$ rpki-client -vvf rpki.apnic.net/member_repository/A91AEE4B/63DFF80245A411EA942E0957C4F9AE02/02F1850E45A611EA81CD145AC4F9AE02.roa File: 02F1850E45A611EA81CD145AC4F9AE02.roa (raw, json) Hash identifier: +dnFv6At/j+rB10C6K34OqDt094wwEbkgdTC71u4hkg= Subject key identifier: 0D:08:AC:02:3E:9A:3A:F2:82:51:57:C8:AB:0D:0C:5F:F3:9D:E7:48 Certificate issuer: /CN=A91AEE4B/serialNumber=B77283C533113A391E31D94527186ACF8399A25F Certificate serial: 0A71 Authority key identifier: B7:72:83:C5:33:11:3A:39:1E:31:D9:45:27:18:6A:CF:83:99:A2:5F Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/t3KDxTMROjkeMdlFJxhqz4OZol8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91AEE4B/63DFF80245A411EA942E0957C4F9AE02/02F1850E45A611EA81CD145AC4F9AE02.roa Signing time: Tue 20 Aug 2024 20:08:59 +0000 ROA not before: Tue 20 Aug 2024 20:08:59 +0000 ROA not after: Fri 31 Oct 2025 00:00:00 +0000 asID: 134601 IP address blocks: 103.120.220.0/22 maxlen: 22 103.120.220.0/24 maxlen: 24 103.120.221.0/24 maxlen: 24 103.120.222.0/24 maxlen: 24 103.120.223.0/24 maxlen: 24 2404:ef40::/32 maxlen: 32 2404:ef40:220::/48 maxlen: 48 2404:ef40:221::/48 maxlen: 48 2404:ef40:222::/48 maxlen: 48 2404:ef40:223::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91AEE4B/63DFF80245A411EA942E0957C4F9AE02/t3KDxTMROjkeMdlFJxhqz4OZol8.crl rsync://rpki.apnic.net/member_repository/A91AEE4B/63DFF80245A411EA942E0957C4F9AE02/t3KDxTMROjkeMdlFJxhqz4OZol8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/t3KDxTMROjkeMdlFJxhqz4OZol8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Nov 2024 19:19:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2673 (0xa71) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91AEE4B/serialNumber=B77283C533113A391E31D94527186ACF8399A25F Validity Not Before: Aug 20 20:08:59 2024 GMT Not After : Oct 31 00:00:00 2025 GMT Subject: CN=66c4f7da-87e0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:17:14:ce:99:d7:32:62:e1:af:03:05:2a:ec: 2d:48:7b:07:ac:8b:70:5c:89:c9:31:e1:ca:54:e1: 96:1d:89:e3:d5:27:1e:4b:7e:0b:b5:8b:23:2c:3e: 9b:99:f5:e9:d7:03:bf:45:09:af:df:72:4b:51:13: 90:c8:2c:77:4e:21:20:9e:fe:52:59:1d:56:e2:d0: 0d:8c:d4:e4:40:a7:ed:1f:26:11:f8:78:8c:48:68: 2f:e7:74:20:27:f4:79:c6:b8:6f:b5:d0:73:57:1b: 73:52:58:e8:58:b4:a3:15:9e:5c:7e:d4:3a:62:e3: e7:6e:0e:7e:3b:1c:a4:4b:bc:cd:1b:92:c4:49:5f: 70:3b:62:6f:51:53:2a:5d:35:14:7e:a8:61:b8:04: 50:6e:05:05:f8:ec:c9:68:a1:9a:72:d8:8d:f6:07: a6:9f:3a:04:d1:8d:b9:62:b9:d2:9c:02:2c:bb:30: 92:27:b2:22:20:89:8d:84:bb:1f:7f:32:ce:6c:1e: 99:e8:1d:0e:7f:5c:da:77:33:60:51:c7:73:0f:b6: c8:a1:9d:ab:1b:ea:fb:2e:48:62:f2:71:d4:be:6a: 1c:4c:79:e7:b4:c1:31:59:98:e2:50:21:f9:32:20: b1:8c:16:a1:d7:1d:3f:80:6b:6f:61:ed:ce:d2:a1: 29:59 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0D:08:AC:02:3E:9A:3A:F2:82:51:57:C8:AB:0D:0C:5F:F3:9D:E7:48 X509v3 Authority Key Identifier: keyid:B7:72:83:C5:33:11:3A:39:1E:31:D9:45:27:18:6A:CF:83:99:A2:5F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91AEE4B/63DFF80245A411EA942E0957C4F9AE02/t3KDxTMROjkeMdlFJxhqz4OZol8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/t3KDxTMROjkeMdlFJxhqz4OZol8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AEE4B/63DFF80245A411EA942E0957C4F9AE02/02F1850E45A611EA81CD145AC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.120.220.0/22 IPv6: 2404:ef40::/32 Signature Algorithm: sha256WithRSAEncryption ca:e9:a3:46:9f:6e:3b:8d:29:28:e9:30:92:a1:5d:c8:63:2f: 51:41:6e:ed:6e:e3:76:7a:b8:0c:ef:2d:57:87:31:2e:f9:13: 44:96:12:09:f2:dd:a2:18:da:26:f3:4f:02:87:7f:8e:0a:3a: 3f:46:ed:2c:a8:4a:b8:ed:37:d6:9f:38:1c:12:d5:a1:82:04: 99:1d:45:c1:95:3b:25:0c:14:56:24:43:35:d8:46:3d:53:75: 3e:5e:1e:ae:f5:77:5b:5d:75:22:a6:87:ed:4b:e8:f9:c8:85: 33:27:66:a0:ff:52:cc:6a:a7:8d:4c:7e:4c:9a:a9:75:a7:65: 84:f6:87:40:9b:69:cd:54:f7:21:65:a3:52:be:06:2a:64:de: fe:b2:be:1f:aa:5c:0f:53:7f:79:aa:f3:4a:aa:a9:c5:57:c9: 93:b6:a7:19:5e:f9:65:80:f2:ef:25:73:47:72:6e:d4:8b:a4: e9:5a:3a:e1:9d:76:1b:68:a3:db:f3:f5:f0:17:a1:a7:e4:6d: 6c:19:00:fd:98:75:ca:65:8f:3f:a1:1f:df:f8:bb:5c:5c:b3: fe:5f:9f:7d:90:3a:e3:9b:e2:57:e4:38:7b:1d:a1:54:a5:d5: ca:56:96:3c:55:87:54:a2:c5:1c:93:27:99:f2:55:bc:d5:29: 9e:a3:7d:a3 -----BEGIN CERTIFICATE----- MIIFgDCCBGigAwIBAgICCnEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QUVFNEIxMTAvBgNVBAUTKEI3NzI4M0M1MzMxMTNBMzkxRTMxRDk0NTI3MTg2QUNG ODM5OUEyNUYwHhcNMjQwODIwMjAwODU5WhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NmM0ZjdkYS04N2UwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAsBcUzpnXMmLhrwMFKuwtSHsHrItwXInJMeHKVOGWHYnj1SceS34LtYsjLD6b mfXp1wO/RQmv33JLUROQyCx3TiEgnv5SWR1W4tANjNTkQKftHyYR+HiMSGgv53Qg J/R5xrhvtdBzVxtzUljoWLSjFZ5cftQ6YuPnbg5+OxykS7zNG5LESV9wO2JvUVMq XTUUfqhhuARQbgUF+OzJaKGactiN9gemnzoE0Y25YrnSnAIsuzCSJ7IiIImNhLsf fzLObB6Z6B0Of1zadzNgUcdzD7bIoZ2rG+r7Lkhi8nHUvmocTHnntMExWZjiUCH5 MiCxjBah1x0/gGtvYe3O0qEpWQIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFA0IrAI+ mjryglFXyKsNDF/znedIMB8GA1UdIwQYMBaAFLdyg8UzETo5HjHZRScYas+DmaJf MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBRUU0Qi82M0RGRjgwMjQ1 QTQxMUVBOTQyRTA5NTdDNEY5QUUwMi90M0tEeFRNUk9qa2VNZGxGSnhocXo0T1pv bDguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3QzS0R4VE1ST2prZU1kbEZKeGhxejRPWm9sOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QUVFNEIvNjNERkY4MDI0NUE0MTFFQTk0MkUwOTU3QzRGOUFFMDIvMDJGMTg1MEU0 NUE2MTFFQTgxQ0QxNDVBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E HzAdMAwEAgABMAYDBAJneNwwDQQCAAIwBwMFACQE70AwDQYJKoZIhvcNAQELBQAD ggEBAMrpo0afbjuNKSjpMJKhXchjL1FBbu1u43Z6uAzvLVeHMS75E0SWEgny3aIY 2ibzTwKHf44KOj9G7SyoSrjtN9afOBwS1aGCBJkdRcGVOyUMFFYkQzXYRj1TdT5e Hq71d1tddSKmh+1L6PnIhTMnZqD/Usxqp41MfkyaqXWnZYT2h0Cbac1U9yFlo1K+ Bipk3v6yvh+qXA9Tf3mq80qqqcVXyZO2pxle+WWA8u8lc0dybtSLpOlaOuGddhto o9vz9fAXoafkbWwZAP2Ydcpljz+hH9/4u1xcs/5fn32QOuOb4lfkOHsdoVSl1cpW ljxVh1SixRyTJ5nyVbzVKZ6jfaM= -----END CERTIFICATE-----Generated at Fri Nov 22 21:05:32 2024 by rpki-client on console-fra.rpki-client.org