$ rpki-client -vvf rpki.apnic.net/member_repository/A91657DD/AD615F6E6E5611E9BD9B5E69C4F9AE02/05B3C1D2134511EAB2075B28C4F9AE02.roa File: 05B3C1D2134511EAB2075B28C4F9AE02.roa (raw, json) Hash identifier: NWv/gzV10Mc+64t21yfDkLnUn3XApor/AaqWMuLfZ6I= Subject key identifier: 88:07:C5:6A:D9:B2:75:30:15:20:13:CD:95:FF:AF:73:8B:E6:42:4E Certificate issuer: /CN=A91657DD/serialNumber=FBBAC1656A0C63708BCCD60DC825E6C3191A719B Certificate serial: 0EB8 Authority key identifier: FB:BA:C1:65:6A:0C:63:70:8B:CC:D6:0D:C8:25:E6:C3:19:1A:71:9B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-7rBZWoMY3CLzNYNyCXmwxkacZs.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91657DD/AD615F6E6E5611E9BD9B5E69C4F9AE02/05B3C1D2134511EAB2075B28C4F9AE02.roa Signing time: Wed 31 Jul 2024 18:25:57 +0000 ROA not before: Wed 31 Jul 2024 18:25:57 +0000 ROA not after: Tue 30 Sep 2025 00:00:00 +0000 asID: 63996 IP address blocks: 45.120.112.0/22 maxlen: 24 103.60.172.0/22 maxlen: 24 103.205.68.0/22 maxlen: 24 192.144.86.0/23 maxlen: 24 203.95.220.0/22 maxlen: 24 2400:3240::/32 maxlen: 36 2400:3240:300::/40 maxlen: 40 2400:3240:8000::/48 maxlen: 48 2404:1380::/32 maxlen: 36 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91657DD/AD615F6E6E5611E9BD9B5E69C4F9AE02/-7rBZWoMY3CLzNYNyCXmwxkacZs.crl rsync://rpki.apnic.net/member_repository/A91657DD/AD615F6E6E5611E9BD9B5E69C4F9AE02/-7rBZWoMY3CLzNYNyCXmwxkacZs.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-7rBZWoMY3CLzNYNyCXmwxkacZs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Nov 2024 17:37:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3768 (0xeb8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91657DD/serialNumber=FBBAC1656A0C63708BCCD60DC825E6C3191A719B Validity Not Before: Jul 31 18:25:57 2024 GMT Not After : Sep 30 00:00:00 2025 GMT Subject: CN=66aa81b5-7dd1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:36:15:91:a4:82:8a:bc:1c:d6:4d:fa:8f:50: 70:d2:90:b2:19:91:40:6b:e3:e2:1d:5f:fd:f3:61: 9d:b7:d3:55:69:c6:a6:e5:19:61:0d:97:34:5a:a3: 80:0c:7b:ce:31:f7:30:b2:f9:7b:f5:0e:fd:b4:fe: e1:f3:b6:08:ac:23:ea:b2:f3:53:cc:db:76:40:b6: 4c:e5:ff:f0:86:c2:ea:4f:7c:54:35:f9:13:41:b3: fb:48:ca:ee:85:aa:a7:d9:ad:a2:c3:c5:0e:9e:d3: 5d:3d:0e:57:5c:96:56:78:c7:5d:50:b5:e2:68:f2: 4e:a6:c1:1e:92:4c:f4:f9:72:e8:bf:00:ce:58:5e: ef:4a:3a:36:26:39:c1:79:51:f3:f3:60:84:44:df: 15:dc:8f:ce:26:55:fe:06:4c:cf:51:55:2a:3d:04: 22:19:25:ea:4d:fe:b3:d2:61:59:cf:49:4b:dc:5e: e0:f7:1d:8e:8a:2d:6e:e4:dd:bb:d0:ee:01:ad:04: 1e:40:82:6d:62:17:da:f5:aa:e7:5b:ec:5c:45:6b: 78:d3:7a:68:9c:fa:74:8f:44:95:e4:5c:32:d3:55: b1:3f:09:82:ae:d8:f7:84:c5:f9:b8:64:50:e3:b1: f8:ea:7f:4c:f7:c8:b2:a5:86:ec:87:37:83:5f:61: a5:d5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 88:07:C5:6A:D9:B2:75:30:15:20:13:CD:95:FF:AF:73:8B:E6:42:4E X509v3 Authority Key Identifier: keyid:FB:BA:C1:65:6A:0C:63:70:8B:CC:D6:0D:C8:25:E6:C3:19:1A:71:9B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91657DD/AD615F6E6E5611E9BD9B5E69C4F9AE02/-7rBZWoMY3CLzNYNyCXmwxkacZs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-7rBZWoMY3CLzNYNyCXmwxkacZs.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91657DD/AD615F6E6E5611E9BD9B5E69C4F9AE02/05B3C1D2134511EAB2075B28C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 45.120.112.0/22 103.60.172.0/22 103.205.68.0/22 192.144.86.0/23 203.95.220.0/22 IPv6: 2400:3240::/32 2404:1380::/32 Signature Algorithm: sha256WithRSAEncryption aa:5a:22:74:67:f6:6f:0c:9b:e3:82:4b:0d:84:c5:1f:f9:48: 8a:26:cf:ac:c2:fe:04:95:b3:09:1b:99:b6:f2:99:f9:e2:f2: a4:08:d9:41:52:92:50:17:db:2d:60:da:a7:f9:8c:33:4a:7a: 91:f3:bf:19:45:19:e2:4c:ce:38:23:c2:d8:a3:e4:e4:99:84: 81:ee:a0:f4:1a:5b:b1:d5:af:ad:e7:09:f9:3e:8b:b6:33:49: b2:e2:2c:ae:54:64:08:95:8e:5f:f1:ad:ea:22:c6:e0:df:96: da:a6:8f:d5:69:92:0b:68:4d:ae:03:77:00:01:61:bf:ff:d0: 6e:7d:24:b5:b7:4d:15:f4:77:6e:76:9f:a5:e8:28:5d:aa:87: 23:4a:bf:ef:e0:ae:ac:ed:b5:7e:21:04:d2:65:3c:9e:38:c9: 0d:a5:f2:8d:40:2d:0b:5d:b9:62:5d:d9:3b:8f:db:59:61:4b: 38:88:11:15:ae:7c:6e:2b:a7:0e:57:42:23:50:9f:d3:64:f5: 7c:99:7a:cc:87:b6:b4:2a:fa:aa:6d:ae:c1:47:f5:58:bb:5b: c9:d7:67:a7:76:18:42:46:4e:c0:98:9a:4b:5d:71:66:13:d8: 22:74:4f:83:aa:66:b9:59:ee:22:11:bf:d3:7a:11:93:0e:85: 4c:2d:1b:4b -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgICDrgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NjU3REQxMTAvBgNVBAUTKEZCQkFDMTY1NkEwQzYzNzA4QkNDRDYwREM4MjVFNkMz MTkxQTcxOUIwHhcNMjQwNzMxMTgyNTU3WhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD VQQDEw02NmFhODFiNS03ZGQxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxjYVkaSCirwc1k36j1Bw0pCyGZFAa+PiHV/982Gdt9NVacam5RlhDZc0WqOA DHvOMfcwsvl79Q79tP7h87YIrCPqsvNTzNt2QLZM5f/whsLqT3xUNfkTQbP7SMru haqn2a2iw8UOntNdPQ5XXJZWeMddULXiaPJOpsEekkz0+XLovwDOWF7vSjo2JjnB eVHz82CERN8V3I/OJlX+BkzPUVUqPQQiGSXqTf6z0mFZz0lL3F7g9x2Oii1u5N27 0O4BrQQeQIJtYhfa9arnW+xcRWt403ponPp0j0SV5Fwy01WxPwmCrtj3hMX5uGRQ 47H46n9M98iypYbshzeDX2Gl1QIDAQABo4ICwzCCAr8wHQYDVR0OBBYEFIgHxWrZ snUwFSATzZX/r3OL5kJOMB8GA1UdIwQYMBaAFPu6wWVqDGNwi8zWDcgl5sMZGnGb MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2NTdERC9BRDYxNUY2RTZF NTYxMUU5QkQ5QjVFNjlDNEY5QUUwMi8tN3JCWldvTVkzQ0x6TllOeUNYbXd4a2Fj WnMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLy03ckJaV29NWTNDTHpOWU55Q1htd3hrYWNacy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NjU3REQvQUQ2MTVGNkU2RTU2MTFFOUJEOUI1RTY5QzRGOUFFMDIvMDVCM0MxRDIx MzQ1MTFFQUIyMDc1QjI4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwTQYIKwYBBQUHAQcBAf8E PjA8MCQEAgABMB4DBAIteHADBAJnPKwDBAJnzUQDBAHAkFYDBALLX9wwFAQCAAIw DgMFACQAMkADBQAkBBOAMA0GCSqGSIb3DQEBCwUAA4IBAQCqWiJ0Z/ZvDJvjgksN hMUf+UiKJs+swv4ElbMJG5m28pn54vKkCNlBUpJQF9stYNqn+YwzSnqR878ZRRni TM44I8LYo+TkmYSB7qD0Glux1a+t5wn5Pou2M0my4iyuVGQIlY5f8a3qIsbg35ba po/VaZILaE2uA3cAAWG//9BufSS1t00V9Hdudp+l6ChdqocjSr/v4K6s7bV+IQTS ZTyeOMkNpfKNQC0LXbliXdk7j9tZYUs4iBEVrnxuK6cOV0IjUJ/TZPV8mXrMh7a0 Kvqqba7BR/VYu1vJ12endhhCRk7AmJpLXXFmE9gidE+Dqma5We4iEb/TehGTDoVM LRtL -----END CERTIFICATE-----Generated at Fri Nov 22 19:44:59 2024 by rpki-client on console-fra.rpki-client.org