$ rpki-client -vvf rpki.apnic.net/member_repository/A91A7169/6233DD3EEBAE11EE8A0ED964C4F9AE02/3E0BA21CEBB211EEA93D9B14C4F9AE02.roa File: 3E0BA21CEBB211EEA93D9B14C4F9AE02.roa (raw, json) Hash identifier: eYzLLwqXSEETTXrW2+hB6aRYqoSuQiyl6DUCdQfwtGE= Subject key identifier: E2:A6:CD:E4:B4:0C:30:55:4D:CA:78:75:D6:7A:D0:86:78:9C:35:C0 Certificate issuer: /CN=A91A7169/serialNumber=4042C2490D7DAFEC3320316ED5AA74E0BECAA9A9 Certificate serial: 42 Authority key identifier: 40:42:C2:49:0D:7D:AF:EC:33:20:31:6E:D5:AA:74:E0:BE:CA:A9:A9 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/QELCSQ19r-wzIDFu1ap04L7Kqak.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A7169/6233DD3EEBAE11EE8A0ED964C4F9AE02/3E0BA21CEBB211EEA93D9B14C4F9AE02.roa Signing time: Fri 05 Jul 2024 07:28:20 +0000 ROA not before: Fri 05 Jul 2024 07:28:20 +0000 ROA not after: Sun 31 Aug 2025 00:00:00 +0000 asID: 16509 IP address blocks: 167.103.90.0/24 maxlen: 24 167.103.91.0/24 maxlen: 24 167.103.92.0/24 maxlen: 24 167.103.93.0/24 maxlen: 24 167.103.94.0/24 maxlen: 24 167.103.95.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A7169/6233DD3EEBAE11EE8A0ED964C4F9AE02/QELCSQ19r-wzIDFu1ap04L7Kqak.crl rsync://rpki.apnic.net/member_repository/A91A7169/6233DD3EEBAE11EE8A0ED964C4F9AE02/QELCSQ19r-wzIDFu1ap04L7Kqak.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/QELCSQ19r-wzIDFu1ap04L7Kqak.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 21 Feb 2025 05:15:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 66 (0x42) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A7169 Validity Not Before: Jul 5 07:28:20 2024 GMT Not After : Aug 31 00:00:00 2025 GMT Subject: CN=6687a094-cbb4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:a9:39:48:3e:47:c0:93:6b:bf:d3:ce:39:57: 68:bc:73:84:b7:e3:aa:36:f8:73:fb:88:aa:6b:ac: aa:12:3f:34:f4:8b:1e:de:62:8b:5f:f2:e1:7f:55: 17:86:42:18:25:50:de:01:5d:d2:8b:65:7c:e7:68: c7:c2:fb:5c:bc:79:59:66:47:74:91:9e:0e:56:c1: fd:a6:46:b7:09:ba:dd:e4:1d:63:07:12:96:65:a2: 45:6f:5a:6e:25:60:26:bd:c4:a7:9e:f6:04:1a:08: a0:a9:5c:83:48:73:e8:93:80:11:f6:87:72:39:d7: 63:07:d9:99:e2:9e:1d:52:27:2e:33:1e:e2:09:47: 6a:b7:32:bb:71:a2:0c:e5:0b:07:21:2f:87:41:cb: f1:e1:9d:3c:12:cc:27:a8:89:d6:0c:f7:94:fc:55: 9e:5f:09:a9:4c:03:61:19:31:c5:fa:ea:2b:fd:89: a9:c8:ea:2a:ca:73:cc:9c:5c:fd:49:e7:71:cc:64: a2:54:ad:a2:c4:60:d4:0e:61:4a:e2:55:6e:7f:d4: 46:64:9f:56:e5:78:7b:f7:b3:ef:d7:89:82:36:ec: c1:a6:63:7b:41:73:5e:c5:1f:36:72:59:da:af:50: b8:04:1d:ef:0a:2f:26:e2:fe:da:71:42:55:61:d7: cf:79 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E2:A6:CD:E4:B4:0C:30:55:4D:CA:78:75:D6:7A:D0:86:78:9C:35:C0 X509v3 Authority Key Identifier: keyid:40:42:C2:49:0D:7D:AF:EC:33:20:31:6E:D5:AA:74:E0:BE:CA:A9:A9 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A7169/6233DD3EEBAE11EE8A0ED964C4F9AE02/QELCSQ19r-wzIDFu1ap04L7Kqak.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/QELCSQ19r-wzIDFu1ap04L7Kqak.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A7169/6233DD3EEBAE11EE8A0ED964C4F9AE02/3E0BA21CEBB211EEA93D9B14C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 167.103.90.0-167.103.95.255 Signature Algorithm: sha256WithRSAEncryption 66:ca:0a:bf:8b:f4:62:76:51:38:ff:f9:9a:77:1e:db:53:ff: 35:d8:b0:18:94:28:9d:f2:de:9a:82:4b:cb:e3:c1:0b:12:40: e0:b5:21:85:1f:ea:db:80:52:28:f2:6f:35:7b:96:22:43:f6: 75:3c:21:14:fd:62:fa:fd:43:0a:72:28:2e:ac:17:40:0a:ad: 11:6d:3b:8c:e9:ec:03:0c:00:d3:dd:a3:74:80:48:bb:70:9a: b2:2b:72:71:6f:00:a3:66:98:b8:cd:bb:c2:95:4c:72:19:c0: 07:d9:b4:64:ec:e1:d5:8f:d9:ce:95:94:ac:fd:49:eb:24:28: 2e:98:0e:6a:16:af:e4:e1:f5:1b:97:3b:c8:33:29:2d:01:d5: fb:dc:fa:72:18:81:9d:29:21:eb:57:91:6e:d8:f1:de:de:ee: 72:4d:19:fc:91:0c:a9:4c:8c:65:0e:b3:cf:e1:0b:69:f0:ca: ad:8b:36:d5:05:d7:0c:d3:6a:ea:ef:68:29:b8:30:1a:b5:26: c7:96:23:d0:a5:51:fe:f1:cc:85:dd:bc:4c:c6:fb:44:53:ca: 76:62:d6:9e:cd:15:e5:18:34:0f:1b:09:b8:8e:9d:dd:7d:fe: 1f:0d:c1:54:00:88:cb:9b:23:2d:ce:8a:a6:98:f6:7e:e4:82: 82:d8:8a:48 -----BEGIN CERTIFICATE----- MIIFeDCCBGCgAwIBAgIBQjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFB NzE2OTExMC8GA1UEBRMoNDA0MkMyNDkwRDdEQUZFQzMzMjAzMTZFRDVBQTc0RTBC RUNBQTlBOTAeFw0yNDA3MDUwNzI4MjBaFw0yNTA4MzEwMDAwMDBaMBgxFjAUBgNV BAMTDTY2ODdhMDk0LWNiYjQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDXqTlIPkfAk2u/0845V2i8c4S346o2+HP7iKprrKoSPzT0ix7eYotf8uF/VReG QhglUN4BXdKLZXznaMfC+1y8eVlmR3SRng5Wwf2mRrcJut3kHWMHEpZlokVvWm4l YCa9xKee9gQaCKCpXINIc+iTgBH2h3I512MH2Zninh1SJy4zHuIJR2q3Mrtxogzl CwchL4dBy/HhnTwSzCeoidYM95T8VZ5fCalMA2EZMcX66iv9ianI6irKc8ycXP1J 53HMZKJUraLEYNQOYUriVW5/1EZkn1bleHv3s+/XiYI27MGmY3tBc17FHzZyWdqv ULgEHe8KLybi/tpxQlVh1895AgMBAAGjggKdMIICmTAdBgNVHQ4EFgQU4qbN5LQM MFVNynh11nrQhnicNcAwHwYDVR0jBBgwFoAUQELCSQ19r+wzIDFu1ap04L7Kqakw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUE3MTY5LzYyMzNERDNFRUJB RTExRUU4QTBFRDk2NEM0RjlBRTAyL1FFTENTUTE5ci13eklERnUxYXAwNEw3S3Fh ay5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvUUVMQ1NRMTlyLXd6SURGdTFhcDA0TDdLcWFrLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB NzE2OS82MjMzREQzRUVCQUUxMUVFOEEwRUQ5NjRDNEY5QUUwMi8zRTBCQTIxQ0VC QjIxMUVFQTkzRDlCMTRDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAnBggrBgEFBQcBBwEB/wQY MBYwFAQCAAEwDjAMAwQBp2daAwQFp2dAMA0GCSqGSIb3DQEBCwUAA4IBAQBmygq/ i/RidlE4//madx7bU/812LAYlCid8t6agkvL48ELEkDgtSGFH+rbgFIo8m81e5Yi Q/Z1PCEU/WL6/UMKcigurBdACq0RbTuM6ewDDADT3aN0gEi7cJqyK3JxbwCjZpi4 zbvClUxyGcAH2bRk7OHVj9nOlZSs/UnrJCgumA5qFq/k4fUblzvIMyktAdX73Ppy GIGdKSHrV5Fu2PHe3u5yTRn8kQypTIxlDrPP4Qtp8MqtizbVBdcM02rq72gpuDAa tSbHliPQpVH+8cyF3bxMxvtEU8p2YtaezRXlGDQPGwm4jp3dff4fDcFUAIjLmyMt zoqmmPZ+5IKC2IpI -----END CERTIFICATE-----Generated at Sun Feb 16 15:47:40 2025 by rpki-client