$ rpki-client -vvf rpki.apnic.net/member_repository/A91B31CE/6B05607A7CCD11EBAEC6A974C4F9AE02/AA51390A822B11EE8B95E475C4F9AE02.roa File: AA51390A822B11EE8B95E475C4F9AE02.roa (raw, json) Hash identifier: q0fbiPRDclbW8ssObJUiZlehM548F6y+nk94Wtd5tvI= Subject key identifier: AF:78:D0:C4:11:C9:B3:BA:88:0E:77:F4:7A:89:9A:58:59:87:F9:3D Certificate issuer: /CN=A91B31CE/serialNumber=4B47C9C64D3C23217A15DDAB8747C39DC30184F2 Certificate serial: 05B1 Authority key identifier: 4B:47:C9:C6:4D:3C:23:21:7A:15:DD:AB:87:47:C3:9D:C3:01:84:F2 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/S0fJxk08IyF6Fd2rh0fDncMBhPI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B31CE/6B05607A7CCD11EBAEC6A974C4F9AE02/AA51390A822B11EE8B95E475C4F9AE02.roa Signing time: Wed 03 Apr 2024 00:33:19 +0000 ROA not before: Wed 03 Apr 2024 00:33:19 +0000 ROA not after: Wed 28 May 2025 00:00:00 +0000 asID: 0 IP address blocks: 103.162.254.0/24 maxlen: 24 103.248.201.0/24 maxlen: 24 2001:df3:1540::/48 maxlen: 48 2001:df6:480::/48 maxlen: 48 2001:df6:481::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B31CE/6B05607A7CCD11EBAEC6A974C4F9AE02/S0fJxk08IyF6Fd2rh0fDncMBhPI.crl rsync://rpki.apnic.net/member_repository/A91B31CE/6B05607A7CCD11EBAEC6A974C4F9AE02/S0fJxk08IyF6Fd2rh0fDncMBhPI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/S0fJxk08IyF6Fd2rh0fDncMBhPI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 Nov 2024 20:33:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1457 (0x5b1) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B31CE/serialNumber=4B47C9C64D3C23217A15DDAB8747C39DC30184F2 Validity Not Before: Apr 3 00:33:19 2024 GMT Not After : May 28 00:00:00 2025 GMT Subject: CN=660ca3cf-d213 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e3:42:09:22:d6:35:cc:3d:12:42:d2:e6:88:84: f5:84:a4:30:62:65:ad:2c:cf:fd:1e:89:3b:e8:3c: 89:bd:e5:72:3c:4f:c7:59:3f:6b:b7:0a:da:6e:01: b7:43:85:09:c5:05:8c:23:64:72:46:74:7f:12:a6: 74:39:30:4f:8f:ee:ad:08:d5:1f:8a:39:5e:08:33: 66:d0:9f:c4:80:aa:a4:02:2c:80:2a:44:c4:9c:d8: 12:ff:31:69:d0:6e:f4:81:11:94:a1:dd:bc:b0:bf: ab:c4:a6:b2:f1:87:05:7e:4e:49:ea:53:8a:33:fb: 82:1b:9c:62:dc:d3:97:f5:82:31:53:c5:f6:da:6c: 15:20:ee:95:47:55:ef:15:5f:1e:6d:1b:d0:b2:12: d4:17:8e:15:13:97:e0:e9:34:73:25:9f:e1:44:ee: b6:69:ad:60:fa:6f:35:92:6d:b4:46:9b:5f:91:45: 87:d1:c5:4f:8a:6e:7f:5f:6e:4b:46:98:8f:eb:86: 60:2e:b4:eb:ef:b0:38:08:a1:ce:ca:cf:d2:2e:50: b8:45:76:b6:ba:32:3e:31:83:3f:11:dc:64:e2:9d: c2:a1:00:49:50:4b:a2:04:a6:42:87:93:0a:b8:2d: d9:64:39:a4:87:11:5a:ab:ba:78:91:81:a3:0e:71: 80:bf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AF:78:D0:C4:11:C9:B3:BA:88:0E:77:F4:7A:89:9A:58:59:87:F9:3D X509v3 Authority Key Identifier: keyid:4B:47:C9:C6:4D:3C:23:21:7A:15:DD:AB:87:47:C3:9D:C3:01:84:F2 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B31CE/6B05607A7CCD11EBAEC6A974C4F9AE02/S0fJxk08IyF6Fd2rh0fDncMBhPI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/S0fJxk08IyF6Fd2rh0fDncMBhPI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B31CE/6B05607A7CCD11EBAEC6A974C4F9AE02/AA51390A822B11EE8B95E475C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.162.254.0/24 103.248.201.0/24 IPv6: 2001:df3:1540::/48 2001:df6:480::/47 Signature Algorithm: sha256WithRSAEncryption 78:fc:65:07:cf:5c:4c:57:38:7c:be:3b:1f:a5:9e:8d:38:96: 6f:12:ee:17:04:15:70:d2:6a:36:d0:47:8d:40:4d:e3:31:81: 02:19:d8:50:98:0e:d6:7c:40:d9:54:4d:1e:43:a9:d1:48:a5: 08:6f:99:0a:ec:6c:60:75:4f:7e:ed:c9:6d:8f:86:e0:51:bd: b8:ca:98:15:3b:b1:75:58:53:a7:2c:a9:c2:0a:20:89:a8:0f: a4:aa:f0:be:91:fc:a1:ff:4b:1e:9a:b2:7e:3d:76:e4:fa:62: cd:a5:c0:d7:5e:97:b3:4e:48:68:47:38:d8:a9:3b:cc:63:4c: 22:82:bf:e6:22:44:ab:af:a2:ac:5f:e6:8d:50:9c:c4:fc:cb: fb:4f:e0:ed:87:62:40:7d:84:56:d4:be:58:ee:5d:cc:05:2f: 1d:2c:10:4b:f2:e0:6f:f5:82:f7:9f:5c:7d:a4:52:20:94:d1: 5d:29:f8:c4:89:6e:09:f3:50:e3:f3:be:aa:6d:64:62:1e:8a: 39:3d:55:63:6e:e9:58:01:63:cc:c5:3d:60:11:46:d2:4b:b1: 10:9d:c9:ed:a2:9f:d2:7c:27:99:0e:13:6e:4d:fe:5d:9d:98: f0:58:3b:d6:a1:c9:93:67:1e:73:da:05:f9:42:a6:8d:31:70: 4f:f2:d0:df -----BEGIN CERTIFICATE----- MIIFkTCCBHmgAwIBAgICBbEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjMxQ0UxMTAvBgNVBAUTKDRCNDdDOUM2NEQzQzIzMjE3QTE1RERBQjg3NDdDMzlE QzMwMTg0RjIwHhcNMjQwNDAzMDAzMzE5WhcNMjUwNTI4MDAwMDAwWjAYMRYwFAYD VQQDEw02NjBjYTNjZi1kMjEzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA40IJItY1zD0SQtLmiIT1hKQwYmWtLM/9Hok76DyJveVyPE/HWT9rtwrabgG3 Q4UJxQWMI2RyRnR/EqZ0OTBPj+6tCNUfijleCDNm0J/EgKqkAiyAKkTEnNgS/zFp 0G70gRGUod28sL+rxKay8YcFfk5J6lOKM/uCG5xi3NOX9YIxU8X22mwVIO6VR1Xv FV8ebRvQshLUF44VE5fg6TRzJZ/hRO62aa1g+m81km20RptfkUWH0cVPim5/X25L RpiP64ZgLrTr77A4CKHOys/SLlC4RXa2ujI+MYM/Edxk4p3CoQBJUEuiBKZCh5MK uC3ZZDmkhxFaq7p4kYGjDnGAvwIDAQABo4ICtTCCArEwHQYDVR0OBBYEFK940MQR ybO6iA539HqJmlhZh/k9MB8GA1UdIwQYMBaAFEtHycZNPCMhehXdq4dHw53DAYTy MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCMzFDRS82QjA1NjA3QTdD Q0QxMUVCQUVDNkE5NzRDNEY5QUUwMi9TMGZKeGswOEl5RjZGZDJyaDBmRG5jTUJo UEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1MwZkp4azA4SXlGNkZkMnJoMGZEbmNNQmhQSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QjMxQ0UvNkIwNTYwN0E3Q0NEMTFFQkFFQzZBOTc0QzRGOUFFMDIvQUE1MTM5MEE4 MjJCMTFFRThCOTVFNDc1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwPwYIKwYBBQUHAQcBAf8E MDAuMBIEAgABMAwDBABnov4DBABn+MkwGAQCAAIwEgMHACABDfMVQAMHASABDfYE gDANBgkqhkiG9w0BAQsFAAOCAQEAePxlB89cTFc4fL47H6WejTiWbxLuFwQVcNJq NtBHjUBN4zGBAhnYUJgO1nxA2VRNHkOp0UilCG+ZCuxsYHVPfu3JbY+G4FG9uMqY FTuxdVhTpyypwgogiagPpKrwvpH8of9LHpqyfj125PpizaXA116Xs05IaEc42Kk7 zGNMIoK/5iJEq6+irF/mjVCcxPzL+0/g7YdiQH2EVtS+WO5dzAUvHSwQS/Lgb/WC 959cfaRSIJTRXSn4xIluCfNQ4/O+qm1kYh6KOT1VY27pWAFjzMU9YBFG0kuxEJ3J 7aKf0nwnmQ4Tbk3+XZ2Y8Fg71qHJk2cec9oF+UKmjTFwT/LQ3w== -----END CERTIFICATE-----Generated at Wed Nov 20 23:55:50 2024 by rpki-client on console-ams.rpki-client.org