$ rpki-client -vvf rpki.apnic.net/member_repository/A91B6587/417D71B4918611EDA84A124DC4F9AE02/F9A864386AAB11EF8FEBE576C4F9AE02.roa File: F9A864386AAB11EF8FEBE576C4F9AE02.roa (raw, json) Hash identifier: Q+LuT/2pIJ9IStVr144XnzBFQZyXtxyXwoGNHoKHCCk= Subject key identifier: 53:25:24:61:21:7C:79:A6:72:20:74:CB:6D:40:C1:DE:42:C6:4A:86 Certificate issuer: /CN=A91B6587/serialNumber=2D634077CC847B59D4048D43E04B3309698FE638 Certificate serial: 0239 Authority key identifier: 2D:63:40:77:CC:84:7B:59:D4:04:8D:43:E0:4B:33:09:69:8F:E6:38 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LWNAd8yEe1nUBI1D4EszCWmP5jg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B6587/417D71B4918611EDA84A124DC4F9AE02/F9A864386AAB11EF8FEBE576C4F9AE02.roa Signing time: Thu 05 Sep 2024 04:18:16 +0000 ROA not before: Thu 05 Sep 2024 04:18:16 +0000 ROA not after: Fri 31 Oct 2025 00:00:00 +0000 asID: 133499 IP address blocks: 43.225.188.0/24 maxlen: 24 43.225.190.0/24 maxlen: 24 43.228.236.0/24 maxlen: 24 43.228.238.0/24 maxlen: 24 43.228.239.0/24 maxlen: 24 103.84.120.0/22 maxlen: 24 103.194.113.0/24 maxlen: 24 103.240.164.0/22 maxlen: 24 103.241.52.0/22 maxlen: 22 103.241.52.0/24 maxlen: 24 103.241.53.0/24 maxlen: 24 103.241.54.0/24 maxlen: 24 103.241.55.0/24 maxlen: 24 103.252.110.0/24 maxlen: 24 150.107.226.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B6587/417D71B4918611EDA84A124DC4F9AE02/LWNAd8yEe1nUBI1D4EszCWmP5jg.crl rsync://rpki.apnic.net/member_repository/A91B6587/417D71B4918611EDA84A124DC4F9AE02/LWNAd8yEe1nUBI1D4EszCWmP5jg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LWNAd8yEe1nUBI1D4EszCWmP5jg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 01 Dec 2024 23:39:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 569 (0x239) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B6587/serialNumber=2D634077CC847B59D4048D43E04B3309698FE638 Validity Not Before: Sep 5 04:18:16 2024 GMT Not After : Oct 31 00:00:00 2025 GMT Subject: CN=66d93108-8097 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:80:09:7e:89:08:0b:a6:a6:8c:13:7a:4f:9c: 9e:95:e7:8a:42:bc:d0:b1:09:ae:66:73:73:36:04: e0:69:5c:5f:ef:19:2e:7b:97:d7:c5:63:7f:18:ea: 1c:13:ff:bf:70:3b:ac:5b:5c:6b:6a:b7:5d:10:93: 25:72:bd:09:33:07:ba:65:52:f1:12:5c:3b:f7:62: 33:36:ae:18:7f:21:36:c3:9e:03:1f:c0:4b:15:05: be:19:79:83:c6:f1:52:4d:1b:4b:bb:3f:7a:8c:e4: 94:b1:14:b2:1a:ad:67:57:d5:c8:20:66:ad:65:b1: 1b:20:b6:5d:a7:09:0a:db:4a:ed:a2:bc:a4:b7:7b: 35:93:13:e3:4a:59:ea:ad:d2:d5:0d:dd:ed:01:f0: 1f:e2:73:80:83:cc:b5:6b:b3:22:c1:93:4a:d6:b1: 5a:70:58:88:28:c9:08:33:45:f8:db:8a:cd:34:cd: c9:19:b5:b8:cc:12:67:5b:49:3a:13:79:e1:a2:8a: 9b:fb:70:52:cc:0f:a0:31:5e:16:f6:3b:32:cc:60: ba:70:6e:31:ff:27:96:fe:e0:85:f8:b5:35:b6:a5: 0d:1e:39:cc:f7:18:e3:33:ef:f4:01:96:3b:fb:b3: 07:e9:f2:d9:b9:d4:2b:ca:ba:ff:33:7b:70:d7:73: 80:c1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 53:25:24:61:21:7C:79:A6:72:20:74:CB:6D:40:C1:DE:42:C6:4A:86 X509v3 Authority Key Identifier: keyid:2D:63:40:77:CC:84:7B:59:D4:04:8D:43:E0:4B:33:09:69:8F:E6:38 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B6587/417D71B4918611EDA84A124DC4F9AE02/LWNAd8yEe1nUBI1D4EszCWmP5jg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LWNAd8yEe1nUBI1D4EszCWmP5jg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B6587/417D71B4918611EDA84A124DC4F9AE02/F9A864386AAB11EF8FEBE576C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.225.188.0/24 43.225.190.0/24 43.228.236.0/24 43.228.238.0/23 103.84.120.0/22 103.194.113.0/24 103.240.164.0/22 103.241.52.0/22 103.252.110.0/24 150.107.226.0/24 Signature Algorithm: sha256WithRSAEncryption 6f:a2:56:d3:5e:f3:d2:7c:16:34:0d:b4:e4:13:07:c3:bd:d6: 6c:43:0e:82:54:73:25:ae:28:f9:1a:31:83:a5:bf:24:19:a6: 10:57:c9:d9:45:8a:d6:c1:54:d7:13:c9:c5:53:df:f0:ed:6b: 6e:d5:7d:06:f0:da:3e:2a:9f:b0:93:9d:a0:d4:83:a3:74:5d: b8:62:ac:d1:56:d2:c8:81:db:9e:75:78:6d:a5:e3:10:f7:14: 23:23:76:a5:5f:68:df:61:0f:14:9d:ea:9a:31:cf:a0:95:e2: 7a:84:60:c7:2e:9f:36:60:51:64:0c:f5:d6:a1:a2:aa:72:87: 0b:79:5b:7c:6a:da:8e:e6:ff:92:3a:59:01:a7:a1:64:44:b3: 30:ea:6d:f2:bc:ef:37:24:66:1f:3c:53:9b:eb:f2:56:30:8f: 22:ee:22:4d:cb:24:92:59:18:64:97:08:9e:76:a2:46:d4:67: 68:62:fe:29:ed:30:71:fa:81:d8:ed:cf:7a:5d:a4:22:98:5d: 0f:e3:c8:fc:5f:f2:d8:ea:7b:97:a2:1c:f7:44:29:48:f0:c2: 13:56:ec:e4:2c:c6:82:49:52:fc:0f:33:56:7c:37:df:40:3b: 96:72:bc:30:04:c7:f1:db:d5:cc:79:c8:f4:ca:72:9c:f8:31: e2:6a:5e:99 -----BEGIN CERTIFICATE----- MIIFpzCCBI+gAwIBAgICAjkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjY1ODcxMTAvBgNVBAUTKDJENjM0MDc3Q0M4NDdCNTlENDA0OEQ0M0UwNEIzMzA5 Njk4RkU2MzgwHhcNMjQwOTA1MDQxODE2WhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NmQ5MzEwOC04MDk3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAw4AJfokIC6amjBN6T5yeleeKQrzQsQmuZnNzNgTgaVxf7xkue5fXxWN/GOoc E/+/cDusW1xrarddEJMlcr0JMwe6ZVLxElw792IzNq4YfyE2w54DH8BLFQW+GXmD xvFSTRtLuz96jOSUsRSyGq1nV9XIIGatZbEbILZdpwkK20rtorykt3s1kxPjSlnq rdLVDd3tAfAf4nOAg8y1a7MiwZNK1rFacFiIKMkIM0X424rNNM3JGbW4zBJnW0k6 E3nhooqb+3BSzA+gMV4W9jsyzGC6cG4x/yeW/uCF+LU1tqUNHjnM9xjjM+/0AZY7 +7MH6fLZudQryrr/M3tw13OAwQIDAQABo4ICyzCCAscwHQYDVR0OBBYEFFMlJGEh fHmmciB0y21Awd5CxkqGMB8GA1UdIwQYMBaAFC1jQHfMhHtZ1ASNQ+BLMwlpj+Y4 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNjU4Ny80MTdENzFCNDkx ODYxMUVEQTg0QTEyNERDNEY5QUUwMi9MV05BZDh5RWUxblVCSTFENEVzekNXbVA1 amcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0xXTkFkOHlFZTFuVUJJMUQ0RXN6Q1dtUDVqZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QjY1ODcvNDE3RDcxQjQ5MTg2MTFFREE4NEExMjREQzRGOUFFMDIvRjlBODY0Mzg2 QUFCMTFFRjhGRUJFNTc2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwVQYIKwYBBQUHAQcBAf8E RjBEMEIEAgABMDwDBAAr4bwDBAAr4b4DBAAr5OwDBAEr5O4DBAJnVHgDBABnwnED BAJn8KQDBAJn8TQDBABn/G4DBACWa+IwDQYJKoZIhvcNAQELBQADggEBAG+iVtNe 89J8FjQNtOQTB8O91mxDDoJUcyWuKPkaMYOlvyQZphBXydlFitbBVNcTycVT3/Dt a27VfQbw2j4qn7CTnaDUg6N0XbhirNFW0siB2551eG2l4xD3FCMjdqVfaN9hDxSd 6poxz6CV4nqEYMcunzZgUWQM9dahoqpyhwt5W3xq2o7m/5I6WQGnoWREszDqbfK8 7zckZh88U5vr8lYwjyLuIk3LJJJZGGSXCJ52okbUZ2hi/intMHH6gdjtz3pdpCKY XQ/jyPxf8tjqe5eiHPdEKUjwwhNW7OQsxoJJUvwPM1Z8N99AO5ZyvDAEx/Hb1cx5 yPTKcpz4MeJqXpk= -----END CERTIFICATE-----Generated at Mon Nov 25 03:00:25 2024 by rpki-client on console-fra.rpki-client.org