$ rpki-client -vvf rpki.apnic.net/member_repository/A91C0BE1/E46FF490AE2B11EB95627F82C4F9AE02/0C3EAFF6F84111EC926CBF53C4F9AE02.roa File: 0C3EAFF6F84111EC926CBF53C4F9AE02.roa (raw, json) Hash identifier: gGaPSZTXBZeyhBvTnRDrA4x3lhLiqzg2ne+ktqQeFQM= Subject key identifier: AF:50:C2:43:A8:74:79:9C:DC:3B:E4:A2:FE:67:71:3B:49:CA:CA:1E Certificate issuer: /CN=A91C0BE1/serialNumber=AA21B690C1D63CBF441AA3BD117ED8B786882229 Certificate serial: 0587 Authority key identifier: AA:21:B6:90:C1:D6:3C:BF:44:1A:A3:BD:11:7E:D8:B7:86:88:22:29 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qiG2kMHWPL9EGqO9EX7Yt4aIIik.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C0BE1/E46FF490AE2B11EB95627F82C4F9AE02/0C3EAFF6F84111EC926CBF53C4F9AE02.roa Signing time: Mon 28 Oct 2024 23:24:48 +0000 ROA not before: Mon 28 Oct 2024 23:24:48 +0000 ROA not after: Tue 30 Dec 2025 00:00:00 +0000 asID: 134676 IP address blocks: 103.195.204.0/23 maxlen: 23 103.195.204.0/24 maxlen: 24 103.195.205.0/24 maxlen: 24 2404:e3c0::/32 maxlen: 32 2404:e3c0::/48 maxlen: 48 2404:e3c0:1::/48 maxlen: 48 2404:e3c0:2::/48 maxlen: 48 2404:e3c0:3::/48 maxlen: 48 2404:e3c0:4::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C0BE1/E46FF490AE2B11EB95627F82C4F9AE02/qiG2kMHWPL9EGqO9EX7Yt4aIIik.crl rsync://rpki.apnic.net/member_repository/A91C0BE1/E46FF490AE2B11EB95627F82C4F9AE02/qiG2kMHWPL9EGqO9EX7Yt4aIIik.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qiG2kMHWPL9EGqO9EX7Yt4aIIik.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Nov 2024 20:43:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1415 (0x587) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C0BE1/serialNumber=AA21B690C1D63CBF441AA3BD117ED8B786882229 Validity Not Before: Oct 28 23:24:48 2024 GMT Not After : Dec 30 00:00:00 2025 GMT Subject: CN=67201d3f-e729 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dd:99:87:b8:f9:2b:59:2a:11:04:59:48:40:89: e2:af:05:33:80:3f:9a:50:ad:76:e6:f0:0d:9b:59: 37:8e:03:3e:9b:4e:f9:59:2e:0f:23:7b:0a:d0:96: 61:c0:29:64:bf:10:8c:17:ed:92:bd:b0:f0:34:8f: c9:31:be:b5:ef:63:f0:fd:84:af:ff:11:11:d0:6e: cc:08:d9:2b:5e:33:13:af:c2:f8:41:95:45:52:09: 1c:24:0a:23:eb:40:c9:22:31:85:e6:f7:fb:aa:9d: e4:e6:19:94:28:df:e9:50:6d:d4:c0:78:f1:45:2e: 25:3e:57:43:1b:1d:bb:f1:a8:11:11:cb:5f:ee:e4: 7b:99:ac:6b:85:25:9b:d0:ab:c6:f8:80:b6:dd:85: 83:ff:5a:4d:c2:48:72:df:36:38:8a:e8:f1:f8:ca: e4:e7:a7:fe:d7:18:16:4d:5e:ec:f9:7c:e4:3b:a4: 4e:ab:57:5c:02:db:07:47:3d:d3:78:72:83:17:c4: 3c:1a:f0:9f:7f:3b:00:c6:54:dd:f8:cf:5c:f9:00: 4c:ec:0a:94:62:0a:ed:a4:69:2c:5a:09:83:96:6d: 27:ac:c7:97:e4:e4:49:64:b5:b5:50:74:56:6f:3f: 67:6e:55:39:48:05:91:d6:42:03:da:24:3b:3d:92: 09:93 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AF:50:C2:43:A8:74:79:9C:DC:3B:E4:A2:FE:67:71:3B:49:CA:CA:1E X509v3 Authority Key Identifier: keyid:AA:21:B6:90:C1:D6:3C:BF:44:1A:A3:BD:11:7E:D8:B7:86:88:22:29 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C0BE1/E46FF490AE2B11EB95627F82C4F9AE02/qiG2kMHWPL9EGqO9EX7Yt4aIIik.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qiG2kMHWPL9EGqO9EX7Yt4aIIik.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C0BE1/E46FF490AE2B11EB95627F82C4F9AE02/0C3EAFF6F84111EC926CBF53C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.195.204.0/23 IPv6: 2404:e3c0::/32 Signature Algorithm: sha256WithRSAEncryption 8a:49:92:1a:05:e7:1a:17:f5:7e:9a:6b:72:bb:0a:55:5b:c3: 62:c0:d8:28:de:c2:2d:e1:59:f6:44:5d:ed:20:b7:d5:f6:70: 15:f1:99:b8:88:2e:75:8d:d0:49:ce:7a:c7:2b:a5:93:08:d9: 5b:43:5e:e7:b0:69:87:9f:d0:1e:29:18:b2:de:2f:35:68:6b: ed:e5:b7:3d:c1:64:7f:62:e6:da:b9:10:e3:15:09:e2:25:a7: 13:f6:34:67:2d:57:7d:c7:7a:01:26:d0:7a:f6:94:6c:e8:be: ae:c6:97:00:a0:fc:97:7f:72:86:d6:1f:80:ca:ea:25:a8:e8: a7:3c:19:a7:c2:1d:6b:3c:04:53:86:bd:8c:ae:25:c2:b3:7d: 3e:1b:98:6a:e0:b4:0f:f6:44:02:46:58:cb:f7:65:d1:f1:46: c9:63:ef:24:9a:a6:bd:7d:2e:3d:1b:38:1d:e9:10:e2:75:77: 75:26:6a:88:fd:bd:ef:8d:a2:f6:ac:a3:a1:5c:1a:94:aa:aa: c6:96:18:7d:04:5a:39:30:47:72:d2:f1:14:c7:24:92:d4:4d: d3:b4:6e:56:24:7a:58:f2:01:1e:10:50:29:e1:ea:f6:ad:bb: b7:5b:47:74:81:de:3f:82:dc:67:aa:30:9c:03:9e:2d:10:72: 80:76:3e:43 -----BEGIN CERTIFICATE----- MIIFgDCCBGigAwIBAgICBYcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QzBCRTExMTAvBgNVBAUTKEFBMjFCNjkwQzFENjNDQkY0NDFBQTNCRDExN0VEOEI3 ODY4ODIyMjkwHhcNMjQxMDI4MjMyNDQ4WhcNMjUxMjMwMDAwMDAwWjAYMRYwFAYD VQQDEw02NzIwMWQzZi1lNzI5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA3ZmHuPkrWSoRBFlIQInirwUzgD+aUK125vANm1k3jgM+m075WS4PI3sK0JZh wClkvxCMF+2SvbDwNI/JMb6172Pw/YSv/xER0G7MCNkrXjMTr8L4QZVFUgkcJAoj 60DJIjGF5vf7qp3k5hmUKN/pUG3UwHjxRS4lPldDGx278agREctf7uR7maxrhSWb 0KvG+IC23YWD/1pNwkhy3zY4iujx+Mrk56f+1xgWTV7s+XzkO6ROq1dcAtsHRz3T eHKDF8Q8GvCffzsAxlTd+M9c+QBM7AqUYgrtpGksWgmDlm0nrMeX5ORJZLW1UHRW bz9nblU5SAWR1kID2iQ7PZIJkwIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFK9QwkOo dHmc3Dvkov5ncTtJysoeMB8GA1UdIwQYMBaAFKohtpDB1jy/RBqjvRF+2LeGiCIp MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDMEJFMS9FNDZGRjQ5MEFF MkIxMUVCOTU2MjdGODJDNEY5QUUwMi9xaUcya01IV1BMOUVHcU85RVg3WXQ0YUlJ aWsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3FpRzJrTUhXUEw5RUdxTzlFWDdZdDRhSUlpay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QzBCRTEvRTQ2RkY0OTBBRTJCMTFFQjk1NjI3RjgyQzRGOUFFMDIvMEMzRUFGRjZG ODQxMTFFQzkyNkNCRjUzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E HzAdMAwEAgABMAYDBAFnw8wwDQQCAAIwBwMFACQE48AwDQYJKoZIhvcNAQELBQAD ggEBAIpJkhoF5xoX9X6aa3K7ClVbw2LA2Cjewi3hWfZEXe0gt9X2cBXxmbiILnWN 0EnOescrpZMI2VtDXuewaYef0B4pGLLeLzVoa+3ltz3BZH9i5tq5EOMVCeIlpxP2 NGctV33HegEm0Hr2lGzovq7GlwCg/Jd/cobWH4DK6iWo6Kc8GafCHWs8BFOGvYyu JcKzfT4bmGrgtA/2RAJGWMv3ZdHxRslj7ySapr19Lj0bOB3pEOJ1d3Umaoj9ve+N ovaso6FcGpSqqsaWGH0EWjkwR3LS8RTHJJLUTdO0blYkeljyAR4QUCnh6vatu7db R3SB3j+C3GeqMJwDni0QcoB2PkM= -----END CERTIFICATE-----Generated at Fri Nov 22 23:39:33 2024 by rpki-client on console-fra.rpki-client.org