$ rpki-client -vvf rpki.apnic.net/member_repository/A91B727C/9D77C6D4028F11E99D81F640C4F9AE02/B58038B838FF11EAB8D91529C4F9AE02.roa File: B58038B838FF11EAB8D91529C4F9AE02.roa (raw, json) Hash identifier: C4mKsLu4av6lDwi9z2POYETSEDAk50weN2HJGZRxJyg= Subject key identifier: 52:C0:81:49:74:E4:F8:0A:94:7F:D9:83:30:6D:C2:D2:45:41:C4:B5 Certificate issuer: /CN=A91B727C/serialNumber=1D882C8CF2434CC9BBFD79191DC2C6982926E8AB Certificate serial: 107E Authority key identifier: 1D:88:2C:8C:F2:43:4C:C9:BB:FD:79:19:1D:C2:C6:98:29:26:E8:AB Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HYgsjPJDTMm7_XkZHcLGmCkm6Ks.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B727C/9D77C6D4028F11E99D81F640C4F9AE02/B58038B838FF11EAB8D91529C4F9AE02.roa Signing time: Wed 20 Dec 2023 18:05:39 +0000 ROA not before: Wed 20 Dec 2023 18:05:39 +0000 ROA not after: Mon 31 Mar 2025 00:00:00 +0000 asID: 138505 IP address blocks: 103.127.68.0/22 maxlen: 22 103.127.68.0/23 maxlen: 23 103.127.68.0/24 maxlen: 24 103.127.69.0/24 maxlen: 24 103.127.70.0/23 maxlen: 23 103.127.70.0/24 maxlen: 24 103.127.71.0/24 maxlen: 24 2404:19c0::/32 maxlen: 32 2404:19c0::/36 maxlen: 36 2404:19c0:1000::/36 maxlen: 36 2404:19c0:2000::/36 maxlen: 36 2404:19c0:3000::/36 maxlen: 36 2404:19c0:4000::/36 maxlen: 36 2404:19c0:5000::/36 maxlen: 36 2404:19c0:6000::/36 maxlen: 36 2404:19c0:7000::/36 maxlen: 36 2404:19c0:8000::/36 maxlen: 36 2404:19c0:9000::/36 maxlen: 36 2404:19c0:a000::/36 maxlen: 36 2404:19c0:b000::/36 maxlen: 36 2404:19c0:c000::/36 maxlen: 36 2404:19c0:d000::/36 maxlen: 36 2404:19c0:e000::/36 maxlen: 36 2404:19c0:f000::/36 maxlen: 36 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B727C/9D77C6D4028F11E99D81F640C4F9AE02/HYgsjPJDTMm7_XkZHcLGmCkm6Ks.crl rsync://rpki.apnic.net/member_repository/A91B727C/9D77C6D4028F11E99D81F640C4F9AE02/HYgsjPJDTMm7_XkZHcLGmCkm6Ks.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HYgsjPJDTMm7_XkZHcLGmCkm6Ks.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Nov 2024 17:17:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4222 (0x107e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B727C/serialNumber=1D882C8CF2434CC9BBFD79191DC2C6982926E8AB Validity Not Before: Dec 20 18:05:39 2023 GMT Not After : Mar 31 00:00:00 2025 GMT Subject: CN=65832cf3-3c56 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:02:d4:d9:e1:4e:d5:41:1b:09:8b:be:13:5f: ed:4b:d4:4e:40:76:e4:5b:5c:ef:4e:99:9b:e2:95: 4b:a6:78:55:28:c6:82:f0:9a:c0:d8:96:4a:c9:40: dd:23:1f:fb:0f:bd:66:3a:24:c2:65:e1:02:8a:33: c2:93:18:f6:ce:10:7e:a2:9e:cf:bb:37:47:f4:48: fa:cf:57:81:b0:4f:83:84:b6:fa:5f:20:26:ce:2b: ea:35:fe:dd:2d:0f:cf:cd:bd:de:76:96:a6:12:31: f3:ce:6c:ae:74:87:99:4f:70:2d:17:ab:ab:ec:70: a1:78:a4:52:e4:e9:07:6d:bd:94:4e:f7:74:4f:27: e5:2a:48:f4:e0:77:9c:70:1f:c7:a1:e1:a9:10:18: ad:fa:6b:48:b3:85:79:70:6c:3f:7e:27:ec:e5:cc: 0f:cc:99:37:fa:24:42:85:cd:dd:f1:d2:1e:db:67: a0:1f:d8:9d:31:5f:fe:05:3d:cd:57:24:02:22:b7: 88:71:cb:06:9a:6c:99:65:9e:93:17:6b:05:6c:2e: 0b:bb:2c:f2:20:df:71:d9:76:a2:55:cf:60:52:f8: 06:e2:db:1f:87:67:fb:1c:fc:e2:2b:6e:01:31:39: ed:13:d2:c7:90:f0:52:af:bc:3c:b6:37:31:e6:a7: 96:13 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 52:C0:81:49:74:E4:F8:0A:94:7F:D9:83:30:6D:C2:D2:45:41:C4:B5 X509v3 Authority Key Identifier: keyid:1D:88:2C:8C:F2:43:4C:C9:BB:FD:79:19:1D:C2:C6:98:29:26:E8:AB X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B727C/9D77C6D4028F11E99D81F640C4F9AE02/HYgsjPJDTMm7_XkZHcLGmCkm6Ks.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HYgsjPJDTMm7_XkZHcLGmCkm6Ks.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B727C/9D77C6D4028F11E99D81F640C4F9AE02/B58038B838FF11EAB8D91529C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.127.68.0/22 IPv6: 2404:19c0::/32 Signature Algorithm: sha256WithRSAEncryption bd:d1:ab:bc:a0:1b:ad:d4:62:23:2e:f3:79:b8:88:1c:5d:2b: af:35:f5:d5:c7:98:29:dd:c3:ab:0c:04:cd:58:0a:c3:48:df: 0b:e7:38:12:1f:bd:aa:d7:38:3f:ad:cc:96:ca:08:98:e4:ae: c1:6a:fe:49:7d:b8:84:d0:20:67:8c:eb:35:cc:a6:1a:42:82: 79:4f:14:0c:01:14:4c:a1:79:ab:e1:d5:9d:6f:5c:5a:4b:be: a5:3b:0d:5d:79:64:13:3b:2d:4b:30:5d:4c:41:57:6d:a2:03: 35:a9:d3:c0:64:bd:55:ca:e2:8a:a0:7b:84:5b:56:5c:46:ea: f2:83:21:61:a8:fd:f6:1d:28:e8:a7:1a:4b:5b:98:68:47:b5: 13:ba:79:c6:ca:b6:ce:74:3f:ef:0a:33:98:27:98:12:46:06: 9b:8b:7e:bc:2b:ae:19:a5:74:bb:22:31:7d:54:51:ec:f0:4e: 0f:f5:04:6e:f0:1f:78:4a:4b:64:ce:58:4b:5d:83:7d:55:ed: 5f:d6:83:e6:70:f6:e5:62:f2:12:31:dc:ad:15:9a:ae:29:92: 51:55:e6:61:f4:0d:d4:c6:c2:fe:15:5b:54:63:94:ee:f7:b4: 67:d7:f3:0e:45:85:f8:56:fa:b7:d3:97:c1:a7:5f:a7:57:ec: 4b:5f:ce:a1 -----BEGIN CERTIFICATE----- MIIFgDCCBGigAwIBAgICEH4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjcyN0MxMTAvBgNVBAUTKDFEODgyQzhDRjI0MzRDQzlCQkZENzkxOTFEQzJDNjk4 MjkyNkU4QUIwHhcNMjMxMjIwMTgwNTM5WhcNMjUwMzMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NTgzMmNmMy0zYzU2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAoQLU2eFO1UEbCYu+E1/tS9ROQHbkW1zvTpmb4pVLpnhVKMaC8JrA2JZKyUDd Ix/7D71mOiTCZeECijPCkxj2zhB+op7PuzdH9Ej6z1eBsE+DhLb6XyAmzivqNf7d LQ/Pzb3edpamEjHzzmyudIeZT3AtF6ur7HCheKRS5OkHbb2UTvd0TyflKkj04Hec cB/HoeGpEBit+mtIs4V5cGw/fifs5cwPzJk3+iRChc3d8dIe22egH9idMV/+BT3N VyQCIreIccsGmmyZZZ6TF2sFbC4LuyzyIN9x2XaiVc9gUvgG4tsfh2f7HPziK24B MTntE9LHkPBSr7w8tjcx5qeWEwIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFFLAgUl0 5PgKlH/ZgzBtwtJFQcS1MB8GA1UdIwQYMBaAFB2ILIzyQ0zJu/15GR3CxpgpJuir MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNzI3Qy85RDc3QzZENDAy OEYxMUU5OUQ4MUY2NDBDNEY5QUUwMi9IWWdzalBKRFRNbTdfWGtaSGNMR21Da202 S3MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0hZZ3NqUEpEVE1tN19Ya1pIY0xHbUNrbTZLcy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QjcyN0MvOUQ3N0M2RDQwMjhGMTFFOTlEODFGNjQwQzRGOUFFMDIvQjU4MDM4Qjgz OEZGMTFFQUI4RDkxNTI5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E HzAdMAwEAgABMAYDBAJnf0QwDQQCAAIwBwMFACQEGcAwDQYJKoZIhvcNAQELBQAD ggEBAL3Rq7ygG63UYiMu83m4iBxdK6819dXHmCndw6sMBM1YCsNI3wvnOBIfvarX OD+tzJbKCJjkrsFq/kl9uITQIGeM6zXMphpCgnlPFAwBFEyheavh1Z1vXFpLvqU7 DV15ZBM7LUswXUxBV22iAzWp08BkvVXK4oqge4RbVlxG6vKDIWGo/fYdKOinGktb mGhHtRO6ecbKts50P+8KM5gnmBJGBpuLfrwrrhmldLsiMX1UUezwTg/1BG7wH3hK S2TOWEtdg31V7V/Wg+Zw9uVi8hIx3K0Vmq4pklFV5mH0DdTGwv4VW1RjlO73tGfX 8w5FhfhW+rfTl8GnX6dX7EtfzqE= -----END CERTIFICATE-----Generated at Fri Nov 22 19:45:02 2024 by rpki-client on console-fra.rpki-client.org