$ rpki-client -vvf rpki.apnic.net/member_repository/A91415AA/3EFA241462E011EAA6D59A2CC4F9AE02/CB04F4409BE611EF8AFF947CC4F9AE02.roa File: CB04F4409BE611EF8AFF947CC4F9AE02.roa (raw, json) Hash identifier: xCoGLzXH0o2fU2zmUG8/SFNRjo0IkmsetsLkqXjuT7s= Subject key identifier: 62:E8:3E:56:4F:EF:7D:63:C3:8A:22:CF:1B:FC:F6:8C:B0:B1:2B:FF Certificate issuer: /CN=A91415AA/serialNumber=0CFCCC5980F57E6BC84DF11B4C571935D25DACCA Certificate serial: 03 Authority key identifier: 0C:FC:CC:59:80:F5:7E:6B:C8:4D:F1:1B:4C:57:19:35:D2:5D:AC:CA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DPzMWYD1fmvITfEbTFcZNdJdrMo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91415AA/3EFA241462E011EAA6D59A2CC4F9AE02/CB04F4409BE611EF8AFF947CC4F9AE02.roa Signing time: Wed 06 Nov 2024 02:28:22 +0000 ROA not before: Wed 06 Nov 2024 02:28:22 +0000 ROA not after: Tue 01 Jul 2025 00:00:00 +0000 asID: 139025 IP address blocks: 103.138.155.0/24 maxlen: 24 103.160.158.0/24 maxlen: 24 2001:df2:c080::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91415AA/3EFA241462E011EAA6D59A2CC4F9AE02/DPzMWYD1fmvITfEbTFcZNdJdrMo.crl rsync://rpki.apnic.net/member_repository/A91415AA/3EFA241462E011EAA6D59A2CC4F9AE02/DPzMWYD1fmvITfEbTFcZNdJdrMo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DPzMWYD1fmvITfEbTFcZNdJdrMo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Nov 2024 19:36:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3 (0x3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91415AA/serialNumber=0CFCCC5980F57E6BC84DF11B4C571935D25DACCA Validity Not Before: Nov 6 02:28:22 2024 GMT Not After : Jul 1 00:00:00 2025 GMT Subject: CN=672ad446-f109 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:bb:70:0e:aa:bd:53:eb:9b:53:d5:60:93:3b: 54:f5:53:5e:70:87:5a:3a:ef:b0:06:66:6f:c2:da: 98:d3:2b:b5:18:59:4f:dc:6b:97:67:c9:23:34:69: f9:ec:16:f2:d7:f6:8d:a9:95:df:80:23:29:d4:fa: 30:33:59:05:33:06:f7:6b:a0:25:16:92:9b:3a:ad: ba:bb:a1:d8:94:8a:cd:c3:f0:ab:3e:24:dd:66:c4: 21:cf:ea:52:da:c2:03:1c:65:4f:cf:12:b5:7c:5d: 00:d4:4e:ae:ee:68:18:a6:22:a3:ce:80:30:42:5b: 45:d7:03:85:36:31:39:88:fe:b4:cc:f0:aa:64:56: b8:84:da:e0:0d:a1:69:1b:97:56:d7:00:24:b6:6d: 4f:c4:dc:eb:24:9c:b0:df:f6:9c:f1:6b:6e:20:34: 34:67:e1:ec:7c:c0:d0:ed:15:88:02:fe:4d:a0:e0: f8:7d:df:06:8c:cb:e2:b6:03:4e:67:fb:39:0c:f6: 9f:e6:1c:58:b4:93:14:10:ac:22:cd:63:5b:3b:d6: e8:a6:70:34:ac:b1:8a:43:ca:3b:d0:d4:c0:18:d4: 78:5e:a9:bd:c8:54:16:e9:65:d7:c4:ff:05:6a:2c: ef:42:5a:ca:04:45:e1:64:6a:af:41:21:68:30:f4: 2e:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 62:E8:3E:56:4F:EF:7D:63:C3:8A:22:CF:1B:FC:F6:8C:B0:B1:2B:FF X509v3 Authority Key Identifier: keyid:0C:FC:CC:59:80:F5:7E:6B:C8:4D:F1:1B:4C:57:19:35:D2:5D:AC:CA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91415AA/3EFA241462E011EAA6D59A2CC4F9AE02/DPzMWYD1fmvITfEbTFcZNdJdrMo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DPzMWYD1fmvITfEbTFcZNdJdrMo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91415AA/3EFA241462E011EAA6D59A2CC4F9AE02/CB04F4409BE611EF8AFF947CC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.138.155.0/24 103.160.158.0/24 IPv6: 2001:df2:c080::/48 Signature Algorithm: sha256WithRSAEncryption 8e:16:46:71:97:2a:21:ce:d8:9d:94:3c:1e:ae:10:a0:ba:4a: 9c:56:e0:4b:4f:2b:bb:dd:5d:63:14:89:9b:00:2e:fe:7a:bb: 1d:8e:08:3e:de:c9:0e:0a:58:33:23:ae:09:3c:14:ed:8c:31: 99:e2:2c:fc:b9:30:29:4f:5f:38:cb:98:fa:9a:c7:76:ad:0c: 94:96:eb:88:0f:73:09:67:c4:83:91:06:7e:c8:30:f9:60:42: 64:34:87:d7:20:7b:9c:1c:d7:64:59:95:cf:96:64:75:1c:6c: 32:c7:8c:4f:0c:31:9a:97:49:6c:54:ef:c8:21:bb:83:57:35: a2:69:79:cf:b8:82:77:14:9a:2e:1b:18:1a:11:c0:5c:bb:db: 60:a8:89:61:ee:ea:09:ed:85:9f:1e:4e:83:a5:a9:51:af:9a: 65:4b:90:77:c1:a7:b7:44:68:85:f1:b0:18:56:5f:29:62:b6: 9b:43:c7:60:91:cb:12:d0:61:04:d3:e0:18:8a:81:2d:af:bd: aa:b8:db:22:17:65:f4:93:60:e0:8b:7c:ba:df:9e:01:a4:a5: 98:69:3c:af:d6:4c:e7:b0:12:19:38:fa:5c:e3:59:7f:4c:d8: f1:c2:fb:64:dd:80:87:22:80:5a:42:89:0e:8f:aa:43:1c:6d: d9:83:53:bd -----BEGIN CERTIFICATE----- MIIFhzCCBG+gAwIBAgIBAzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE0 MTVBQTExMC8GA1UEBRMoMENGQ0NDNTk4MEY1N0U2QkM4NERGMTFCNEM1NzE5MzVE MjVEQUNDQTAeFw0yNDExMDYwMjI4MjJaFw0yNTA3MDEwMDAwMDBaMBgxFjAUBgNV BAMTDTY3MmFkNDQ2LWYxMDkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQC+u3AOqr1T65tT1WCTO1T1U15wh1o677AGZm/C2pjTK7UYWU/ca5dnySM0afns FvLX9o2pld+AIynU+jAzWQUzBvdroCUWkps6rbq7odiUis3D8Ks+JN1mxCHP6lLa wgMcZU/PErV8XQDUTq7uaBimIqPOgDBCW0XXA4U2MTmI/rTM8KpkVriE2uANoWkb l1bXACS2bU/E3OsknLDf9pzxa24gNDRn4ex8wNDtFYgC/k2g4Ph93waMy+K2A05n +zkM9p/mHFi0kxQQrCLNY1s71uimcDSssYpDyjvQ1MAY1Hheqb3IVBbpZdfE/wVq LO9CWsoEReFkaq9BIWgw9C4VAgMBAAGjggKsMIICqDAdBgNVHQ4EFgQUYug+Vk/v fWPDiiLPG/z2jLCxK/8wHwYDVR0jBBgwFoAUDPzMWYD1fmvITfEbTFcZNdJdrMow DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTQxNUFBLzNFRkEyNDE0NjJF MDExRUFBNkQ1OUEyQ0M0RjlBRTAyL0RQek1XWUQxZm12SVRmRWJURmNaTmRKZHJN by5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvRFB6TVdZRDFmbXZJVGZFYlRGY1pOZEpkck1vLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 MTVBQS8zRUZBMjQxNDYyRTAxMUVBQTZENTlBMkNDNEY5QUUwMi9DQjA0RjQ0MDlC RTYxMUVGOEFGRjk0N0NDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDA2BggrBgEFBQcBBwEB/wQn MCUwEgQCAAEwDAMEAGeKmwMEAGegnjAPBAIAAjAJAwcAIAEN8sCAMA0GCSqGSIb3 DQEBCwUAA4IBAQCOFkZxlyohztidlDwerhCgukqcVuBLTyu73V1jFImbAC7+ersd jgg+3skOClgzI64JPBTtjDGZ4iz8uTApT184y5j6msd2rQyUluuID3MJZ8SDkQZ+ yDD5YEJkNIfXIHucHNdkWZXPlmR1HGwyx4xPDDGal0lsVO/IIbuDVzWiaXnPuIJ3 FJouGxgaEcBcu9tgqIlh7uoJ7YWfHk6DpalRr5plS5B3wae3RGiF8bAYVl8pYrab Q8dgkcsS0GEE0+AYioEtr72quNsiF2X0k2Dgi3y6354BpKWYaTyv1kznsBIZOPpc 41l/TNjxwvtk3YCHIoBaQokOj6pDHG3Zg1O9 -----END CERTIFICATE-----Generated at Fri Nov 22 21:05:27 2024 by rpki-client on console-fra.rpki-client.org