$ rpki-client -vvf rpki.apnic.net/member_repository/A91B6CE4/08ED1788BFC011E8A6A8554BC4F9AE02/B3D4AEB8BFC011E8A7F4204CC4F9AE02.roa File: B3D4AEB8BFC011E8A7F4204CC4F9AE02.roa (raw, json) Hash identifier: KCnIrYwfu7lFXb4I5Fn3ggrFhAeTiDDSoEEewMbwbp4= Subject key identifier: 36:A9:6A:65:F9:DE:60:17:F3:2B:2E:28:BF:F6:6F:C0:D9:A7:FA:DB Certificate issuer: /CN=A91B6CE4/serialNumber=2529C803CB38E751E3696AB7962D823145FCD659 Certificate serial: 122E Authority key identifier: 25:29:C8:03:CB:38:E7:51:E3:69:6A:B7:96:2D:82:31:45:FC:D6:59 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JSnIA8s451HjaWq3li2CMUX81lk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B6CE4/08ED1788BFC011E8A6A8554BC4F9AE02/B3D4AEB8BFC011E8A7F4204CC4F9AE02.roa Signing time: Sun 28 Jul 2024 17:34:52 +0000 ROA not before: Sun 28 Jul 2024 17:34:52 +0000 ROA not after: Tue 30 Sep 2025 00:00:00 +0000 asID: 131247 IP address blocks: 103.68.116.0/22 maxlen: 22 103.68.116.0/23 maxlen: 23 103.68.116.0/24 maxlen: 24 103.68.117.0/24 maxlen: 24 103.68.118.0/23 maxlen: 23 103.68.118.0/24 maxlen: 24 103.68.119.0/24 maxlen: 24 103.230.208.0/22 maxlen: 22 103.230.208.0/23 maxlen: 23 103.230.208.0/24 maxlen: 24 103.230.209.0/24 maxlen: 24 103.230.210.0/23 maxlen: 23 103.230.210.0/24 maxlen: 24 103.230.211.0/24 maxlen: 24 2403:6ec0::/32 maxlen: 32 2403:6ec0:8000::/43 maxlen: 43 2403:6ec0:8020::/43 maxlen: 43 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B6CE4/08ED1788BFC011E8A6A8554BC4F9AE02/JSnIA8s451HjaWq3li2CMUX81lk.crl rsync://rpki.apnic.net/member_repository/A91B6CE4/08ED1788BFC011E8A6A8554BC4F9AE02/JSnIA8s451HjaWq3li2CMUX81lk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JSnIA8s451HjaWq3li2CMUX81lk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Nov 2024 16:30:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4654 (0x122e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B6CE4/serialNumber=2529C803CB38E751E3696AB7962D823145FCD659 Validity Not Before: Jul 28 17:34:52 2024 GMT Not After : Sep 30 00:00:00 2025 GMT Subject: CN=66a6813b-9a59 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:fa:da:db:13:d4:1b:06:8d:f5:61:8a:eb:4f:40: 92:a7:50:97:c2:eb:55:db:af:c3:e2:f9:7c:e5:83: d4:01:8f:76:3b:36:70:d2:85:59:56:a3:1c:96:2e: 11:c2:e4:90:a8:85:81:30:63:be:16:9e:55:a6:ee: 88:b0:99:fa:62:d3:c1:7e:17:e1:96:76:09:99:b7: 16:8d:71:36:62:10:55:b7:c3:69:cb:a7:51:cc:16: 92:5f:0e:29:bf:ed:6b:dc:15:19:03:fb:1a:15:cd: 89:38:5e:68:83:0e:13:62:26:b5:f8:66:02:82:ac: f7:15:d7:92:10:c8:60:45:04:96:e1:2f:9f:21:9e: 24:6a:aa:50:9d:68:04:a2:e4:e1:4f:81:58:64:92: 30:b3:12:d8:15:68:d0:08:88:e1:04:95:b4:d7:30: e6:5c:fc:c1:1d:ac:b8:fe:15:ec:7c:b3:07:45:58: ff:cd:88:2b:cb:b1:2d:ee:5c:8b:0c:2a:2f:13:ed: 17:34:f8:60:5e:c7:62:44:55:e9:a7:a8:5b:c6:d0: aa:83:4b:cc:af:13:62:ca:28:ce:9c:80:0d:38:2a: 58:5a:6d:f9:e7:1e:80:89:f9:f0:2f:29:d9:40:b6: 5e:90:6b:f6:7f:b5:a5:06:c4:89:df:8b:22:14:da: bb:fd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 36:A9:6A:65:F9:DE:60:17:F3:2B:2E:28:BF:F6:6F:C0:D9:A7:FA:DB X509v3 Authority Key Identifier: keyid:25:29:C8:03:CB:38:E7:51:E3:69:6A:B7:96:2D:82:31:45:FC:D6:59 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B6CE4/08ED1788BFC011E8A6A8554BC4F9AE02/JSnIA8s451HjaWq3li2CMUX81lk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JSnIA8s451HjaWq3li2CMUX81lk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B6CE4/08ED1788BFC011E8A6A8554BC4F9AE02/B3D4AEB8BFC011E8A7F4204CC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.68.116.0/22 103.230.208.0/22 IPv6: 2403:6ec0::/32 Signature Algorithm: sha256WithRSAEncryption 67:47:ee:cf:ee:2b:6a:54:aa:fd:c7:11:ee:de:b6:c3:a8:c9: d0:2d:31:81:3a:f6:5e:10:38:4e:ed:a6:f6:4f:c0:23:2c:71: 1b:98:d5:c0:cf:17:81:e8:c0:2c:f2:ec:13:59:e5:8c:55:d1: 07:2a:b8:db:df:53:e4:b5:fd:8f:01:a1:6d:6d:fd:d7:f8:82: b4:0c:a0:29:d8:2e:d0:c0:43:78:2c:a2:db:f9:87:05:6f:39: 72:72:47:a5:16:af:06:3e:4a:03:2b:67:37:94:d1:70:66:f7: a4:78:a0:41:23:1b:a1:ff:97:4a:c1:d8:62:ff:95:98:bc:d8: c7:ed:d3:04:3a:62:78:44:71:45:83:60:cf:bc:1c:c6:95:07: 6e:9a:68:76:2b:b0:40:bf:80:09:2e:4f:63:1c:67:ea:ef:02: c5:55:01:9a:a9:c6:b6:92:46:85:4e:cd:68:89:9e:1d:f4:0d: eb:93:f4:89:8f:33:a9:17:b4:d7:08:f3:5e:68:7d:a4:3d:eb: 18:64:b1:26:5d:dd:95:67:67:04:0f:6f:07:62:23:01:a4:fd: af:fd:ce:82:79:d2:81:ca:30:8d:b6:04:8d:c4:36:1a:00:e2: 36:b4:4b:a5:4b:13:d3:c3:64:86:25:64:82:31:65:79:0c:69: 5b:a1:53:8a -----BEGIN CERTIFICATE----- MIIFhjCCBG6gAwIBAgICEi4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjZDRTQxMTAvBgNVBAUTKDI1MjlDODAzQ0IzOEU3NTFFMzY5NkFCNzk2MkQ4MjMx NDVGQ0Q2NTkwHhcNMjQwNzI4MTczNDUyWhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD VQQDEw02NmE2ODEzYi05YTU5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA+trbE9QbBo31YYrrT0CSp1CXwutV26/D4vl85YPUAY92OzZw0oVZVqMcli4R wuSQqIWBMGO+Fp5Vpu6IsJn6YtPBfhfhlnYJmbcWjXE2YhBVt8Npy6dRzBaSXw4p v+1r3BUZA/saFc2JOF5ogw4TYia1+GYCgqz3FdeSEMhgRQSW4S+fIZ4kaqpQnWgE ouThT4FYZJIwsxLYFWjQCIjhBJW01zDmXPzBHay4/hXsfLMHRVj/zYgry7Et7lyL DCovE+0XNPhgXsdiRFXpp6hbxtCqg0vMrxNiyijOnIANOCpYWm355x6AifnwLynZ QLZekGv2f7WlBsSJ34siFNq7/QIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFDapamX5 3mAX8ysuKL/2b8DZp/rbMB8GA1UdIwQYMBaAFCUpyAPLOOdR42lqt5YtgjFF/NZZ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNkNFNC8wOEVEMTc4OEJG QzAxMUU4QTZBODU1NEJDNEY5QUUwMi9KU25JQThzNDUxSGphV3EzbGkyQ01VWDgx bGsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0pTbklBOHM0NTFIamFXcTNsaTJDTVVYODFsay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QjZDRTQvMDhFRDE3ODhCRkMwMTFFOEE2QTg1NTRCQzRGOUFFMDIvQjNENEFFQjhC RkMwMTFFOEE3RjQyMDRDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E JTAjMBIEAgABMAwDBAJnRHQDBAJn5tAwDQQCAAIwBwMFACQDbsAwDQYJKoZIhvcN AQELBQADggEBAGdH7s/uK2pUqv3HEe7etsOoydAtMYE69l4QOE7tpvZPwCMscRuY 1cDPF4HowCzy7BNZ5YxV0QcquNvfU+S1/Y8BoW1t/df4grQMoCnYLtDAQ3gsotv5 hwVvOXJyR6UWrwY+SgMrZzeU0XBm96R4oEEjG6H/l0rB2GL/lZi82Mft0wQ6YnhE cUWDYM+8HMaVB26aaHYrsEC/gAkuT2McZ+rvAsVVAZqpxraSRoVOzWiJnh30DeuT 9ImPM6kXtNcI815ofaQ96xhksSZd3ZVnZwQPbwdiIwGk/a/9zoJ50oHKMI22BI3E NhoA4ja0S6VLE9PDZIYlZIIxZXkMaVuhU4o= -----END CERTIFICATE-----Generated at Fri Nov 22 17:56:19 2024 by rpki-client on console-fra.rpki-client.org