$ rpki-client -vvf rpki.apnic.net/member_repository/A91397C2/4E426DE8FBEA11EA940A1D19C4F9AE02/1070E6CA9A8311EF8BE0F826C4F9AE02.roa File: 1070E6CA9A8311EF8BE0F826C4F9AE02.roa (raw, json) Hash identifier: I3ync4/mnvw4tJOKX+v5QT07u6K1gvVElMMhxOLbfwg= Subject key identifier: 46:53:E4:59:BB:B1:83:18:CF:81:C9:44:15:0A:50:6D:AE:93:63:42 Certificate issuer: /CN=A91397C2/serialNumber=D3D15AEE9A4F8AE5C281108A7D2D3AD81D4E79CD Certificate serial: 077C Authority key identifier: D3:D1:5A:EE:9A:4F:8A:E5:C2:81:10:8A:7D:2D:3A:D8:1D:4E:79:CD Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/09Fa7ppPiuXCgRCKfS062B1Oec0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91397C2/4E426DE8FBEA11EA940A1D19C4F9AE02/1070E6CA9A8311EF8BE0F826C4F9AE02.roa Signing time: Mon 04 Nov 2024 08:09:57 +0000 ROA not before: Mon 04 Nov 2024 08:09:57 +0000 ROA not after: Thu 01 May 2025 00:00:00 +0000 asID: 55933 IP address blocks: 43.240.12.0/22 maxlen: 24 45.125.12.0/22 maxlen: 24 45.125.32.0/22 maxlen: 24 103.39.108.0/22 maxlen: 24 103.51.144.0/22 maxlen: 24 103.193.148.0/22 maxlen: 24 103.246.244.0/22 maxlen: 24 123.108.108.0/22 maxlen: 24 123.254.104.0/21 maxlen: 24 182.237.0.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91397C2/4E426DE8FBEA11EA940A1D19C4F9AE02/09Fa7ppPiuXCgRCKfS062B1Oec0.crl rsync://rpki.apnic.net/member_repository/A91397C2/4E426DE8FBEA11EA940A1D19C4F9AE02/09Fa7ppPiuXCgRCKfS062B1Oec0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/09Fa7ppPiuXCgRCKfS062B1Oec0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Nov 2024 20:43:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1916 (0x77c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91397C2/serialNumber=D3D15AEE9A4F8AE5C281108A7D2D3AD81D4E79CD Validity Not Before: Nov 4 08:09:57 2024 GMT Not After : May 1 00:00:00 2025 GMT Subject: CN=67288155-73cb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:94:2d:4a:1f:fe:b4:05:2d:da:15:c7:d1:cf: 55:45:db:4f:1e:8f:a3:22:9d:a8:52:82:f7:39:c3: 29:77:1e:f9:47:84:16:fa:7e:9c:30:e7:3b:a2:20: e4:4b:5d:f4:03:a3:bd:b1:c2:81:0c:72:e2:a6:c1: ce:34:cd:dd:f6:8c:bf:07:b6:ac:52:42:f7:36:e8: 69:13:39:62:cf:51:5c:ad:51:35:ce:28:a8:54:c6: 11:4f:0b:5c:01:91:01:7c:3f:80:e2:f7:38:2e:92: 45:fb:b7:04:41:cc:b7:bf:f1:3d:b3:19:05:24:ac: 62:41:5e:ec:c7:bb:dc:5e:0f:11:21:a2:0b:2c:6e: df:46:08:ae:f7:0e:23:61:05:44:1c:2d:86:5d:5b: 2e:81:37:e4:1c:7e:99:99:46:34:5f:88:63:95:a9: 9a:9f:11:71:e8:2b:5e:11:c7:a9:08:87:5c:9e:31: d3:a5:37:c2:af:06:5d:62:6a:72:0d:65:74:74:07: 49:8b:17:13:59:38:7f:fd:df:b1:ed:81:5d:e1:0c: 3e:4f:6c:84:ba:d7:e8:d7:8c:30:c6:33:87:6c:e3: 21:97:ef:f8:2b:d0:b9:59:cf:19:59:74:c0:d9:07: d6:9d:13:36:94:0d:35:bd:a0:27:1f:ac:ee:49:8a: 21:f5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 46:53:E4:59:BB:B1:83:18:CF:81:C9:44:15:0A:50:6D:AE:93:63:42 X509v3 Authority Key Identifier: keyid:D3:D1:5A:EE:9A:4F:8A:E5:C2:81:10:8A:7D:2D:3A:D8:1D:4E:79:CD X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91397C2/4E426DE8FBEA11EA940A1D19C4F9AE02/09Fa7ppPiuXCgRCKfS062B1Oec0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/09Fa7ppPiuXCgRCKfS062B1Oec0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91397C2/4E426DE8FBEA11EA940A1D19C4F9AE02/1070E6CA9A8311EF8BE0F826C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.240.12.0/22 45.125.12.0/22 45.125.32.0/22 103.39.108.0/22 103.51.144.0/22 103.193.148.0/22 103.246.244.0/22 123.108.108.0/22 123.254.104.0/21 182.237.0.0/22 Signature Algorithm: sha256WithRSAEncryption 0e:a6:c4:70:fd:8f:5f:93:94:b9:21:c0:82:1c:34:e0:a6:b9: d7:31:49:49:96:ee:b7:d7:47:63:bc:de:f8:3d:c3:34:78:1c: 96:39:8c:31:55:79:5b:78:3a:00:29:02:1f:40:79:3c:89:f0: 14:d8:4a:c7:fa:9f:ba:31:43:54:2c:9f:03:42:80:cd:0e:b9: d3:67:e5:59:32:e7:67:0b:33:78:df:f4:af:e7:12:5c:9b:b9: 24:82:8c:0d:3b:38:0a:b0:a6:f9:ea:e1:ea:47:99:ec:74:2d: c2:8b:ae:af:38:81:d2:d0:14:9d:f5:61:3d:b7:45:b9:09:20: 2c:6d:f3:c6:a9:9f:63:6f:a4:ba:a4:e7:ae:98:ad:c2:a9:49: c5:64:02:36:af:43:1a:65:76:5d:09:ef:b9:2e:8f:96:50:23: b4:c6:b0:2d:1c:ef:78:d0:77:43:72:0d:f4:a7:ef:a0:8a:db: 9a:f9:a1:12:55:30:a5:59:93:19:32:aa:07:c5:3f:4e:68:58: 6f:71:5b:6c:c6:1c:a8:3c:8d:91:b3:88:58:79:d6:fd:c0:49: 12:78:59:87:f6:a6:32:e3:cb:51:3f:03:53:07:26:c8:3b:0c: 0a:07:7e:c6:b0:6b:30:ce:5d:f4:11:03:74:00:71:b3:5f:d8: 05:9f:22:d0 -----BEGIN CERTIFICATE----- MIIFpzCCBI+gAwIBAgICB3wwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Mzk3QzIxMTAvBgNVBAUTKEQzRDE1QUVFOUE0RjhBRTVDMjgxMTA4QTdEMkQzQUQ4 MUQ0RTc5Q0QwHhcNMjQxMTA0MDgwOTU3WhcNMjUwNTAxMDAwMDAwWjAYMRYwFAYD VQQDEw02NzI4ODE1NS03M2NiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA15QtSh/+tAUt2hXH0c9VRdtPHo+jIp2oUoL3OcMpdx75R4QW+n6cMOc7oiDk S130A6O9scKBDHLipsHONM3d9oy/B7asUkL3NuhpEzliz1FcrVE1ziioVMYRTwtc AZEBfD+A4vc4LpJF+7cEQcy3v/E9sxkFJKxiQV7sx7vcXg8RIaILLG7fRgiu9w4j YQVEHC2GXVsugTfkHH6ZmUY0X4hjlamanxFx6CteEcepCIdcnjHTpTfCrwZdYmpy DWV0dAdJixcTWTh//d+x7YFd4Qw+T2yEutfo14wwxjOHbOMhl+/4K9C5Wc8ZWXTA 2QfWnRM2lA01vaAnH6zuSYoh9QIDAQABo4ICyzCCAscwHQYDVR0OBBYEFEZT5Fm7 sYMYz4HJRBUKUG2uk2NCMB8GA1UdIwQYMBaAFNPRWu6aT4rlwoEQin0tOtgdTnnN MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzOTdDMi80RTQyNkRFOEZC RUExMUVBOTQwQTFEMTlDNEY5QUUwMi8wOUZhN3BwUGl1WENnUkNLZlMwNjJCMU9l YzAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzA5RmE3cHBQaXVYQ2dSQ0tmUzA2MkIxT2VjMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx Mzk3QzIvNEU0MjZERThGQkVBMTFFQTk0MEExRDE5QzRGOUFFMDIvMTA3MEU2Q0E5 QTgzMTFFRjhCRTBGODI2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwVQYIKwYBBQUHAQcBAf8E RjBEMEIEAgABMDwDBAIr8AwDBAItfQwDBAItfSADBAJnJ2wDBAJnM5ADBAJnwZQD BAJn9vQDBAJ7bGwDBAN7/mgDBAK27QAwDQYJKoZIhvcNAQELBQADggEBAA6mxHD9 j1+TlLkhwIIcNOCmudcxSUmW7rfXR2O83vg9wzR4HJY5jDFVeVt4OgApAh9AeTyJ 8BTYSsf6n7oxQ1QsnwNCgM0OudNn5Vky52cLM3jf9K/nElybuSSCjA07OAqwpvnq 4epHmex0LcKLrq84gdLQFJ31YT23RbkJICxt88apn2NvpLqk566YrcKpScVkAjav Qxpldl0J77kuj5ZQI7TGsC0c73jQd0NyDfSn76CK25r5oRJVMKVZkxkyqgfFP05o WG9xW2zGHKg8jZGziFh51v3ASRJ4WYf2pjLjy1E/A1MHJsg7DAoHfsawazDOXfQR A3QAcbNf2AWfItA= -----END CERTIFICATE-----Generated at Fri Nov 22 22:24:06 2024 by rpki-client on console-fra.rpki-client.org