$ rpki-client -vvf rpki.apnic.net/member_repository/A91B6587/417D71B4918611EDA84A124DC4F9AE02/E9258B3C037211EE9E15EE32C4F9AE02.roa File: E9258B3C037211EE9E15EE32C4F9AE02.roa (raw, json) Hash identifier: KWqY8FSRWxgMExPo7oJjW6FyKZgvDdNOUOLjG23lp4c= Subject key identifier: A7:DF:29:DA:A4:63:AB:74:A7:FA:1D:92:A9:D5:9E:8E:ED:1A:E2:47 Certificate issuer: /CN=A91B6587/serialNumber=2D634077CC847B59D4048D43E04B3309698FE638 Certificate serial: 023B Authority key identifier: 2D:63:40:77:CC:84:7B:59:D4:04:8D:43:E0:4B:33:09:69:8F:E6:38 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LWNAd8yEe1nUBI1D4EszCWmP5jg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B6587/417D71B4918611EDA84A124DC4F9AE02/E9258B3C037211EE9E15EE32C4F9AE02.roa Signing time: Thu 05 Sep 2024 04:18:17 +0000 ROA not before: Thu 05 Sep 2024 04:18:17 +0000 ROA not after: Fri 31 Oct 2025 00:00:00 +0000 asID: 136557 IP address blocks: 45.252.189.0/24 maxlen: 24 103.114.58.0/23 maxlen: 23 103.214.20.0/24 maxlen: 24 103.252.109.0/24 maxlen: 24 202.37.74.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B6587/417D71B4918611EDA84A124DC4F9AE02/LWNAd8yEe1nUBI1D4EszCWmP5jg.crl rsync://rpki.apnic.net/member_repository/A91B6587/417D71B4918611EDA84A124DC4F9AE02/LWNAd8yEe1nUBI1D4EszCWmP5jg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LWNAd8yEe1nUBI1D4EszCWmP5jg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 Nov 2024 20:33:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 571 (0x23b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B6587/serialNumber=2D634077CC847B59D4048D43E04B3309698FE638 Validity Not Before: Sep 5 04:18:17 2024 GMT Not After : Oct 31 00:00:00 2025 GMT Subject: CN=66d93109-8bb9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:74:99:60:86:79:37:da:6f:fd:51:b3:7b:5f: 53:7e:b5:44:cc:32:9a:30:7f:d2:3e:65:74:09:fe: 2c:9d:fb:96:02:c0:84:df:3f:08:78:c2:a7:f3:53: 3e:50:2d:59:3b:c6:80:0f:6a:a9:32:4d:18:48:e5: bf:37:58:f8:d8:ed:bd:1c:b0:ed:12:eb:42:c8:47: 24:d8:3e:aa:fd:7b:68:a8:9d:0e:4a:8f:45:1a:b9: 1e:9d:8c:b3:37:19:c3:39:cd:d4:81:69:d7:f9:63: bb:61:fd:95:6b:8a:5d:59:fa:26:2b:f3:5a:75:58: c5:40:ae:5c:83:e0:cb:8e:13:87:50:cc:fa:ea:ed: 8a:90:d2:19:a6:e3:75:c6:86:81:69:ee:98:b6:da: 5e:e2:d8:d5:ad:ca:1b:88:f3:14:40:84:c0:25:39: 4d:c2:69:4f:1e:76:de:be:27:3d:30:ac:90:42:7c: 56:1d:6b:e3:31:1a:66:66:6e:74:a2:0e:cb:8c:86: a5:e6:40:50:20:fd:c0:33:24:f2:bf:85:58:f8:bc: 60:5b:3e:ae:b4:da:39:0a:7d:39:2f:b4:05:04:e1: 4a:ac:c7:ce:2a:65:eb:af:15:8a:3c:75:c0:4b:79: d6:b0:df:1a:01:3d:35:c2:be:f5:63:22:a7:6c:23: b2:1f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A7:DF:29:DA:A4:63:AB:74:A7:FA:1D:92:A9:D5:9E:8E:ED:1A:E2:47 X509v3 Authority Key Identifier: keyid:2D:63:40:77:CC:84:7B:59:D4:04:8D:43:E0:4B:33:09:69:8F:E6:38 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B6587/417D71B4918611EDA84A124DC4F9AE02/LWNAd8yEe1nUBI1D4EszCWmP5jg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LWNAd8yEe1nUBI1D4EszCWmP5jg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B6587/417D71B4918611EDA84A124DC4F9AE02/E9258B3C037211EE9E15EE32C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 45.252.189.0/24 103.114.58.0/23 103.214.20.0/24 103.252.109.0/24 202.37.74.0/24 Signature Algorithm: sha256WithRSAEncryption 5b:78:7e:4e:ca:39:aa:2f:8b:28:b4:b7:3e:18:08:ce:e6:93: 3b:e6:dd:18:53:27:38:09:61:02:52:d8:10:39:a3:3f:51:ee: 8b:47:a7:0e:61:d1:d1:e5:5b:5b:be:11:0d:f5:7b:27:14:f6: 07:cc:0a:4c:49:30:ae:e5:26:8e:0e:c7:90:fb:70:96:bc:e1: f2:e8:cd:86:a9:87:cd:fb:3c:1d:10:b5:dd:d6:fd:56:7b:01: 2a:69:91:64:0b:b8:20:06:7d:f1:d1:b7:70:7d:56:6a:54:0f: 8b:e4:e3:60:e4:25:52:f8:59:dc:75:f1:d6:be:13:5d:f0:ac: 6c:36:0b:8b:8d:68:89:27:64:b6:a5:ca:86:ca:f8:f9:d9:e2: c4:97:a2:1a:dd:7f:03:15:bf:da:18:ef:93:05:44:46:d1:fb: c1:e7:df:f5:99:46:33:91:8f:d6:40:f6:17:88:30:42:81:10: 7e:eb:d1:6d:1b:bc:7f:ec:2d:fe:25:61:4a:dc:b0:3d:be:85: c8:c2:c3:74:16:6c:3e:78:78:c0:ba:c1:95:98:ab:40:08:7c: b3:7d:16:72:00:f6:da:a4:75:d2:1a:17:a2:2a:3b:99:96:2b: 5c:44:5f:31:b7:0b:d3:af:21:fa:53:75:7a:02:43:e9:5f:ee: 16:ff:94:5e -----BEGIN CERTIFICATE----- MIIFiTCCBHGgAwIBAgICAjswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjY1ODcxMTAvBgNVBAUTKDJENjM0MDc3Q0M4NDdCNTlENDA0OEQ0M0UwNEIzMzA5 Njk4RkU2MzgwHhcNMjQwOTA1MDQxODE3WhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NmQ5MzEwOS04YmI5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvHSZYIZ5N9pv/VGze19TfrVEzDKaMH/SPmV0Cf4snfuWAsCE3z8IeMKn81M+ UC1ZO8aAD2qpMk0YSOW/N1j42O29HLDtEutCyEck2D6q/XtoqJ0OSo9FGrkenYyz NxnDOc3UgWnX+WO7Yf2Va4pdWfomK/NadVjFQK5cg+DLjhOHUMz66u2KkNIZpuN1 xoaBae6Yttpe4tjVrcobiPMUQITAJTlNwmlPHnbevic9MKyQQnxWHWvjMRpmZm50 og7LjIal5kBQIP3AMyTyv4VY+LxgWz6utNo5Cn05L7QFBOFKrMfOKmXrrxWKPHXA S3nWsN8aAT01wr71YyKnbCOyHwIDAQABo4ICrTCCAqkwHQYDVR0OBBYEFKffKdqk Y6t0p/odkqnVno7tGuJHMB8GA1UdIwQYMBaAFC1jQHfMhHtZ1ASNQ+BLMwlpj+Y4 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNjU4Ny80MTdENzFCNDkx ODYxMUVEQTg0QTEyNERDNEY5QUUwMi9MV05BZDh5RWUxblVCSTFENEVzekNXbVA1 amcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0xXTkFkOHlFZTFuVUJJMUQ0RXN6Q1dtUDVqZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QjY1ODcvNDE3RDcxQjQ5MTg2MTFFREE4NEExMjREQzRGOUFFMDIvRTkyNThCM0Mw MzcyMTFFRTlFMTVFRTMyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNwYIKwYBBQUHAQcBAf8E KDAmMCQEAgABMB4DBAAt/L0DBAFncjoDBABn1hQDBABn/G0DBADKJUowDQYJKoZI hvcNAQELBQADggEBAFt4fk7KOaoviyi0tz4YCM7mkzvm3RhTJzgJYQJS2BA5oz9R 7otHpw5h0dHlW1u+EQ31eycU9gfMCkxJMK7lJo4Ox5D7cJa84fLozYaph837PB0Q td3W/VZ7ASppkWQLuCAGffHRt3B9VmpUD4vk42DkJVL4Wdx18da+E13wrGw2C4uN aIknZLalyobK+PnZ4sSXohrdfwMVv9oY75MFREbR+8Hn3/WZRjORj9ZA9heIMEKB EH7r0W0bvH/sLf4lYUrcsD2+hcjCw3QWbD54eMC6wZWYq0AIfLN9FnIA9tqkddIa F6IqO5mWK1xEXzG3C9OvIfpTdXoCQ+lf7hb/lF4= -----END CERTIFICATE-----Generated at Thu Nov 21 03:12:03 2024 by rpki-client on console-fra.rpki-client.org