$ rpki-client -vvf rpki.apnic.net/member_repository/A91AFC48/DBBD81FE753A11EEBF49E534C4F9AE02/259AE280753B11EEBF306F35C4F9AE02.roa File: 259AE280753B11EEBF306F35C4F9AE02.roa (raw, json) Hash identifier: 0uSx3t0sR7mDLL0tE9/KLBX+RXK70BKf32W+7mKLwxY= Subject key identifier: AE:88:A5:9F:92:91:55:F1:2B:18:1D:83:5C:F1:2B:A8:78:D4:03:81 Certificate issuer: /CN=A91AFC48/serialNumber=261596B556E92C12D2EBC8DD8B25CFB8758E078C Certificate serial: 7C Authority key identifier: 26:15:96:B5:56:E9:2C:12:D2:EB:C8:DD:8B:25:CF:B8:75:8E:07:8C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JhWWtVbpLBLS68jdiyXPuHWOB4w.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91AFC48/DBBD81FE753A11EEBF49E534C4F9AE02/259AE280753B11EEBF306F35C4F9AE02.roa Signing time: Thu 06 Jun 2024 12:50:08 +0000 ROA not before: Thu 06 Jun 2024 12:50:08 +0000 ROA not after: Tue 30 Sep 2025 00:00:00 +0000 asID: 151408 IP address blocks: 103.224.94.0/23 maxlen: 24 2401:8b20::/32 maxlen: 32 2401:8b20::/34 maxlen: 34 2401:8b20:4000::/34 maxlen: 34 2401:8b20:8000::/34 maxlen: 34 2401:8b20:c000::/34 maxlen: 34 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91AFC48/DBBD81FE753A11EEBF49E534C4F9AE02/JhWWtVbpLBLS68jdiyXPuHWOB4w.crl rsync://rpki.apnic.net/member_repository/A91AFC48/DBBD81FE753A11EEBF49E534C4F9AE02/JhWWtVbpLBLS68jdiyXPuHWOB4w.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JhWWtVbpLBLS68jdiyXPuHWOB4w.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 30 Nov 2024 02:50:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 124 (0x7c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91AFC48/serialNumber=261596B556E92C12D2EBC8DD8B25CFB8758E078C Validity Not Before: Jun 6 12:50:08 2024 GMT Not After : Sep 30 00:00:00 2025 GMT Subject: CN=6661b080-8ef4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:92:87:32:73:a5:2c:d7:4d:48:49:a1:6f:fb: 60:11:dd:5d:4a:9a:f9:9a:2c:16:45:a3:12:28:eb: 11:54:83:8a:3f:21:ff:81:99:fe:5a:ec:5b:04:81: 2f:da:61:37:bd:37:39:fc:cf:df:60:24:75:3a:ef: 70:27:f3:fb:2c:b5:5a:1c:63:b5:6c:74:ea:06:5b: 37:89:18:b4:35:51:77:c6:fc:b5:6b:cb:70:ce:98: 5b:1b:ea:8b:45:09:8a:03:ca:de:62:91:ea:06:85: 87:5e:fe:45:47:74:a3:f5:97:50:45:e0:e4:91:2d: 49:f0:32:71:9d:14:6d:e3:84:82:4a:78:85:bb:35: 36:27:fa:11:18:d2:3c:86:91:9c:23:1b:db:51:50: ca:a8:8c:87:aa:1e:23:21:6a:bd:59:bb:62:74:bc: 69:65:ec:fc:f0:67:12:af:77:14:44:af:19:5d:93: 29:4f:dd:d5:1b:a5:eb:03:7c:61:71:a4:d1:e3:dc: 12:3c:5b:da:14:5e:28:29:f2:4e:60:52:60:8f:3b: d1:46:c9:c0:31:12:e0:68:e5:6b:c4:ff:3a:41:9a: 20:12:7e:78:dd:3e:7e:80:c4:1a:b9:6d:ca:f5:54: ef:21:02:96:e0:9a:1b:ec:10:a6:33:d4:44:12:ef: 4d:3b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AE:88:A5:9F:92:91:55:F1:2B:18:1D:83:5C:F1:2B:A8:78:D4:03:81 X509v3 Authority Key Identifier: keyid:26:15:96:B5:56:E9:2C:12:D2:EB:C8:DD:8B:25:CF:B8:75:8E:07:8C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91AFC48/DBBD81FE753A11EEBF49E534C4F9AE02/JhWWtVbpLBLS68jdiyXPuHWOB4w.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JhWWtVbpLBLS68jdiyXPuHWOB4w.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AFC48/DBBD81FE753A11EEBF49E534C4F9AE02/259AE280753B11EEBF306F35C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.224.94.0/23 IPv6: 2401:8b20::/32 Signature Algorithm: sha256WithRSAEncryption 65:d6:bf:64:91:cf:50:d2:af:17:69:41:f3:61:ef:60:1c:7e: ba:6c:81:0a:b8:b5:f2:4a:e9:2d:ef:4b:b7:19:ca:26:c3:ff: ec:12:5e:99:89:a8:50:7a:14:13:2e:10:c5:30:68:2c:2f:7a: a7:d3:e5:4f:8d:e6:fa:65:d5:0b:00:b1:ea:f9:35:36:c1:c2: 32:66:6d:64:46:19:81:c9:82:0b:0b:43:06:ec:47:93:62:98: 9c:a7:fb:da:08:55:f0:cc:1b:bb:86:c5:64:97:14:cb:ea:f3: 14:4b:b6:00:9b:7d:96:c0:8c:d4:46:47:75:b8:c3:15:63:1c: 7d:80:16:bf:10:6e:9a:20:0a:d3:f7:fe:bb:be:e7:4a:a1:2e: 72:90:cd:31:e0:a0:e8:8e:59:6e:33:59:85:a8:f8:19:72:8e: a4:81:02:77:68:12:2a:d1:5d:a4:78:eb:7b:7d:29:09:ec:2a: 91:22:c3:36:ca:2f:3e:f5:96:55:2f:5a:29:73:60:84:23:8f: 4f:a7:fd:99:47:95:0c:9e:f7:9b:16:15:b7:17:8a:ac:23:f1: 2e:52:33:6f:45:c8:fc:fc:83:c5:aa:e9:f2:c9:08:e8:27:30: 16:4b:26:2a:da:e9:5d:bd:ed:46:f1:4c:79:0a:67:88:41:fb: 29:e5:95:10 -----BEGIN CERTIFICATE----- MIIFfzCCBGegAwIBAgIBfDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFB RkM0ODExMC8GA1UEBRMoMjYxNTk2QjU1NkU5MkMxMkQyRUJDOEREOEIyNUNGQjg3 NThFMDc4QzAeFw0yNDA2MDYxMjUwMDhaFw0yNTA5MzAwMDAwMDBaMBgxFjAUBgNV BAMTDTY2NjFiMDgwLThlZjQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDCkocyc6Us101ISaFv+2AR3V1KmvmaLBZFoxIo6xFUg4o/If+Bmf5a7FsEgS/a YTe9Nzn8z99gJHU673An8/sstVocY7VsdOoGWzeJGLQ1UXfG/LVry3DOmFsb6otF CYoDyt5ikeoGhYde/kVHdKP1l1BF4OSRLUnwMnGdFG3jhIJKeIW7NTYn+hEY0jyG kZwjG9tRUMqojIeqHiMhar1Zu2J0vGll7PzwZxKvdxRErxldkylP3dUbpesDfGFx pNHj3BI8W9oUXigp8k5gUmCPO9FGycAxEuBo5WvE/zpBmiASfnjdPn6AxBq5bcr1 VO8hApbgmhvsEKYz1EQS7007AgMBAAGjggKkMIICoDAdBgNVHQ4EFgQUroiln5KR VfErGB2DXPErqHjUA4EwHwYDVR0jBBgwFoAUJhWWtVbpLBLS68jdiyXPuHWOB4ww DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUFGQzQ4L0RCQkQ4MUZFNzUz QTExRUVCRjQ5RTUzNEM0RjlBRTAyL0poV1d0VmJwTEJMUzY4amRpeVhQdUhXT0I0 dy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvSmhXV3RWYnBMQkxTNjhqZGl5WFB1SFdPQjR3LmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB RkM0OC9EQkJEODFGRTc1M0ExMUVFQkY0OUU1MzRDNEY5QUUwMi8yNTlBRTI4MDc1 M0IxMUVFQkYzMDZGMzVDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAuBggrBgEFBQcBBwEB/wQf MB0wDAQCAAEwBgMEAWfgXjANBAIAAjAHAwUAJAGLIDANBgkqhkiG9w0BAQsFAAOC AQEAZda/ZJHPUNKvF2lB82HvYBx+umyBCri18krpLe9LtxnKJsP/7BJemYmoUHoU Ey4QxTBoLC96p9PlT43m+mXVCwCx6vk1NsHCMmZtZEYZgcmCCwtDBuxHk2KYnKf7 2ghV8Mwbu4bFZJcUy+rzFEu2AJt9lsCM1EZHdbjDFWMcfYAWvxBumiAK0/f+u77n SqEucpDNMeCg6I5ZbjNZhaj4GXKOpIECd2gSKtFdpHjre30pCewqkSLDNsovPvWW VS9aKXNghCOPT6f9mUeVDJ73mxYVtxeKrCPxLlIzb0XI/PyDxarp8skI6CcwFksm KtrpXb3tRvFMeQpniEH7KeWVEA== -----END CERTIFICATE-----Generated at Sat Nov 23 06:13:20 2024 by rpki-client on console-ams.rpki-client.org