$ rpki-client -vvf rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/2AA67A104B5411EF9FCA565EC4F9AE02.roa File: 2AA67A104B5411EF9FCA565EC4F9AE02.roa (raw, json) Hash identifier: rOQrmktPxz9oBUG6DReGspK0/uPd7q8qn7/wvL/Fj8E= Subject key identifier: 4E:33:A2:B3:C5:F4:2E:FF:ED:AD:C7:6B:CE:09:D7:DB:F4:C6:37:11 Certificate issuer: /CN=A91A560A/serialNumber=167C3B221775FEC05039468150CE814756AC6F0A Certificate serial: 45AE Authority key identifier: 16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/2AA67A104B5411EF9FCA565EC4F9AE02.roa Signing time: Thu 05 Sep 2024 03:33:35 +0000 ROA not before: Thu 05 Sep 2024 03:33:35 +0000 ROA not after: Fri 31 Oct 2025 00:00:00 +0000 asID: 140825 IP address blocks: 59.153.216.0/22 maxlen: 24 103.6.234.0/23 maxlen: 24 103.11.198.0/23 maxlen: 24 103.12.76.0/23 maxlen: 24 103.81.84.0/22 maxlen: 24 103.173.154.0/23 maxlen: 24 103.173.254.0/23 maxlen: 24 103.183.112.0/23 maxlen: 24 103.184.112.0/23 maxlen: 24 103.186.146.0/23 maxlen: 24 2001:df0:5bc0::/48 maxlen: 48 2001:df0:90c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.crl rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 02 Dec 2024 11:15:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 17838 (0x45ae) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A560A/serialNumber=167C3B221775FEC05039468150CE814756AC6F0A Validity Not Before: Sep 5 03:33:35 2024 GMT Not After : Oct 31 00:00:00 2025 GMT Subject: CN=66d9268f-e6c1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:de:38:01:a8:32:30:a2:b4:1b:c2:ca:9d:be: 23:68:95:d1:93:eb:86:5c:84:af:3a:f2:7f:07:7d: 53:5d:48:9b:db:1b:d2:ce:16:b2:f9:da:bf:64:0c: c3:d8:85:d5:16:b4:7a:9f:19:5e:c1:5e:ff:9d:54: 8e:5b:a6:fe:f5:e2:a3:0b:32:92:08:20:d8:df:ca: 06:85:c5:97:d8:c9:f0:7b:db:90:a8:c3:dd:4e:6a: 20:c4:25:ea:de:28:f4:d2:18:0e:88:4c:22:a3:b7: 3e:05:1b:62:ba:1f:94:82:10:c1:e4:c8:f4:4c:21: 37:00:6f:b0:7a:10:8f:8d:3e:27:dc:c6:21:06:0b: d3:8e:c1:7f:97:00:14:48:64:32:9b:83:91:20:25: ad:65:0c:97:b5:50:a2:49:c2:f3:fd:08:09:74:16: 14:5f:06:47:de:a6:7d:7e:89:07:54:b5:9c:ca:0f: 9c:e9:a8:2e:04:5f:d2:14:8b:a4:8b:81:f5:d3:c9: 53:b9:e7:d9:72:ae:fb:31:ad:7a:13:0d:e7:ca:ee: 73:8c:b6:87:9d:ef:13:1a:31:d6:41:4b:e3:74:6a: 4b:c0:64:cb:4c:3d:9d:0e:2f:57:b6:9b:53:d0:17: 26:3a:db:3a:cc:f3:f8:52:e0:02:03:58:7d:4a:c3: 55:c3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4E:33:A2:B3:C5:F4:2E:FF:ED:AD:C7:6B:CE:09:D7:DB:F4:C6:37:11 X509v3 Authority Key Identifier: keyid:16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/2AA67A104B5411EF9FCA565EC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 59.153.216.0/22 103.6.234.0/23 103.11.198.0/23 103.12.76.0/23 103.81.84.0/22 103.173.154.0/23 103.173.254.0/23 103.183.112.0/23 103.184.112.0/23 103.186.146.0/23 IPv6: 2001:df0:5bc0::/48 2001:df0:90c0::/48 Signature Algorithm: sha256WithRSAEncryption 72:7c:06:5f:c2:6b:74:3b:b0:81:99:b1:aa:38:3b:bd:d3:4a: 14:33:ee:9e:80:2f:12:05:77:ca:39:7a:1b:0a:5f:43:75:c8: b2:fb:90:a4:ff:44:63:3c:1e:d0:55:3e:68:b2:39:cf:1d:48: 38:a4:1c:45:27:75:26:d0:2c:ec:88:9a:52:a1:32:b7:00:e1: 1a:b9:8a:65:16:78:ec:02:50:26:cd:fc:95:21:2e:a3:2d:ca: b0:b4:ee:77:0e:69:10:98:22:ee:9a:0d:f8:a5:f4:d2:33:27: d0:59:cc:f8:38:20:aa:20:bf:92:10:bc:df:3c:ab:fd:39:62: de:ef:33:8d:a3:54:36:13:8d:4e:07:58:06:ee:7f:19:7a:e2: 97:3e:d0:15:1b:51:c2:32:a2:da:8f:2c:67:62:93:db:c1:28: ab:f2:70:fe:98:1c:c9:bf:29:53:38:98:6f:36:5e:61:09:82: 93:db:3e:6e:85:97:d6:98:f0:f8:f3:b1:9d:b2:ad:50:6e:4e: b1:aa:4d:d3:77:aa:37:84:b7:66:4d:a4:3b:95:4c:03:e0:8e: dd:81:54:e9:50:a1:d4:e1:0f:85:24:4d:c4:e4:b6:43:73:9e: 20:b4:01:66:d9:da:b7:c4:d8:af:37:73:b4:93:46:1d:1e:93: ad:6a:77:a5 -----BEGIN CERTIFICATE----- MIIFwTCCBKmgAwIBAgICRa4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTU2MEExMTAvBgNVBAUTKDE2N0MzQjIyMTc3NUZFQzA1MDM5NDY4MTUwQ0U4MTQ3 NTZBQzZGMEEwHhcNMjQwOTA1MDMzMzM1WhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NmQ5MjY4Zi1lNmMxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAud44AagyMKK0G8LKnb4jaJXRk+uGXISvOvJ/B31TXUib2xvSzhay+dq/ZAzD 2IXVFrR6nxlewV7/nVSOW6b+9eKjCzKSCCDY38oGhcWX2Mnwe9uQqMPdTmogxCXq 3ij00hgOiEwio7c+BRtiuh+UghDB5Mj0TCE3AG+wehCPjT4n3MYhBgvTjsF/lwAU SGQym4ORICWtZQyXtVCiScLz/QgJdBYUXwZH3qZ9fokHVLWcyg+c6aguBF/SFIuk i4H108lTuefZcq77Ma16Ew3nyu5zjLaHne8TGjHWQUvjdGpLwGTLTD2dDi9XtptT 0BcmOts6zPP4UuACA1h9SsNVwwIDAQABo4IC5TCCAuEwHQYDVR0OBBYEFE4zorPF 9C7/7a3Ha84J19v0xjcRMB8GA1UdIwQYMBaAFBZ8OyIXdf7AUDlGgVDOgUdWrG8K MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTYwQS9BQUVCMTkxQTFE OEExMUUyQTM4N0QwRTQwOEIwMkNEMi9Gbnc3SWhkMV9zQlFPVWFCVU02QlIxYXNi d28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0ZudzdJaGQxX3NCUU9VYUJVTTZCUjFhc2J3by5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QTU2MEEvQUFFQjE5MUExRDhBMTFFMkEzODdEMEU0MDhCMDJDRDIvMkFBNjdBMTA0 QjU0MTFFRjlGQ0E1NjVFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwbwYIKwYBBQUHAQcBAf8E YDBeMEIEAgABMDwDBAI7mdgDBAFnBuoDBAFnC8YDBAFnDEwDBAJnUVQDBAFnrZoD BAFnrf4DBAFnt3ADBAFnuHADBAFnupIwGAQCAAIwEgMHACABDfBbwAMHACABDfCQ wDANBgkqhkiG9w0BAQsFAAOCAQEAcnwGX8JrdDuwgZmxqjg7vdNKFDPunoAvEgV3 yjl6GwpfQ3XIsvuQpP9EYzwe0FU+aLI5zx1IOKQcRSd1JtAs7IiaUqEytwDhGrmK ZRZ47AJQJs38lSEuoy3KsLTudw5pEJgi7poN+KX00jMn0FnM+DggqiC/khC83zyr /Tli3u8zjaNUNhONTgdYBu5/GXrilz7QFRtRwjKi2o8sZ2KT28Eoq/Jw/pgcyb8p UziYbzZeYQmCk9s+boWX1pjw+POxnbKtUG5OsapN03eqN4S3Zk2kO5VMA+CO3YFU 6VCh1OEPhSRNxOS2Q3OeILQBZtnat8TYrzdztJNGHR6TrWp3pQ== -----END CERTIFICATE-----Generated at Mon Nov 25 13:17:32 2024 by rpki-client on console-ams.rpki-client.org