$ rpki-client -vvf rpki.apnic.net/member_repository/A91555EA/7C60B9F63B6E11EAAE5F166BC4F9AE02/0D3A7A803B7311EA80E1F877C4F9AE02.roa File: 0D3A7A803B7311EA80E1F877C4F9AE02.roa (raw, json) Hash identifier: EpjCnlsJkfHNtp2vFgzZPfvRv085L5br2n3beV/fvF0= Subject key identifier: 1F:71:30:92:A6:EE:9D:56:2E:E0:28:2F:18:5A:83:4A:9A:81:05:10 Certificate issuer: /CN=A91555EA/serialNumber=978DAE2C10A72ED04F94128FFC5E8CB7D102EACA Certificate serial: 0A9B Authority key identifier: 97:8D:AE:2C:10:A7:2E:D0:4F:94:12:8F:FC:5E:8C:B7:D1:02:EA:CA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l42uLBCnLtBPlBKP_F6Mt9EC6so.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91555EA/7C60B9F63B6E11EAAE5F166BC4F9AE02/0D3A7A803B7311EA80E1F877C4F9AE02.roa Signing time: Sat 06 Jul 2024 20:08:02 +0000 ROA not before: Sat 06 Jul 2024 20:08:02 +0000 ROA not after: Fri 31 Oct 2025 00:00:00 +0000 asID: 45273 IP address blocks: 117.104.184.0/24 maxlen: 24 117.104.185.0/24 maxlen: 24 202.52.138.0/24 maxlen: 24 202.52.139.0/24 maxlen: 24 202.90.200.0/24 maxlen: 24 202.90.201.0/24 maxlen: 24 202.90.202.0/24 maxlen: 24 202.90.203.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91555EA/7C60B9F63B6E11EAAE5F166BC4F9AE02/l42uLBCnLtBPlBKP_F6Mt9EC6so.crl rsync://rpki.apnic.net/member_repository/A91555EA/7C60B9F63B6E11EAAE5F166BC4F9AE02/l42uLBCnLtBPlBKP_F6Mt9EC6so.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l42uLBCnLtBPlBKP_F6Mt9EC6so.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Nov 2024 19:09:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2715 (0xa9b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91555EA/serialNumber=978DAE2C10A72ED04F94128FFC5E8CB7D102EACA Validity Not Before: Jul 6 20:08:02 2024 GMT Not After : Oct 31 00:00:00 2025 GMT Subject: CN=6689a421-0f67 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:df:1d:7e:72:2b:ff:aa:c4:cc:34:2e:6c:b1:39: c5:05:71:8d:62:63:51:95:da:aa:98:44:a7:cb:da: a3:8e:5f:2a:4a:f6:a1:e0:60:7e:fa:e3:52:20:37: eb:dc:45:3e:52:da:9d:86:57:ef:6b:b0:98:20:92: 22:fa:4b:d3:20:18:e8:67:39:6b:10:08:91:12:e0: b0:dd:3c:4b:17:4d:f4:be:44:78:17:cd:07:e3:8b: 1e:1d:4c:6b:fa:ac:a5:f0:8d:51:3e:ca:91:9e:f6: d0:d4:7a:ab:16:8a:f0:23:40:19:a1:71:d0:25:2e: 7a:a7:b2:f2:9a:cd:ad:4c:b9:40:2e:f9:45:24:b7: 3c:7b:cb:7f:14:9b:ee:69:48:74:09:23:12:22:b9: df:e7:a6:89:c7:86:d7:ce:2f:71:38:e9:4e:d6:9e: 66:dd:1d:fb:9c:ae:c2:08:38:d3:8b:00:e2:aa:b6: 5b:44:5c:76:15:fb:e9:77:dd:a4:fb:02:80:59:c3: 42:64:70:7c:44:4b:2e:4e:7c:8f:0f:2c:78:fc:e0: 58:c5:69:45:c3:22:7f:ee:e8:df:13:64:26:01:a8: b9:1f:64:c5:db:13:ad:6c:56:86:1b:a4:e3:6e:1e: d5:bd:f6:78:be:93:2d:8b:b4:09:0b:d6:b5:4e:98: b3:f5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1F:71:30:92:A6:EE:9D:56:2E:E0:28:2F:18:5A:83:4A:9A:81:05:10 X509v3 Authority Key Identifier: keyid:97:8D:AE:2C:10:A7:2E:D0:4F:94:12:8F:FC:5E:8C:B7:D1:02:EA:CA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91555EA/7C60B9F63B6E11EAAE5F166BC4F9AE02/l42uLBCnLtBPlBKP_F6Mt9EC6so.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l42uLBCnLtBPlBKP_F6Mt9EC6so.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91555EA/7C60B9F63B6E11EAAE5F166BC4F9AE02/0D3A7A803B7311EA80E1F877C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 117.104.184.0/23 202.52.138.0/23 202.90.200.0/22 Signature Algorithm: sha256WithRSAEncryption 7d:10:53:05:55:7e:ff:cb:fb:c5:34:1d:4c:b5:b3:e4:5a:88: 6f:4e:5a:4b:2e:34:02:1a:46:81:50:cb:67:39:19:8b:fa:90: 8c:16:7b:8b:28:d9:11:5e:4e:ac:16:97:f0:8f:aa:93:c9:1b: 53:51:e0:92:38:e4:99:03:a2:2f:de:8e:83:ea:7e:d0:06:5c: bc:20:aa:8b:a7:57:d9:61:73:80:c1:43:f3:43:e8:24:4c:d6: fb:f8:09:cd:c6:9f:3f:37:d4:13:c6:70:56:75:02:27:42:18: 34:55:ec:39:22:38:8f:43:51:5b:10:50:1c:b9:a1:e2:f6:25: b5:0f:0b:e4:98:7a:55:12:d9:25:bb:ea:f7:62:b5:a8:e7:30: 78:d7:4d:98:32:33:5b:d2:5d:1c:03:d1:0d:df:3c:75:35:5e: 85:df:56:e0:82:4a:8d:38:98:3f:58:95:72:b4:eb:fb:83:d7: 65:64:54:25:a1:d3:35:22:e4:2a:66:d4:88:10:d5:07:be:78: 74:c1:83:ad:42:89:fb:00:96:cb:a3:ab:ea:20:b1:a4:aa:77: 4f:09:a6:84:77:40:a4:92:d8:1a:34:30:02:87:a7:fa:14:7b: 52:95:de:46:78:e2:fa:d9:31:18:32:84:8d:60:bd:88:24:77: f8:b4:10:c8 -----BEGIN CERTIFICATE----- MIIFfTCCBGWgAwIBAgICCpswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTU1RUExMTAvBgNVBAUTKDk3OERBRTJDMTBBNzJFRDA0Rjk0MTI4RkZDNUU4Q0I3 RDEwMkVBQ0EwHhcNMjQwNzA2MjAwODAyWhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD VQQDEw02Njg5YTQyMS0wZjY3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA3x1+civ/qsTMNC5ssTnFBXGNYmNRldqqmESny9qjjl8qSvah4GB++uNSIDfr 3EU+Utqdhlfva7CYIJIi+kvTIBjoZzlrEAiREuCw3TxLF030vkR4F80H44seHUxr +qyl8I1RPsqRnvbQ1HqrForwI0AZoXHQJS56p7Lyms2tTLlALvlFJLc8e8t/FJvu aUh0CSMSIrnf56aJx4bXzi9xOOlO1p5m3R37nK7CCDjTiwDiqrZbRFx2Ffvpd92k +wKAWcNCZHB8REsuTnyPDyx4/OBYxWlFwyJ/7ujfE2QmAai5H2TF2xOtbFaGG6Tj bh7VvfZ4vpMti7QJC9a1Tpiz9QIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFB9xMJKm 7p1WLuAoLxhag0qagQUQMB8GA1UdIwQYMBaAFJeNriwQpy7QT5QSj/xejLfRAurK MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1NTVFQS83QzYwQjlGNjNC NkUxMUVBQUU1RjE2NkJDNEY5QUUwMi9sNDJ1TEJDbkx0QlBsQktQX0Y2TXQ5RUM2 c28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2w0MnVMQkNuTHRCUGxCS1BfRjZNdDlFQzZzby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NTU1RUEvN0M2MEI5RjYzQjZFMTFFQUFFNUYxNjZCQzRGOUFFMDIvMEQzQTdBODAz QjczMTFFQTgwRTFGODc3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E HDAaMBgEAgABMBIDBAF1aLgDBAHKNIoDBALKWsgwDQYJKoZIhvcNAQELBQADggEB AH0QUwVVfv/L+8U0HUy1s+RaiG9OWksuNAIaRoFQy2c5GYv6kIwWe4so2RFeTqwW l/CPqpPJG1NR4JI45JkDoi/ejoPqftAGXLwgqounV9lhc4DBQ/ND6CRM1vv4Cc3G nz831BPGcFZ1AidCGDRV7DkiOI9DUVsQUBy5oeL2JbUPC+SYelUS2SW76vditajn MHjXTZgyM1vSXRwD0Q3fPHU1XoXfVuCCSo04mD9YlXK06/uD12VkVCWh0zUi5Cpm 1IgQ1Qe+eHTBg61CifsAlsujq+ogsaSqd08JpoR3QKSS2Bo0MAKHp/oUe1KV3kZ4 4vrZMRgyhI1gvYgkd/i0EMg= -----END CERTIFICATE-----Generated at Fri Nov 22 22:14:27 2024 by rpki-client on console-ams.rpki-client.org