$ rpki-client -vvf rpki.apnic.net/member_repository/A91A0E9D/9569ADB495DB11EFA4E2FB45C4F9AE02/3996C94896D211EF924C486FC4F9AE02.roa File: 3996C94896D211EF924C486FC4F9AE02.roa (raw, json) Hash identifier: jPKROmghkPyJWap1Ck0b+pE8AGKhobQAaRNerFhIWOA= Subject key identifier: 96:9E:22:A1:6E:F0:C2:25:31:75:15:EC:BC:A8:B3:BC:B0:CB:3F:45 Certificate issuer: /CN=A91A0E9D/serialNumber=D21B0D5AC5AF91900F50AD96003313E51ED60A10 Certificate serial: 13 Authority key identifier: D2:1B:0D:5A:C5:AF:91:90:0F:50:AD:96:00:33:13:E5:1E:D6:0A:10 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0hsNWsWvkZAPUK2WADMT5R7WChA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A0E9D/9569ADB495DB11EFA4E2FB45C4F9AE02/3996C94896D211EF924C486FC4F9AE02.roa Signing time: Wed 30 Oct 2024 15:24:52 +0000 ROA not before: Wed 30 Oct 2024 15:24:52 +0000 ROA not after: Mon 02 Mar 2026 00:00:00 +0000 asID: 63851 IP address blocks: 103.42.152.0/22 maxlen: 22 103.42.152.0/23 maxlen: 23 103.42.152.0/24 maxlen: 24 103.42.153.0/24 maxlen: 24 103.42.154.0/23 maxlen: 23 103.42.154.0/24 maxlen: 24 103.42.155.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A0E9D/9569ADB495DB11EFA4E2FB45C4F9AE02/0hsNWsWvkZAPUK2WADMT5R7WChA.crl rsync://rpki.apnic.net/member_repository/A91A0E9D/9569ADB495DB11EFA4E2FB45C4F9AE02/0hsNWsWvkZAPUK2WADMT5R7WChA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0hsNWsWvkZAPUK2WADMT5R7WChA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 30 Nov 2024 02:50:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 19 (0x13) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A0E9D/serialNumber=D21B0D5AC5AF91900F50AD96003313E51ED60A10 Validity Not Before: Oct 30 15:24:52 2024 GMT Not After : Mar 2 00:00:00 2026 GMT Subject: CN=67224fc4-63e1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e7:04:cb:f8:ff:7b:20:64:67:49:18:8b:10:47: 0f:68:e9:fc:9d:ff:18:ae:85:29:84:cd:90:06:66: 5b:35:18:82:d1:1b:18:bd:6e:4e:61:3f:31:43:e6: cf:6d:b9:e8:65:23:cf:b6:e9:34:80:19:b7:2f:9d: e5:37:78:39:19:16:ec:1d:0c:66:b1:a8:7c:4c:75: 7c:e0:e2:07:5d:91:aa:38:fa:d6:3d:02:80:5d:5c: a9:2a:9e:66:b0:16:9d:5c:34:41:b4:5d:20:23:4d: 41:7d:eb:86:f3:ac:42:a2:3f:41:53:9f:8d:e8:b3: 3f:49:5a:d5:fc:db:09:ce:73:3c:14:12:40:ab:01: 68:b5:39:96:35:ea:35:90:41:59:ad:91:e3:da:44: 5e:e9:ab:f5:0b:56:7c:74:9a:eb:b4:43:17:da:56: 19:1a:a1:0a:86:6b:74:1d:1e:94:dd:0f:35:19:42: 57:98:ee:d3:84:e9:3f:fe:91:ef:88:0c:c0:0e:5c: 1a:ac:b3:71:16:e2:30:ed:b7:d6:76:38:08:9b:af: d1:3e:9f:e3:7a:31:e0:ad:fd:fb:ea:a4:d9:e6:47: fe:0c:4d:10:65:44:1b:05:b6:b4:70:78:24:17:aa: d4:d0:a4:e5:10:c8:6f:fe:a1:63:f8:c6:34:a4:e8: e5:b3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 96:9E:22:A1:6E:F0:C2:25:31:75:15:EC:BC:A8:B3:BC:B0:CB:3F:45 X509v3 Authority Key Identifier: keyid:D2:1B:0D:5A:C5:AF:91:90:0F:50:AD:96:00:33:13:E5:1E:D6:0A:10 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A0E9D/9569ADB495DB11EFA4E2FB45C4F9AE02/0hsNWsWvkZAPUK2WADMT5R7WChA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0hsNWsWvkZAPUK2WADMT5R7WChA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A0E9D/9569ADB495DB11EFA4E2FB45C4F9AE02/3996C94896D211EF924C486FC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.42.152.0/22 Signature Algorithm: sha256WithRSAEncryption b0:54:f5:68:52:23:ef:6a:ba:03:7c:36:3a:57:c4:81:51:64: 50:6f:75:60:ea:8c:b6:e7:00:32:3a:04:d3:89:c5:7e:3e:22: d6:22:d6:dc:04:c6:b5:51:38:a4:7d:e1:08:c9:e9:b0:a3:b7: 12:1e:74:bd:d7:45:2a:e5:47:ed:a8:ca:c9:aa:2b:62:37:80: 31:05:a3:5e:ba:0d:2b:f6:de:a7:e1:46:6f:81:14:62:fb:34: a0:6e:33:27:ca:c2:46:67:b8:86:61:d7:94:ce:34:10:75:2f: 85:ca:8c:a6:5e:3c:fa:66:68:ae:92:3e:59:a6:70:69:09:75: 41:11:19:17:82:81:f3:8d:e3:d3:c3:cc:9c:1b:1a:09:37:c9: a7:27:d5:91:83:1e:18:cc:bf:68:77:7a:28:fc:51:7f:db:05: 92:50:fb:0f:64:ad:b6:e1:2e:59:d6:70:4c:26:b6:f6:74:c9: 15:8d:bf:23:68:5b:2a:86:85:62:f6:1d:78:c1:0f:52:ca:f2: a4:e9:8a:45:87:b1:64:51:40:db:52:cd:85:f0:2f:e4:dc:cb: ff:5e:88:53:00:28:9e:37:42:6e:b5:9d:c5:cd:8b:33:6d:b8: e3:99:43:f5:ff:5c:0f:0e:8f:2c:4e:f9:fd:74:d7:4a:f7:d8: 9b:db:13:20 -----BEGIN CERTIFICATE----- MIIFcDCCBFigAwIBAgIBEzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFB MEU5RDExMC8GA1UEBRMoRDIxQjBENUFDNUFGOTE5MDBGNTBBRDk2MDAzMzEzRTUx RUQ2MEExMDAeFw0yNDEwMzAxNTI0NTJaFw0yNjAzMDIwMDAwMDBaMBgxFjAUBgNV BAMTDTY3MjI0ZmM0LTYzZTEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDnBMv4/3sgZGdJGIsQRw9o6fyd/xiuhSmEzZAGZls1GILRGxi9bk5hPzFD5s9t uehlI8+26TSAGbcvneU3eDkZFuwdDGaxqHxMdXzg4gddkao4+tY9AoBdXKkqnmaw Fp1cNEG0XSAjTUF964bzrEKiP0FTn43osz9JWtX82wnOczwUEkCrAWi1OZY16jWQ QVmtkePaRF7pq/ULVnx0muu0QxfaVhkaoQqGa3QdHpTdDzUZQleY7tOE6T/+ke+I DMAOXBqss3EW4jDtt9Z2OAibr9E+n+N6MeCt/fvqpNnmR/4MTRBlRBsFtrRweCQX qtTQpOUQyG/+oWP4xjSk6OWzAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUlp4ioW7w wiUxdRXsvKizvLDLP0UwHwYDVR0jBBgwFoAU0hsNWsWvkZAPUK2WADMT5R7WChAw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUEwRTlELzk1NjlBREI0OTVE QjExRUZBNEUyRkI0NUM0RjlBRTAyLzBoc05Xc1d2a1pBUFVLMldBRE1UNVI3V0No QS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvMGhzTldzV3ZrWkFQVUsyV0FETVQ1UjdXQ2hBLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB MEU5RC85NTY5QURCNDk1REIxMUVGQTRFMkZCNDVDNEY5QUUwMi8zOTk2Qzk0ODk2 RDIxMUVGOTI0QzQ4NkZDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ MA4wDAQCAAEwBgMEAmcqmDANBgkqhkiG9w0BAQsFAAOCAQEAsFT1aFIj72q6A3w2 OlfEgVFkUG91YOqMtucAMjoE04nFfj4i1iLW3ATGtVE4pH3hCMnpsKO3Eh50vddF KuVH7ajKyaorYjeAMQWjXroNK/bep+FGb4EUYvs0oG4zJ8rCRme4hmHXlM40EHUv hcqMpl48+mZorpI+WaZwaQl1QREZF4KB843j08PMnBsaCTfJpyfVkYMeGMy/aHd6 KPxRf9sFklD7D2SttuEuWdZwTCa29nTJFY2/I2hbKoaFYvYdeMEPUsrypOmKRYex ZFFA21LNhfAv5NzL/16IUwAonjdCbrWdxc2LM22445lD9f9cDw6PLE75/XTXSvfY m9sTIA== -----END CERTIFICATE-----Generated at Sat Nov 23 07:45:04 2024 by rpki-client on console-ams.rpki-client.org