$ rpki-client -vvf rpki.apnic.net/member_repository/A91B777C/6CD8133CB2DA11EB8B384A60C4F9AE02/10BBF6CEB2E711EB8A61B44EC4F9AE02.roa File: 10BBF6CEB2E711EB8A61B44EC4F9AE02.roa (raw, json) Hash identifier: 71YGKNQuEj1eOHiH3hSh40TaFwuCn87ADtJkRqIHklk= Subject key identifier: BB:97:6F:C6:80:56:9D:A0:C3:C7:CE:AD:73:42:08:75:04:15:7E:AC Certificate issuer: /CN=A91B777C/serialNumber=7EBB3B41C97F3313FAE781EF63323C4AF62B8FB7 Certificate serial: 04CE Authority key identifier: 7E:BB:3B:41:C9:7F:33:13:FA:E7:81:EF:63:32:3C:4A:F6:2B:8F:B7 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/frs7Qcl_MxP654HvYzI8SvYrj7c.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B777C/6CD8133CB2DA11EB8B384A60C4F9AE02/10BBF6CEB2E711EB8A61B44EC4F9AE02.roa Signing time: Tue 07 Nov 2023 00:52:30 +0000 ROA not before: Tue 07 Nov 2023 00:52:30 +0000 ROA not after: Sun 02 Mar 2025 00:00:00 +0000 asID: 133847 IP address blocks: 43.224.88.0/22 maxlen: 24 43.242.108.0/22 maxlen: 24 103.12.60.0/22 maxlen: 24 103.38.20.0/22 maxlen: 24 103.43.108.0/22 maxlen: 24 103.199.148.0/22 maxlen: 24 103.207.72.0/22 maxlen: 24 137.59.80.0/22 maxlen: 24 210.16.124.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B777C/6CD8133CB2DA11EB8B384A60C4F9AE02/frs7Qcl_MxP654HvYzI8SvYrj7c.crl rsync://rpki.apnic.net/member_repository/A91B777C/6CD8133CB2DA11EB8B384A60C4F9AE02/frs7Qcl_MxP654HvYzI8SvYrj7c.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/frs7Qcl_MxP654HvYzI8SvYrj7c.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 Nov 2024 20:33:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1230 (0x4ce) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B777C/serialNumber=7EBB3B41C97F3313FAE781EF63323C4AF62B8FB7 Validity Not Before: Nov 7 00:52:30 2023 GMT Not After : Mar 2 00:00:00 2025 GMT Subject: CN=65498a4e-6dde Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:68:b2:7b:df:ad:8f:58:e4:14:e9:48:fe:9f: bc:29:ce:02:a3:ce:8b:cd:0a:5e:a8:c5:3c:91:0a: 43:06:21:24:d3:43:b4:8e:ac:81:78:ac:a6:76:65: 7b:57:15:f2:47:ce:69:5d:8c:1b:36:9b:52:de:3b: 0a:d6:08:29:d5:31:1e:81:4f:65:ee:2a:7e:cc:a4: 4c:79:a1:57:c8:0c:48:60:7c:49:39:82:9e:44:05: 6b:0f:e1:0e:70:0b:d0:b4:db:ec:b3:66:64:50:93: d1:10:47:fe:05:b4:09:8a:60:2b:ba:73:15:93:fe: 5e:e0:0a:1f:64:46:1e:58:71:6a:29:2a:90:5a:6a: 7c:da:2c:4f:de:ad:dd:85:e3:67:9d:37:21:a9:79: 96:86:2c:8d:8a:ba:94:4a:1d:e6:86:75:76:22:61: df:1c:c8:57:fa:b9:70:47:cf:d2:b9:d3:86:20:5d: 46:92:bc:ed:3b:29:6e:70:3f:57:74:76:82:22:6d: 77:d8:e5:c2:17:db:94:a5:5e:bd:20:32:a0:75:cd: ee:f9:cc:36:4e:43:49:3d:b8:ab:dc:e5:0f:0b:72: 64:0a:e4:ed:a6:1c:2e:2d:d2:ee:39:f8:9e:25:ac: 6f:83:09:3d:8e:f7:e2:7f:fb:e9:72:51:7f:3c:f4: 6c:29 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BB:97:6F:C6:80:56:9D:A0:C3:C7:CE:AD:73:42:08:75:04:15:7E:AC X509v3 Authority Key Identifier: keyid:7E:BB:3B:41:C9:7F:33:13:FA:E7:81:EF:63:32:3C:4A:F6:2B:8F:B7 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B777C/6CD8133CB2DA11EB8B384A60C4F9AE02/frs7Qcl_MxP654HvYzI8SvYrj7c.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/frs7Qcl_MxP654HvYzI8SvYrj7c.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B777C/6CD8133CB2DA11EB8B384A60C4F9AE02/10BBF6CEB2E711EB8A61B44EC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.224.88.0/22 43.242.108.0/22 103.12.60.0/22 103.38.20.0/22 103.43.108.0/22 103.199.148.0/22 103.207.72.0/22 137.59.80.0/22 210.16.124.0/22 Signature Algorithm: sha256WithRSAEncryption 16:19:21:ec:57:bf:09:30:07:77:80:b2:36:fe:02:df:b3:0c: 7c:fe:52:67:9e:47:aa:9d:52:6f:3b:88:e2:1d:e4:08:04:96: c4:fa:18:1f:4e:b3:27:3d:8d:2e:d7:97:07:68:09:e7:46:25: a7:89:fb:c7:30:3b:64:73:ea:33:8b:17:0e:6d:50:75:00:25: df:29:94:a1:24:ce:e7:1d:46:8b:f5:a8:bc:70:8c:fc:64:6b: 60:9e:dd:32:9e:11:95:ad:24:43:05:2c:e0:45:cd:e1:25:31: b9:0f:28:af:1a:89:88:56:02:51:7f:60:83:98:d9:94:0f:e7: 1c:93:4f:46:56:38:e2:71:4b:e3:ed:d1:6d:32:b0:f4:d7:d8: f0:07:b4:71:05:80:52:36:56:79:01:7a:cf:e4:09:68:fe:00: 4f:f6:01:56:14:9b:71:42:b8:cd:c0:48:25:26:4b:b8:44:1f: b9:b3:cc:6c:87:8d:6e:bf:93:c9:9e:9c:43:b0:4e:ed:f9:96: 45:5f:27:7d:60:9a:a5:fa:ba:f3:8f:88:64:0e:0b:cc:ee:89: dc:78:0a:1e:60:49:c0:e9:46:95:57:12:86:6d:49:43:b3:c6: fb:0f:ab:7d:a0:90:4a:e6:1f:12:b4:17:86:4e:e0:b4:77:d5: 5c:70:ab:62 -----BEGIN CERTIFICATE----- MIIFoTCCBImgAwIBAgICBM4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Qjc3N0MxMTAvBgNVBAUTKDdFQkIzQjQxQzk3RjMzMTNGQUU3ODFFRjYzMzIzQzRB RjYyQjhGQjcwHhcNMjMxMTA3MDA1MjMwWhcNMjUwMzAyMDAwMDAwWjAYMRYwFAYD VQQDEw02NTQ5OGE0ZS02ZGRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAzGiye9+tj1jkFOlI/p+8Kc4Co86LzQpeqMU8kQpDBiEk00O0jqyBeKymdmV7 VxXyR85pXYwbNptS3jsK1ggp1TEegU9l7ip+zKRMeaFXyAxIYHxJOYKeRAVrD+EO cAvQtNvss2ZkUJPREEf+BbQJimArunMVk/5e4AofZEYeWHFqKSqQWmp82ixP3q3d heNnnTchqXmWhiyNirqUSh3mhnV2ImHfHMhX+rlwR8/SudOGIF1GkrztOylucD9X dHaCIm132OXCF9uUpV69IDKgdc3u+cw2TkNJPbir3OUPC3JkCuTtphwuLdLuOfie Jaxvgwk9jvfif/vpclF/PPRsKQIDAQABo4ICxTCCAsEwHQYDVR0OBBYEFLuXb8aA Vp2gw8fOrXNCCHUEFX6sMB8GA1UdIwQYMBaAFH67O0HJfzMT+ueB72MyPEr2K4+3 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNzc3Qy82Q0Q4MTMzQ0Iy REExMUVCOEIzODRBNjBDNEY5QUUwMi9mcnM3UWNsX014UDY1NEh2WXpJOFN2WXJq N2MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2ZyczdRY2xfTXhQNjU0SHZZekk4U3ZZcmo3Yy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx Qjc3N0MvNkNEODEzM0NCMkRBMTFFQjhCMzg0QTYwQzRGOUFFMDIvMTBCQkY2Q0VC MkU3MTFFQjhBNjFCNDRFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwTwYIKwYBBQUHAQcBAf8E QDA+MDwEAgABMDYDBAIr4FgDBAIr8mwDBAJnDDwDBAJnJhQDBAJnK2wDBAJnx5QD BAJnz0gDBAKJO1ADBALSEHwwDQYJKoZIhvcNAQELBQADggEBABYZIexXvwkwB3eA sjb+At+zDHz+UmeeR6qdUm87iOId5AgElsT6GB9Osyc9jS7XlwdoCedGJaeJ+8cw O2Rz6jOLFw5tUHUAJd8plKEkzucdRov1qLxwjPxka2Ce3TKeEZWtJEMFLOBFzeEl MbkPKK8aiYhWAlF/YIOY2ZQP5xyTT0ZWOOJxS+Pt0W0ysPTX2PAHtHEFgFI2VnkB es/kCWj+AE/2AVYUm3FCuM3ASCUmS7hEH7mzzGyHjW6/k8menEOwTu35lkVfJ31g mqX6uvOPiGQOC8zuidx4Ch5gScDpRpVXEoZtSUOzxvsPq32gkErmHxK0F4ZO4LR3 1Vxwq2I= -----END CERTIFICATE-----Generated at Thu Nov 21 00:21:23 2024 by rpki-client on console-fra.rpki-client.org