$ rpki-client -vvf rpki.apnic.net/member_repository/A91637DD/DE59F6025E7311EC8BE4CC4EC4F9AE02/CA95FB0EA1E611EDABFD7D7FC4F9AE02.roa File: CA95FB0EA1E611EDABFD7D7FC4F9AE02.roa (raw, json) Hash identifier: OEnucU7WB79BgWJcZIYtLK91Wx7xdFzqVYUne1/YDjs= Subject key identifier: FF:7C:EC:25:8A:57:85:63:9A:5F:7D:FD:66:B4:7D:80:47:57:77:4F Certificate issuer: /CN=A91637DD/serialNumber=7C131EE0A80B834D48D17D69655A5BC7BE668B6A Certificate serial: 0349 Authority key identifier: 7C:13:1E:E0:A8:0B:83:4D:48:D1:7D:69:65:5A:5B:C7:BE:66:8B:6A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fBMe4KgLg01I0X1pZVpbx75mi2o.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91637DD/DE59F6025E7311EC8BE4CC4EC4F9AE02/CA95FB0EA1E611EDABFD7D7FC4F9AE02.roa Signing time: Thu 11 Jan 2024 02:24:40 +0000 ROA not before: Thu 11 Jan 2024 02:24:40 +0000 ROA not after: Sun 02 Mar 2025 00:00:00 +0000 asID: 149295 IP address blocks: 103.177.242.0/23 maxlen: 23 103.177.242.0/24 maxlen: 24 103.177.243.0/24 maxlen: 24 2001:df0:2dc0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91637DD/DE59F6025E7311EC8BE4CC4EC4F9AE02/fBMe4KgLg01I0X1pZVpbx75mi2o.crl rsync://rpki.apnic.net/member_repository/A91637DD/DE59F6025E7311EC8BE4CC4EC4F9AE02/fBMe4KgLg01I0X1pZVpbx75mi2o.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fBMe4KgLg01I0X1pZVpbx75mi2o.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Nov 2024 20:43:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 841 (0x349) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91637DD/serialNumber=7C131EE0A80B834D48D17D69655A5BC7BE668B6A Validity Not Before: Jan 11 02:24:40 2024 GMT Not After : Mar 2 00:00:00 2025 GMT Subject: CN=659f5168-0669 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:48:5f:2d:90:20:e3:05:7f:e9:96:04:a9:1e: 12:91:de:85:e5:c8:6b:90:a5:40:b3:23:24:f5:26: 5b:55:61:64:37:ca:3f:bf:03:4c:ef:3f:f9:ea:9f: 92:14:32:9d:c9:ac:4d:2e:ea:40:85:ba:2e:74:82: bc:5e:6b:97:4e:d4:58:22:00:ec:c2:9f:c1:11:2c: fb:ab:8e:4d:91:cc:d2:8e:85:ff:d1:93:9a:b2:87: 1f:b1:bb:54:2d:a0:3a:47:59:f5:72:a7:59:81:c4: 4e:b7:7b:18:15:d6:69:45:4d:bf:51:1c:10:3f:52: 23:bc:04:6c:6c:eb:00:d3:a9:35:de:c1:10:a7:60: a7:6f:7e:c1:c8:22:48:78:fe:3b:90:36:54:6d:32: 53:03:da:32:0e:5b:a0:aa:1b:57:20:3c:4c:36:d1: 04:29:48:41:1f:0e:91:6d:74:12:90:6c:00:f5:70: b9:2c:44:8d:cc:b9:4f:c8:ff:90:1f:17:7b:9f:37: 96:2f:38:65:9d:96:e2:13:9b:ce:14:27:30:b9:ca: 9a:6c:45:c1:60:21:b7:98:55:90:d0:11:46:f5:e4: 08:3f:52:83:40:f0:82:a0:5b:62:12:4b:b1:9c:13: 34:7f:e3:ad:4a:e4:a4:1a:91:5f:78:fe:98:db:3a: 3f:1f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FF:7C:EC:25:8A:57:85:63:9A:5F:7D:FD:66:B4:7D:80:47:57:77:4F X509v3 Authority Key Identifier: keyid:7C:13:1E:E0:A8:0B:83:4D:48:D1:7D:69:65:5A:5B:C7:BE:66:8B:6A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91637DD/DE59F6025E7311EC8BE4CC4EC4F9AE02/fBMe4KgLg01I0X1pZVpbx75mi2o.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fBMe4KgLg01I0X1pZVpbx75mi2o.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91637DD/DE59F6025E7311EC8BE4CC4EC4F9AE02/CA95FB0EA1E611EDABFD7D7FC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.177.242.0/23 IPv6: 2001:df0:2dc0::/48 Signature Algorithm: sha256WithRSAEncryption bc:4c:0c:80:bd:f2:a3:84:8b:f4:cc:87:ce:8d:32:1e:85:69: 8b:be:ef:d2:c3:8c:2b:cd:95:21:3f:59:47:cb:d0:a4:c1:e4: 75:5c:34:aa:10:5c:ae:85:d1:ed:a1:19:d3:e9:7c:c4:37:38: ee:82:83:a8:7a:06:72:34:a8:bc:63:0a:aa:ff:d5:f5:27:2b: 68:2c:a0:69:4d:bb:bd:ca:c2:c8:16:73:2f:0b:b8:68:4a:85: 30:ef:bf:11:33:7d:72:85:88:2e:ac:cb:c5:71:79:e1:d8:83: 74:90:c2:c5:de:56:5d:d5:1f:6a:a4:f6:f3:a2:fd:29:6a:70: 94:04:c5:9a:e4:5d:29:24:87:c6:e7:99:76:c6:9f:e0:9d:2f: 9b:e0:54:38:09:f6:4b:ef:a6:60:90:7b:3e:7f:71:92:52:21: 43:59:62:e1:5e:64:07:18:2b:3e:fe:f9:b7:1b:73:fe:3c:38: 43:42:83:6d:69:73:c9:c8:eb:61:43:68:7c:8b:fc:52:c1:d3: 9a:af:95:c5:ce:c9:f2:99:46:39:90:80:87:d6:46:f0:9c:67: 85:f0:2f:87:4f:8f:cd:c6:02:9d:b2:b5:34:c7:9c:51:75:1e: 9a:a3:ed:70:5d:4c:bf:c4:49:ff:4d:31:29:85:46:14:c6:69: 01:23:6b:df -----BEGIN CERTIFICATE----- MIIFgjCCBGqgAwIBAgICA0kwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NjM3REQxMTAvBgNVBAUTKDdDMTMxRUUwQTgwQjgzNEQ0OEQxN0Q2OTY1NUE1QkM3 QkU2NjhCNkEwHhcNMjQwMTExMDIyNDQwWhcNMjUwMzAyMDAwMDAwWjAYMRYwFAYD VQQDEw02NTlmNTE2OC0wNjY5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwEhfLZAg4wV/6ZYEqR4Skd6F5chrkKVAsyMk9SZbVWFkN8o/vwNM7z/56p+S FDKdyaxNLupAhboudIK8XmuXTtRYIgDswp/BESz7q45NkczSjoX/0ZOasocfsbtU LaA6R1n1cqdZgcROt3sYFdZpRU2/URwQP1IjvARsbOsA06k13sEQp2Cnb37ByCJI eP47kDZUbTJTA9oyDlugqhtXIDxMNtEEKUhBHw6RbXQSkGwA9XC5LESNzLlPyP+Q Hxd7nzeWLzhlnZbiE5vOFCcwucqabEXBYCG3mFWQ0BFG9eQIP1KDQPCCoFtiEkux nBM0f+OtSuSkGpFfeP6Y2zo/HwIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFP987CWK V4Vjml99/Wa0fYBHV3dPMB8GA1UdIwQYMBaAFHwTHuCoC4NNSNF9aWVaW8e+Zotq MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2MzdERC9ERTU5RjYwMjVF NzMxMUVDOEJFNENDNEVDNEY5QUUwMi9mQk1lNEtnTGcwMUkwWDFwWlZwYng3NW1p Mm8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2ZCTWU0S2dMZzAxSTBYMXBaVnBieDc1bWkyby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NjM3REQvREU1OUY2MDI1RTczMTFFQzhCRTRDQzRFQzRGOUFFMDIvQ0E5NUZCMEVB MUU2MTFFREFCRkQ3RDdGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E ITAfMAwEAgABMAYDBAFnsfIwDwQCAAIwCQMHACABDfAtwDANBgkqhkiG9w0BAQsF AAOCAQEAvEwMgL3yo4SL9MyHzo0yHoVpi77v0sOMK82VIT9ZR8vQpMHkdVw0qhBc roXR7aEZ0+l8xDc47oKDqHoGcjSovGMKqv/V9ScraCygaU27vcrCyBZzLwu4aEqF MO+/ETN9coWILqzLxXF54diDdJDCxd5WXdUfaqT286L9KWpwlATFmuRdKSSHxueZ dsaf4J0vm+BUOAn2S++mYJB7Pn9xklIhQ1li4V5kBxgrPv75txtz/jw4Q0KDbWlz ycjrYUNofIv8UsHTmq+Vxc7J8plGOZCAh9ZG8JxnhfAvh0+PzcYCnbK1NMecUXUe mqPtcF1Mv8RJ/00xKYVGFMZpASNr3w== -----END CERTIFICATE-----Generated at Sat Nov 23 01:27:22 2024 by rpki-client on console-ams.rpki-client.org