$ rpki-client -vvf rpki.apnic.net/member_repository/A91BDE68/80B2F3F815EA11E8A7353613C4F9AE02/1F8AECC6EF8411EBB4E00D4DC4F9AE02.roa File: 1F8AECC6EF8411EBB4E00D4DC4F9AE02.roa (raw, json) Hash identifier: V1SwqzHI+ZNQe6jN+twymLot2bdeSiq+QMKz3KdM7RM= Subject key identifier: 1B:BE:35:EC:26:C8:C3:60:AF:73:E5:3B:F6:1B:24:0D:05:3E:76:04 Certificate issuer: /CN=A91BDE68/serialNumber=2688D48E342192B5FDA8DB6DAD62CC15C87503FA Certificate serial: 15D8 Authority key identifier: 26:88:D4:8E:34:21:92:B5:FD:A8:DB:6D:AD:62:CC:15:C8:75:03:FA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JojUjjQhkrX9qNttrWLMFch1A_o.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91BDE68/80B2F3F815EA11E8A7353613C4F9AE02/1F8AECC6EF8411EBB4E00D4DC4F9AE02.roa Signing time: Mon 18 Nov 2024 17:04:56 +0000 ROA not before: Mon 18 Nov 2024 17:04:56 +0000 ROA not after: Tue 30 Dec 2025 00:00:00 +0000 asID: 137080 IP address blocks: 103.104.28.0/22 maxlen: 24 103.106.146.0/23 maxlen: 24 2401:ff40::/32 maxlen: 32 2401:ff40:5000::/44 maxlen: 44 2401:ff40:5040::/44 maxlen: 44 2401:ff40:e000::/44 maxlen: 44 2401:ff40:e040::/44 maxlen: 44 2401:ff40:f000::/44 maxlen: 44 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91BDE68/80B2F3F815EA11E8A7353613C4F9AE02/JojUjjQhkrX9qNttrWLMFch1A_o.crl rsync://rpki.apnic.net/member_repository/A91BDE68/80B2F3F815EA11E8A7353613C4F9AE02/JojUjjQhkrX9qNttrWLMFch1A_o.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JojUjjQhkrX9qNttrWLMFch1A_o.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Nov 2024 16:30:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5592 (0x15d8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91BDE68/serialNumber=2688D48E342192B5FDA8DB6DAD62CC15C87503FA Validity Not Before: Nov 18 17:04:56 2024 GMT Not After : Dec 30 00:00:00 2025 GMT Subject: CN=673b73b8-f34c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d9:5e:70:69:cc:bb:8e:f9:3c:c9:77:5c:d6:0b: 28:d3:5c:a1:b3:7d:ff:33:45:fc:c7:f8:42:4d:7d: 2f:c7:9a:03:8b:39:0a:0f:f8:eb:0d:cc:72:7e:7b: e4:36:b1:29:65:a4:ab:b8:d7:4a:73:02:00:0e:b9: 22:51:e0:9e:ac:86:7c:08:b8:59:b0:74:2c:e4:35: 0a:83:1f:cb:d9:b5:90:a0:8d:e8:c5:34:5a:29:94: 32:ac:91:18:09:5a:f0:be:c3:13:6d:77:c9:cc:8f: f2:9d:9d:64:4f:49:52:9a:49:c7:1a:4e:b7:cf:5c: 78:c3:3b:3e:c5:f9:57:d6:2a:ec:09:b2:32:6e:02: d3:88:c9:89:b4:41:d0:34:30:cb:60:bd:60:b8:f3: da:1d:02:01:42:0c:5a:27:5c:42:77:cf:4d:b5:22: 5e:4c:24:66:62:e6:cb:e5:f4:8d:2c:8b:19:ab:5a: 97:1a:28:03:0e:a2:04:73:86:33:e7:7d:3d:01:bb: 38:39:22:a6:ca:92:60:43:7a:4a:03:27:25:02:ec: bb:07:6e:29:50:54:69:b1:1a:be:70:d5:c2:b8:74: 28:82:83:7d:57:51:c5:e0:06:18:cc:58:22:69:02: dc:a1:52:db:a3:bc:ba:e8:cc:04:bd:bb:8a:5e:b3: 70:89 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1B:BE:35:EC:26:C8:C3:60:AF:73:E5:3B:F6:1B:24:0D:05:3E:76:04 X509v3 Authority Key Identifier: keyid:26:88:D4:8E:34:21:92:B5:FD:A8:DB:6D:AD:62:CC:15:C8:75:03:FA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91BDE68/80B2F3F815EA11E8A7353613C4F9AE02/JojUjjQhkrX9qNttrWLMFch1A_o.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JojUjjQhkrX9qNttrWLMFch1A_o.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BDE68/80B2F3F815EA11E8A7353613C4F9AE02/1F8AECC6EF8411EBB4E00D4DC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.104.28.0/22 103.106.146.0/23 IPv6: 2401:ff40::/32 Signature Algorithm: sha256WithRSAEncryption 4b:29:26:2c:4f:19:97:a1:2e:a7:52:5e:fd:26:35:0e:ac:dd: 13:98:d3:93:c3:35:08:87:b5:69:ac:4c:4b:3a:14:2b:d1:8b: a2:24:d2:05:d3:fc:d5:c9:86:11:f8:63:53:bd:53:6a:47:cb: fc:4b:b7:24:a4:9b:2b:a9:4e:2d:26:42:8e:27:d6:c4:2f:60: a2:a5:b6:65:68:93:74:a0:2a:26:bb:30:97:d9:47:70:17:a3: aa:c0:81:d8:40:41:58:28:87:1f:e4:36:be:69:bf:6e:02:f3: 4a:0e:85:53:89:ba:22:ab:b0:72:d9:9f:ae:d7:55:96:50:13: 0a:ee:71:39:c6:48:57:28:75:3d:49:e8:aa:22:4b:19:00:8e: 77:40:7f:18:bb:89:20:24:eb:95:40:1e:c6:e3:9c:23:a7:a9: 79:ad:7b:83:e5:d6:ed:79:e8:7f:f7:49:f5:64:87:50:e1:28: 39:67:9e:bd:d2:ce:58:4a:53:c5:31:e9:fe:dc:de:94:58:70: 3c:5e:66:6a:77:8b:e9:3d:d7:f2:33:bd:e3:61:c4:e8:7c:fc: 68:25:7a:5c:d6:89:3b:07:a8:d3:e9:49:3c:ea:be:42:a7:3b: eb:94:4f:b5:ec:93:0d:93:97:de:ed:4e:22:ad:7c:f8:0a:2e: 15:93:a7:64 -----BEGIN CERTIFICATE----- MIIFhjCCBG6gAwIBAgICFdgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QkRFNjgxMTAvBgNVBAUTKDI2ODhENDhFMzQyMTkyQjVGREE4REI2REFENjJDQzE1 Qzg3NTAzRkEwHhcNMjQxMTE4MTcwNDU2WhcNMjUxMjMwMDAwMDAwWjAYMRYwFAYD VQQDEw02NzNiNzNiOC1mMzRjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA2V5wacy7jvk8yXdc1gso01yhs33/M0X8x/hCTX0vx5oDizkKD/jrDcxyfnvk NrEpZaSruNdKcwIADrkiUeCerIZ8CLhZsHQs5DUKgx/L2bWQoI3oxTRaKZQyrJEY CVrwvsMTbXfJzI/ynZ1kT0lSmknHGk63z1x4wzs+xflX1irsCbIybgLTiMmJtEHQ NDDLYL1guPPaHQIBQgxaJ1xCd89NtSJeTCRmYubL5fSNLIsZq1qXGigDDqIEc4Yz 5309Abs4OSKmypJgQ3pKAyclAuy7B24pUFRpsRq+cNXCuHQogoN9V1HF4AYYzFgi aQLcoVLbo7y66MwEvbuKXrNwiQIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFBu+Newm yMNgr3PlO/YbJA0FPnYEMB8GA1UdIwQYMBaAFCaI1I40IZK1/ajbba1izBXIdQP6 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCREU2OC84MEIyRjNGODE1 RUExMUU4QTczNTM2MTNDNEY5QUUwMi9Kb2pVampRaGtyWDlxTnR0cldMTUZjaDFB X28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0pvalVqalFoa3JYOXFOdHRyV0xNRmNoMUFfby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QkRFNjgvODBCMkYzRjgxNUVBMTFFOEE3MzUzNjEzQzRGOUFFMDIvMUY4QUVDQzZF Rjg0MTFFQkI0RTAwRDREQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E JTAjMBIEAgABMAwDBAJnaBwDBAFnapIwDQQCAAIwBwMFACQB/0AwDQYJKoZIhvcN AQELBQADggEBAEspJixPGZehLqdSXv0mNQ6s3ROY05PDNQiHtWmsTEs6FCvRi6Ik 0gXT/NXJhhH4Y1O9U2pHy/xLtySkmyupTi0mQo4n1sQvYKKltmVok3SgKia7MJfZ R3AXo6rAgdhAQVgohx/kNr5pv24C80oOhVOJuiKrsHLZn67XVZZQEwrucTnGSFco dT1J6KoiSxkAjndAfxi7iSAk65VAHsbjnCOnqXmte4Pl1u156H/3SfVkh1DhKDln nr3SzlhKU8Ux6f7c3pRYcDxeZmp3i+k91/IzveNhxOh8/GglelzWiTsHqNPpSTzq vkKnO+uUT7Xskw2Tl97tTiKtfPgKLhWTp2Q= -----END CERTIFICATE-----Generated at Fri Nov 22 17:56:20 2024 by rpki-client on console-fra.rpki-client.org