$ rpki-client -vvf rpki.apnic.net/member_repository/A91BF27F/9C3256A2E98F11E5B2ADC567C4F9AE02/431D19069E8211EAAD86AC51C4F9AE02.roa File: 431D19069E8211EAAD86AC51C4F9AE02.roa (raw, json) Hash identifier: P4AZv++I8EWWlQck4s2dxs4RaVdYX4EVzJLdNjcAR5E= Subject key identifier: 9F:B0:49:16:C6:E4:63:7E:24:F8:4C:C3:C6:81:98:27:AA:24:12:DE Certificate issuer: /CN=A91BF27F/serialNumber=59A64728EE01D6AE34FE77B01E8859C82097E57F Certificate serial: 2081 Authority key identifier: 59:A6:47:28:EE:01:D6:AE:34:FE:77:B0:1E:88:59:C8:20:97:E5:7F Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WaZHKO4B1q40_newHohZyCCX5X8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91BF27F/9C3256A2E98F11E5B2ADC567C4F9AE02/431D19069E8211EAAD86AC51C4F9AE02.roa Signing time: Tue 02 Apr 2024 16:53:28 +0000 ROA not before: Tue 02 Apr 2024 16:53:28 +0000 ROA not after: Wed 28 May 2025 00:00:00 +0000 asID: 38719 IP address blocks: 43.243.116.0/22 maxlen: 22 43.243.116.0/24 maxlen: 24 43.243.117.0/24 maxlen: 24 43.243.118.0/24 maxlen: 24 43.243.119.0/24 maxlen: 24 103.226.220.0/22 maxlen: 22 103.226.220.0/24 maxlen: 24 103.226.221.0/24 maxlen: 24 103.226.222.0/24 maxlen: 24 103.226.223.0/24 maxlen: 24 2404:8280::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91BF27F/9C3256A2E98F11E5B2ADC567C4F9AE02/WaZHKO4B1q40_newHohZyCCX5X8.crl rsync://rpki.apnic.net/member_repository/A91BF27F/9C3256A2E98F11E5B2ADC567C4F9AE02/WaZHKO4B1q40_newHohZyCCX5X8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WaZHKO4B1q40_newHohZyCCX5X8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Nov 2024 15:56:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8321 (0x2081) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91BF27F/serialNumber=59A64728EE01D6AE34FE77B01E8859C82097E57F Validity Not Before: Apr 2 16:53:28 2024 GMT Not After : May 28 00:00:00 2025 GMT Subject: CN=660c3807-0ca1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dc:51:3a:fd:30:32:d8:cb:e3:03:90:09:fa:5e: 80:b5:43:a6:5e:a6:5c:f3:34:36:96:55:f9:66:e3: ff:fc:8c:56:16:99:c1:29:48:9b:85:db:b1:98:fc: 30:8d:80:c3:fd:d5:79:42:2c:1c:68:15:14:17:d9: aa:bc:1f:62:20:a5:2e:ce:c8:84:bf:c7:93:56:03: 08:ec:5a:5d:17:94:4c:13:fd:12:98:be:26:79:29: ae:ca:d1:96:8d:29:56:30:c1:39:48:02:90:39:1d: 0d:3c:e8:0c:13:4a:a2:a5:1b:62:9b:cd:53:a1:f7: 6f:f8:de:4f:c0:4e:78:ca:c2:a8:87:2b:03:65:2e: 1a:3a:fd:a7:bf:52:e2:d0:6e:3f:06:dc:ca:80:9a: 71:b0:6f:b7:0e:65:75:e9:cb:75:88:91:94:4c:21: 48:87:69:2e:fd:c3:9d:03:d8:10:88:79:9a:29:eb: 38:4f:8f:67:b0:e7:31:64:78:b2:86:b7:43:70:00: 09:92:e5:4f:e1:66:af:3b:c9:d7:db:4f:55:4f:7c: bc:39:b7:02:71:b4:bc:a5:87:5f:a3:82:bc:45:80: b2:7a:5a:bb:fa:c5:83:7f:34:d2:89:c2:e1:59:9f: 34:2c:05:09:38:48:a0:15:10:c2:e5:66:c7:2d:5a: c8:59 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9F:B0:49:16:C6:E4:63:7E:24:F8:4C:C3:C6:81:98:27:AA:24:12:DE X509v3 Authority Key Identifier: keyid:59:A6:47:28:EE:01:D6:AE:34:FE:77:B0:1E:88:59:C8:20:97:E5:7F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91BF27F/9C3256A2E98F11E5B2ADC567C4F9AE02/WaZHKO4B1q40_newHohZyCCX5X8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WaZHKO4B1q40_newHohZyCCX5X8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BF27F/9C3256A2E98F11E5B2ADC567C4F9AE02/431D19069E8211EAAD86AC51C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.243.116.0/22 103.226.220.0/22 IPv6: 2404:8280::/32 Signature Algorithm: sha256WithRSAEncryption 1c:e7:3c:86:6b:02:a1:a9:de:26:9c:e4:bf:75:b0:ea:56:37: b4:0c:f9:cf:fe:42:81:dd:50:3f:c0:18:2f:d9:7f:e6:1c:aa: 4e:0f:77:66:81:24:92:f4:98:69:18:c5:a2:4e:86:db:40:50: 90:f3:cc:af:98:e4:65:b2:d6:3d:f6:6f:1b:56:a6:ff:22:56: b4:32:77:a5:19:6e:61:bc:26:87:88:a0:0a:bd:ca:a4:bd:51: 6d:89:fc:55:ee:a1:0b:bf:75:7a:88:58:8e:12:e9:bf:de:76: 0d:29:7b:3d:34:88:ae:7d:3a:e8:38:f3:40:95:f4:31:fc:07: 34:b4:b7:d2:e8:b6:9f:a4:e6:7a:90:55:8c:2d:7c:71:0a:48: 0f:e3:4b:aa:b4:c6:5a:42:0a:94:b1:c0:65:55:0a:14:42:ae: 61:1b:58:2d:77:65:e3:4d:33:10:0c:9c:44:9a:e9:78:77:d2: 8b:42:02:1b:35:19:8a:98:7b:1d:59:28:23:d6:e4:1f:0c:94: 79:47:f1:cd:a8:97:5a:30:2d:79:36:5d:ad:2b:29:f6:3f:63: 5a:d1:48:dd:43:8c:ce:0a:d5:09:bd:ed:ee:5c:69:b4:2e:08: 9b:b3:de:7a:16:f8:e1:c8:00:16:0d:1b:65:dc:b7:b8:26:44: 37:73:9b:51 -----BEGIN CERTIFICATE----- MIIFhjCCBG6gAwIBAgICIIEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QkYyN0YxMTAvBgNVBAUTKDU5QTY0NzI4RUUwMUQ2QUUzNEZFNzdCMDFFODg1OUM4 MjA5N0U1N0YwHhcNMjQwNDAyMTY1MzI4WhcNMjUwNTI4MDAwMDAwWjAYMRYwFAYD VQQDEw02NjBjMzgwNy0wY2ExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA3FE6/TAy2MvjA5AJ+l6AtUOmXqZc8zQ2llX5ZuP//IxWFpnBKUibhduxmPww jYDD/dV5QiwcaBUUF9mqvB9iIKUuzsiEv8eTVgMI7FpdF5RME/0SmL4meSmuytGW jSlWMME5SAKQOR0NPOgME0qipRtim81Tofdv+N5PwE54ysKohysDZS4aOv2nv1Li 0G4/BtzKgJpxsG+3DmV16ct1iJGUTCFIh2ku/cOdA9gQiHmaKes4T49nsOcxZHiy hrdDcAAJkuVP4WavO8nX209VT3y8ObcCcbS8pYdfo4K8RYCyelq7+sWDfzTSicLh WZ80LAUJOEigFRDC5WbHLVrIWQIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFJ+wSRbG 5GN+JPhMw8aBmCeqJBLeMB8GA1UdIwQYMBaAFFmmRyjuAdauNP53sB6IWcggl+V/ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCRjI3Ri85QzMyNTZBMkU5 OEYxMUU1QjJBREM1NjdDNEY5QUUwMi9XYVpIS080QjFxNDBfbmV3SG9oWnlDQ1g1 WDguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1dhWkhLTzRCMXE0MF9uZXdIb2haeUNDWDVYOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QkYyN0YvOUMzMjU2QTJFOThGMTFFNUIyQURDNTY3QzRGOUFFMDIvNDMxRDE5MDY5 RTgyMTFFQUFEODZBQzUxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E JTAjMBIEAgABMAwDBAIr83QDBAJn4twwDQQCAAIwBwMFACQEgoAwDQYJKoZIhvcN AQELBQADggEBABznPIZrAqGp3iac5L91sOpWN7QM+c/+QoHdUD/AGC/Zf+Ycqk4P d2aBJJL0mGkYxaJOhttAUJDzzK+Y5GWy1j32bxtWpv8iVrQyd6UZbmG8JoeIoAq9 yqS9UW2J/FXuoQu/dXqIWI4S6b/edg0pez00iK59Oug480CV9DH8BzS0t9Lotp+k 5nqQVYwtfHEKSA/jS6q0xlpCCpSxwGVVChRCrmEbWC13ZeNNMxAMnESa6Xh30otC Ahs1GYqYex1ZKCPW5B8MlHlH8c2ol1owLXk2Xa0rKfY/Y1rRSN1DjM4K1Qm97e5c abQuCJuz3noW+OHIABYNG2Xct7gmRDdzm1E= -----END CERTIFICATE-----Generated at Fri Nov 22 19:50:16 2024 by rpki-client on console-ams.rpki-client.org