$ rpki-client -vvf rpki.apnic.net/member_repository/A91B2D29/F71E7166552111E5ADB2092AC4F9AE02/7CEC1452E17E11ECAB421316C4F9AE02.roa File: 7CEC1452E17E11ECAB421316C4F9AE02.roa (raw, json) Hash identifier: HQMuxFH+p0cd5TxCsDJ5OnEAYnLT5yZN5O7uVIpfgdA= Subject key identifier: 99:8B:78:84:5D:86:95:82:8C:6A:23:B0:33:F5:B9:EA:6A:7B:F3:55 Certificate issuer: /CN=A91B2D29/serialNumber=B8E96C6A0D9548A2A040CBE7199745BA7DB1ED28 Certificate serial: 0947 Authority key identifier: B8:E9:6C:6A:0D:95:48:A2:A0:40:CB:E7:19:97:45:BA:7D:B1:ED:28 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uOlsag2VSKKgQMvnGZdFun2x7Sg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B2D29/F71E7166552111E5ADB2092AC4F9AE02/7CEC1452E17E11ECAB421316C4F9AE02.roa Signing time: Sat 02 Nov 2024 15:52:55 +0000 ROA not before: Sat 02 Nov 2024 15:52:55 +0000 ROA not after: Mon 01 Dec 2025 00:00:00 +0000 asID: 58895 IP address blocks: 43.246.220.0/22 maxlen: 24 103.35.208.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B2D29/F71E7166552111E5ADB2092AC4F9AE02/uOlsag2VSKKgQMvnGZdFun2x7Sg.crl rsync://rpki.apnic.net/member_repository/A91B2D29/F71E7166552111E5ADB2092AC4F9AE02/uOlsag2VSKKgQMvnGZdFun2x7Sg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uOlsag2VSKKgQMvnGZdFun2x7Sg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Nov 2024 15:49:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2375 (0x947) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B2D29/serialNumber=B8E96C6A0D9548A2A040CBE7199745BA7DB1ED28 Validity Not Before: Nov 2 15:52:55 2024 GMT Not After : Dec 1 00:00:00 2025 GMT Subject: CN=67264ad7-17c1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:e2:4f:53:c3:9d:6b:7b:ca:2d:c3:19:de:5d: 27:83:31:72:3d:96:e5:09:22:a3:26:b9:f9:6a:8b: c4:da:2c:bd:33:f0:5c:d4:68:d5:d7:5e:22:85:5a: 90:b5:72:f2:2e:64:f7:7a:bf:62:f3:ab:00:64:be: 82:4d:6a:06:09:83:17:c7:ae:bd:21:55:5b:ca:a5: 2e:f5:da:ba:83:59:59:ca:8d:e3:ec:20:5e:b3:72: 9d:a7:05:a7:c7:b9:5f:03:9f:75:ef:88:8c:b6:80: 0e:43:48:bf:b0:99:05:73:05:b5:cf:e3:02:1e:87: 41:db:45:9e:5a:96:c7:97:01:ca:00:27:a0:fa:db: 1a:08:bf:c1:1a:96:90:9d:c2:3c:5f:6f:a6:b9:57: 88:33:08:b4:33:00:b1:21:c5:43:5a:4d:83:06:6f: 4a:9d:e7:7c:68:cd:4f:64:05:7d:b4:fb:61:10:6b: b5:c7:76:fb:2f:ce:93:59:25:99:0d:d9:01:6f:b2: 7f:b8:01:a2:21:be:43:1a:ca:15:0a:9d:d8:53:f3: 52:2c:0a:5e:40:72:06:98:a0:42:27:bd:e1:54:94: f6:57:34:11:86:56:36:aa:e1:a5:32:84:28:52:d8: a4:6e:25:92:6c:de:bf:75:cb:3e:c7:fb:b3:07:49: fc:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 99:8B:78:84:5D:86:95:82:8C:6A:23:B0:33:F5:B9:EA:6A:7B:F3:55 X509v3 Authority Key Identifier: keyid:B8:E9:6C:6A:0D:95:48:A2:A0:40:CB:E7:19:97:45:BA:7D:B1:ED:28 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B2D29/F71E7166552111E5ADB2092AC4F9AE02/uOlsag2VSKKgQMvnGZdFun2x7Sg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uOlsag2VSKKgQMvnGZdFun2x7Sg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B2D29/F71E7166552111E5ADB2092AC4F9AE02/7CEC1452E17E11ECAB421316C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.246.220.0/22 103.35.208.0/22 Signature Algorithm: sha256WithRSAEncryption 91:85:2b:7c:11:64:eb:de:d7:3d:78:ee:a2:b5:f8:63:a4:f8: 45:90:da:c5:d3:25:76:14:aa:f2:bf:da:15:2f:36:90:18:a7: 9a:94:5d:4e:ba:f3:2a:26:3b:14:bf:fb:7c:06:6e:49:06:73: e9:df:4b:7d:8d:e2:36:4c:f3:4b:dc:94:4b:f1:3a:2e:c6:f7: b0:ce:4e:fc:3c:9d:92:c8:5e:c5:00:fb:7d:50:aa:b4:b8:d0: db:c5:32:d1:af:27:6a:95:4f:5c:f2:66:ca:2b:8a:44:fb:b4: 64:60:91:e5:23:55:ac:dc:41:ab:7b:cd:40:37:67:44:79:38: 45:bf:89:5c:93:0b:5f:bc:8f:63:a5:bd:91:db:04:ee:6d:e1: 79:b6:33:60:4a:a1:d1:e6:e3:e5:ec:33:f8:82:ca:d9:54:3d: 50:66:25:85:4a:32:49:98:a4:0b:f2:c3:a7:ae:c1:ad:7d:99: 89:b5:80:a7:d0:dc:7a:55:d4:87:05:09:28:92:64:3a:52:1b: 58:37:1a:47:40:a2:a0:ed:5e:6b:03:00:52:d7:fb:00:c6:3c: 25:06:9e:42:0a:4c:67:f6:90:e4:1f:39:9f:44:38:59:da:4b: 6d:6c:b0:4c:63:37:5c:6b:a9:a8:82:2f:a3:21:fc:cf:9c:49: 00:fd:18:fa -----BEGIN CERTIFICATE----- MIIFdzCCBF+gAwIBAgICCUcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjJEMjkxMTAvBgNVBAUTKEI4RTk2QzZBMEQ5NTQ4QTJBMDQwQ0JFNzE5OTc0NUJB N0RCMUVEMjgwHhcNMjQxMTAyMTU1MjU1WhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD VQQDEw02NzI2NGFkNy0xN2MxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAt+JPU8Oda3vKLcMZ3l0ngzFyPZblCSKjJrn5aovE2iy9M/Bc1GjV114ihVqQ tXLyLmT3er9i86sAZL6CTWoGCYMXx669IVVbyqUu9dq6g1lZyo3j7CBes3KdpwWn x7lfA59174iMtoAOQ0i/sJkFcwW1z+MCHodB20WeWpbHlwHKACeg+tsaCL/BGpaQ ncI8X2+muVeIMwi0MwCxIcVDWk2DBm9Kned8aM1PZAV9tPthEGu1x3b7L86TWSWZ DdkBb7J/uAGiIb5DGsoVCp3YU/NSLApeQHIGmKBCJ73hVJT2VzQRhlY2quGlMoQo UtikbiWSbN6/dcs+x/uzB0n8VwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFJmLeIRd hpWCjGojsDP1uepqe/NVMB8GA1UdIwQYMBaAFLjpbGoNlUiioEDL5xmXRbp9se0o MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCMkQyOS9GNzFFNzE2NjU1 MjExMUU1QURCMjA5MkFDNEY5QUUwMi91T2xzYWcyVlNLS2dRTXZuR1pkRnVuMng3 U2cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3VPbHNhZzJWU0tLZ1FNdm5HWmRGdW4yeDdTZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QjJEMjkvRjcxRTcxNjY1NTIxMTFFNUFEQjIwOTJBQzRGOUFFMDIvN0NFQzE0NTJF MTdFMTFFQ0FCNDIxMzE2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E FjAUMBIEAgABMAwDBAIr9twDBAJnI9AwDQYJKoZIhvcNAQELBQADggEBAJGFK3wR ZOve1z147qK1+GOk+EWQ2sXTJXYUqvK/2hUvNpAYp5qUXU668yomOxS/+3wGbkkG c+nfS32N4jZM80vclEvxOi7G97DOTvw8nZLIXsUA+31QqrS40NvFMtGvJ2qVT1zy ZsorikT7tGRgkeUjVazcQat7zUA3Z0R5OEW/iVyTC1+8j2OlvZHbBO5t4Xm2M2BK odHm4+XsM/iCytlUPVBmJYVKMkmYpAvyw6euwa19mYm1gKfQ3HpV1IcFCSiSZDpS G1g3GkdAoqDtXmsDAFLX+wDGPCUGnkIKTGf2kOQfOZ9EOFnaS21ssExjN1xrqaiC L6Mh/M+cSQD9GPo= -----END CERTIFICATE-----Generated at Fri Nov 22 17:56:19 2024 by rpki-client on console-fra.rpki-client.org