$ rpki-client -vvf rpki.apnic.net/member_repository/A91AF317/4FD576808C6F11EBBA819F31C4F9AE02/291E55288C7111EBA752313FC4F9AE02.roa File: 291E55288C7111EBA752313FC4F9AE02.roa (raw, json) Hash identifier: A4h072jPvWuDDgO/u+pRW1SBWKkT2qV8RaMiezxbECY= Subject key identifier: CB:95:8A:35:4D:E8:0D:2B:5E:EF:0A:1B:8F:0B:90:08:89:E9:DB:7C Certificate issuer: /CN=A91AF317/serialNumber=779CD921569E93F9D26B13A5AA7E376CFB5F0690 Certificate serial: 05D4 Authority key identifier: 77:9C:D9:21:56:9E:93:F9:D2:6B:13:A5:AA:7E:37:6C:FB:5F:06:90 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/d5zZIVaek_nSaxOlqn43bPtfBpA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91AF317/4FD576808C6F11EBBA819F31C4F9AE02/291E55288C7111EBA752313FC4F9AE02.roa Signing time: Thu 26 Sep 2024 22:52:11 +0000 ROA not before: Thu 26 Sep 2024 22:52:11 +0000 ROA not after: Mon 01 Dec 2025 00:00:00 +0000 asID: 132464 IP address blocks: 103.73.58.0/24 maxlen: 24 103.145.187.0/24 maxlen: 24 2400:7de0::/32 maxlen: 32 2400:7de0::/36 maxlen: 36 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91AF317/4FD576808C6F11EBBA819F31C4F9AE02/d5zZIVaek_nSaxOlqn43bPtfBpA.crl rsync://rpki.apnic.net/member_repository/A91AF317/4FD576808C6F11EBBA819F31C4F9AE02/d5zZIVaek_nSaxOlqn43bPtfBpA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/d5zZIVaek_nSaxOlqn43bPtfBpA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Nov 2024 20:43:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1492 (0x5d4) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91AF317/serialNumber=779CD921569E93F9D26B13A5AA7E376CFB5F0690 Validity Not Before: Sep 26 22:52:11 2024 GMT Not After : Dec 1 00:00:00 2025 GMT Subject: CN=66f5e59b-8d1f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:67:29:ca:6f:42:c0:e6:e5:dd:01:07:34:6b: c6:5d:34:1d:3f:43:60:df:6c:a9:37:b2:bb:0f:30: f4:05:82:e0:15:77:b7:1d:92:6d:c2:ec:fe:4a:e2: b8:53:23:f0:12:3d:e3:a9:b3:9d:d2:68:a4:59:0e: d5:1e:6c:6f:95:3f:3e:f9:f9:dd:e3:f6:a3:cd:4f: 65:81:a7:1c:32:ac:50:2b:74:3e:14:54:c5:e4:81: 32:84:45:60:76:e0:da:ee:cb:86:4d:a2:25:fc:5b: dd:ad:ec:18:1a:17:76:a8:63:04:a6:92:fd:2f:53: 29:7b:05:8d:0c:d5:16:5e:a2:e4:3b:f4:6b:23:65: b7:ad:90:c6:a2:f9:48:bc:61:93:55:36:2b:c4:25: df:67:86:34:09:51:22:e2:60:eb:9b:13:8b:f4:c6: f8:6d:9c:4a:1a:fd:e9:ed:42:2c:01:98:c9:98:4c: ad:0f:80:c9:db:dc:68:fc:7a:a3:69:55:cc:4d:78: e8:9c:fe:82:ed:da:33:94:dc:c9:dc:91:18:5a:3c: 06:db:0c:52:17:b4:1d:d3:1e:16:ff:fe:19:5d:eb: 60:24:da:8c:49:af:ef:5d:1b:15:ec:65:f5:24:77: f9:f6:e6:d3:b0:2a:c7:21:2d:89:c6:85:d5:c9:dd: 13:f9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CB:95:8A:35:4D:E8:0D:2B:5E:EF:0A:1B:8F:0B:90:08:89:E9:DB:7C X509v3 Authority Key Identifier: keyid:77:9C:D9:21:56:9E:93:F9:D2:6B:13:A5:AA:7E:37:6C:FB:5F:06:90 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91AF317/4FD576808C6F11EBBA819F31C4F9AE02/d5zZIVaek_nSaxOlqn43bPtfBpA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/d5zZIVaek_nSaxOlqn43bPtfBpA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AF317/4FD576808C6F11EBBA819F31C4F9AE02/291E55288C7111EBA752313FC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.73.58.0/24 103.145.187.0/24 IPv6: 2400:7de0::/32 Signature Algorithm: sha256WithRSAEncryption 09:62:5a:8d:46:3c:0e:a3:f9:2c:e5:2c:85:b3:f1:df:c1:65: 21:99:40:d3:7f:f4:86:17:13:2f:72:17:61:6f:94:39:a5:12: f6:56:a8:f7:69:d3:59:af:0e:da:9c:01:34:0b:f0:dd:5b:70: a4:65:66:4d:65:dd:fd:20:ef:90:8f:71:98:79:6f:e7:8c:ac: d0:50:22:c3:82:d9:ff:06:24:1b:11:5d:e2:67:ba:94:d0:64: 81:f5:47:c7:48:76:cb:b2:90:79:3d:5f:4b:c7:f3:4d:ad:01: fa:91:e6:08:c6:e1:0d:5a:ce:2a:cd:d8:ce:6e:63:03:0e:4c: 86:9e:b2:27:14:5a:9d:be:10:34:38:c9:60:6e:92:aa:c7:61: ec:ba:f8:09:dd:6f:ba:10:32:d0:78:5c:a5:4a:71:08:43:8c: c6:8f:44:f0:f0:ed:be:64:40:2e:bf:f0:c4:a2:69:a8:db:8c: c9:48:dc:f5:4e:8a:bf:6e:2f:d8:cf:c9:4d:47:18:34:bb:d7: 49:1c:b6:c3:a5:95:5f:ef:20:77:2d:d2:27:e4:e2:c5:93:71: 20:d5:cf:f7:ac:dd:bb:77:1b:16:f6:34:5d:cd:d7:fa:bf:80: 53:f3:b8:14:9e:81:0d:dc:c0:cc:f2:02:29:a5:00:71:6c:c4: db:5f:19:ff -----BEGIN CERTIFICATE----- MIIFhjCCBG6gAwIBAgICBdQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QUYzMTcxMTAvBgNVBAUTKDc3OUNEOTIxNTY5RTkzRjlEMjZCMTNBNUFBN0UzNzZD RkI1RjA2OTAwHhcNMjQwOTI2MjI1MjExWhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD VQQDEw02NmY1ZTU5Yi04ZDFmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAs2cpym9CwObl3QEHNGvGXTQdP0Ng32ypN7K7DzD0BYLgFXe3HZJtwuz+SuK4 UyPwEj3jqbOd0mikWQ7VHmxvlT8++fnd4/ajzU9lgaccMqxQK3Q+FFTF5IEyhEVg duDa7suGTaIl/FvdrewYGhd2qGMEppL9L1MpewWNDNUWXqLkO/RrI2W3rZDGovlI vGGTVTYrxCXfZ4Y0CVEi4mDrmxOL9Mb4bZxKGv3p7UIsAZjJmEytD4DJ29xo/Hqj aVXMTXjonP6C7dozlNzJ3JEYWjwG2wxSF7Qd0x4W//4ZXetgJNqMSa/vXRsV7GX1 JHf59ubTsCrHIS2JxoXVyd0T+QIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFMuVijVN 6A0rXu8KG48LkAiJ6dt8MB8GA1UdIwQYMBaAFHec2SFWnpP50msTpap+N2z7XwaQ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBRjMxNy80RkQ1NzY4MDhD NkYxMUVCQkE4MTlGMzFDNEY5QUUwMi9kNXpaSVZhZWtfblNheE9scW40M2JQdGZC cEEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2Q1elpJVmFla19uU2F4T2xxbjQzYlB0ZkJwQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QUYzMTcvNEZENTc2ODA4QzZGMTFFQkJBODE5RjMxQzRGOUFFMDIvMjkxRTU1Mjg4 QzcxMTFFQkE3NTIzMTNGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E JTAjMBIEAgABMAwDBABnSToDBABnkbswDQQCAAIwBwMFACQAfeAwDQYJKoZIhvcN AQELBQADggEBAAliWo1GPA6j+SzlLIWz8d/BZSGZQNN/9IYXEy9yF2FvlDmlEvZW qPdp01mvDtqcATQL8N1bcKRlZk1l3f0g75CPcZh5b+eMrNBQIsOC2f8GJBsRXeJn upTQZIH1R8dIdsuykHk9X0vH802tAfqR5gjG4Q1azirN2M5uYwMOTIaesicUWp2+ EDQ4yWBukqrHYey6+Andb7oQMtB4XKVKcQhDjMaPRPDw7b5kQC6/8MSiaajbjMlI 3PVOir9uL9jPyU1HGDS710kctsOllV/vIHct0ifk4sWTcSDVz/es3bt3Gxb2NF3N 1/q/gFPzuBSegQ3cwMzyAimlAHFsxNtfGf8= -----END CERTIFICATE-----Generated at Fri Nov 22 23:39:32 2024 by rpki-client on console-fra.rpki-client.org