02/3A1C441A5A4E11E7965D9A75C4F9AE02.roa Signing time: Fri 22 Nov 2024 16:34:53 +0000 ROA not before: Fri 22 Nov 2024 16:34:52 +0000 ROA not after: Sat 31 Jan 2026 00:00:00 +0000 asID: 135666 IP address blocks: 43.230.208.0/24 maxlen: 24 103.78.111.0/24 maxlen: 24 103.78.116.0/23 maxlen: 24 103.252.84.0/24 maxlen: 24 2400:1440::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91FA92A/45797C5C5A4D11E799F46B74C4F9AE02/p-wiWGgvb66fhDj6JicYnlQvTe8.crl rsync://rpki.apnic.net/member_repository/A91FA92A/45797C5C5A4D11E799F46B74C4F9AE02/p-wiWGgvb66fhDj6JicYnlQvTe8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/p-wiWGgvb66fhDj6JicYnlQvTe8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 01 Dec 2024 16:17:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6539 (0x198b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FA92A/serialNumber=A7EC2258682F6FAE9F8438FA2627189E542F4DEF Validity Not Before: Nov 22 16:34:52 2024 GMT Not After : Jan 31 00:00:00 2026 GMT Subject: CN=6740b2ac-929a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:46:75:53:34:6b:48:e8:ad:3d:c8:7e:48:d7: 3d:ec:be:8a:43:77:a8:3b:85:b6:44:5d:3e:09:bf: 79:70:42:c5:0f:ed:4c:3c:da:72:68:35:df:11:46: 88:0e:f0:cd:c6:72:6a:2a:0c:fb:ee:99:eb:52:40: c0:74:64:44:99:97:2e:fe:63:4d:a8:40:74:8b:6c: 3d:a7:80:d4:7a:76:9e:ef:56:bb:64:9f:57:f3:84: ce:ba:01:df:f2:5a:7d:6c:98:a5:e2:ff:e2:e3:10: 9b:b6:36:88:2e:f0:17:2e:1d:90:de:7e:e6:2f:d3: f3:30:19:95:d5:74:43:0c:f6:fa:84:2b:36:74:0e: 7f:a9:fe:a0:d8:56:26:9b:c7:e9:ee:dc:0f:5a:e8: 91:1b:da:73:fa:67:de:43:95:e0:3f:32:98:c5:08: cc:93:a8:db:4f:d1:3b:c7:3c:b3:ad:b9:e6:72:19: 77:61:c9:b1:f1:df:03:34:26:32:f9:f5:79:54:cd: ec:59:fe:93:ee:c5:6f:84:f4:96:1d:37:78:fa:4f: 5e:4f:4e:5c:80:f5:c1:fe:4d:8b:3c:ea:b5:84:1d: c7:52:62:bb:fa:55:a0:f7:4f:cc:2d:2d:74:3f:70: 46:9c:98:6b:b7:59:4a:cc:40:06:d2:cc:20:49:f3: 38:11 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C8:31:03:6C:49:98:84:C6:83:F8:C3:CF:12:55:FB:E3:19:0D:C8:60 X509v3 Authority Key Identifier: keyid:A7:EC:22:58:68:2F:6F:AE:9F:84:38:FA:26:27:18:9E:54:2F:4D:EF X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91FA92A/45797C5C5A4D11E799F46B74C4F9AE02/p-wiWGgvb66fhDj6JicYnlQvTe8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/p-wiWGgvb66fhDj6JicYnlQvTe8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FA92A/45797C5C5A4D11E799F46B74C4F9AE02/3A1C441A5A4E11E7965D9A75C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.230.208.0/24 103.78.111.0/24 103.78.116.0/23 103.252.84.0/24 IPv6: 2400:1440::/32 Signature Algorithm: sha256WithRSAEncryption 04:de:ba:62:dc:11:cb:f9:eb:eb:21:c9:38:94:29:85:f0:ba: c6:ce:3c:28:98:ed:e8:c3:51:7e:fd:89:b2:76:98:4b:e0:4c: 82:6d:e5:04:e5:40:13:b3:35:7d:ce:41:4c:6c:57:8c:c9:db: 68:56:91:7f:d0:ae:db:87:d3:34:df:08:92:bb:ac:d1:e8:55: 59:28:a6:98:7f:6e:28:e9:c0:11:34:20:57:88:83:cf:b7:84: 17:db:39:56:b8:aa:1a:2c:53:b3:34:be:50:38:f7:75:8e:b8: 9c:ee:fa:bb:79:b1:c9:3b:9c:aa:39:07:e2:77:85:e0:0f:57: 50:1a:e1:4f:3d:48:23:20:3c:53:94:82:e0:ba:7c:bc:af:0b: 7b:e3:64:4e:58:3e:12:b8:9c:4c:72:87:a4:2f:28:77:be:e0: 5b:1f:22:9d:44:6f:aa:5e:fc:ff:fe:e5:b2:c4:d9:d8:df:e1: 5e:10:a6:77:74:b8:f9:ff:d4:02:df:9d:0a:ad:6a:64:b5:29: b3:09:28:7c:96:93:57:1b:e3:ed:23:df:0f:7d:a1:45:bd:bb: f0:40:c8:2f:02:b2:1c:dd:49:e7:e5:b5:dd:a6:32:7f:5e:a6: 9b:80:b3:44:85:6f:9b:e8:04:7b:33:1b:0e:88:ea:02:d1:62: 74:53:da:c1 -----BEGIN CERTIFICATE----- MIIFkjCCBHqgAwIBAgICGYswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RkE5MkExMTAvBgNVBAUTKEE3RUMyMjU4NjgyRjZGQUU5Rjg0MzhGQTI2MjcxODlF NTQyRjRERUYwHhcNMjQxMTIyMTYzNDUyWhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NzQwYjJhYy05MjlhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxEZ1UzRrSOitPch+SNc97L6KQ3eoO4W2RF0+Cb95cELFD+1MPNpyaDXfEUaI DvDNxnJqKgz77pnrUkDAdGREmZcu/mNNqEB0i2w9p4DUenae71a7ZJ9X84TOugHf 8lp9bJil4v/i4xCbtjaILvAXLh2Q3n7mL9PzMBmV1XRDDPb6hCs2dA5/qf6g2FYm m8fp7twPWuiRG9pz+mfeQ5XgPzKYxQjMk6jbT9E7xzyzrbnmchl3Ycmx8d8DNCYy +fV5VM3sWf6T7sVvhPSWHTd4+k9eT05cgPXB/k2LPOq1hB3HUmK7+lWg90/MLS10 P3BGnJhrt1lKzEAG0swgSfM4EQIDAQABo4ICtjCCArIwHQYDVR0OBBYEFMgxA2xJ mITGg/jDzxJV++MZDchgMB8GA1UdIwQYMBaAFKfsIlhoL2+un4Q4+iYnGJ5UL03v MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGQTkyQS80NTc5N0M1QzVB NEQxMUU3OTlGNDZCNzRDNEY5QUUwMi9wLXdpV0dndmI2NmZoRGo2SmljWW5sUXZU ZTguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3Atd2lXR2d2YjY2ZmhEajZKaWNZbmxRdlRlOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RkE5MkEvNDU3OTdDNUM1QTREMTFFNzk5RjQ2Qjc0QzRGOUFFMDIvM0ExQzQ0MUE1 QTRFMTFFNzk2NUQ5QTc1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQAYIKwYBBQUHAQcBAf8E MTAvMB4EAgABMBgDBAAr5tADBABnTm8DBAFnTnQDBABn/FQwDQQCAAIwBwMFACQA FEAwDQYJKoZIhvcNAQELBQADggEBAATeumLcEcv56+shyTiUKYXwusbOPCiY7ejD UX79ibJ2mEvgTIJt5QTlQBOzNX3OQUxsV4zJ22hWkX/QrtuH0zTfCJK7rNHoVVko pph/bijpwBE0IFeIg8+3hBfbOVa4qhosU7M0vlA493WOuJzu+rt5sck7nKo5B+J3 heAPV1Aa4U89SCMgPFOUguC6fLyvC3vjZE5YPhK4nExyh6QvKHe+4FsfIp1Eb6pe /P/+5bLE2djf4V4Qpnd0uPn/1ALfnQqtamS1KbMJKHyWk1cb4+0j3w99oUW9u/BA yC8CshzdSefltd2mMn9eppuAs0SFb5voBHszGw6I6gLRYnRT2sE= -----END CERTIFICATE-----Generated at Sun Nov 24 18:24:59 2024 by rpki-client on console-ams.rpki-client.org