$ rpki-client -vvf rpki.apnic.net/member_repository/A91478E2/4C908A22E0B611E7B2D0FD80C4F9AE02/507A39A632B011EE89DFF774C4F9AE02.roa File: 507A39A632B011EE89DFF774C4F9AE02.roa (raw, json) Hash identifier: VBATkXjYIVoH0C4iNeRjPySzIZVhyo2JDikcE+6Jvbs= Subject key identifier: 8F:C1:F2:2A:FE:AE:F7:4F:5C:63:D8:84:3F:33:87:17:F3:A0:78:05 Certificate issuer: /CN=A91478E2/serialNumber=C14853D9BD3F78F6480C63352076943BC79B9FC2 Certificate serial: 166C Authority key identifier: C1:48:53:D9:BD:3F:78:F6:48:0C:63:35:20:76:94:3B:C7:9B:9F:C2 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wUhT2b0_ePZIDGM1IHaUO8ebn8I.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91478E2/4C908A22E0B611E7B2D0FD80C4F9AE02/507A39A632B011EE89DFF774C4F9AE02.roa Signing time: Sat 02 Dec 2023 17:24:27 +0000 ROA not before: Sat 02 Dec 2023 17:24:27 +0000 ROA not after: Fri 31 Jan 2025 00:00:00 +0000 asID: 137047 IP address blocks: 103.103.42.0/24 maxlen: 24 103.103.43.0/24 maxlen: 24 103.120.70.0/24 maxlen: 24 103.120.71.0/24 maxlen: 24 2402:2ec0::/34 maxlen: 34 2402:2ec0:4000::/34 maxlen: 34 2402:2ec0:8000::/34 maxlen: 34 2402:2ec0:c000::/34 maxlen: 34 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91478E2/4C908A22E0B611E7B2D0FD80C4F9AE02/wUhT2b0_ePZIDGM1IHaUO8ebn8I.crl rsync://rpki.apnic.net/member_repository/A91478E2/4C908A22E0B611E7B2D0FD80C4F9AE02/wUhT2b0_ePZIDGM1IHaUO8ebn8I.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wUhT2b0_ePZIDGM1IHaUO8ebn8I.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Nov 2024 16:30:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5740 (0x166c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91478E2/serialNumber=C14853D9BD3F78F6480C63352076943BC79B9FC2 Validity Not Before: Dec 2 17:24:27 2023 GMT Not After : Jan 31 00:00:00 2025 GMT Subject: CN=656b684b-95f3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f7:02:75:d6:f5:d7:37:79:d5:5b:f6:66:12:90: 70:c3:39:86:5a:67:46:44:e6:4a:3c:78:71:7a:f9: 5a:20:71:e7:6f:f8:a4:bd:15:9a:7c:a0:65:a7:78: 1c:cb:b3:67:a9:56:9d:57:50:e5:a2:6e:3f:18:96: 3c:d3:d5:5d:d0:9f:89:ea:d5:fb:fc:68:b0:a8:a4: aa:4c:7b:e9:1e:c0:31:06:a4:f1:e3:a5:40:5f:77: 43:fe:d3:ba:28:da:83:21:1c:fc:0f:cc:8e:bf:ca: e2:d7:0f:fd:77:d6:31:16:e2:17:87:98:df:86:fb: 9e:b5:ac:f1:ed:de:d8:e9:11:2c:18:5e:53:5a:d5: 59:f4:23:44:eb:ee:a1:05:9e:29:ef:2c:6a:a7:e7: 0d:11:fe:0b:94:fd:49:7c:d5:98:11:7c:0e:a8:e8: 32:fd:4e:54:f3:87:39:81:cd:da:35:a6:e6:52:1d: 61:da:6b:52:a3:ae:9e:85:21:94:d6:ab:31:e9:50: ce:9d:a3:1c:0c:91:09:c2:00:92:f9:37:92:cb:ed: 65:d0:4f:e5:e8:5f:bf:02:f8:9f:86:2f:bf:ad:38: 48:1e:9e:ec:fd:42:45:9d:7c:90:ef:e8:25:7e:5e: 10:ff:44:04:f0:cc:c9:74:95:22:e3:b4:78:97:f3: 98:73 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8F:C1:F2:2A:FE:AE:F7:4F:5C:63:D8:84:3F:33:87:17:F3:A0:78:05 X509v3 Authority Key Identifier: keyid:C1:48:53:D9:BD:3F:78:F6:48:0C:63:35:20:76:94:3B:C7:9B:9F:C2 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91478E2/4C908A22E0B611E7B2D0FD80C4F9AE02/wUhT2b0_ePZIDGM1IHaUO8ebn8I.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wUhT2b0_ePZIDGM1IHaUO8ebn8I.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91478E2/4C908A22E0B611E7B2D0FD80C4F9AE02/507A39A632B011EE89DFF774C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.103.42.0/23 103.120.70.0/23 IPv6: 2402:2ec0::/32 Signature Algorithm: sha256WithRSAEncryption 75:8b:22:5c:bb:ed:96:d1:f4:93:18:dc:68:6c:67:88:31:78: 8c:68:25:43:60:27:14:12:ea:37:7a:d2:0a:23:ad:a4:74:21: 9c:ce:62:97:20:08:2c:7c:eb:74:4c:2a:16:9e:df:d5:dd:c7: 77:86:c1:d7:02:d7:0a:cc:ed:3b:c9:90:29:09:f5:e4:3b:d8: 9a:91:e7:88:a1:11:a8:87:52:78:c3:ba:b4:49:ae:5c:3f:8c: 55:54:70:bc:28:17:e1:5c:5b:9c:bd:f0:dc:11:4d:0b:21:04: bd:75:d8:74:92:6f:9e:bb:fe:d0:05:6c:58:46:cb:45:af:e1: 98:4b:fd:d8:7c:eb:e0:60:70:94:24:7e:9d:7d:94:bf:fc:7b: a5:2c:e5:3f:6b:b2:72:e4:52:3a:9f:50:98:24:58:76:85:a2: 51:f0:9c:a3:4d:49:fa:f4:44:2b:96:42:91:5e:06:c5:e4:ea: 5f:be:70:f8:28:be:84:cb:8e:2f:5e:25:f6:51:f1:42:08:0c: 28:2e:da:3e:f6:3f:3a:fb:82:8b:44:62:da:16:37:e2:47:cd: 1c:10:1a:d0:b2:b7:c7:a1:55:db:35:10:b5:31:30:94:d1:c6: a2:3b:0b:89:b1:66:23:97:9e:32:19:02:4e:08:08:50:f1:fe: db:e9:e8:75 -----BEGIN CERTIFICATE----- MIIFhjCCBG6gAwIBAgICFmwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDc4RTIxMTAvBgNVBAUTKEMxNDg1M0Q5QkQzRjc4RjY0ODBDNjMzNTIwNzY5NDNC Qzc5QjlGQzIwHhcNMjMxMjAyMTcyNDI3WhcNMjUwMTMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NTZiNjg0Yi05NWYzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA9wJ11vXXN3nVW/ZmEpBwwzmGWmdGROZKPHhxevlaIHHnb/ikvRWafKBlp3gc y7NnqVadV1Dlom4/GJY809Vd0J+J6tX7/GiwqKSqTHvpHsAxBqTx46VAX3dD/tO6 KNqDIRz8D8yOv8ri1w/9d9YxFuIXh5jfhvuetazx7d7Y6REsGF5TWtVZ9CNE6+6h BZ4p7yxqp+cNEf4LlP1JfNWYEXwOqOgy/U5U84c5gc3aNabmUh1h2mtSo66ehSGU 1qsx6VDOnaMcDJEJwgCS+TeSy+1l0E/l6F+/Avifhi+/rThIHp7s/UJFnXyQ7+gl fl4Q/0QE8MzJdJUi47R4l/OYcwIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFI/B8ir+ rvdPXGPYhD8zhxfzoHgFMB8GA1UdIwQYMBaAFMFIU9m9P3j2SAxjNSB2lDvHm5/C MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0NzhFMi80QzkwOEEyMkUw QjYxMUU3QjJEMEZEODBDNEY5QUUwMi93VWhUMmIwX2VQWklER00xSUhhVU84ZWJu OEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3dVaFQyYjBfZVBaSURHTTFJSGFVTzhlYm44SS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NDc4RTIvNEM5MDhBMjJFMEI2MTFFN0IyRDBGRDgwQzRGOUFFMDIvNTA3QTM5QTYz MkIwMTFFRTg5REZGNzc0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E JTAjMBIEAgABMAwDBAFnZyoDBAFneEYwDQQCAAIwBwMFACQCLsAwDQYJKoZIhvcN AQELBQADggEBAHWLIly77ZbR9JMY3GhsZ4gxeIxoJUNgJxQS6jd60gojraR0IZzO YpcgCCx863RMKhae39Xdx3eGwdcC1wrM7TvJkCkJ9eQ72JqR54ihEaiHUnjDurRJ rlw/jFVUcLwoF+FcW5y98NwRTQshBL112HSSb567/tAFbFhGy0Wv4ZhL/dh86+Bg cJQkfp19lL/8e6Us5T9rsnLkUjqfUJgkWHaFolHwnKNNSfr0RCuWQpFeBsXk6l++ cPgovoTLji9eJfZR8UIIDCgu2j72Pzr7gotEYtoWN+JHzRwQGtCyt8ehVds1ELUx MJTRxqI7C4mxZiOXnjIZAk4ICFDx/tvp6HU= -----END CERTIFICATE-----Generated at Fri Nov 22 17:55:43 2024 by rpki-client on console-fra.rpki-client.org