$ rpki-client -vvf rpki.apnic.net/member_repository/A91970E2/8101258CF9A811E6A4EFE02EC4F9AE02/AC8124909A4911E7857CA62FC4F9AE02.roa File: AC8124909A4911E7857CA62FC4F9AE02.roa (raw, json) Hash identifier: iHpjkKgrM/aDV1pos/dM1mkPjodoRGQzW79P/+DhQv0= Subject key identifier: FC:D6:03:9D:BC:61:ED:F2:49:0B:8D:37:A6:6F:CD:81:75:8B:E1:13 Certificate issuer: /CN=A91970E2/serialNumber=D4D17799EAC9C9962B325FED87F930C2EAC82CAF Certificate serial: 1B1D Authority key identifier: D4:D1:77:99:EA:C9:C9:96:2B:32:5F:ED:87:F9:30:C2:EA:C8:2C:AF Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1NF3merJyZYrMl_th_kwwurILK8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91970E2/8101258CF9A811E6A4EFE02EC4F9AE02/AC8124909A4911E7857CA62FC4F9AE02.roa Signing time: Tue 30 Apr 2024 16:54:20 +0000 ROA not before: Tue 30 Apr 2024 16:54:20 +0000 ROA not after: Mon 31 Mar 2025 00:00:00 +0000 asID: 58689 IP address blocks: 103.205.132.0/24 maxlen: 24 103.205.134.0/23 maxlen: 24 144.48.108.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91970E2/8101258CF9A811E6A4EFE02EC4F9AE02/1NF3merJyZYrMl_th_kwwurILK8.crl rsync://rpki.apnic.net/member_repository/A91970E2/8101258CF9A811E6A4EFE02EC4F9AE02/1NF3merJyZYrMl_th_kwwurILK8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1NF3merJyZYrMl_th_kwwurILK8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 25 May 2024 14:50:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6941 (0x1b1d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91970E2/serialNumber=D4D17799EAC9C9962B325FED87F930C2EAC82CAF Validity Not Before: Apr 30 16:54:20 2024 GMT Not After : Mar 31 00:00:00 2025 GMT Subject: CN=6631223c-2871 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:3e:cf:f6:ec:60:63:23:1e:3d:d8:41:2e:17: ec:0b:02:0a:74:55:99:aa:c6:f3:7c:ab:4c:21:25: f0:dd:7f:2f:4b:2d:45:3f:cc:26:38:26:d6:3d:bd: 7f:fd:a4:f5:1a:98:73:69:eb:b4:1f:7b:ee:97:bd: 07:5b:8d:12:9c:51:e3:56:12:17:77:f1:e6:ff:3a: 5a:3e:53:24:80:98:89:41:c7:cf:10:4e:ea:19:9f: 31:1e:c6:f1:b8:8a:d7:95:80:7a:6b:2c:ae:b8:47: 52:8e:4e:73:53:c0:b8:68:c6:73:48:0a:ce:46:c5: 27:50:c6:ad:88:de:f6:ac:53:2e:34:8f:e1:30:be: d1:15:38:ce:76:5a:1b:d3:ae:1a:f6:6d:71:85:2e: ea:e7:d0:a4:f8:f0:0f:2a:f1:17:d8:22:80:a2:47: 4f:5d:fc:b8:05:35:fb:35:fb:45:b1:dd:00:ff:1c: 41:d9:fd:0c:4b:3f:59:b8:fb:22:31:04:d3:56:dd: 61:f9:bf:81:09:b5:aa:39:bf:39:0b:3e:df:4c:0d: fb:a7:85:64:b6:81:7d:be:9c:91:cb:ed:8d:1b:23: 5e:bd:70:55:ac:57:b0:98:fa:25:93:aa:cf:7f:36: 0b:43:a2:e4:b3:a5:80:4a:c7:5a:b3:71:2c:54:6f: 93:ff Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FC:D6:03:9D:BC:61:ED:F2:49:0B:8D:37:A6:6F:CD:81:75:8B:E1:13 X509v3 Authority Key Identifier: keyid:D4:D1:77:99:EA:C9:C9:96:2B:32:5F:ED:87:F9:30:C2:EA:C8:2C:AF X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91970E2/8101258CF9A811E6A4EFE02EC4F9AE02/1NF3merJyZYrMl_th_kwwurILK8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1NF3merJyZYrMl_th_kwwurILK8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91970E2/8101258CF9A811E6A4EFE02EC4F9AE02/AC8124909A4911E7857CA62FC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.205.132.0/24 103.205.134.0/23 144.48.108.0/22 Signature Algorithm: sha256WithRSAEncryption 11:71:3f:b4:b0:5f:35:47:06:ec:f0:58:4d:86:07:df:bf:13: 27:92:f5:bb:2d:db:02:03:0d:8e:3b:41:f9:2f:c8:d8:79:55: 0b:48:4f:7e:5d:bb:a3:05:7e:6b:17:a1:32:68:46:a1:65:dd: 88:36:da:ba:bf:ad:75:19:99:e5:0a:56:ea:2e:22:e7:95:05: ad:a4:90:0a:89:1d:69:46:4c:41:4a:55:46:ae:1e:0e:aa:e1: 8f:5b:16:3f:5a:00:97:f6:60:97:60:a4:24:b2:f7:8c:e0:84: be:8d:c1:5a:24:c3:f6:b2:1e:2d:2a:d1:a0:03:a4:9a:ca:97: a4:91:8f:e0:da:af:21:bc:01:19:b0:ce:42:dd:b5:35:0d:b9: 6f:55:a1:58:f5:19:ed:74:18:9c:04:2d:ca:fe:db:81:58:11: 7f:bf:7e:96:e6:be:cb:fe:0d:c7:ee:5f:1c:8f:c0:b1:17:ab: 71:6b:0c:f7:83:38:9a:b0:45:8f:0d:b9:fd:c8:f8:64:ce:21: f9:ca:69:99:58:5c:28:f3:6d:84:87:b1:d9:be:36:96:5a:3c: a7:33:f9:1b:7e:3e:49:95:55:1f:d4:48:67:3c:e1:ce:51:da: 41:ea:f6:a0:c0:30:23:63:42:15:91:ee:4d:d6:e8:5f:93:26: a6:99:61:ef -----BEGIN CERTIFICATE----- MIIFfTCCBGWgAwIBAgICGx0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OTcwRTIxMTAvBgNVBAUTKEQ0RDE3Nzk5RUFDOUM5OTYyQjMyNUZFRDg3RjkzMEMy RUFDODJDQUYwHhcNMjQwNDMwMTY1NDIwWhcNMjUwMzMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NjMxMjIzYy0yODcxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvT7P9uxgYyMePdhBLhfsCwIKdFWZqsbzfKtMISXw3X8vSy1FP8wmOCbWPb1/ /aT1Gphzaeu0H3vul70HW40SnFHjVhIXd/Hm/zpaPlMkgJiJQcfPEE7qGZ8xHsbx uIrXlYB6ayyuuEdSjk5zU8C4aMZzSArORsUnUMatiN72rFMuNI/hML7RFTjOdlob 064a9m1xhS7q59Ck+PAPKvEX2CKAokdPXfy4BTX7NftFsd0A/xxB2f0MSz9ZuPsi MQTTVt1h+b+BCbWqOb85Cz7fTA37p4VktoF9vpyRy+2NGyNevXBVrFewmPolk6rP fzYLQ6Lks6WASsdas3EsVG+T/wIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFPzWA528 Ye3ySQuNN6ZvzYF1i+ETMB8GA1UdIwQYMBaAFNTRd5nqycmWKzJf7Yf5MMLqyCyv MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5NzBFMi84MTAxMjU4Q0Y5 QTgxMUU2QTRFRkUwMkVDNEY5QUUwMi8xTkYzbWVySnlaWXJNbF90aF9rd3d1cklM SzguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzFORjNtZXJKeVpZck1sX3RoX2t3d3VySUxLOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx OTcwRTIvODEwMTI1OENGOUE4MTFFNkE0RUZFMDJFQzRGOUFFMDIvQUM4MTI0OTA5 QTQ5MTFFNzg1N0NBNjJGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E HDAaMBgEAgABMBIDBABnzYQDBAFnzYYDBAKQMGwwDQYJKoZIhvcNAQELBQADggEB ABFxP7SwXzVHBuzwWE2GB9+/EyeS9bst2wIDDY47QfkvyNh5VQtIT35du6MFfmsX oTJoRqFl3Yg22rq/rXUZmeUKVuouIueVBa2kkAqJHWlGTEFKVUauHg6q4Y9bFj9a AJf2YJdgpCSy94zghL6NwVokw/ayHi0q0aADpJrKl6SRj+DaryG8ARmwzkLdtTUN uW9VoVj1Ge10GJwELcr+24FYEX+/fpbmvsv+DcfuXxyPwLEXq3FrDPeDOJqwRY8N uf3I+GTOIfnKaZlYXCjzbYSHsdm+NpZaPKcz+Rt+PkmVVR/USGc84c5R2kHq9qDA MCNjQhWR7k3W6F+TJqaZYe8= -----END CERTIFICATE-----Generated at Sat May 18 17:20:34 2024 by rpki-client on console-ams.rpki-client.org