$ rpki-client -vvf rpki.apnic.net/member_repository/A91590E3/DA18B1849A4911E79A9F3030C4F9AE02/4A4CE204D49A11EEAB1AF055C4F9AE02.roa File: 4A4CE204D49A11EEAB1AF055C4F9AE02.roa (raw, json) Hash identifier: EzHzSCDlBlC4veKW1Q3W/qzMLdRqyApJm4hY8qe4PS0= Subject key identifier: 70:ED:EC:93:AE:FA:B2:A0:80:6D:AD:BD:AF:BC:18:C4:4F:13:FF:C6 Certificate issuer: /CN=A91590E3/serialNumber=BB976A598E5ECB05E37FAC00A5B7888E57F51C52 Certificate serial: 187D Authority key identifier: BB:97:6A:59:8E:5E:CB:05:E3:7F:AC:00:A5:B7:88:8E:57:F5:1C:52 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/u5dqWY5eywXjf6wApbeIjlf1HFI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91590E3/DA18B1849A4911E79A9F3030C4F9AE02/4A4CE204D49A11EEAB1AF055C4F9AE02.roa Signing time: Sat 02 Nov 2024 16:54:15 +0000 ROA not before: Sat 02 Nov 2024 16:54:15 +0000 ROA not after: Mon 01 Dec 2025 00:00:00 +0000 asID: 136948 IP address blocks: 103.99.248.0/22 maxlen: 23 103.99.248.0/24 maxlen: 24 103.99.249.0/24 maxlen: 24 103.99.250.0/24 maxlen: 24 103.99.251.0/24 maxlen: 24 2401:b640::/32 maxlen: 32 2401:b640::/48 maxlen: 48 2401:b640:1::/48 maxlen: 48 2401:b640:2::/48 maxlen: 48 2401:b640:3::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91590E3/DA18B1849A4911E79A9F3030C4F9AE02/u5dqWY5eywXjf6wApbeIjlf1HFI.crl rsync://rpki.apnic.net/member_repository/A91590E3/DA18B1849A4911E79A9F3030C4F9AE02/u5dqWY5eywXjf6wApbeIjlf1HFI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/u5dqWY5eywXjf6wApbeIjlf1HFI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Nov 2024 16:31:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6269 (0x187d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91590E3/serialNumber=BB976A598E5ECB05E37FAC00A5B7888E57F51C52 Validity Not Before: Nov 2 16:54:15 2024 GMT Not After : Dec 1 00:00:00 2025 GMT Subject: CN=67265937-4a36 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:c5:ed:0d:35:07:77:9a:47:e7:d4:bb:2c:c9: 3e:4b:64:f8:31:4a:fb:f4:48:3f:aa:1d:cf:1d:e7: dd:01:c6:e6:5e:f3:d1:56:dd:fd:11:5b:b6:c0:7f: e4:15:70:2c:c8:42:0f:fa:d6:e1:cb:b0:b4:b0:ad: 1e:f4:2f:a6:b8:c0:69:6b:b0:03:8f:a5:d0:af:70: 96:c7:32:ef:b7:b2:02:4e:99:ac:f9:59:ef:63:05: 88:66:0b:e2:31:19:b2:00:f1:93:b9:6c:83:b1:5d: 1c:eb:99:85:43:37:02:90:ff:93:ac:96:58:ad:43: 91:19:a5:9b:16:8c:3b:61:6a:23:6d:ae:9f:8a:37: 89:59:51:fd:95:ce:c0:dc:f2:8f:e9:1f:b7:77:52: 0e:0b:52:a2:13:77:04:0d:36:96:51:a8:57:dc:09: a4:6a:8d:71:46:f6:c2:ba:4f:8b:f9:d3:58:3f:50: a5:15:f7:e0:86:98:2e:36:df:65:7f:42:6f:cc:6f: 43:43:e0:e2:4b:76:2d:94:95:48:43:61:22:70:ab: c7:bc:8e:97:55:2b:6f:73:45:02:4d:1b:9e:50:70: b9:83:f4:c8:a7:a3:b7:cf:cf:1b:f6:95:3c:ed:ff: 9a:6a:57:4e:dc:13:a0:0b:96:32:3b:2c:71:ff:7e: 1c:23 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 70:ED:EC:93:AE:FA:B2:A0:80:6D:AD:BD:AF:BC:18:C4:4F:13:FF:C6 X509v3 Authority Key Identifier: keyid:BB:97:6A:59:8E:5E:CB:05:E3:7F:AC:00:A5:B7:88:8E:57:F5:1C:52 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91590E3/DA18B1849A4911E79A9F3030C4F9AE02/u5dqWY5eywXjf6wApbeIjlf1HFI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/u5dqWY5eywXjf6wApbeIjlf1HFI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91590E3/DA18B1849A4911E79A9F3030C4F9AE02/4A4CE204D49A11EEAB1AF055C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.99.248.0/22 IPv6: 2401:b640::/32 Signature Algorithm: sha256WithRSAEncryption 3c:eb:59:77:e2:f2:c2:de:a0:97:ed:0a:0b:76:cc:c0:a2:33: 11:ce:45:40:c1:86:13:b9:80:30:b6:41:4a:7d:3d:2d:85:32: 3d:51:75:e5:0b:45:2b:20:70:b8:13:2b:7d:10:19:a6:69:eb: f3:93:57:76:72:98:ec:88:b3:de:9d:a3:c2:c9:a6:eb:ce:13: b3:42:40:de:ff:ff:24:65:c0:80:3d:8b:a4:bf:af:08:2a:5c: 06:ba:3c:30:a9:d5:51:b2:a8:be:af:07:64:bd:fc:5f:be:23: 14:03:53:d5:e3:bf:57:ed:7f:ae:0a:43:41:db:7b:2e:39:78: bf:6a:cd:5a:20:a0:e0:b6:aa:d1:59:fd:2d:2e:a9:89:12:de: 36:58:fb:2e:40:aa:b8:77:f1:60:9f:fd:d0:d7:ee:2f:50:ff: df:5c:58:ff:43:0c:d0:4f:3c:63:9f:16:3f:0e:3e:27:5d:e8: 5a:32:5f:60:8c:9c:31:78:35:52:52:70:e2:86:c6:d3:a4:13: 1b:db:6b:13:0b:77:12:3a:dc:6d:e5:46:b3:77:31:7f:98:a1: c5:b5:00:75:fc:ce:49:98:6d:c2:03:87:58:32:96:2c:f6:36: 58:54:07:33:26:66:79:3b:ea:ad:4b:f7:77:a3:65:ec:ef:25: 4b:96:12:22 -----BEGIN CERTIFICATE----- MIIFgDCCBGigAwIBAgICGH0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTkwRTMxMTAvBgNVBAUTKEJCOTc2QTU5OEU1RUNCMDVFMzdGQUMwMEE1Qjc4ODhF NTdGNTFDNTIwHhcNMjQxMTAyMTY1NDE1WhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD VQQDEw02NzI2NTkzNy00YTM2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvsXtDTUHd5pH59S7LMk+S2T4MUr79Eg/qh3PHefdAcbmXvPRVt39EVu2wH/k FXAsyEIP+tbhy7C0sK0e9C+muMBpa7ADj6XQr3CWxzLvt7ICTpms+VnvYwWIZgvi MRmyAPGTuWyDsV0c65mFQzcCkP+TrJZYrUORGaWbFow7YWojba6fijeJWVH9lc7A 3PKP6R+3d1IOC1KiE3cEDTaWUahX3Amkao1xRvbCuk+L+dNYP1ClFffghpguNt9l f0JvzG9DQ+DiS3YtlJVIQ2EicKvHvI6XVStvc0UCTRueUHC5g/TIp6O3z88b9pU8 7f+aaldO3BOgC5YyOyxx/34cIwIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFHDt7JOu +rKggG2tva+8GMRPE//GMB8GA1UdIwQYMBaAFLuXalmOXssF43+sAKW3iI5X9RxS MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1OTBFMy9EQTE4QjE4NDlB NDkxMUU3OUE5RjMwMzBDNEY5QUUwMi91NWRxV1k1ZXl3WGpmNndBcGJlSWpsZjFI RkkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3U1ZHFXWTVleXdYamY2d0FwYmVJamxmMUhGSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NTkwRTMvREExOEIxODQ5QTQ5MTFFNzlBOUYzMDMwQzRGOUFFMDIvNEE0Q0UyMDRE NDlBMTFFRUFCMUFGMDU1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E HzAdMAwEAgABMAYDBAJnY/gwDQQCAAIwBwMFACQBtkAwDQYJKoZIhvcNAQELBQAD ggEBADzrWXfi8sLeoJftCgt2zMCiMxHORUDBhhO5gDC2QUp9PS2FMj1RdeULRSsg cLgTK30QGaZp6/OTV3ZymOyIs96do8LJpuvOE7NCQN7//yRlwIA9i6S/rwgqXAa6 PDCp1VGyqL6vB2S9/F++IxQDU9Xjv1ftf64KQ0Hbey45eL9qzVogoOC2qtFZ/S0u qYkS3jZY+y5Aqrh38WCf/dDX7i9Q/99cWP9DDNBPPGOfFj8OPidd6FoyX2CMnDF4 NVJScOKGxtOkExvbaxMLdxI63G3lRrN3MX+YocW1AHX8zkmYbcIDh1gyliz2NlhU BzMmZnk76q1L93ejZezvJUuWEiI= -----END CERTIFICATE-----Generated at Fri Nov 22 19:50:03 2024 by rpki-client on console-ams.rpki-client.org