$ rpki-client -vvf rpki.apnic.net/member_repository/A91BABFD/895A49506D8911EE82A1F680C4F9AE02/E0E9B1966D8A11EEB33A1E83C4F9AE02.roa File: E0E9B1966D8A11EEB33A1E83C4F9AE02.roa (raw, json) Hash identifier: YEagGQfd4UV4nz53l/WybeYAt4w6+zm6QyFgV48pGBc= Subject key identifier: E8:E4:B0:4F:37:D5:CB:48:47:E1:78:7E:34:C6:96:8E:C0:01:2C:19 Certificate issuer: /CN=A91BABFD/serialNumber=217DA2908C75475DBDCDAA70E36B9B40D4912EDD Certificate serial: C8 Authority key identifier: 21:7D:A2:90:8C:75:47:5D:BD:CD:AA:70:E3:6B:9B:40:D4:91:2E:DD Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IX2ikIx1R129zapw42ubQNSRLt0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91BABFD/895A49506D8911EE82A1F680C4F9AE02/E0E9B1966D8A11EEB33A1E83C4F9AE02.roa Signing time: Fri 25 Oct 2024 04:48:30 +0000 ROA not before: Fri 25 Oct 2024 04:48:30 +0000 ROA not after: Tue 30 Dec 2025 00:00:00 +0000 asID: 16509 IP address blocks: 103.172.192.0/24 maxlen: 24 2001:df2:f8c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91BABFD/895A49506D8911EE82A1F680C4F9AE02/IX2ikIx1R129zapw42ubQNSRLt0.crl rsync://rpki.apnic.net/member_repository/A91BABFD/895A49506D8911EE82A1F680C4F9AE02/IX2ikIx1R129zapw42ubQNSRLt0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IX2ikIx1R129zapw42ubQNSRLt0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 28 Nov 2024 03:50:47 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 200 (0xc8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91BABFD/serialNumber=217DA2908C75475DBDCDAA70E36B9B40D4912EDD Validity Not Before: Oct 25 04:48:30 2024 GMT Not After : Dec 30 00:00:00 2025 GMT Subject: CN=671b231e-88a0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e1:b8:7d:59:a0:b2:71:47:28:7a:f2:8a:af:58: 04:46:8e:11:8b:7c:02:e3:0c:d0:f8:37:ea:15:36: c7:76:1a:78:a4:2c:09:50:f4:a9:f8:90:2d:ca:b9: e1:e0:63:74:6b:c2:7c:8a:bb:70:b1:5f:16:a1:f3: 53:4c:e4:18:9d:e8:ce:bb:ef:05:f9:70:3c:f2:73: 1e:f0:71:81:51:97:3d:40:40:f6:b6:c2:55:f5:68: f3:a3:2a:12:a5:a4:4d:65:75:19:1d:03:dc:a2:ec: 4d:3e:13:36:ca:30:f5:5f:33:af:ef:f3:e3:24:fa: ae:0f:eb:da:b0:2d:46:2a:53:c7:90:82:44:18:fd: 09:84:d4:c1:57:3d:d1:9d:92:c2:6d:6c:02:d5:4b: 3e:59:b7:d5:8d:4f:16:f5:a9:d1:17:47:f5:49:6e: 11:47:b6:94:81:0b:52:29:76:4e:4a:2e:a2:76:d2: 3c:ca:f0:52:c4:ee:1c:e0:0e:cf:a4:20:19:e1:16: be:02:a4:dd:e0:7b:87:eb:d2:a2:06:a7:41:fc:58: 50:e4:eb:ea:18:30:9e:e3:c7:64:20:95:24:b9:78: 4b:20:5b:25:da:24:1a:fa:8d:b7:41:8b:17:e6:11: b9:f2:96:da:39:06:da:d9:4f:5b:00:ea:83:13:ce: b3:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E8:E4:B0:4F:37:D5:CB:48:47:E1:78:7E:34:C6:96:8E:C0:01:2C:19 X509v3 Authority Key Identifier: keyid:21:7D:A2:90:8C:75:47:5D:BD:CD:AA:70:E3:6B:9B:40:D4:91:2E:DD X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91BABFD/895A49506D8911EE82A1F680C4F9AE02/IX2ikIx1R129zapw42ubQNSRLt0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IX2ikIx1R129zapw42ubQNSRLt0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BABFD/895A49506D8911EE82A1F680C4F9AE02/E0E9B1966D8A11EEB33A1E83C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.172.192.0/24 IPv6: 2001:df2:f8c0::/48 Signature Algorithm: sha256WithRSAEncryption 42:ec:a1:11:68:3a:2c:19:3a:d0:9a:26:39:1b:c8:c9:48:b2: f8:3d:97:ea:5d:7d:54:01:0e:c1:d0:03:9b:9b:89:75:36:0d: 0d:3f:33:d1:d2:62:ce:07:c1:77:4d:c2:8e:6b:12:ab:3c:cd: 07:8d:02:8a:cc:46:e3:04:7e:8f:61:e0:db:d7:6d:c4:73:28: 89:df:8f:be:f1:21:c4:d5:8c:f3:25:06:cd:27:3a:c4:38:45: 65:a9:4a:30:44:d7:38:b7:f2:d3:ae:22:17:ff:71:64:aa:3b: 7c:8f:05:07:0d:85:7d:7b:43:5a:2a:b2:8c:af:25:45:81:f0: b1:34:e1:7d:64:53:9d:5d:2c:59:fe:07:fa:6d:8d:71:ed:25: 4c:87:58:b2:92:bf:d4:ec:c3:84:ef:ee:71:f9:a4:07:07:eb: ee:c8:f2:da:17:d3:9d:fd:2d:e7:e1:0e:d7:2d:84:7a:58:51: 2d:64:58:56:37:81:5d:db:88:a1:3c:17:48:dd:7f:65:ac:2c: 51:d7:b1:ad:1c:ce:2d:a3:b2:c0:40:94:30:a7:85:fd:0e:5c: 17:ef:7f:38:5e:ef:4b:a4:2e:92:67:b8:86:b8:af:e6:d8:58: cd:4c:31:bf:c6:4b:d3:4f:8f:c0:0a:7a:30:48:28:d4:e4:c0: 97:49:b5:f6 -----BEGIN CERTIFICATE----- MIIFgjCCBGqgAwIBAgICAMgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QkFCRkQxMTAvBgNVBAUTKDIxN0RBMjkwOEM3NTQ3NURCRENEQUE3MEUzNkI5QjQw RDQ5MTJFREQwHhcNMjQxMDI1MDQ0ODMwWhcNMjUxMjMwMDAwMDAwWjAYMRYwFAYD VQQDEw02NzFiMjMxZS04OGEwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA4bh9WaCycUcoevKKr1gERo4Ri3wC4wzQ+DfqFTbHdhp4pCwJUPSp+JAtyrnh 4GN0a8J8irtwsV8WofNTTOQYnejOu+8F+XA88nMe8HGBUZc9QED2tsJV9WjzoyoS paRNZXUZHQPcouxNPhM2yjD1XzOv7/PjJPquD+vasC1GKlPHkIJEGP0JhNTBVz3R nZLCbWwC1Us+WbfVjU8W9anRF0f1SW4RR7aUgQtSKXZOSi6idtI8yvBSxO4c4A7P pCAZ4Ra+AqTd4HuH69KiBqdB/FhQ5OvqGDCe48dkIJUkuXhLIFsl2iQa+o23QYsX 5hG58pbaOQba2U9bAOqDE86zRQIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFOjksE83 1ctIR+F4fjTGlo7AASwZMB8GA1UdIwQYMBaAFCF9opCMdUddvc2qcONrm0DUkS7d MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCQUJGRC84OTVBNDk1MDZE ODkxMUVFODJBMUY2ODBDNEY5QUUwMi9JWDJpa0l4MVIxMjl6YXB3NDJ1YlFOU1JM dDAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0lYMmlrSXgxUjEyOXphcHc0MnViUU5TUkx0MC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QkFCRkQvODk1QTQ5NTA2RDg5MTFFRTgyQTFGNjgwQzRGOUFFMDIvRTBFOUIxOTY2 RDhBMTFFRUIzM0ExRTgzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E ITAfMAwEAgABMAYDBABnrMAwDwQCAAIwCQMHACABDfL4wDANBgkqhkiG9w0BAQsF AAOCAQEAQuyhEWg6LBk60JomORvIyUiy+D2X6l19VAEOwdADm5uJdTYNDT8z0dJi zgfBd03CjmsSqzzNB40CisxG4wR+j2Hg29dtxHMoid+PvvEhxNWM8yUGzSc6xDhF ZalKMETXOLfy064iF/9xZKo7fI8FBw2FfXtDWiqyjK8lRYHwsTThfWRTnV0sWf4H +m2Nce0lTIdYspK/1OzDhO/ucfmkBwfr7sjy2hfTnf0t5+EO1y2EelhRLWRYVjeB XduIoTwXSN1/ZawsUdexrRzOLaOywECUMKeF/Q5cF+9/OF7vS6Qukme4hriv5thY zUwxv8ZL00+PwAp6MEgo1OTAl0m19g== -----END CERTIFICATE-----Generated at Thu Nov 21 05:37:16 2024 by rpki-client on console-ams.rpki-client.org