$ rpki-client -vvf rpki.apnic.net/member_repository/A91B2C88/24299DCA978E11EBBD81B055C4F9AE02/3C5E55F041A411ECA73C8C0EC4F9AE02.roa File: 3C5E55F041A411ECA73C8C0EC4F9AE02.roa (raw, json) Hash identifier: KMuh5ult9LiAce0tih+7IUcHZQamzlPDZPCJthZ1JAs= Subject key identifier: E4:D4:DE:58:F8:18:9B:4A:81:3B:15:8C:C0:8B:D5:B7:B1:F5:4D:89 Certificate issuer: /CN=A91B2C88/serialNumber=DA013E178358CB35A8B765C9BC090AE9CF1C4FBE Certificate serial: 05D2 Authority key identifier: DA:01:3E:17:83:58:CB:35:A8:B7:65:C9:BC:09:0A:E9:CF:1C:4F:BE Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2gE-F4NYyzWot2XJvAkK6c8cT74.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B2C88/24299DCA978E11EBBD81B055C4F9AE02/3C5E55F041A411ECA73C8C0EC4F9AE02.roa Signing time: Wed 06 Nov 2024 22:41:44 +0000 ROA not before: Wed 06 Nov 2024 22:41:44 +0000 ROA not after: Tue 30 Dec 2025 00:00:00 +0000 asID: 44356 IP address blocks: 103.229.96.0/24 maxlen: 24 180.178.72.0/22 maxlen: 22 180.178.72.0/24 maxlen: 24 180.178.73.0/24 maxlen: 24 180.178.74.0/24 maxlen: 24 180.178.75.0/24 maxlen: 24 180.178.76.0/24 maxlen: 24 180.178.77.0/24 maxlen: 24 180.178.78.0/23 maxlen: 24 2402:4400::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B2C88/24299DCA978E11EBBD81B055C4F9AE02/2gE-F4NYyzWot2XJvAkK6c8cT74.crl rsync://rpki.apnic.net/member_repository/A91B2C88/24299DCA978E11EBBD81B055C4F9AE02/2gE-F4NYyzWot2XJvAkK6c8cT74.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2gE-F4NYyzWot2XJvAkK6c8cT74.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 Nov 2024 20:33:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1490 (0x5d2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B2C88/serialNumber=DA013E178358CB35A8B765C9BC090AE9CF1C4FBE Validity Not Before: Nov 6 22:41:44 2024 GMT Not After : Dec 30 00:00:00 2025 GMT Subject: CN=672bf0a8-84cb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:49:8c:09:d0:91:90:62:b0:4d:e0:67:db:a2: ad:93:7b:06:22:d1:80:06:5f:d6:fa:5c:3f:b4:62: 33:04:19:90:8d:cb:01:2b:c4:fc:6c:51:d5:34:33: 45:cc:64:96:74:a8:4d:03:ed:ad:45:26:cf:7c:c7: dc:e6:51:54:fc:b8:54:9c:b1:65:de:b9:12:83:7d: 13:9b:b2:0a:c6:09:0a:bf:28:ae:58:3d:28:67:90: 3a:07:21:33:34:b1:a1:ad:ac:de:5e:58:90:30:41: a2:4f:2b:60:6f:53:22:5f:cc:2c:fb:78:9f:9b:8d: d7:5d:8f:58:93:11:5c:7a:ea:55:e8:72:67:bc:57: 8e:63:dc:63:cb:fc:17:a0:16:c6:fa:1f:f8:82:06: a6:62:89:86:5d:6c:ee:00:f9:ee:6b:78:0e:39:53: 38:21:fd:9e:89:31:ed:9e:d0:f9:b8:6e:cc:20:c1: d5:76:18:db:fe:d7:e1:0e:69:f5:bf:f6:96:63:47: 71:94:fe:09:4a:1c:d0:78:59:52:ac:fd:81:5a:84: 3e:99:2d:73:4a:81:fe:59:d4:30:4b:ec:6e:95:06: 24:0b:af:22:dd:88:65:95:83:f9:30:a2:26:0c:f5: fd:1a:d4:2a:00:c2:ea:16:92:8f:52:11:ff:28:cf: f8:a3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E4:D4:DE:58:F8:18:9B:4A:81:3B:15:8C:C0:8B:D5:B7:B1:F5:4D:89 X509v3 Authority Key Identifier: keyid:DA:01:3E:17:83:58:CB:35:A8:B7:65:C9:BC:09:0A:E9:CF:1C:4F:BE X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B2C88/24299DCA978E11EBBD81B055C4F9AE02/2gE-F4NYyzWot2XJvAkK6c8cT74.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2gE-F4NYyzWot2XJvAkK6c8cT74.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B2C88/24299DCA978E11EBBD81B055C4F9AE02/3C5E55F041A411ECA73C8C0EC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.229.96.0/24 180.178.72.0/21 IPv6: 2402:4400::/32 Signature Algorithm: sha256WithRSAEncryption 2b:23:dc:c6:6d:c7:60:46:73:25:09:50:fe:a1:4e:d7:a3:46: bc:d0:14:7c:09:ae:20:3c:1c:57:eb:d0:2b:f8:83:af:a7:f8: f6:31:39:ae:1b:f8:08:1a:90:f8:1e:73:3c:ad:ad:7c:2e:5a: 2b:39:0a:d2:fa:31:a7:8c:73:2a:56:fe:4b:4a:08:47:85:9d: 0d:7d:f5:8e:5c:78:65:ca:73:8d:5f:c2:3a:56:f9:f3:53:8b: 08:82:d7:c6:dd:e5:cd:f6:00:7a:af:f9:e4:f9:83:e8:ec:1e: 37:c0:66:ee:18:c9:e7:76:ab:81:63:3d:b0:ec:a5:72:cf:ad: 36:0f:c8:85:01:34:4b:d9:7a:f5:fb:d9:2f:1a:03:7f:8d:c9: b6:a1:39:ee:01:d6:f9:3f:86:69:aa:8f:33:27:9f:5e:cf:e6: e2:3f:ca:94:07:8f:36:af:5f:2d:e0:c9:c9:59:bf:3a:aa:86: a0:0a:54:8d:74:b7:ef:73:ae:cf:f3:90:3e:2f:42:aa:b4:49: b1:00:57:43:83:53:3c:47:2f:95:ef:80:30:33:63:8e:ae:f5: b2:65:f7:e3:28:7a:a8:2c:1c:aa:47:a7:9a:e3:54:c5:92:9e: 46:6a:22:1c:20:be:26:2f:19:ed:61:cb:15:e8:e0:84:62:95: e8:e2:3b:6d -----BEGIN CERTIFICATE----- MIIFhjCCBG6gAwIBAgICBdIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjJDODgxMTAvBgNVBAUTKERBMDEzRTE3ODM1OENCMzVBOEI3NjVDOUJDMDkwQUU5 Q0YxQzRGQkUwHhcNMjQxMTA2MjI0MTQ0WhcNMjUxMjMwMDAwMDAwWjAYMRYwFAYD VQQDEw02NzJiZjBhOC04NGNiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAv0mMCdCRkGKwTeBn26Ktk3sGItGABl/W+lw/tGIzBBmQjcsBK8T8bFHVNDNF zGSWdKhNA+2tRSbPfMfc5lFU/LhUnLFl3rkSg30Tm7IKxgkKvyiuWD0oZ5A6ByEz NLGhrazeXliQMEGiTytgb1MiX8ws+3ifm43XXY9YkxFceupV6HJnvFeOY9xjy/wX oBbG+h/4ggamYomGXWzuAPnua3gOOVM4If2eiTHtntD5uG7MIMHVdhjb/tfhDmn1 v/aWY0dxlP4JShzQeFlSrP2BWoQ+mS1zSoH+WdQwS+xulQYkC68i3YhllYP5MKIm DPX9GtQqAMLqFpKPUhH/KM/4owIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFOTU3lj4 GJtKgTsVjMCL1bex9U2JMB8GA1UdIwQYMBaAFNoBPheDWMs1qLdlybwJCunPHE++ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCMkM4OC8yNDI5OURDQTk3 OEUxMUVCQkQ4MUIwNTVDNEY5QUUwMi8yZ0UtRjROWXl6V290MlhKdkFrSzZjOGNU NzQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzJnRS1GNE5ZeXpXb3QyWEp2QWtLNmM4Y1Q3NC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QjJDODgvMjQyOTlEQ0E5NzhFMTFFQkJEODFCMDU1QzRGOUFFMDIvM0M1RTU1RjA0 MUE0MTFFQ0E3M0M4QzBFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E JTAjMBIEAgABMAwDBABn5WADBAO0skgwDQQCAAIwBwMFACQCRAAwDQYJKoZIhvcN AQELBQADggEBACsj3MZtx2BGcyUJUP6hTtejRrzQFHwJriA8HFfr0Cv4g6+n+PYx Oa4b+AgakPgeczytrXwuWis5CtL6MaeMcypW/ktKCEeFnQ199Y5ceGXKc41fwjpW +fNTiwiC18bd5c32AHqv+eT5g+jsHjfAZu4Yyed2q4FjPbDspXLPrTYPyIUBNEvZ evX72S8aA3+NybahOe4B1vk/hmmqjzMnn17P5uI/ypQHjzavXy3gyclZvzqqhqAK VI10t+9zrs/zkD4vQqq0SbEAV0ODUzxHL5XvgDAzY46u9bJl9+MoeqgsHKpHp5rj VMWSnkZqIhwgviYvGe1hyxXo4IRilejiO20= -----END CERTIFICATE-----Generated at Wed Nov 20 23:55:50 2024 by rpki-client on console-ams.rpki-client.org