$ rpki-client -vvf rpki.apnic.net/member_repository/A91B6F87/B1CD71F0268811EBBE7C682BC4F9AE02/6AB849742C9C11EBB49A3A32C4F9AE02.roa File: 6AB849742C9C11EBB49A3A32C4F9AE02.roa (raw, json) Hash identifier: +ebPDBzqWaOOxu18OJS9gA27Iyig6p/f8enEMBE6spw= Subject key identifier: DB:9D:D0:BD:5E:34:FF:3C:1D:D5:89:9E:96:5C:C1:BD:A1:75:9E:6E Certificate issuer: /CN=A91B6F87/serialNumber=7A5474123C548817E25F3484CC26B60B0641BD69 Certificate serial: 06B0 Authority key identifier: 7A:54:74:12:3C:54:88:17:E2:5F:34:84:CC:26:B6:0B:06:41:BD:69 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/elR0EjxUiBfiXzSEzCa2CwZBvWk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B6F87/B1CD71F0268811EBBE7C682BC4F9AE02/6AB849742C9C11EBB49A3A32C4F9AE02.roa Signing time: Tue 14 May 2024 23:33:43 +0000 ROA not before: Tue 14 May 2024 23:33:43 +0000 ROA not after: Tue 01 Jul 2025 00:00:00 +0000 asID: 45178 IP address blocks: 103.28.132.0/22 maxlen: 24 103.112.164.0/22 maxlen: 22 103.112.164.0/24 maxlen: 24 103.112.165.0/24 maxlen: 24 111.125.152.0/21 maxlen: 21 111.125.152.0/22 maxlen: 22 111.125.152.0/23 maxlen: 23 111.125.152.0/24 maxlen: 24 111.125.153.0/24 maxlen: 24 111.125.154.0/24 maxlen: 24 111.125.155.0/24 maxlen: 24 111.125.156.0/24 maxlen: 24 111.125.157.0/24 maxlen: 24 111.125.158.0/24 maxlen: 24 111.125.159.0/24 maxlen: 24 116.206.188.0/24 maxlen: 24 116.206.189.0/24 maxlen: 24 116.206.190.0/24 maxlen: 24 203.174.27.0/24 maxlen: 24 2406:d100::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B6F87/B1CD71F0268811EBBE7C682BC4F9AE02/elR0EjxUiBfiXzSEzCa2CwZBvWk.crl rsync://rpki.apnic.net/member_repository/A91B6F87/B1CD71F0268811EBBE7C682BC4F9AE02/elR0EjxUiBfiXzSEzCa2CwZBvWk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/elR0EjxUiBfiXzSEzCa2CwZBvWk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Nov 2024 20:43:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1712 (0x6b0) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B6F87/serialNumber=7A5474123C548817E25F3484CC26B60B0641BD69 Validity Not Before: May 14 23:33:43 2024 GMT Not After : Jul 1 00:00:00 2025 GMT Subject: CN=6643f4d7-bffe Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:4a:a4:cf:54:43:ad:54:01:c3:54:8a:af:c7: a0:87:b7:9f:b7:d1:43:a0:80:e7:6f:82:aa:08:1f: 26:9e:18:83:74:39:32:c9:76:6a:1b:45:1e:08:6c: 92:62:aa:e0:4b:84:c6:94:93:4c:9d:0c:51:45:52: 8b:bf:12:48:ce:e5:82:82:52:62:33:3a:c8:68:17: 43:53:c0:66:d6:ee:b0:fc:71:9a:d6:a6:6f:c4:10: 7e:6f:6a:00:5f:1c:18:37:d7:0a:a8:94:41:14:e7: 30:ea:f6:af:df:eb:76:14:b7:67:f0:d5:95:e4:71: a1:20:8e:ca:50:b1:1d:40:7e:72:26:05:d0:a2:25: bd:43:ec:df:41:da:4b:f9:8b:05:43:38:0c:c8:e2: 20:6b:86:bd:cd:41:a5:c5:db:7e:a6:ac:63:d7:a6: f8:1b:d2:cc:e6:a1:ed:45:b5:48:4c:fd:95:ec:07: 03:65:12:c0:18:56:03:64:99:d3:b7:a8:89:cc:70: 7a:15:fc:f6:1c:37:e7:d0:4d:87:24:6e:36:ca:cf: 77:89:ac:d4:c0:0c:b4:74:08:23:9d:20:45:55:0d: d2:c0:60:64:2e:68:3d:52:b1:3b:d9:89:9c:1b:2e: fd:20:61:f6:45:bd:af:92:8a:68:95:d2:65:21:7b: a8:8f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DB:9D:D0:BD:5E:34:FF:3C:1D:D5:89:9E:96:5C:C1:BD:A1:75:9E:6E X509v3 Authority Key Identifier: keyid:7A:54:74:12:3C:54:88:17:E2:5F:34:84:CC:26:B6:0B:06:41:BD:69 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B6F87/B1CD71F0268811EBBE7C682BC4F9AE02/elR0EjxUiBfiXzSEzCa2CwZBvWk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/elR0EjxUiBfiXzSEzCa2CwZBvWk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B6F87/B1CD71F0268811EBBE7C682BC4F9AE02/6AB849742C9C11EBB49A3A32C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.28.132.0/22 103.112.164.0/22 111.125.152.0/21 116.206.188.0-116.206.190.255 203.174.27.0/24 IPv6: 2406:d100::/32 Signature Algorithm: sha256WithRSAEncryption 69:66:fd:a9:c7:ea:98:13:14:5a:e2:21:90:ab:fe:c9:4e:b3: 6c:62:ea:77:b6:ca:22:40:41:94:1d:dd:42:c7:68:f2:bc:d4: 67:89:93:3b:7b:e9:78:dd:d9:98:9f:c8:53:e2:6d:29:66:a0: 33:b0:f4:b9:d8:7c:9f:12:c0:2b:5d:56:b2:43:d7:29:3e:fd: 50:6b:41:15:7f:7d:3e:38:1b:27:fd:3e:60:18:31:14:16:2f: 43:0c:25:4b:7e:9b:a5:d3:bc:f6:26:ef:62:4a:b5:e0:97:4b: 2a:dd:e5:c3:94:b6:b1:45:b3:3d:5c:11:87:f5:0c:71:3c:cf: 70:e5:ec:63:dd:87:ae:e3:52:c1:9b:2a:02:be:33:c3:23:3d: 4b:f4:81:16:ec:c5:c7:3d:ae:da:ac:55:99:b3:01:ab:4e:ad: ca:32:fb:8d:2f:a8:e6:82:3b:c6:c7:be:44:5e:66:ef:b8:14: d4:44:c7:f4:09:15:c2:fa:9e:31:fc:dc:01:ef:54:8f:1e:f7: 26:91:57:4f:44:02:a0:f8:cf:a4:c0:bb:32:66:70:f3:92:89: 37:f8:7f:92:d7:24:65:73:de:b7:f8:3c:5c:3f:d1:4c:8e:15: d8:44:7c:8c:9b:bc:80:08:b8:e1:46:65:9d:e4:6a:46:1b:81: 7a:c2:1a:fd -----BEGIN CERTIFICATE----- MIIFoDCCBIigAwIBAgICBrAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjZGODcxMTAvBgNVBAUTKDdBNTQ3NDEyM0M1NDg4MTdFMjVGMzQ4NENDMjZCNjBC MDY0MUJENjkwHhcNMjQwNTE0MjMzMzQzWhcNMjUwNzAxMDAwMDAwWjAYMRYwFAYD VQQDEw02NjQzZjRkNy1iZmZlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAyEqkz1RDrVQBw1SKr8egh7eft9FDoIDnb4KqCB8mnhiDdDkyyXZqG0UeCGyS YqrgS4TGlJNMnQxRRVKLvxJIzuWCglJiMzrIaBdDU8Bm1u6w/HGa1qZvxBB+b2oA XxwYN9cKqJRBFOcw6vav3+t2FLdn8NWV5HGhII7KULEdQH5yJgXQoiW9Q+zfQdpL +YsFQzgMyOIga4a9zUGlxdt+pqxj16b4G9LM5qHtRbVITP2V7AcDZRLAGFYDZJnT t6iJzHB6Ffz2HDfn0E2HJG42ys93iazUwAy0dAgjnSBFVQ3SwGBkLmg9UrE72Ymc Gy79IGH2Rb2vkopoldJlIXuojwIDAQABo4ICxDCCAsAwHQYDVR0OBBYEFNud0L1e NP88HdWJnpZcwb2hdZ5uMB8GA1UdIwQYMBaAFHpUdBI8VIgX4l80hMwmtgsGQb1p MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNkY4Ny9CMUNENzFGMDI2 ODgxMUVCQkU3QzY4MkJDNEY5QUUwMi9lbFIwRWp4VWlCZmlYelNFekNhMkN3WkJ2 V2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2VsUjBFanhVaUJmaVh6U0V6Q2EyQ3daQnZXay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QjZGODcvQjFDRDcxRjAyNjg4MTFFQkJFN0M2ODJCQzRGOUFFMDIvNkFCODQ5NzQy QzlDMTFFQkI0OUEzQTMyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwTgYIKwYBBQUHAQcBAf8E PzA9MCwEAgABMCYDBAJnHIQDBAJncKQDBANvfZgwDAMEAnTOvAMEAHTOvgMEAMuu GzANBAIAAjAHAwUAJAbRADANBgkqhkiG9w0BAQsFAAOCAQEAaWb9qcfqmBMUWuIh kKv+yU6zbGLqd7bKIkBBlB3dQsdo8rzUZ4mTO3vpeN3ZmJ/IU+JtKWagM7D0udh8 nxLAK11WskPXKT79UGtBFX99PjgbJ/0+YBgxFBYvQwwlS36bpdO89ibvYkq14JdL Kt3lw5S2sUWzPVwRh/UMcTzPcOXsY92HruNSwZsqAr4zwyM9S/SBFuzFxz2u2qxV mbMBq06tyjL7jS+o5oI7xse+RF5m77gU1ETH9AkVwvqeMfzcAe9Ujx73JpFXT0QC oPjPpMC7MmZw85KJN/h/ktckZXPet/g8XD/RTI4V2ER8jJu8gAi44UZlneRqRhuB esIa/Q== -----END CERTIFICATE-----Generated at Fri Nov 22 22:24:11 2024 by rpki-client on console-fra.rpki-client.org