$ rpki-client -vvf rpki.apnic.net/member_repository/A91AC532/DAA0D0B4037E11EF8520E758C4F9AE02/A0AD48EA083011EF82AFFD44C4F9AE02.roa File: A0AD48EA083011EF82AFFD44C4F9AE02.roa (raw, json) Hash identifier: P4pfeLYjex5Xs+iFi6P9GtP2+Goc0UoB5bCaVV+knqs= Subject key identifier: C9:75:89:39:FF:4D:31:33:5C:CC:EC:65:40:FB:90:A6:82:A2:48:DE Certificate issuer: /CN=A91AC532/serialNumber=BCAB3E76F84ED43742F2A081242708E799CE1B5F Certificate serial: 24 Authority key identifier: BC:AB:3E:76:F8:4E:D4:37:42:F2:A0:81:24:27:08:E7:99:CE:1B:5F Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vKs-dvhO1DdC8qCBJCcI55nOG18.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91AC532/DAA0D0B4037E11EF8520E758C4F9AE02/A0AD48EA083011EF82AFFD44C4F9AE02.roa Signing time: Thu 02 May 2024 03:04:02 +0000 ROA not before: Thu 02 May 2024 03:04:02 +0000 ROA not after: Wed 28 May 2025 00:00:00 +0000 asID: 35908 IP address blocks: 43.252.120.0/22 maxlen: 24 103.233.80.0/22 maxlen: 24 110.34.128.0/17 maxlen: 24 2401:4a40::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91AC532/DAA0D0B4037E11EF8520E758C4F9AE02/vKs-dvhO1DdC8qCBJCcI55nOG18.crl rsync://rpki.apnic.net/member_repository/A91AC532/DAA0D0B4037E11EF8520E758C4F9AE02/vKs-dvhO1DdC8qCBJCcI55nOG18.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vKs-dvhO1DdC8qCBJCcI55nOG18.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 28 Nov 2024 04:59:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 36 (0x24) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91AC532/serialNumber=BCAB3E76F84ED43742F2A081242708E799CE1B5F Validity Not Before: May 2 03:04:02 2024 GMT Not After : May 28 00:00:00 2025 GMT Subject: CN=663302a2-a8a0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:3e:85:20:92:90:26:1c:b3:67:af:16:89:53: 0d:19:ff:ac:9e:20:90:ee:1b:15:95:23:ce:a4:73: ef:b3:67:99:3a:e1:24:c7:85:4f:0e:df:dc:8c:46: 13:ec:33:4a:27:6b:16:54:49:d6:83:9a:a3:65:58: 64:0f:8f:17:6c:b7:da:b3:90:3c:9a:db:c2:a6:78: 03:a2:27:19:a4:06:ac:a8:cd:fb:fc:b2:96:cc:1d: 08:4e:88:37:97:3c:db:87:20:5e:bf:08:52:d1:f5: c5:8f:a2:1d:cf:08:be:6c:bf:18:41:72:60:a2:2f: fb:7e:be:e9:2e:29:0c:02:d2:f7:4f:94:1f:24:d4: 27:35:59:2b:d7:30:1b:a2:1a:e4:8f:53:f3:52:52: 31:99:1e:63:7f:df:9a:c5:7a:c2:d2:2e:33:8f:31: 09:fb:61:e6:5e:be:17:1c:2e:d5:9b:34:92:f8:52: 75:a8:7e:54:8c:5e:15:9f:89:4a:1b:fb:0f:3e:e4: 17:85:1e:92:4e:6c:60:d9:e9:44:d7:75:8b:97:ca: 61:fb:7f:30:03:da:c5:7c:53:50:7f:c3:67:5b:7a: 16:40:69:47:53:25:63:22:9d:5b:5e:6a:66:36:4b: 01:9d:17:9b:a8:53:a6:95:f6:60:9f:e0:be:88:0d: 92:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C9:75:89:39:FF:4D:31:33:5C:CC:EC:65:40:FB:90:A6:82:A2:48:DE X509v3 Authority Key Identifier: keyid:BC:AB:3E:76:F8:4E:D4:37:42:F2:A0:81:24:27:08:E7:99:CE:1B:5F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91AC532/DAA0D0B4037E11EF8520E758C4F9AE02/vKs-dvhO1DdC8qCBJCcI55nOG18.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vKs-dvhO1DdC8qCBJCcI55nOG18.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AC532/DAA0D0B4037E11EF8520E758C4F9AE02/A0AD48EA083011EF82AFFD44C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.252.120.0/22 103.233.80.0/22 110.34.128.0/17 IPv6: 2401:4a40::/32 Signature Algorithm: sha256WithRSAEncryption 94:0e:ab:ba:b4:49:39:94:8d:b8:91:d9:e8:84:d5:84:0f:62: b4:ee:d0:3c:84:67:f5:d7:73:96:d8:d7:43:65:e6:bc:b2:40: 3d:fb:a3:65:35:be:fc:97:3b:3d:ac:eb:13:0f:af:a6:92:02: ee:f5:f0:5d:74:ff:82:19:bd:a8:07:13:ea:1b:a7:21:e0:c9: 74:00:9c:15:a7:de:0f:5b:fe:7e:be:4d:3d:75:3e:5c:e6:ee: 5f:84:f4:ac:09:1b:eb:cb:a3:1f:ef:0f:3e:39:bd:49:e9:b3: d9:63:83:19:aa:77:ee:75:c0:82:56:04:5e:1e:b2:6b:81:60: 87:8f:11:ac:ac:c0:4e:af:88:63:fe:98:d0:12:3e:ca:29:da: 84:34:84:4f:76:af:39:ba:6d:b7:b1:a6:72:9e:45:e6:08:f5: 57:3c:54:a4:aa:4a:21:f0:7e:31:c1:a4:27:89:8d:0d:1f:84: ea:f2:b0:13:2b:4c:20:be:7b:77:f4:76:9f:1c:07:33:39:45: 24:44:bc:1b:e5:b4:7d:03:20:f1:8e:97:7c:b9:38:b5:28:6c: 54:ed:02:9e:a3:5a:ad:1e:54:a5:48:4e:84:3e:cd:09:24:12: 03:f3:17:cc:13:1e:2d:80:06:e3:8d:7a:50:9b:94:89:69:b6: 67:8b:7d:05 -----BEGIN CERTIFICATE----- MIIFizCCBHOgAwIBAgIBJDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFB QzUzMjExMC8GA1UEBRMoQkNBQjNFNzZGODRFRDQzNzQyRjJBMDgxMjQyNzA4RTc5 OUNFMUI1RjAeFw0yNDA1MDIwMzA0MDJaFw0yNTA1MjgwMDAwMDBaMBgxFjAUBgNV BAMTDTY2MzMwMmEyLWE4YTAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQC9PoUgkpAmHLNnrxaJUw0Z/6yeIJDuGxWVI86kc++zZ5k64STHhU8O39yMRhPs M0onaxZUSdaDmqNlWGQPjxdst9qzkDya28KmeAOiJxmkBqyozfv8spbMHQhOiDeX PNuHIF6/CFLR9cWPoh3PCL5svxhBcmCiL/t+vukuKQwC0vdPlB8k1Cc1WSvXMBui GuSPU/NSUjGZHmN/35rFesLSLjOPMQn7YeZevhccLtWbNJL4UnWoflSMXhWfiUob +w8+5BeFHpJObGDZ6UTXdYuXymH7fzAD2sV8U1B/w2dbehZAaUdTJWMinVteamY2 SwGdF5uoU6aV9mCf4L6IDZIzAgMBAAGjggKwMIICrDAdBgNVHQ4EFgQUyXWJOf9N MTNczOxlQPuQpoKiSN4wHwYDVR0jBBgwFoAUvKs+dvhO1DdC8qCBJCcI55nOG18w DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUFDNTMyL0RBQTBEMEI0MDM3 RTExRUY4NTIwRTc1OEM0RjlBRTAyL3ZLcy1kdmhPMURkQzhxQ0JKQ2NJNTVuT0cx OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvdktzLWR2aE8xRGRDOHFDQkpDY0k1NW5PRzE4LmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB QzUzMi9EQUEwRDBCNDAzN0UxMUVGODUyMEU3NThDNEY5QUUwMi9BMEFENDhFQTA4 MzAxMUVGODJBRkZENDRDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDA6BggrBgEFBQcBBwEB/wQr MCkwGAQCAAEwEgMEAiv8eAMEAmfpUAMEB24igDANBAIAAjAHAwUAJAFKQDANBgkq hkiG9w0BAQsFAAOCAQEAlA6rurRJOZSNuJHZ6ITVhA9itO7QPIRn9ddzltjXQ2Xm vLJAPfujZTW+/Jc7PazrEw+vppIC7vXwXXT/ghm9qAcT6hunIeDJdACcFafeD1v+ fr5NPXU+XObuX4T0rAkb68ujH+8PPjm9Semz2WODGap37nXAglYEXh6ya4Fgh48R rKzATq+IY/6Y0BI+yinahDSET3avObptt7Gmcp5F5gj1VzxUpKpKIfB+McGkJ4mN DR+E6vKwEytMIL57d/R2nxwHMzlFJES8G+W0fQMg8Y6XfLk4tShsVO0CnqNarR5U pUhOhD7NCSQSA/MXzBMeLYAG4416UJuUiWm2Z4t9BQ== -----END CERTIFICATE-----Generated at Thu Nov 21 06:50:48 2024 by rpki-client on console-fra.rpki-client.org