$ rpki-client -vvf rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/C9A9C868822911EF9ED90179C4F9AE02.roa File: C9A9C868822911EF9ED90179C4F9AE02.roa (raw, json) Hash identifier: yBClgoO4KD/cjNOWyVH0ymFJc4D5rEzseVUEIxG3IkM= Subject key identifier: 25:5F:7D:52:54:F2:97:A2:1D:91:CE:A1:5C:E7:59:AA:77:24:33:48 Certificate issuer: /CN=A91A560A/serialNumber=167C3B221775FEC05039468150CE814756AC6F0A Certificate serial: 471A Authority key identifier: 16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/C9A9C868822911EF9ED90179C4F9AE02.roa Signing time: Fri 04 Oct 2024 08:23:22 +0000 ROA not before: Fri 04 Oct 2024 08:23:22 +0000 ROA not after: Fri 31 Oct 2025 00:00:00 +0000 asID: 45557 IP address blocks: 45.118.136.0/22 maxlen: 22 45.118.136.0/24 maxlen: 24 45.118.137.0/24 maxlen: 24 45.118.138.0/24 maxlen: 24 45.118.139.0/24 maxlen: 24 103.17.88.0/22 maxlen: 22 103.17.88.0/24 maxlen: 24 103.17.89.0/24 maxlen: 24 103.17.90.0/24 maxlen: 24 103.17.91.0/24 maxlen: 24 103.129.80.0/22 maxlen: 22 103.129.80.0/24 maxlen: 24 103.129.81.0/24 maxlen: 24 103.129.82.0/24 maxlen: 24 103.129.83.0/24 maxlen: 24 103.153.218.0/23 maxlen: 24 103.153.220.0/23 maxlen: 24 103.153.222.0/23 maxlen: 24 103.170.248.0/23 maxlen: 24 180.148.0.0/21 maxlen: 24 2404:3a00::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.crl rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 02 Dec 2024 11:15:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 18202 (0x471a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A560A/serialNumber=167C3B221775FEC05039468150CE814756AC6F0A Validity Not Before: Oct 4 08:23:22 2024 GMT Not After : Oct 31 00:00:00 2025 GMT Subject: CN=66ffa5fa-7e84 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:22:1c:f0:f8:02:d7:46:0d:fa:b6:5e:52:29: 80:e7:65:d4:ab:75:18:07:02:25:81:c3:91:f5:6e: e9:ba:9c:73:8a:29:f0:02:51:60:4c:e7:7a:71:60: 9c:e2:59:de:83:d0:ef:7a:c1:fc:7c:63:40:1f:47: 0c:d5:11:c3:56:15:7e:a1:f2:de:3b:d1:29:01:85: b4:13:65:c1:fa:6b:56:45:88:02:34:c3:37:58:a8: c9:de:48:25:ba:d2:f5:1c:91:59:4e:d4:f0:07:e2: 76:f2:01:33:26:13:48:2b:d1:b2:b9:ac:76:5a:ac: ff:35:f5:87:56:6e:13:16:12:33:ad:28:ce:f4:88: 5a:27:3b:8f:60:5a:0f:32:70:60:07:4f:77:69:a4: 3c:29:48:f0:30:d9:58:c5:c1:58:18:37:40:b8:e6: 20:df:a1:27:0d:f3:96:98:30:12:95:e3:11:a7:c3: d6:d2:a4:ba:95:e8:6f:b0:1d:b6:2e:40:d7:56:98: 6c:12:ac:13:e5:a5:36:f6:b4:6c:fb:cb:ac:1b:e0: 55:30:0e:36:12:16:24:c2:f9:1a:ad:a5:7f:ca:e1: 10:4d:b7:9a:ca:9b:c3:d5:d8:28:08:c0:1c:88:0a: 04:8f:f2:54:1c:6c:34:22:b5:3c:1e:43:b8:f8:58: 1b:8d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 25:5F:7D:52:54:F2:97:A2:1D:91:CE:A1:5C:E7:59:AA:77:24:33:48 X509v3 Authority Key Identifier: keyid:16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/C9A9C868822911EF9ED90179C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 45.118.136.0/22 103.17.88.0/22 103.129.80.0/22 103.153.218.0-103.153.223.255 103.170.248.0/23 180.148.0.0/21 IPv6: 2404:3a00::/32 Signature Algorithm: sha256WithRSAEncryption 22:40:ab:f5:64:90:c1:91:72:09:51:34:ac:27:5c:cb:5f:a3: 8d:b0:56:d8:77:b5:24:c6:2f:a5:1b:41:62:80:52:80:b6:bf: 48:ac:9a:e7:01:c8:0e:00:4f:23:65:82:ec:31:4f:ed:35:91: 24:bb:e8:ac:99:be:d9:70:df:84:1b:39:f0:5c:b9:68:c5:d5: 6b:a7:43:2d:43:60:2b:15:83:aa:00:17:1a:93:37:e6:25:85: cc:4a:3e:32:b6:02:e6:6e:24:db:b1:12:4a:f9:ed:59:c1:e7: a4:17:b3:32:68:da:03:54:e0:d7:c1:b9:99:e6:1c:85:e1:2a: a7:fa:fd:aa:29:60:be:40:9c:54:83:57:08:d5:ec:40:16:45: b7:6e:a6:b7:b2:de:72:2a:aa:d2:e1:18:10:be:3a:59:6f:94: 1a:b2:44:9d:ac:5c:4b:9b:62:c2:5f:0a:33:fd:fc:f8:4b:eb: f1:5d:52:05:1d:70:d5:d9:ba:7c:ef:98:a2:84:1d:2c:89:e7: 92:82:b4:a3:2f:b0:f8:63:d0:a4:b7:95:ef:0b:42:5d:f1:b2: 57:d7:bf:7f:4f:e6:ed:2d:f2:35:6d:f9:3d:ea:c8:96:80:bb: b0:9d:e9:73:38:f9:1d:93:ff:0e:29:35:9d:95:53:26:f6:22: 50:cf:8f:ce -----BEGIN CERTIFICATE----- MIIFpjCCBI6gAwIBAgICRxowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTU2MEExMTAvBgNVBAUTKDE2N0MzQjIyMTc3NUZFQzA1MDM5NDY4MTUwQ0U4MTQ3 NTZBQzZGMEEwHhcNMjQxMDA0MDgyMzIyWhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NmZmYTVmYS03ZTg0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxyIc8PgC10YN+rZeUimA52XUq3UYBwIlgcOR9W7pupxziinwAlFgTOd6cWCc 4lneg9DvesH8fGNAH0cM1RHDVhV+ofLeO9EpAYW0E2XB+mtWRYgCNMM3WKjJ3kgl utL1HJFZTtTwB+J28gEzJhNIK9Gyuax2Wqz/NfWHVm4TFhIzrSjO9IhaJzuPYFoP MnBgB093aaQ8KUjwMNlYxcFYGDdAuOYg36EnDfOWmDASleMRp8PW0qS6lehvsB22 LkDXVphsEqwT5aU29rRs+8usG+BVMA42EhYkwvkaraV/yuEQTbeaypvD1dgoCMAc iAoEj/JUHGw0IrU8HkO4+FgbjQIDAQABo4ICyjCCAsYwHQYDVR0OBBYEFCVffVJU 8peiHZHOoVznWap3JDNIMB8GA1UdIwQYMBaAFBZ8OyIXdf7AUDlGgVDOgUdWrG8K MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTYwQS9BQUVCMTkxQTFE OEExMUUyQTM4N0QwRTQwOEIwMkNEMi9Gbnc3SWhkMV9zQlFPVWFCVU02QlIxYXNi d28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0ZudzdJaGQxX3NCUU9VYUJVTTZCUjFhc2J3by5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QTU2MEEvQUFFQjE5MUExRDhBMTFFMkEzODdEMEU0MDhCMDJDRDIvQzlBOUM4Njg4 MjI5MTFFRjlFRDkwMTc5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwVAYIKwYBBQUHAQcBAf8E RTBDMDIEAgABMCwDBAItdogDBAJnEVgDBAJngVAwDAMEAWeZ2gMEBWeZwAMEAWeq +AMEA7SUADANBAIAAjAHAwUAJAQ6ADANBgkqhkiG9w0BAQsFAAOCAQEAIkCr9WSQ wZFyCVE0rCdcy1+jjbBW2He1JMYvpRtBYoBSgLa/SKya5wHIDgBPI2WC7DFP7TWR JLvorJm+2XDfhBs58Fy5aMXVa6dDLUNgKxWDqgAXGpM35iWFzEo+MrYC5m4k27ES SvntWcHnpBezMmjaA1Tg18G5meYcheEqp/r9qilgvkCcVINXCNXsQBZFt26mt7Le ciqq0uEYEL46WW+UGrJEnaxcS5tiwl8KM/38+Evr8V1SBR1w1dm6fO+YooQdLInn koK0oy+w+GPQpLeV7wtCXfGyV9e/f0/m7S3yNW35PerIloC7sJ3pczj5HZP/Dik1 nZVTJvYiUM+Pzg== -----END CERTIFICATE-----Generated at Mon Nov 25 13:05:16 2024 by rpki-client on console-fra.rpki-client.org