$ rpki-client -vvf rpki.apnic.net/member_repository/A91BE1BC/896C6C4846CE11E992850A3CC4F9AE02/58FDD2EA10C211EA977E7378C4F9AE02.roa File: 58FDD2EA10C211EA977E7378C4F9AE02.roa (raw, json) Hash identifier: tN1EHa1UYeXagc4zmtE102yqFtWAzIXQIzUc6GH+XWc= Subject key identifier: 70:B4:E2:F7:46:2E:E2:A8:68:BA:1C:13:16:CE:89:9A:09:FB:79:F6 Certificate issuer: /CN=A91BE1BC/serialNumber=429E9BDDA296620003CEC5EFABB823D303FE4F71 Certificate serial: 0F26 Authority key identifier: 42:9E:9B:DD:A2:96:62:00:03:CE:C5:EF:AB:B8:23:D3:03:FE:4F:71 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Qp6b3aKWYgADzsXvq7gj0wP-T3E.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91BE1BC/896C6C4846CE11E992850A3CC4F9AE02/58FDD2EA10C211EA977E7378C4F9AE02.roa Signing time: Fri 26 Jan 2024 18:06:15 +0000 ROA not before: Fri 26 Jan 2024 18:06:15 +0000 ROA not after: Mon 31 Mar 2025 00:00:00 +0000 asID: 9587 IP address blocks: 103.26.20.0/22 maxlen: 22 103.26.22.0/24 maxlen: 24 103.26.23.0/24 maxlen: 24 124.40.224.0/20 maxlen: 20 124.40.230.0/24 maxlen: 24 124.40.231.0/24 maxlen: 24 124.40.233.0/24 maxlen: 24 124.40.234.0/24 maxlen: 24 124.40.235.0/24 maxlen: 24 124.40.238.0/24 maxlen: 24 2407:ed00::/32 maxlen: 32 2407:ed00:1000::/36 maxlen: 36 2407:ed00:1e00::/40 maxlen: 40 2407:ed00:1eff::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91BE1BC/896C6C4846CE11E992850A3CC4F9AE02/Qp6b3aKWYgADzsXvq7gj0wP-T3E.crl rsync://rpki.apnic.net/member_repository/A91BE1BC/896C6C4846CE11E992850A3CC4F9AE02/Qp6b3aKWYgADzsXvq7gj0wP-T3E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Qp6b3aKWYgADzsXvq7gj0wP-T3E.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 27 May 2024 18:14:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3878 (0xf26) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91BE1BC/serialNumber=429E9BDDA296620003CEC5EFABB823D303FE4F71 Validity Not Before: Jan 26 18:06:15 2024 GMT Not After : Mar 31 00:00:00 2025 GMT Subject: CN=65b3f497-605c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9f:16:9e:7b:f3:8f:00:4a:e8:9c:cb:c1:dc:dd: 35:30:be:cf:49:7c:f6:b5:dd:49:13:a8:6e:59:19: 7f:7b:ce:b7:fc:f8:7d:e2:21:54:86:98:48:08:68: 81:0b:7a:9a:09:9e:21:51:e4:5a:fc:d3:71:87:80: ef:ee:1b:17:8b:48:1d:6f:fe:5b:e4:b4:83:44:ba: ec:8f:a1:15:0c:72:cc:56:e2:75:03:d9:9c:b2:89: 2c:e2:74:c1:30:82:b5:51:51:02:a5:7e:af:13:92: 95:3f:dd:ce:4e:fc:4a:74:11:83:66:ff:b7:ac:b6: b1:b0:2e:42:49:91:b5:5d:fb:d1:83:b3:bb:5b:15: 97:1a:a3:7e:86:29:9e:ed:f8:f1:21:45:f7:4b:cc: 1d:f4:74:fa:1f:32:72:56:22:52:89:ec:f1:4e:d1: 00:22:9d:e5:db:4b:a3:80:60:a0:f1:7a:d8:0e:2f: b3:5d:25:38:60:60:f5:a9:3c:a6:67:18:11:23:7d: d0:93:46:eb:b5:10:59:d4:a5:f3:fe:7e:96:3f:32: 47:20:af:5f:48:a3:71:c3:38:d4:92:a7:63:e7:3a: b1:02:ad:e0:31:85:f3:38:2e:24:dd:00:2c:18:34: 53:e8:7a:93:68:a5:8e:9f:22:2a:dd:c6:32:fa:39: d6:c3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 70:B4:E2:F7:46:2E:E2:A8:68:BA:1C:13:16:CE:89:9A:09:FB:79:F6 X509v3 Authority Key Identifier: keyid:42:9E:9B:DD:A2:96:62:00:03:CE:C5:EF:AB:B8:23:D3:03:FE:4F:71 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91BE1BC/896C6C4846CE11E992850A3CC4F9AE02/Qp6b3aKWYgADzsXvq7gj0wP-T3E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Qp6b3aKWYgADzsXvq7gj0wP-T3E.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BE1BC/896C6C4846CE11E992850A3CC4F9AE02/58FDD2EA10C211EA977E7378C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.26.20.0/22 124.40.224.0/20 IPv6: 2407:ed00::/32 Signature Algorithm: sha256WithRSAEncryption b6:8d:45:0f:5e:c3:84:ad:6e:17:6c:03:e2:37:c4:15:ab:a6: 09:bc:b1:87:3c:5b:27:1d:14:95:11:e8:89:a9:38:29:a3:89: f8:0f:6f:6e:f1:c9:92:71:3b:4f:e4:bd:34:39:fc:d3:25:d0: 74:f1:a6:02:09:e9:68:c2:c0:b9:04:d3:40:e7:27:e5:36:b9: 2c:10:2e:f1:85:37:bb:0f:e9:c2:f5:21:be:0a:e0:86:90:77: 50:5a:dc:e6:96:35:79:3d:11:ef:e2:68:7b:f9:40:96:5d:9b: 52:84:ce:ca:27:32:e1:75:71:e6:08:45:1e:49:87:ae:c0:bc: 75:e3:af:b4:2e:aa:08:ef:5d:b3:70:97:0b:0d:4f:54:e2:07: ed:88:52:cd:31:02:91:04:ab:7d:3c:f1:1d:7a:1f:08:cd:19: 6c:e7:c6:50:e2:a9:6e:d9:0c:fc:6d:ad:87:3b:c7:c0:43:1a: af:1f:8d:47:f9:4d:9b:c3:c8:e2:92:2b:01:7a:f2:c6:d6:d1: 73:bc:78:5e:07:71:d1:34:44:4d:d8:d6:4c:bc:13:f0:d3:40: 82:26:4d:9d:1c:aa:72:62:cc:2f:f5:3f:e8:9d:44:d3:03:25: 1f:30:0e:4d:c8:15:d0:71:d8:80:ab:6e:1c:c6:90:c2:81:51: 31:d9:d9:90 -----BEGIN CERTIFICATE----- MIIFhjCCBG6gAwIBAgICDyYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QkUxQkMxMTAvBgNVBAUTKDQyOUU5QkREQTI5NjYyMDAwM0NFQzVFRkFCQjgyM0Qz MDNGRTRGNzEwHhcNMjQwMTI2MTgwNjE1WhcNMjUwMzMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NWIzZjQ5Ny02MDVjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAnxaee/OPAEronMvB3N01ML7PSXz2td1JE6huWRl/e863/Ph94iFUhphICGiB C3qaCZ4hUeRa/NNxh4Dv7hsXi0gdb/5b5LSDRLrsj6EVDHLMVuJ1A9mcsoks4nTB MIK1UVECpX6vE5KVP93OTvxKdBGDZv+3rLaxsC5CSZG1XfvRg7O7WxWXGqN+hime 7fjxIUX3S8wd9HT6HzJyViJSiezxTtEAIp3l20ujgGCg8XrYDi+zXSU4YGD1qTym ZxgRI33Qk0brtRBZ1KXz/n6WPzJHIK9fSKNxwzjUkqdj5zqxAq3gMYXzOC4k3QAs GDRT6HqTaKWOnyIq3cYy+jnWwwIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFHC04vdG LuKoaLocExbOiZoJ+3n2MB8GA1UdIwQYMBaAFEKem92ilmIAA87F76u4I9MD/k9x MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCRTFCQy84OTZDNkM0ODQ2 Q0UxMUU5OTI4NTBBM0NDNEY5QUUwMi9RcDZiM2FLV1lnQUR6c1h2cTdnajB3UC1U M0UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1FwNmIzYUtXWWdBRHpzWHZxN2dqMHdQLVQzRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QkUxQkMvODk2QzZDNDg0NkNFMTFFOTkyODUwQTNDQzRGOUFFMDIvNThGREQyRUEx MEMyMTFFQTk3N0U3Mzc4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E JTAjMBIEAgABMAwDBAJnGhQDBAR8KOAwDQQCAAIwBwMFACQH7QAwDQYJKoZIhvcN AQELBQADggEBALaNRQ9ew4StbhdsA+I3xBWrpgm8sYc8WycdFJUR6ImpOCmjifgP b27xyZJxO0/kvTQ5/NMl0HTxpgIJ6WjCwLkE00DnJ+U2uSwQLvGFN7sP6cL1Ib4K 4IaQd1Ba3OaWNXk9Ee/iaHv5QJZdm1KEzsonMuF1ceYIRR5Jh67AvHXjr7Quqgjv XbNwlwsNT1TiB+2IUs0xApEEq3088R16HwjNGWznxlDiqW7ZDPxtrYc7x8BDGq8f jUf5TZvDyOKSKwF68sbW0XO8eF4HcdE0RE3Y1ky8E/DTQIImTZ0cqnJizC/1P+id RNMDJR8wDk3IFdBx2ICrbhzGkMKBUTHZ2ZA= -----END CERTIFICATE-----Generated at Mon May 20 19:59:48 2024 by rpki-client on console-ams.rpki-client.org