$ rpki-client -vvf rpki.apnic.net/member_repository/A91B06CA/D2E00872776C11EC8ECA4633C4F9AE02/8EB98374776E11ECA05F7133C4F9AE02.roa File: 8EB98374776E11ECA05F7133C4F9AE02.roa (raw, json) Hash identifier: 0odSjBqkbrai7nHTuGPVDMCVhidqU26/lOEVMrtNDiQ= Subject key identifier: 1F:67:04:AD:06:8D:91:E7:23:7D:DC:88:03:42:00:4C:E2:BB:6C:02 Certificate issuer: /CN=A91B06CA/serialNumber=9AF0B0EF8F3EB53F14D84FA3A6106BE64BD78272 Certificate serial: 0371 Authority key identifier: 9A:F0:B0:EF:8F:3E:B5:3F:14:D8:4F:A3:A6:10:6B:E6:4B:D7:82:72 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/mvCw748-tT8U2E-jphBr5kvXgnI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B06CA/D2E00872776C11EC8ECA4633C4F9AE02/8EB98374776E11ECA05F7133C4F9AE02.roa Signing time: Tue 03 Sep 2024 02:14:51 +0000 ROA not before: Tue 03 Sep 2024 02:14:51 +0000 ROA not after: Mon 01 Dec 2025 00:00:00 +0000 asID: 133929 IP address blocks: 103.99.72.0/22 maxlen: 22 103.99.72.0/23 maxlen: 23 103.99.72.0/24 maxlen: 24 103.99.73.0/24 maxlen: 24 103.99.74.0/23 maxlen: 23 103.99.74.0/24 maxlen: 24 103.99.75.0/24 maxlen: 24 2001:df2:5100::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B06CA/D2E00872776C11EC8ECA4633C4F9AE02/mvCw748-tT8U2E-jphBr5kvXgnI.crl rsync://rpki.apnic.net/member_repository/A91B06CA/D2E00872776C11EC8ECA4633C4F9AE02/mvCw748-tT8U2E-jphBr5kvXgnI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/mvCw748-tT8U2E-jphBr5kvXgnI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 Nov 2024 20:33:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 881 (0x371) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B06CA/serialNumber=9AF0B0EF8F3EB53F14D84FA3A6106BE64BD78272 Validity Not Before: Sep 3 02:14:51 2024 GMT Not After : Dec 1 00:00:00 2025 GMT Subject: CN=66d6711b-fdfa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:e2:ca:38:a7:40:8f:29:a8:e0:e1:c1:d5:0d: 68:06:eb:74:87:87:67:dd:94:e2:de:0d:5c:7b:d7: 75:bb:92:59:07:83:99:f5:8d:4b:f6:ac:cf:4a:d4: 61:60:17:0c:34:f0:4f:5f:af:80:1f:33:03:91:58: 8d:ab:e5:e3:e4:4c:9b:fc:8e:72:8d:e9:33:34:42: 25:8f:39:9e:f2:b3:d8:a7:ef:38:79:b3:a0:9c:b2: 90:00:0e:74:c6:35:fb:c1:e9:e4:74:72:68:bb:56: ec:0c:32:f5:68:0d:68:36:05:6b:00:9d:a6:88:29: 0e:0a:ff:b2:17:bf:1a:f4:12:27:d1:61:01:43:22: 53:7e:8e:f3:ce:27:d1:7c:27:31:cf:f0:f2:bb:33: 27:64:a4:b2:f0:52:57:15:fb:21:16:56:bf:1f:57: 55:2b:19:4c:9d:fa:9f:87:ee:96:e6:95:ee:2c:2e: 68:2f:06:2c:65:f9:fb:43:53:fe:3b:af:7a:7e:5a: 44:9d:90:a2:74:fb:72:4b:c6:5f:4d:21:f6:1d:d8: bc:d0:9c:f2:82:1c:b7:9f:c8:f6:eb:a1:48:2e:d4: 1c:b9:c5:63:8d:5a:44:92:29:14:7a:a3:ea:f7:d7: 22:d4:69:fb:86:37:e6:a1:4e:14:fd:0c:db:9d:5e: 83:47 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1F:67:04:AD:06:8D:91:E7:23:7D:DC:88:03:42:00:4C:E2:BB:6C:02 X509v3 Authority Key Identifier: keyid:9A:F0:B0:EF:8F:3E:B5:3F:14:D8:4F:A3:A6:10:6B:E6:4B:D7:82:72 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B06CA/D2E00872776C11EC8ECA4633C4F9AE02/mvCw748-tT8U2E-jphBr5kvXgnI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/mvCw748-tT8U2E-jphBr5kvXgnI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B06CA/D2E00872776C11EC8ECA4633C4F9AE02/8EB98374776E11ECA05F7133C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.99.72.0/22 IPv6: 2001:df2:5100::/48 Signature Algorithm: sha256WithRSAEncryption 2e:fa:6b:4e:d4:35:17:6f:b3:a1:0c:70:c7:e2:23:9d:3b:dc: 4a:70:34:5e:3e:3e:e1:b9:ed:67:bf:05:93:e2:b8:6b:22:90: ec:d0:1f:52:8e:a9:e9:4c:4f:6c:a7:09:d9:40:9e:a5:5d:40: cd:d4:39:15:74:e6:c0:e8:a1:4a:87:fd:ff:5f:5c:aa:37:3b: da:dd:cc:74:81:73:b9:dd:bb:90:86:f6:b1:05:63:b9:83:40: b0:86:47:de:a9:e0:14:de:69:30:0c:17:ba:d8:b9:07:eb:08: 5d:2f:33:c4:d3:16:60:fa:3b:50:af:44:c7:17:c0:2b:27:76: 74:b1:91:64:23:2b:34:9c:e1:9f:89:73:a1:43:7c:e3:83:0b: bf:6b:6c:e1:52:f5:01:67:ae:14:7f:d1:35:a3:f7:07:3e:18: f6:28:fc:17:77:a9:6c:06:c6:65:9f:45:af:22:85:93:a2:f9: f4:1f:f6:90:83:ea:b8:63:3f:f2:ac:d5:4f:89:3e:fe:46:b9: ef:8d:e5:dc:db:85:f8:f9:bc:81:23:2f:2f:c8:ad:df:2e:4d: 4a:53:35:25:b9:1e:b1:9f:71:f0:62:1b:02:35:f6:43:4d:27: f1:2d:1d:76:ab:1e:f9:6b:2b:84:c0:d6:b0:5d:f5:90:3b:7e: 1f:b3:e8:b8 -----BEGIN CERTIFICATE----- MIIFgjCCBGqgAwIBAgICA3EwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjA2Q0ExMTAvBgNVBAUTKDlBRjBCMEVGOEYzRUI1M0YxNEQ4NEZBM0E2MTA2QkU2 NEJENzgyNzIwHhcNMjQwOTAzMDIxNDUxWhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD VQQDEw02NmQ2NzExYi1mZGZhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAuuLKOKdAjymo4OHB1Q1oBut0h4dn3ZTi3g1ce9d1u5JZB4OZ9Y1L9qzPStRh YBcMNPBPX6+AHzMDkViNq+Xj5Eyb/I5yjekzNEIljzme8rPYp+84ebOgnLKQAA50 xjX7wenkdHJou1bsDDL1aA1oNgVrAJ2miCkOCv+yF78a9BIn0WEBQyJTfo7zzifR fCcxz/DyuzMnZKSy8FJXFfshFla/H1dVKxlMnfqfh+6W5pXuLC5oLwYsZfn7Q1P+ O696flpEnZCidPtyS8ZfTSH2Hdi80Jzyghy3n8j266FILtQcucVjjVpEkikUeqPq 99ci1Gn7hjfmoU4U/QzbnV6DRwIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFB9nBK0G jZHnI33ciANCAEziu2wCMB8GA1UdIwQYMBaAFJrwsO+PPrU/FNhPo6YQa+ZL14Jy MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCMDZDQS9EMkUwMDg3Mjc3 NkMxMUVDOEVDQTQ2MzNDNEY5QUUwMi9tdkN3NzQ4LXRUOFUyRS1qcGhCcjVrdlhn bkkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL212Q3c3NDgtdFQ4VTJFLWpwaEJyNWt2WGduSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QjA2Q0EvRDJFMDA4NzI3NzZDMTFFQzhFQ0E0NjMzQzRGOUFFMDIvOEVCOTgzNzQ3 NzZFMTFFQ0EwNUY3MTMzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E ITAfMAwEAgABMAYDBAJnY0gwDwQCAAIwCQMHACABDfJRADANBgkqhkiG9w0BAQsF AAOCAQEALvprTtQ1F2+zoQxwx+IjnTvcSnA0Xj4+4bntZ78Fk+K4ayKQ7NAfUo6p 6UxPbKcJ2UCepV1AzdQ5FXTmwOihSof9/19cqjc72t3MdIFzud27kIb2sQVjuYNA sIZH3qngFN5pMAwXuti5B+sIXS8zxNMWYPo7UK9ExxfAKyd2dLGRZCMrNJzhn4lz oUN844MLv2ts4VL1AWeuFH/RNaP3Bz4Y9ij8F3epbAbGZZ9FryKFk6L59B/2kIPq uGM/8qzVT4k+/ka5743l3NuF+Pm8gSMvL8it3y5NSlM1JbkesZ9x8GIbAjX2Q00n 8S0ddqse+WsrhMDWsF31kDt+H7PouA== -----END CERTIFICATE-----Generated at Thu Nov 21 01:26:04 2024 by rpki-client on console-ams.rpki-client.org