$ rpki-client -vvf rpki.apnic.net/member_repository/A91A8A52/FB7E4BDE70B511ED93F0DD16C4F9AE02/655B85F0225B11EFADDE6F63C4F9AE02.roa File: 655B85F0225B11EFADDE6F63C4F9AE02.roa (raw, json) Hash identifier: nj7JmWAwqKap0yeUNgBy44jTuFtiDXjsATDjRH5UpQQ= Subject key identifier: 06:D0:4A:92:94:40:35:09:40:BD:5A:94:6D:A1:DF:24:7F:BE:6C:50 Certificate issuer: /CN=A91A8A52/serialNumber=712EB5A2D7069F18EE9C65F3B013271ADBF1F540 Certificate serial: 0129 Authority key identifier: 71:2E:B5:A2:D7:06:9F:18:EE:9C:65:F3:B0:13:27:1A:DB:F1:F5:40 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cS61otcGnxjunGXzsBMnGtvx9UA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A8A52/FB7E4BDE70B511ED93F0DD16C4F9AE02/655B85F0225B11EFADDE6F63C4F9AE02.roa Signing time: Tue 04 Jun 2024 10:15:41 +0000 ROA not before: Tue 04 Jun 2024 10:15:41 +0000 ROA not after: Sun 02 Mar 2025 00:00:00 +0000 asID: 150451 IP address blocks: 103.42.229.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A8A52/FB7E4BDE70B511ED93F0DD16C4F9AE02/cS61otcGnxjunGXzsBMnGtvx9UA.crl rsync://rpki.apnic.net/member_repository/A91A8A52/FB7E4BDE70B511ED93F0DD16C4F9AE02/cS61otcGnxjunGXzsBMnGtvx9UA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cS61otcGnxjunGXzsBMnGtvx9UA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 30 Nov 2024 02:10:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 297 (0x129) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A8A52/serialNumber=712EB5A2D7069F18EE9C65F3B013271ADBF1F540 Validity Not Before: Jun 4 10:15:41 2024 GMT Not After : Mar 2 00:00:00 2025 GMT Subject: CN=665ee94d-212a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:86:89:2d:97:93:85:d0:16:f2:40:d0:e7:69: dc:a9:4b:c3:88:de:5e:c8:24:48:28:9c:07:98:ee: 8b:df:35:09:d0:04:24:67:20:8b:f6:6c:45:d5:24: 78:59:03:ea:0d:33:c1:76:30:f2:28:da:b2:2b:31: e1:af:e0:47:91:90:8c:5f:42:6b:6f:8a:a9:99:3b: 17:6a:db:3b:de:42:4e:c2:2f:1f:fb:c5:43:02:fb: b9:4b:ef:11:be:37:8d:71:86:df:ad:8c:0f:bc:03: 24:8b:5d:67:5e:9e:59:cd:e2:0d:3c:31:5a:17:78: 1a:f0:95:df:28:a0:c8:bf:62:bc:a5:36:b1:bb:63: 5d:96:16:b6:ac:db:6c:58:a2:82:39:99:a8:50:30: 21:22:df:8f:70:af:92:86:42:29:d5:98:27:92:8e: 3a:0e:8f:8f:f1:e6:22:fc:fe:05:b7:4d:bf:da:c7: 69:54:30:50:2e:3a:24:97:d7:d4:e2:aa:bd:6a:3e: dd:c5:b1:78:66:8d:31:56:9e:00:78:a9:0f:1d:3c: 46:0d:5a:d3:fa:e0:73:75:26:a4:f4:d0:4f:73:13: 69:ce:9a:6f:68:d4:be:6b:28:12:2d:66:01:5f:25: 6a:a0:ae:5c:93:84:df:ec:12:2e:3c:13:32:79:23: 9f:51 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 06:D0:4A:92:94:40:35:09:40:BD:5A:94:6D:A1:DF:24:7F:BE:6C:50 X509v3 Authority Key Identifier: keyid:71:2E:B5:A2:D7:06:9F:18:EE:9C:65:F3:B0:13:27:1A:DB:F1:F5:40 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A8A52/FB7E4BDE70B511ED93F0DD16C4F9AE02/cS61otcGnxjunGXzsBMnGtvx9UA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cS61otcGnxjunGXzsBMnGtvx9UA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A8A52/FB7E4BDE70B511ED93F0DD16C4F9AE02/655B85F0225B11EFADDE6F63C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.42.229.0/24 Signature Algorithm: sha256WithRSAEncryption 2c:e3:f6:4c:4f:ae:f7:d7:d9:31:6f:02:c0:8c:90:8f:97:54: 96:5f:92:4f:d2:0d:84:b2:0f:07:12:69:aa:c5:17:93:94:90: e1:44:11:c4:34:42:59:fb:13:ba:35:1e:74:a8:0d:28:20:e0: a4:cd:8a:e8:74:e9:d2:14:1c:d8:c0:e6:53:05:21:9f:bc:c1: 01:65:de:96:b4:3c:ca:51:56:b7:e2:ba:5a:48:14:f5:9e:bd: 81:e7:fa:23:05:39:2d:1b:bc:d0:dc:74:be:64:8b:2d:1a:d2: 54:e4:0d:e1:3e:47:10:90:d4:74:77:07:3f:c1:3c:6e:c2:ec: 76:8c:ee:78:2f:0e:dc:95:b8:34:2a:43:62:60:c4:b5:56:af: e5:66:3d:29:11:8e:da:70:8b:55:c9:a6:bd:ab:4f:f7:45:aa: 24:ec:db:e0:91:1b:c3:09:80:20:3d:70:5d:25:4e:ac:bb:aa: f5:8e:74:65:ed:0c:63:07:4c:5e:cd:63:84:3f:69:0b:0d:59: 88:f7:17:8c:31:b6:af:a4:2b:a0:be:bb:30:98:d0:bf:9c:b1: 87:80:80:9b:45:df:d9:9b:a6:b5:c5:06:74:9d:66:8e:e2:3d: 8d:ba:1c:c3:07:7c:b2:da:f6:8d:bd:11:90:3e:fa:16:c2:fb: 41:24:23:36 -----BEGIN CERTIFICATE----- MIIFcTCCBFmgAwIBAgICASkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QThBNTIxMTAvBgNVBAUTKDcxMkVCNUEyRDcwNjlGMThFRTlDNjVGM0IwMTMyNzFB REJGMUY1NDAwHhcNMjQwNjA0MTAxNTQxWhcNMjUwMzAyMDAwMDAwWjAYMRYwFAYD VQQDEw02NjVlZTk0ZC0yMTJhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAroaJLZeThdAW8kDQ52ncqUvDiN5eyCRIKJwHmO6L3zUJ0AQkZyCL9mxF1SR4 WQPqDTPBdjDyKNqyKzHhr+BHkZCMX0Jrb4qpmTsXats73kJOwi8f+8VDAvu5S+8R vjeNcYbfrYwPvAMki11nXp5ZzeINPDFaF3ga8JXfKKDIv2K8pTaxu2Ndlha2rNts WKKCOZmoUDAhIt+PcK+ShkIp1Zgnko46Do+P8eYi/P4Ft02/2sdpVDBQLjokl9fU 4qq9aj7dxbF4Zo0xVp4AeKkPHTxGDVrT+uBzdSak9NBPcxNpzppvaNS+aygSLWYB XyVqoK5ck4Tf7BIuPBMyeSOfUQIDAQABo4IClTCCApEwHQYDVR0OBBYEFAbQSpKU QDUJQL1alG2h3yR/vmxQMB8GA1UdIwQYMBaAFHEutaLXBp8Y7pxl87ATJxrb8fVA MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBOEE1Mi9GQjdFNEJERTcw QjUxMUVEOTNGMEREMTZDNEY5QUUwMi9jUzYxb3RjR254anVuR1h6c0JNbkd0dng5 VUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2NTNjFvdGNHbnhqdW5HWHpzQk1uR3R2eDlVQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QThBNTIvRkI3RTRCREU3MEI1MTFFRDkzRjBERDE2QzRGOUFFMDIvNjU1Qjg1RjAy MjVCMTFFRkFEREU2RjYzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E EDAOMAwEAgABMAYDBABnKuUwDQYJKoZIhvcNAQELBQADggEBACzj9kxPrvfX2TFv AsCMkI+XVJZfkk/SDYSyDwcSaarFF5OUkOFEEcQ0Qln7E7o1HnSoDSgg4KTNiuh0 6dIUHNjA5lMFIZ+8wQFl3pa0PMpRVrfiulpIFPWevYHn+iMFOS0bvNDcdL5kiy0a 0lTkDeE+RxCQ1HR3Bz/BPG7C7HaM7ngvDtyVuDQqQ2JgxLVWr+VmPSkRjtpwi1XJ pr2rT/dFqiTs2+CRG8MJgCA9cF0lTqy7qvWOdGXtDGMHTF7NY4Q/aQsNWYj3F4wx tq+kK6C+uzCY0L+csYeAgJtF39mbprXFBnSdZo7iPY26HMMHfLLa9o29EZA++hbC +0EkIzY= -----END CERTIFICATE-----Generated at Sat Nov 23 05:02:54 2024 by rpki-client on console-fra.rpki-client.org