$ rpki-client -vvf rpki.apnic.net/member_repository/A91B7B23/7545F03A97D311EEA23C660BC4F9AE02/C10CE08C97D311EE9299330CC4F9AE02.roa File: C10CE08C97D311EE9299330CC4F9AE02.roa (raw, json) Hash identifier: yAMy5FB24dlRlytngKwHIjnmCoA+51iB9Qs1Onhhgps= Subject key identifier: 01:69:D5:55:22:46:F8:E4:80:6F:51:05:74:F6:06:CD:1C:44:0E:75 Certificate issuer: /CN=A91B7B23/serialNumber=3A1A407471D1BF1CA1525F21F7DECF5A6A2A64D8 Certificate serial: 12 Authority key identifier: 3A:1A:40:74:71:D1:BF:1C:A1:52:5F:21:F7:DE:CF:5A:6A:2A:64:D8 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OhpAdHHRvxyhUl8h997PWmoqZNg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B7B23/7545F03A97D311EEA23C660BC4F9AE02/C10CE08C97D311EE9299330CC4F9AE02.roa Signing time: Sat 23 Dec 2023 07:18:15 +0000 ROA not before: Sat 23 Dec 2023 07:18:15 +0000 ROA not after: Sun 02 Mar 2025 00:00:00 +0000 asID: 38611 IP address blocks: 103.12.200.0/22 maxlen: 23 103.253.64.0/22 maxlen: 23 113.11.184.0/22 maxlen: 23 180.92.208.0/22 maxlen: 22 203.17.148.0/22 maxlen: 23 203.33.236.0/24 maxlen: 24 203.55.188.0/24 maxlen: 24 203.57.15.0/24 maxlen: 24 203.80.168.0/24 maxlen: 24 203.193.192.0/19 maxlen: 19 203.193.196.0/22 maxlen: 22 203.193.200.0/23 maxlen: 23 203.193.206.0/23 maxlen: 23 203.193.208.0/21 maxlen: 21 203.193.216.0/21 maxlen: 21 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B7B23/7545F03A97D311EEA23C660BC4F9AE02/OhpAdHHRvxyhUl8h997PWmoqZNg.crl rsync://rpki.apnic.net/member_repository/A91B7B23/7545F03A97D311EEA23C660BC4F9AE02/OhpAdHHRvxyhUl8h997PWmoqZNg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OhpAdHHRvxyhUl8h997PWmoqZNg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 30 Nov 2024 02:50:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 18 (0x12) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B7B23/serialNumber=3A1A407471D1BF1CA1525F21F7DECF5A6A2A64D8 Validity Not Before: Dec 23 07:18:15 2023 GMT Not After : Mar 2 00:00:00 2025 GMT Subject: CN=658689b7-07d5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:d6:83:03:dd:3d:24:27:06:ec:2a:01:a7:69: d6:c9:6f:47:5b:cf:83:b0:c4:d6:79:1c:14:d1:c2: c1:2b:e4:4c:9a:a7:df:35:61:96:e1:fb:e0:d2:89: 3b:06:ee:38:97:10:28:77:ec:c5:c8:97:63:e3:bd: 54:2b:2a:81:66:fe:54:a6:be:40:7d:7a:db:75:13: d3:37:8c:83:a4:94:0c:83:cd:53:cc:c3:ab:ad:bc: 07:38:34:fa:10:6a:b3:8a:01:28:81:9c:25:89:76: c3:c9:e2:30:9e:20:e8:1c:41:e5:f5:db:6d:e0:65: 96:1f:71:a2:78:d7:b3:36:b6:df:c7:a5:d0:b4:f0: 15:be:a2:2b:36:4f:3c:ae:f9:f7:b9:69:91:be:55: cb:16:06:06:a6:f7:14:7b:08:7c:2c:d5:a8:26:7e: 25:a2:95:5c:60:e5:ef:d2:98:2b:98:b2:28:63:d4: 70:28:b8:ec:78:71:b6:d2:d5:a4:38:00:1e:47:a2: 79:a4:0d:b7:a1:1d:b2:60:9a:45:45:de:31:df:72: f4:b4:98:ab:c0:f4:25:30:12:82:d1:75:b6:00:82: fe:bd:cd:69:7c:90:2b:d1:da:78:c9:71:2b:c0:b4: fc:16:51:87:af:3c:0e:51:93:d5:8f:e6:40:4c:ca: 5b:67 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 01:69:D5:55:22:46:F8:E4:80:6F:51:05:74:F6:06:CD:1C:44:0E:75 X509v3 Authority Key Identifier: keyid:3A:1A:40:74:71:D1:BF:1C:A1:52:5F:21:F7:DE:CF:5A:6A:2A:64:D8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B7B23/7545F03A97D311EEA23C660BC4F9AE02/OhpAdHHRvxyhUl8h997PWmoqZNg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OhpAdHHRvxyhUl8h997PWmoqZNg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B7B23/7545F03A97D311EEA23C660BC4F9AE02/C10CE08C97D311EE9299330CC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.12.200.0/22 103.253.64.0/22 113.11.184.0/22 180.92.208.0/22 203.17.148.0/22 203.33.236.0/24 203.55.188.0/24 203.57.15.0/24 203.80.168.0/24 203.193.192.0/19 Signature Algorithm: sha256WithRSAEncryption 15:4f:df:c7:4d:d6:d7:9c:d1:22:de:e0:02:a7:b7:b9:05:e9: 49:9c:8d:6e:58:29:f6:c1:46:d1:cb:5f:98:5c:ad:03:96:44: 78:87:56:92:d4:64:37:fe:a7:31:1d:61:fe:02:df:94:c6:2d: 04:65:d4:a1:db:62:57:bd:1b:9c:0e:8e:3e:96:eb:8e:15:df: 5c:92:be:cc:0d:ea:07:65:d4:59:cd:14:09:80:ff:0b:4a:05: a2:95:67:cb:16:e9:f9:56:4e:b7:ec:9c:3d:0b:4c:6c:66:22: e4:62:99:f4:e2:65:53:37:cb:48:83:bc:46:3a:eb:86:e4:4e: 91:6c:b2:ae:b5:99:af:ad:0d:07:e3:48:fb:10:7d:48:e0:82: e6:17:ad:1f:7f:57:c0:bc:63:a2:45:ac:cb:1d:0c:d3:db:c2: eb:7c:e7:dc:4f:c9:f9:a1:f1:be:74:54:79:1a:06:57:49:94: 17:f9:94:02:d0:d4:6b:f7:75:23:7a:f0:40:ec:c7:6f:77:f1: bb:29:85:8e:d0:7a:ad:c1:76:3c:88:ab:2a:82:0d:6c:9e:d1: de:3a:0b:1f:ea:06:42:8d:d8:05:04:ee:d6:38:fe:75:6b:a8: 62:a1:e5:b2:bf:ab:28:d2:59:f9:44:81:93:50:65:9a:86:61: 19:94:81:ff -----BEGIN CERTIFICATE----- MIIFpjCCBI6gAwIBAgIBEjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFC N0IyMzExMC8GA1UEBRMoM0ExQTQwNzQ3MUQxQkYxQ0ExNTI1RjIxRjdERUNGNUE2 QTJBNjREODAeFw0yMzEyMjMwNzE4MTVaFw0yNTAzMDIwMDAwMDBaMBgxFjAUBgNV BAMTDTY1ODY4OWI3LTA3ZDUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQC+1oMD3T0kJwbsKgGnadbJb0dbz4OwxNZ5HBTRwsEr5Eyap981YZbh++DSiTsG 7jiXECh37MXIl2PjvVQrKoFm/lSmvkB9ett1E9M3jIOklAyDzVPMw6utvAc4NPoQ arOKASiBnCWJdsPJ4jCeIOgcQeX1223gZZYfcaJ417M2tt/HpdC08BW+ois2Tzyu +fe5aZG+VcsWBgam9xR7CHws1agmfiWilVxg5e/SmCuYsihj1HAouOx4cbbS1aQ4 AB5HonmkDbehHbJgmkVF3jHfcvS0mKvA9CUwEoLRdbYAgv69zWl8kCvR2njJcSvA tPwWUYevPA5Rk9WP5kBMyltnAgMBAAGjggLLMIICxzAdBgNVHQ4EFgQUAWnVVSJG +OSAb1EFdPYGzRxEDnUwHwYDVR0jBBgwFoAUOhpAdHHRvxyhUl8h997PWmoqZNgw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUI3QjIzLzc1NDVGMDNBOTdE MzExRUVBMjNDNjYwQkM0RjlBRTAyL09ocEFkSEhSdnh5aFVsOGg5OTdQV21vcVpO Zy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvT2hwQWRISFJ2eHloVWw4aDk5N1BXbW9xWk5nLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC N0IyMy83NTQ1RjAzQTk3RDMxMUVFQTIzQzY2MEJDNEY5QUUwMi9DMTBDRTA4Qzk3 RDMxMUVFOTI5OTMzMENDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDBVBggrBgEFBQcBBwEB/wRG MEQwQgQCAAEwPAMEAmcMyAMEAmf9QAMEAnELuAMEArRc0AMEAssRlAMEAMsh7AME AMs3vAMEAMs5DwMEAMtQqAMEBcvBwDANBgkqhkiG9w0BAQsFAAOCAQEAFU/fx03W 15zRIt7gAqe3uQXpSZyNblgp9sFG0ctfmFytA5ZEeIdWktRkN/6nMR1h/gLflMYt BGXUodtiV70bnA6OPpbrjhXfXJK+zA3qB2XUWc0UCYD/C0oFopVnyxbp+VZOt+yc PQtMbGYi5GKZ9OJlUzfLSIO8RjrrhuROkWyyrrWZr60NB+NI+xB9SOCC5hetH39X wLxjokWsyx0M09vC63zn3E/J+aHxvnRUeRoGV0mUF/mUAtDUa/d1I3rwQOzHb3fx uymFjtB6rcF2PIirKoINbJ7R3joLH+oGQo3YBQTu1jj+dWuoYqHlsr+rKNJZ+USB k1BlmoZhGZSB/w== -----END CERTIFICATE-----Generated at Sat Nov 23 05:02:55 2024 by rpki-client on console-fra.rpki-client.org