$ rpki-client -vvf rpki.apnic.net/member_repository/A91ACD72/4576A672261211ECB9319942C4F9AE02/CE988D80FB7311EC97CD7F85C4F9AE02.roa File: CE988D80FB7311EC97CD7F85C4F9AE02.roa (raw, json) Hash identifier: sNWMaE6Kxk7U7IVJoIVHc26Epr9NZPx+NxSKpYd0Rl0= Subject key identifier: 50:18:64:BF:D4:54:40:7E:71:8F:DB:C0:54:05:BD:C4:2B:CF:9C:B3 Certificate issuer: /CN=A91ACD72/serialNumber=2C19175325A5F36C0BB58F92119E65820C8FD57B Certificate serial: 0422 Authority key identifier: 2C:19:17:53:25:A5:F3:6C:0B:B5:8F:92:11:9E:65:82:0C:8F:D5:7B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LBkXUyWl82wLtY-SEZ5lggyP1Xs.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91ACD72/4576A672261211ECB9319942C4F9AE02/CE988D80FB7311EC97CD7F85C4F9AE02.roa Signing time: Mon 01 Jan 2024 02:03:41 +0000 ROA not before: Mon 01 Jan 2024 02:03:41 +0000 ROA not after: Sun 02 Mar 2025 00:00:00 +0000 asID: 395092 IP address blocks: 43.230.160.0/22 maxlen: 24 103.20.234.0/23 maxlen: 24 103.27.132.0/23 maxlen: 23 103.27.134.0/23 maxlen: 23 103.159.64.0/23 maxlen: 24 203.96.176.0/22 maxlen: 24 210.16.64.0/22 maxlen: 24 2406:cb40::/48 maxlen: 48 2406:cb40:1::/48 maxlen: 48 2406:cb41::/48 maxlen: 48 2406:cb42::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91ACD72/4576A672261211ECB9319942C4F9AE02/LBkXUyWl82wLtY-SEZ5lggyP1Xs.crl rsync://rpki.apnic.net/member_repository/A91ACD72/4576A672261211ECB9319942C4F9AE02/LBkXUyWl82wLtY-SEZ5lggyP1Xs.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LBkXUyWl82wLtY-SEZ5lggyP1Xs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 Nov 2024 20:33:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1058 (0x422) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91ACD72/serialNumber=2C19175325A5F36C0BB58F92119E65820C8FD57B Validity Not Before: Jan 1 02:03:41 2024 GMT Not After : Mar 2 00:00:00 2025 GMT Subject: CN=65921d7d-ea29 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:95:b3:c2:fb:ec:8c:86:51:04:81:b2:b4:94:7f: 69:57:ee:89:a2:b0:b6:d9:c3:16:ae:6a:ca:c1:9c: de:a3:d2:32:f8:c4:20:2b:a0:d8:43:62:df:0b:f4: d8:23:80:75:0b:ef:1d:a5:ee:08:94:d8:20:83:e4: 18:ec:7c:a7:bc:5f:76:14:59:4f:77:6e:63:95:57: 8c:4e:4b:eb:b3:69:28:9e:63:67:06:3b:fa:71:3d: 9e:eb:b4:51:ed:fa:91:8a:62:25:f8:b7:c2:67:b3: 55:83:95:73:15:28:c0:e4:de:16:53:26:e9:b6:df: 2c:f5:93:09:3b:35:59:62:f1:8c:2f:55:5e:77:ed: e0:ae:c1:7e:00:c5:13:bb:c3:25:a9:9e:a8:01:02: 41:60:7e:c2:ae:5b:e3:bd:9f:ab:56:97:90:d0:b1: cb:88:71:d5:a6:ba:81:d3:82:b4:83:64:09:8b:bb: 0d:f2:1f:0c:a0:f7:a9:87:e5:94:3f:8e:d8:61:0d: 3d:86:af:b7:ba:7a:30:be:53:a9:1a:6d:6a:31:86: a8:31:e9:cd:18:94:f8:09:6a:55:b5:35:2b:57:82: da:12:ef:10:ea:56:8a:51:20:c2:c8:38:96:54:d6: b8:db:ab:4e:20:06:a6:f8:e9:0b:bb:a4:16:9b:03: ba:8b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 50:18:64:BF:D4:54:40:7E:71:8F:DB:C0:54:05:BD:C4:2B:CF:9C:B3 X509v3 Authority Key Identifier: keyid:2C:19:17:53:25:A5:F3:6C:0B:B5:8F:92:11:9E:65:82:0C:8F:D5:7B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91ACD72/4576A672261211ECB9319942C4F9AE02/LBkXUyWl82wLtY-SEZ5lggyP1Xs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LBkXUyWl82wLtY-SEZ5lggyP1Xs.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91ACD72/4576A672261211ECB9319942C4F9AE02/CE988D80FB7311EC97CD7F85C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.230.160.0/22 103.20.234.0/23 103.27.132.0/22 103.159.64.0/23 203.96.176.0/22 210.16.64.0/22 IPv6: 2406:cb40::/47 2406:cb41::/48 2406:cb42::/48 Signature Algorithm: sha256WithRSAEncryption a6:6b:fb:1f:71:ad:00:71:0f:a9:7f:be:54:70:8d:6a:33:dc: 65:f4:4f:ad:4f:11:70:65:9d:f7:b7:89:c9:f1:11:29:c3:ed: 29:b4:63:36:3d:22:1d:21:ff:8a:98:91:bb:86:09:98:92:1b: 78:17:54:24:7e:c1:7c:2c:ed:e1:c9:e2:6f:be:51:62:c1:fb: 89:d0:cf:8d:66:60:a0:0e:22:db:87:e7:4d:34:02:1e:5c:aa: 63:6e:3b:ce:a3:d8:d2:dd:da:a9:c6:2c:46:2e:01:cf:c9:6e: 38:28:a2:22:a4:bf:80:c2:ec:f5:07:c4:99:6f:86:0f:cf:08: b9:e7:92:1e:41:a3:f7:75:6f:75:0d:aa:e5:3d:a7:47:d0:b1: 96:ed:82:59:2b:61:38:e0:5e:eb:5a:e9:19:ec:90:81:48:9c: 2b:e0:3b:ea:08:ad:af:f6:c5:66:b4:89:34:df:6d:f5:c6:1d: 64:39:b2:27:59:ad:df:2e:6f:04:bd:f1:a3:c2:5b:dc:c6:96: 21:ba:97:95:f3:4b:f9:12:43:78:9d:3f:42:df:84:59:f5:93: 8e:52:76:01:f0:74:25:03:f7:40:53:93:d2:91:3c:80:6e:23: 12:22:3a:d7:fb:55:2f:96:29:16:90:fa:fa:55:85:f6:07:9e: df:b5:d3:8b -----BEGIN CERTIFICATE----- MIIFsjCCBJqgAwIBAgICBCIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QUNENzIxMTAvBgNVBAUTKDJDMTkxNzUzMjVBNUYzNkMwQkI1OEY5MjExOUU2NTgy MEM4RkQ1N0IwHhcNMjQwMTAxMDIwMzQxWhcNMjUwMzAyMDAwMDAwWjAYMRYwFAYD VQQDEw02NTkyMWQ3ZC1lYTI5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAlbPC++yMhlEEgbK0lH9pV+6JorC22cMWrmrKwZzeo9Iy+MQgK6DYQ2LfC/TY I4B1C+8dpe4IlNggg+QY7HynvF92FFlPd25jlVeMTkvrs2konmNnBjv6cT2e67RR 7fqRimIl+LfCZ7NVg5VzFSjA5N4WUybptt8s9ZMJOzVZYvGML1Ved+3grsF+AMUT u8MlqZ6oAQJBYH7CrlvjvZ+rVpeQ0LHLiHHVprqB04K0g2QJi7sN8h8MoPeph+WU P47YYQ09hq+3unowvlOpGm1qMYaoMenNGJT4CWpVtTUrV4LaEu8Q6laKUSDCyDiW VNa426tOIAam+OkLu6QWmwO6iwIDAQABo4IC1jCCAtIwHQYDVR0OBBYEFFAYZL/U VEB+cY/bwFQFvcQrz5yzMB8GA1UdIwQYMBaAFCwZF1MlpfNsC7WPkhGeZYIMj9V7 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBQ0Q3Mi80NTc2QTY3MjI2 MTIxMUVDQjkzMTk5NDJDNEY5QUUwMi9MQmtYVXlXbDgyd0x0WS1TRVo1bGdneVAx WHMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0xCa1hVeVdsODJ3THRZLVNFWjVsZ2d5UDFYcy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QUNENzIvNDU3NkE2NzIyNjEyMTFFQ0I5MzE5OTQyQzRGOUFFMDIvQ0U5ODhEODBG QjczMTFFQzk3Q0Q3Rjg1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwYAYIKwYBBQUHAQcBAf8E UTBPMCoEAgABMCQDBAIr5qADBAFnFOoDBAJnG4QDBAFnn0ADBALLYLADBALSEEAw IQQCAAIwGwMHASQGy0AAAAMHACQGy0EAAAMHACQGy0IAADANBgkqhkiG9w0BAQsF AAOCAQEApmv7H3GtAHEPqX++VHCNajPcZfRPrU8RcGWd97eJyfERKcPtKbRjNj0i HSH/ipiRu4YJmJIbeBdUJH7BfCzt4cnib75RYsH7idDPjWZgoA4i24fnTTQCHlyq Y247zqPY0t3aqcYsRi4Bz8luOCiiIqS/gMLs9QfEmW+GD88IueeSHkGj93VvdQ2q 5T2nR9Cxlu2CWSthOOBe61rpGeyQgUicK+A76gitr/bFZrSJNN9t9cYdZDmyJ1mt 3y5vBL3xo8Jb3MaWIbqXlfNL+RJDeJ0/Qt+EWfWTjlJ2AfB0JQP3QFOT0pE8gG4j EiI61/tVL5YpFpD6+lWF9gee37XTiw== -----END CERTIFICATE-----Generated at Thu Nov 21 00:21:23 2024 by rpki-client on console-fra.rpki-client.org