$ rpki-client -vvf rpki.apnic.net/member_repository/A91A4402/FDBFD0203D9611EA8EA0702FC4F9AE02/22DFD272A22A11EFA6B4231FC4F9AE02.roa File: 22DFD272A22A11EFA6B4231FC4F9AE02.roa (raw, json) Hash identifier: KKJ/M5Tb28behlPI8MOiLU4CrWD58mjmTLM4SF/Ror0= Subject key identifier: 51:5B:FF:32:4B:37:45:5D:4D:46:FC:8F:5C:86:6E:10:05:13:8F:BC Certificate issuer: /CN=A91A4402/serialNumber=B4116A8E6DA991FDCF71626E7BEA11FF69CBA846 Certificate serial: 0B1A Authority key identifier: B4:11:6A:8E:6D:A9:91:FD:CF:71:62:6E:7B:EA:11:FF:69:CB:A8:46 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tBFqjm2pkf3PcWJue-oR_2nLqEY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A4402/FDBFD0203D9611EA8EA0702FC4F9AE02/22DFD272A22A11EFA6B4231FC4F9AE02.roa Signing time: Thu 14 Nov 2024 01:45:33 +0000 ROA not before: Thu 14 Nov 2024 01:45:33 +0000 ROA not after: Wed 28 May 2025 00:00:00 +0000 asID: 9311 IP address blocks: 43.246.128.0/24 maxlen: 24 43.246.130.0/24 maxlen: 24 43.246.196.0/24 maxlen: 24 43.246.198.0/24 maxlen: 24 103.8.85.0/24 maxlen: 24 103.15.79.0/24 maxlen: 24 103.248.150.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A4402/FDBFD0203D9611EA8EA0702FC4F9AE02/tBFqjm2pkf3PcWJue-oR_2nLqEY.crl rsync://rpki.apnic.net/member_repository/A91A4402/FDBFD0203D9611EA8EA0702FC4F9AE02/tBFqjm2pkf3PcWJue-oR_2nLqEY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tBFqjm2pkf3PcWJue-oR_2nLqEY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 01 Dec 2024 17:11:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2842 (0xb1a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A4402/serialNumber=B4116A8E6DA991FDCF71626E7BEA11FF69CBA846 Validity Not Before: Nov 14 01:45:33 2024 GMT Not After : May 28 00:00:00 2025 GMT Subject: CN=6735563d-5614 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e0:fb:bf:2a:54:bf:a8:b5:5a:d2:fb:4f:c9:5b: 7b:3c:34:f9:ca:6d:b2:0a:b9:86:06:9e:4c:3c:02: 9a:c4:72:c5:ce:46:b1:9e:3a:85:0b:4b:6d:06:0b: fd:93:10:43:4a:3c:dd:00:5a:a2:f5:f4:5b:8c:69: 6a:38:87:de:8e:b9:e9:f2:0f:b5:b9:10:12:0f:11: de:4c:2c:81:44:7c:a2:f5:b6:83:ad:02:f9:4a:85: 2b:e2:67:cf:ae:f0:10:c1:03:fd:c3:f2:bc:a7:ec: f7:1d:56:92:7f:6b:9d:7b:a6:42:11:cb:30:72:2c: 5b:21:46:bd:8c:5a:cf:18:19:be:6b:9f:2e:2e:7b: b8:53:6a:d1:61:4b:96:9d:d2:1f:40:71:60:db:aa: 1f:f7:ea:08:07:0e:35:b9:4b:ec:d0:94:68:57:5e: 09:72:7d:4f:01:04:46:e8:08:3c:ef:0f:b4:52:84: 6a:8d:24:8c:2e:5f:f1:60:04:c8:e5:e1:5f:ea:04: 68:c4:e9:08:eb:2a:11:8a:07:83:52:22:ef:e8:b5: 39:31:2a:28:29:17:98:11:5e:11:7d:97:16:ff:58: 23:6a:7a:9b:d8:6c:93:c2:7e:56:d7:6d:f1:0d:6a: ff:fd:5f:f4:4b:75:86:f3:a7:b5:40:ba:81:1d:69: 53:0f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 51:5B:FF:32:4B:37:45:5D:4D:46:FC:8F:5C:86:6E:10:05:13:8F:BC X509v3 Authority Key Identifier: keyid:B4:11:6A:8E:6D:A9:91:FD:CF:71:62:6E:7B:EA:11:FF:69:CB:A8:46 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A4402/FDBFD0203D9611EA8EA0702FC4F9AE02/tBFqjm2pkf3PcWJue-oR_2nLqEY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tBFqjm2pkf3PcWJue-oR_2nLqEY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A4402/FDBFD0203D9611EA8EA0702FC4F9AE02/22DFD272A22A11EFA6B4231FC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.246.128.0/24 43.246.130.0/24 43.246.196.0/24 43.246.198.0/24 103.8.85.0/24 103.15.79.0/24 103.248.150.0/24 Signature Algorithm: sha256WithRSAEncryption c0:3e:30:68:b6:2c:55:b9:71:ec:ff:2d:ce:5f:69:3a:69:32: 61:ff:86:dc:36:cb:32:9e:c1:d0:d1:60:2c:e8:64:99:f3:db: bb:54:a9:7a:73:97:3b:44:a4:b6:62:b6:f9:26:b3:7b:aa:47: 95:71:fd:97:f3:e4:56:ef:53:c6:1c:c4:dd:8e:0d:de:b0:5a: 2f:fd:66:4f:50:00:87:4b:a5:fb:97:1a:62:a8:28:b6:9d:e1: 10:4d:0a:7b:e6:48:c4:f5:b9:ec:bb:38:1f:84:48:41:1c:76: cf:df:17:9e:84:90:f5:d6:93:ac:76:44:fa:22:b8:1a:84:d0: f0:cc:50:19:92:a6:de:58:2e:c8:b5:48:66:a6:7d:50:85:b6: 81:f8:9a:81:e0:fc:f1:37:91:3f:00:10:7d:c9:d0:c0:e9:99: 48:45:98:a7:56:93:d1:13:d2:5a:b3:8c:6f:0c:41:82:cb:ce: 71:6f:73:af:e5:99:92:89:40:6b:0f:c0:a9:d4:c6:ea:85:9c: ca:44:1e:9e:b7:92:60:65:7b:4e:88:4a:a9:2e:cc:11:64:8b: e2:6a:79:9b:05:23:e8:80:d6:74:2b:f9:1c:38:d7:c6:64:2f: 09:65:12:b1:79:5a:22:64:2f:61:c3:41:c8:b8:b3:cf:02:d1: 56:f4:79:18 -----BEGIN CERTIFICATE----- MIIFlTCCBH2gAwIBAgICCxowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTQ0MDIxMTAvBgNVBAUTKEI0MTE2QThFNkRBOTkxRkRDRjcxNjI2RTdCRUExMUZG NjlDQkE4NDYwHhcNMjQxMTE0MDE0NTMzWhcNMjUwNTI4MDAwMDAwWjAYMRYwFAYD VQQDEw02NzM1NTYzZC01NjE0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA4Pu/KlS/qLVa0vtPyVt7PDT5ym2yCrmGBp5MPAKaxHLFzkaxnjqFC0ttBgv9 kxBDSjzdAFqi9fRbjGlqOIfejrnp8g+1uRASDxHeTCyBRHyi9baDrQL5SoUr4mfP rvAQwQP9w/K8p+z3HVaSf2ude6ZCEcswcixbIUa9jFrPGBm+a58uLnu4U2rRYUuW ndIfQHFg26of9+oIBw41uUvs0JRoV14Jcn1PAQRG6Ag87w+0UoRqjSSMLl/xYATI 5eFf6gRoxOkI6yoRigeDUiLv6LU5MSooKReYEV4RfZcW/1gjanqb2GyTwn5W123x DWr//V/0S3WG86e1QLqBHWlTDwIDAQABo4ICuTCCArUwHQYDVR0OBBYEFFFb/zJL N0VdTUb8j1yGbhAFE4+8MB8GA1UdIwQYMBaAFLQRao5tqZH9z3FibnvqEf9py6hG MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNDQwMi9GREJGRDAyMDNE OTYxMUVBOEVBMDcwMkZDNEY5QUUwMi90QkZxam0ycGtmM1BjV0p1ZS1vUl8ybkxx RVkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3RCRnFqbTJwa2YzUGNXSnVlLW9SXzJuTHFFWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QTQ0MDIvRkRCRkQwMjAzRDk2MTFFQThFQTA3MDJGQzRGOUFFMDIvMjJERkQyNzJB MjJBMTFFRkE2QjQyMzFGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQwYIKwYBBQUHAQcBAf8E NDAyMDAEAgABMCoDBAAr9oADBAAr9oIDBAAr9sQDBAAr9sYDBABnCFUDBABnD08D BABn+JYwDQYJKoZIhvcNAQELBQADggEBAMA+MGi2LFW5cez/Lc5faTppMmH/htw2 yzKewdDRYCzoZJnz27tUqXpzlztEpLZitvkms3uqR5Vx/Zfz5FbvU8YcxN2ODd6w Wi/9Zk9QAIdLpfuXGmKoKLad4RBNCnvmSMT1uey7OB+ESEEcds/fF56EkPXWk6x2 RPoiuBqE0PDMUBmSpt5YLsi1SGamfVCFtoH4moHg/PE3kT8AEH3J0MDpmUhFmKdW k9ET0lqzjG8MQYLLznFvc6/lmZKJQGsPwKnUxuqFnMpEHp63kmBle06ISqkuzBFk i+JqeZsFI+iA1nQr+Rw418ZkLwllErF5WiJkL2HDQci4s88C0Vb0eRg= -----END CERTIFICATE-----Generated at Sun Nov 24 20:09:53 2024 by rpki-client on console-ams.rpki-client.org