$ rpki-client -vvf rpki.apnic.net/member_repository/A911D9B2/0A6F3B42915511EEA4C0F668C4F9AE02/59962840D01911EE96596B16C4F9AE02.roa File: 59962840D01911EE96596B16C4F9AE02.roa (raw, json) Hash identifier: YpEQTbpVSB00M1i82/mF8u5IlL2jcDDCKlcXisFL2vE= Subject key identifier: A5:29:A4:C8:7A:1F:31:D8:4C:9B:BC:A6:B4:6B:92:65:3C:27:0D:63 Certificate issuer: /CN=A911D9B2/serialNumber=91295BBB75BFAAEB9531B39B36EC7521DDE30D63 Certificate serial: CE Authority key identifier: 91:29:5B:BB:75:BF:AA:EB:95:31:B3:9B:36:EC:75:21:DD:E3:0D:63 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kSlbu3W_quuVMbObNux1Id3jDWM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A911D9B2/0A6F3B42915511EEA4C0F668C4F9AE02/59962840D01911EE96596B16C4F9AE02.roa Signing time: Fri 15 Nov 2024 02:27:23 +0000 ROA not before: Fri 15 Nov 2024 02:27:23 +0000 ROA not after: Tue 30 Dec 2025 00:00:00 +0000 asID: 213122 IP address blocks: 103.96.80.0/22 maxlen: 24 103.131.130.0/23 maxlen: 24 103.199.98.0/24 maxlen: 24 103.199.99.0/24 maxlen: 24 2401:3a60:1100::/40 maxlen: 40 2401:3a60:1200::/40 maxlen: 40 2401:3a60:1300::/40 maxlen: 40 2401:3a60:1400::/40 maxlen: 40 2401:3a60:1500::/40 maxlen: 40 2401:3a60:1600::/40 maxlen: 40 2401:3a60:3100::/40 maxlen: 40 2401:3a60:3200::/40 maxlen: 40 2401:3a60:5000::/40 maxlen: 40 2401:3a60:5100::/40 maxlen: 40 2401:3a60:5200::/40 maxlen: 40 2401:3a60:5300::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A911D9B2/0A6F3B42915511EEA4C0F668C4F9AE02/kSlbu3W_quuVMbObNux1Id3jDWM.crl rsync://rpki.apnic.net/member_repository/A911D9B2/0A6F3B42915511EEA4C0F668C4F9AE02/kSlbu3W_quuVMbObNux1Id3jDWM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kSlbu3W_quuVMbObNux1Id3jDWM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 28 Nov 2024 04:09:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 206 (0xce) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A911D9B2/serialNumber=91295BBB75BFAAEB9531B39B36EC7521DDE30D63 Validity Not Before: Nov 15 02:27:23 2024 GMT Not After : Dec 30 00:00:00 2025 GMT Subject: CN=6736b18b-9867 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:fa:ac:9b:42:d1:3a:13:aa:65:23:2c:b3:f3:4b: 79:a3:58:2d:8f:18:d1:46:ca:b7:22:bf:2b:d9:ca: 50:de:23:d2:68:6b:2c:17:89:8e:46:57:37:49:a9: 16:c6:f6:70:23:57:56:97:1d:2a:8a:9c:dc:9d:7f: 12:95:c5:56:1c:7c:3e:e9:bd:fc:34:e0:3c:30:e1: 5c:49:10:87:2f:6a:f2:6a:32:ee:4a:92:26:f4:99: 94:1c:20:ca:6b:31:92:59:42:3e:be:6d:93:fc:f5: 73:ce:d6:2c:49:ca:32:94:be:35:a8:b5:ea:30:70: 81:cf:c9:2e:b8:f4:86:c1:42:4e:34:3a:2f:62:4f: df:31:58:23:b8:5f:3d:22:7c:8f:e0:92:81:bc:d4: 20:44:32:81:6a:2a:b0:72:73:bd:a2:d9:53:f2:1b: 49:a0:92:b0:72:5d:9c:5f:50:27:70:c4:74:1f:de: b4:e9:21:d9:c0:4d:85:e9:27:d5:2b:63:0a:16:75: 8f:8b:d7:4f:5b:13:c3:47:3d:68:df:81:50:02:20: d6:a0:fc:c8:9b:b4:b5:bd:1f:08:16:5d:4b:49:60: e2:49:59:87:b4:7f:16:7d:c2:48:8c:f7:bb:c0:d7: 0c:5a:87:45:71:98:66:19:0c:63:cb:0e:a3:fa:39: e2:db Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A5:29:A4:C8:7A:1F:31:D8:4C:9B:BC:A6:B4:6B:92:65:3C:27:0D:63 X509v3 Authority Key Identifier: keyid:91:29:5B:BB:75:BF:AA:EB:95:31:B3:9B:36:EC:75:21:DD:E3:0D:63 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A911D9B2/0A6F3B42915511EEA4C0F668C4F9AE02/kSlbu3W_quuVMbObNux1Id3jDWM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kSlbu3W_quuVMbObNux1Id3jDWM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911D9B2/0A6F3B42915511EEA4C0F668C4F9AE02/59962840D01911EE96596B16C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.96.80.0/22 103.131.130.0/23 103.199.98.0/23 IPv6: 2401:3a60:1100::-2401:3a60:16ff:ffff:ffff:ffff:ffff:ffff 2401:3a60:3100::-2401:3a60:32ff:ffff:ffff:ffff:ffff:ffff 2401:3a60:5000::/38 Signature Algorithm: sha256WithRSAEncryption 1d:54:80:99:cf:85:43:fe:48:d1:40:af:e5:c2:d0:54:00:9c: 1a:a1:58:ee:3c:4e:72:b2:4d:e9:0b:a2:3e:ad:74:2e:86:b9: fc:31:ff:3d:a7:82:f8:9c:df:43:47:86:04:fb:79:9a:89:c4: 70:46:03:30:3c:24:b8:02:94:17:c3:dd:be:85:8f:e1:13:ec: 22:27:ce:a8:b3:53:f2:0c:88:51:ca:12:56:b5:99:2d:28:3e: ad:8a:4a:a7:ec:34:ab:39:bf:4e:13:04:4c:6b:05:38:35:1e: dd:f9:72:b2:0a:60:2a:bd:03:53:03:cc:27:e6:8b:b2:88:52: bb:94:75:b9:a3:d4:9c:93:16:a6:61:42:78:9a:f5:2e:7f:01: 3a:fe:fe:ed:03:20:29:42:c8:e2:ca:4e:2b:de:c9:b6:81:28: 76:25:92:c1:7b:c3:07:56:c5:eb:f9:00:6c:b1:32:a3:07:e4: 94:24:d5:a1:02:3d:00:2c:a9:79:50:4f:d2:b3:c1:9e:70:dc: 16:0a:93:89:a6:8a:94:b5:12:ee:05:1a:f1:d8:09:af:5c:70: d5:e7:3d:ac:bd:d8:48:bd:25:71:99:b8:2f:7f:6a:8e:ab:de: b6:4f:f9:3e:d9:a3:2e:2f:09:e0:92:ae:c1:92:b5:d4:6f:12: c5:53:e8:62 -----BEGIN CERTIFICATE----- MIIFsTCCBJmgAwIBAgICAM4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MUQ5QjIxMTAvBgNVBAUTKDkxMjk1QkJCNzVCRkFBRUI5NTMxQjM5QjM2RUM3NTIx RERFMzBENjMwHhcNMjQxMTE1MDIyNzIzWhcNMjUxMjMwMDAwMDAwWjAYMRYwFAYD VQQDEw02NzM2YjE4Yi05ODY3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA+qybQtE6E6plIyyz80t5o1gtjxjRRsq3Ir8r2cpQ3iPSaGssF4mORlc3SakW xvZwI1dWlx0qipzcnX8SlcVWHHw+6b38NOA8MOFcSRCHL2ryajLuSpIm9JmUHCDK azGSWUI+vm2T/PVzztYsScoylL41qLXqMHCBz8kuuPSGwUJONDovYk/fMVgjuF89 InyP4JKBvNQgRDKBaiqwcnO9otlT8htJoJKwcl2cX1AncMR0H9606SHZwE2F6SfV K2MKFnWPi9dPWxPDRz1o34FQAiDWoPzIm7S1vR8IFl1LSWDiSVmHtH8WfcJIjPe7 wNcMWodFcZhmGQxjyw6j+jni2wIDAQABo4IC1TCCAtEwHQYDVR0OBBYEFKUppMh6 HzHYTJu8prRrkmU8Jw1jMB8GA1UdIwQYMBaAFJEpW7t1v6rrlTGzmzbsdSHd4w1j MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExRDlCMi8wQTZGM0I0Mjkx NTUxMUVFQTRDMEY2NjhDNEY5QUUwMi9rU2xidTNXX3F1dVZNYk9iTnV4MUlkM2pE V00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2tTbGJ1M1dfcXV1Vk1iT2JOdXgxSWQzakRXTS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MUQ5QjIvMEE2RjNCNDI5MTU1MTFFRUE0QzBGNjY4QzRGOUFFMDIvNTk5NjI4NDBE MDE5MTFFRTk2NTk2QjE2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwXwYIKwYBBQUHAQcBAf8E UDBOMBgEAgABMBIDBAJnYFADBAFng4IDBAFnx2IwMgQCAAIwLDAQAwYAJAE6YBED BgAkATpgFjAQAwYAJAE6YDEDBgAkATpgMgMGAiQBOmBQMA0GCSqGSIb3DQEBCwUA A4IBAQAdVICZz4VD/kjRQK/lwtBUAJwaoVjuPE5ysk3pC6I+rXQuhrn8Mf89p4L4 nN9DR4YE+3maicRwRgMwPCS4ApQXw92+hY/hE+wiJ86os1PyDIhRyhJWtZktKD6t ikqn7DSrOb9OEwRMawU4NR7d+XKyCmAqvQNTA8wn5ouyiFK7lHW5o9SckxamYUJ4 mvUufwE6/v7tAyApQsjiyk4r3sm2gSh2JZLBe8MHVsXr+QBssTKjB+SUJNWhAj0A LKl5UE/Ss8GecNwWCpOJpoqUtRLuBRrx2AmvXHDV5z2svdhIvSVxmbgvf2qOq962 T/k+2aMuLwngkq7BkrXUbxLFU+hi -----END CERTIFICATE-----Generated at Thu Nov 21 05:37:01 2024 by rpki-client on console-ams.rpki-client.org