$ rpki-client -vvf rpki.apnic.net/member_repository/A91829E3/C45F60DA143711EAACF9FA33C4F9AE02/FA7A1C3AAEE911EA8DB3E03CC4F9AE02.roa File: FA7A1C3AAEE911EA8DB3E03CC4F9AE02.roa (raw, json) Hash identifier: QE5ecgdG5fYcUSCX+MxTdkEzDIB0KG6YE5GZCloiYJg= Subject key identifier: 2B:64:81:1D:85:5B:C2:22:38:DC:63:08:F2:69:E2:DE:6F:3B:C6:00 Certificate issuer: /CN=A91829E3/serialNumber=23D20DA209C895C300EE6B659B6B1829925FBD4F Certificate serial: 0B30 Authority key identifier: 23:D2:0D:A2:09:C8:95:C3:00:EE:6B:65:9B:6B:18:29:92:5F:BD:4F Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/I9INognIlcMA7mtlm2sYKZJfvU8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91829E3/C45F60DA143711EAACF9FA33C4F9AE02/FA7A1C3AAEE911EA8DB3E03CC4F9AE02.roa Signing time: Tue 12 Mar 2024 19:58:05 +0000 ROA not before: Tue 12 Mar 2024 19:58:05 +0000 ROA not after: Thu 01 May 2025 00:00:00 +0000 asID: 135076 IP address blocks: 43.245.244.0/22 maxlen: 24 103.208.180.0/22 maxlen: 24 103.240.248.0/22 maxlen: 24 137.59.180.0/22 maxlen: 22 137.59.180.0/24 maxlen: 24 137.59.181.0/24 maxlen: 24 137.59.182.0/24 maxlen: 24 137.59.183.0/24 maxlen: 24 221.120.96.0/21 maxlen: 24 2405:9e80::/32 maxlen: 35 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91829E3/C45F60DA143711EAACF9FA33C4F9AE02/I9INognIlcMA7mtlm2sYKZJfvU8.crl rsync://rpki.apnic.net/member_repository/A91829E3/C45F60DA143711EAACF9FA33C4F9AE02/I9INognIlcMA7mtlm2sYKZJfvU8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/I9INognIlcMA7mtlm2sYKZJfvU8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Nov 2024 18:44:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2864 (0xb30) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91829E3/serialNumber=23D20DA209C895C300EE6B659B6B1829925FBD4F Validity Not Before: Mar 12 19:58:05 2024 GMT Not After : May 1 00:00:00 2025 GMT Subject: CN=65f0b3cc-090a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:28:92:83:06:87:7d:1b:61:b9:db:cb:af:c0: b8:86:0f:f6:61:16:08:b0:4e:2e:f5:6b:de:ba:62: 1c:a0:a1:68:16:7b:98:08:7d:64:87:48:81:21:a6: 9f:ac:0b:2b:3a:52:c6:ea:70:99:dc:12:42:70:61: a2:6e:80:04:36:c6:27:74:4a:d1:54:86:3b:0e:28: db:c6:66:f0:c8:7a:9e:55:92:46:67:d1:d4:1c:ad: 1c:bd:06:73:fd:b7:5a:07:f7:13:f4:5b:d7:1e:13: 4d:5e:82:1f:19:33:f1:b6:4d:a7:56:f7:3b:3f:ff: da:93:01:12:d8:16:93:9f:85:56:a5:10:90:5f:2b: dd:8f:e6:ea:2c:69:14:aa:ec:15:98:aa:26:ef:5c: 8e:e1:2f:1e:de:38:92:b6:a0:d5:64:c7:07:71:fa: 07:e0:43:9d:8e:80:35:17:71:e6:5f:79:9e:2d:0d: 35:7a:f2:fe:d3:97:1c:7a:09:d8:4b:fe:a3:a8:f3: de:c6:c8:35:87:21:72:4d:f8:c4:64:b7:39:11:7b: 3e:81:06:ec:69:d3:e9:0c:db:80:8d:89:90:41:b1: 68:9c:15:d7:37:ca:cc:a0:5e:d2:54:e7:42:d6:2e: 97:09:0c:76:dd:c9:d7:a0:41:74:d5:ec:71:e2:03: 2f:f9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2B:64:81:1D:85:5B:C2:22:38:DC:63:08:F2:69:E2:DE:6F:3B:C6:00 X509v3 Authority Key Identifier: keyid:23:D2:0D:A2:09:C8:95:C3:00:EE:6B:65:9B:6B:18:29:92:5F:BD:4F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91829E3/C45F60DA143711EAACF9FA33C4F9AE02/I9INognIlcMA7mtlm2sYKZJfvU8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/I9INognIlcMA7mtlm2sYKZJfvU8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91829E3/C45F60DA143711EAACF9FA33C4F9AE02/FA7A1C3AAEE911EA8DB3E03CC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.245.244.0/22 103.208.180.0/22 103.240.248.0/22 137.59.180.0/22 221.120.96.0/21 IPv6: 2405:9e80::/32 Signature Algorithm: sha256WithRSAEncryption 60:a3:85:f8:5a:cf:fd:fc:5e:44:26:2f:1d:ef:40:b3:89:06: d2:c7:54:cb:2a:e8:e7:55:43:a3:fb:3e:1e:37:f3:f6:9e:59: 01:e7:c1:73:83:17:2e:98:72:ea:ca:a0:63:d3:fa:79:ec:10: 8f:c1:f1:e0:82:81:55:af:56:73:87:ba:de:67:58:7b:e3:19: 8a:10:31:f7:2d:f3:85:26:1d:63:ba:c7:1b:b9:b3:5a:3c:a4: 9c:7d:c0:01:e9:ad:2c:87:11:6e:8f:c8:ba:6d:55:37:a1:23: c0:35:ae:89:0b:82:8e:01:d4:c5:0d:61:36:c1:45:78:91:71: 04:b3:33:57:34:d8:84:8a:ca:33:07:42:cd:b9:14:e6:be:06: d6:11:c8:dd:db:2a:9b:2e:43:69:e2:83:91:93:45:2f:b9:f6: 1e:1e:db:cd:63:77:57:ef:62:e2:90:da:be:29:b9:6e:73:8e: e9:76:ce:56:eb:f8:22:38:1d:5e:59:b9:43:f5:ad:c6:1a:e1: 87:38:99:9b:c8:92:a5:0b:63:3f:01:41:a7:ba:83:70:57:7a: 51:24:e2:97:fb:62:44:c3:e5:d1:72:40:b9:b4:c3:4a:e5:82: 31:55:31:16:18:71:d5:16:1a:17:08:9f:02:e7:d8:f4:57:2a: ee:87:99:b8 -----BEGIN CERTIFICATE----- MIIFmDCCBICgAwIBAgICCzAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx ODI5RTMxMTAvBgNVBAUTKDIzRDIwREEyMDlDODk1QzMwMEVFNkI2NTlCNkIxODI5 OTI1RkJENEYwHhcNMjQwMzEyMTk1ODA1WhcNMjUwNTAxMDAwMDAwWjAYMRYwFAYD VQQDEw02NWYwYjNjYy0wOTBhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtSiSgwaHfRthudvLr8C4hg/2YRYIsE4u9WveumIcoKFoFnuYCH1kh0iBIaaf rAsrOlLG6nCZ3BJCcGGiboAENsYndErRVIY7DijbxmbwyHqeVZJGZ9HUHK0cvQZz /bdaB/cT9FvXHhNNXoIfGTPxtk2nVvc7P//akwES2BaTn4VWpRCQXyvdj+bqLGkU quwVmKom71yO4S8e3jiStqDVZMcHcfoH4EOdjoA1F3HmX3meLQ01evL+05ccegnY S/6jqPPexsg1hyFyTfjEZLc5EXs+gQbsadPpDNuAjYmQQbFonBXXN8rMoF7SVOdC 1i6XCQx23cnXoEF01exx4gMv+QIDAQABo4ICvDCCArgwHQYDVR0OBBYEFCtkgR2F W8IiONxjCPJp4t5vO8YAMB8GA1UdIwQYMBaAFCPSDaIJyJXDAO5rZZtrGCmSX71P MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4MjlFMy9DNDVGNjBEQTE0 MzcxMUVBQUNGOUZBMzNDNEY5QUUwMi9JOUlOb2duSWxjTUE3bXRsbTJzWUtaSmZ2 VTguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0k5SU5vZ25JbGNNQTdtdGxtMnNZS1pKZnZVOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx ODI5RTMvQzQ1RjYwREExNDM3MTFFQUFDRjlGQTMzQzRGOUFFMDIvRkE3QTFDM0FB RUU5MTFFQThEQjNFMDNDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwRgYIKwYBBQUHAQcBAf8E NzA1MCQEAgABMB4DBAIr9fQDBAJn0LQDBAJn8PgDBAKJO7QDBAPdeGAwDQQCAAIw BwMFACQFnoAwDQYJKoZIhvcNAQELBQADggEBAGCjhfhaz/38XkQmLx3vQLOJBtLH VMsq6OdVQ6P7Ph438/aeWQHnwXODFy6YcurKoGPT+nnsEI/B8eCCgVWvVnOHut5n WHvjGYoQMfct84UmHWO6xxu5s1o8pJx9wAHprSyHEW6PyLptVTehI8A1rokLgo4B 1MUNYTbBRXiRcQSzM1c02ISKyjMHQs25FOa+BtYRyN3bKpsuQ2nig5GTRS+59h4e 281jd1fvYuKQ2r4puW5zjul2zlbr+CI4HV5ZuUP1rcYa4Yc4mZvIkqULYz8BQae6 g3BXelEk4pf7YkTD5dFyQLm0w0rlgjFVMRYYcdUWGhcInwLn2PRXKu6Hmbg= -----END CERTIFICATE-----Generated at Fri Nov 22 19:45:00 2024 by rpki-client on console-fra.rpki-client.org