$ rpki-client -vvf rpki.apnic.net/member_repository/A91C1621/99D68DCE1D6911E2A4640DA708B02CD2/BB8F87B4D4B011ECAA427351C4F9AE02.roa File: BB8F87B4D4B011ECAA427351C4F9AE02.roa (raw, json) Hash identifier: V6xVQh9iUu5NDnwtI8z/zA2tAozAKTEZViih6UdSdQ0= Subject key identifier: 60:20:B4:20:58:F7:9B:D7:0F:1A:0A:01:20:3D:55:3A:FD:53:A6:E7 Certificate issuer: /CN=A91C1621/serialNumber=FA4179627F5B26594E5630353A0B7785E0D692C5 Certificate serial: 3448 Authority key identifier: FA:41:79:62:7F:5B:26:59:4E:56:30:35:3A:0B:77:85:E0:D6:92:C5 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-kF5Yn9bJllOVjA1Ogt3heDWksU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C1621/99D68DCE1D6911E2A4640DA708B02CD2/BB8F87B4D4B011ECAA427351C4F9AE02.roa Signing time: Thu 24 Oct 2024 14:30:10 +0000 ROA not before: Thu 24 Oct 2024 14:30:10 +0000 ROA not after: Sat 31 Jan 2026 00:00:00 +0000 asID: 1299 IP address blocks: 27.123.212.0/24 maxlen: 24 27.123.213.0/24 maxlen: 24 27.123.214.0/24 maxlen: 24 27.123.215.0/24 maxlen: 24 103.29.144.0/24 maxlen: 24 103.29.145.0/24 maxlen: 24 103.29.146.0/24 maxlen: 24 103.29.147.0/24 maxlen: 24 202.126.88.0/24 maxlen: 24 202.126.89.0/24 maxlen: 24 202.126.90.0/24 maxlen: 24 202.126.91.0/24 maxlen: 24 2405:600::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C1621/99D68DCE1D6911E2A4640DA708B02CD2/-kF5Yn9bJllOVjA1Ogt3heDWksU.crl rsync://rpki.apnic.net/member_repository/A91C1621/99D68DCE1D6911E2A4640DA708B02CD2/-kF5Yn9bJllOVjA1Ogt3heDWksU.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-kF5Yn9bJllOVjA1Ogt3heDWksU.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 21 Feb 2025 05:15:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13384 (0x3448) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C1621 Validity Not Before: Oct 24 14:30:10 2024 GMT Not After : Jan 31 00:00:00 2026 GMT Subject: CN=671a59f1-e595 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:f1:c2:bb:16:36:3d:23:04:4d:e1:7f:27:33: f7:94:7e:64:13:cf:33:5a:f4:7e:6e:a6:76:ce:9f: a3:1e:8e:e4:be:fa:60:ce:e0:16:16:70:05:93:ae: b9:0c:18:85:52:d6:58:55:0f:c5:4f:9c:98:20:e6: 18:72:84:c4:3f:3c:73:05:94:97:c7:0b:6c:94:aa: 49:39:2f:35:d5:4d:aa:6a:79:f5:2c:5d:40:75:df: 6a:2e:88:77:3a:62:62:32:3f:77:a4:09:28:aa:bf: 26:86:88:43:89:59:84:07:1f:22:12:a9:99:40:8d: ba:80:33:b7:53:c8:37:95:ce:e8:78:9d:3b:33:9c: 84:ea:97:a6:5d:89:55:23:9a:ec:05:b2:ae:ef:d5: 88:62:94:3e:5a:1f:23:0f:34:fd:0f:6b:94:9a:6e: dd:f8:bc:7d:9c:97:0c:fd:d0:bc:2a:4e:08:11:b4: 0e:a2:4f:69:82:13:ee:00:e4:4a:13:fb:f5:f8:f7: 97:e0:18:94:ab:ca:26:30:e6:8a:d9:90:7a:3d:37: 3c:fd:05:d1:2b:bf:ab:eb:fa:44:33:0f:86:d2:c6: 95:84:aa:f7:27:3a:54:0a:97:2e:d1:ec:a4:f7:25: 5a:74:60:a3:81:36:b9:2c:0b:7b:ca:b9:9b:96:a6: 3c:77 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 60:20:B4:20:58:F7:9B:D7:0F:1A:0A:01:20:3D:55:3A:FD:53:A6:E7 X509v3 Authority Key Identifier: keyid:FA:41:79:62:7F:5B:26:59:4E:56:30:35:3A:0B:77:85:E0:D6:92:C5 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C1621/99D68DCE1D6911E2A4640DA708B02CD2/-kF5Yn9bJllOVjA1Ogt3heDWksU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-kF5Yn9bJllOVjA1Ogt3heDWksU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C1621/99D68DCE1D6911E2A4640DA708B02CD2/BB8F87B4D4B011ECAA427351C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 27.123.212.0/22 103.29.144.0/22 202.126.88.0/22 IPv6: 2405:600::/32 Signature Algorithm: sha256WithRSAEncryption 92:27:0e:77:87:3e:c2:b3:d5:23:55:74:a6:7d:50:bd:9f:8b: 86:0c:91:94:57:fa:3e:3c:d0:31:2a:bb:bf:ae:90:a9:a1:98: a3:ef:9d:8f:0c:ee:ad:17:04:f5:50:6a:c2:cd:77:31:1c:2a: 02:2b:71:1b:a5:58:96:2d:29:5d:34:a2:80:e5:2a:90:19:b3: 55:15:b8:f3:27:ce:1e:bb:c5:9e:ad:73:a5:ac:56:fb:ce:7d: 16:1d:2e:8a:e2:f9:45:3c:11:ec:fa:d1:ed:2e:c3:9a:15:3c: 4e:db:e7:56:43:6f:54:c2:4f:30:57:15:12:d2:55:2b:7f:fb: b6:74:cd:c3:95:68:58:41:e3:66:b2:f8:cb:5e:34:0f:7a:ca: 06:24:c1:53:b3:44:42:9d:da:7f:ad:44:0d:6a:f1:af:9a:5c: 1f:06:e6:2d:fc:01:0b:c4:bb:fc:09:11:eb:aa:13:66:3c:1d: d8:5c:ed:c5:8d:a8:21:a2:c8:e0:08:d1:1e:19:dd:12:18:d0: a3:37:0e:1d:38:76:21:84:b6:5b:75:34:66:2f:f6:87:b6:0a: a1:4e:96:67:79:79:d5:25:67:a3:9b:a3:58:27:31:a6:2c:86: 4d:44:a6:77:ca:4e:c8:03:1f:aa:b8:36:74:e7:01:05:ac:4e: f7:b7:f0:c9 -----BEGIN CERTIFICATE----- MIIFjDCCBHSgAwIBAgICNEgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QzE2MjExMTAvBgNVBAUTKEZBNDE3OTYyN0Y1QjI2NTk0RTU2MzAzNTNBMEI3Nzg1 RTBENjkyQzUwHhcNMjQxMDI0MTQzMDEwWhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NzFhNTlmMS1lNTk1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA0vHCuxY2PSMETeF/JzP3lH5kE88zWvR+bqZ2zp+jHo7kvvpgzuAWFnAFk665 DBiFUtZYVQ/FT5yYIOYYcoTEPzxzBZSXxwtslKpJOS811U2qann1LF1Add9qLoh3 OmJiMj93pAkoqr8mhohDiVmEBx8iEqmZQI26gDO3U8g3lc7oeJ07M5yE6pemXYlV I5rsBbKu79WIYpQ+Wh8jDzT9D2uUmm7d+Lx9nJcM/dC8Kk4IEbQOok9pghPuAORK E/v1+PeX4BiUq8omMOaK2ZB6PTc8/QXRK7+r6/pEMw+G0saVhKr3JzpUCpcu0eyk 9yVadGCjgTa5LAt7yrmblqY8dwIDAQABo4ICsDCCAqwwHQYDVR0OBBYEFGAgtCBY 95vXDxoKASA9VTr9U6bnMB8GA1UdIwQYMBaAFPpBeWJ/WyZZTlYwNToLd4Xg1pLF MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDMTYyMS85OUQ2OERDRTFE NjkxMUUyQTQ2NDBEQTcwOEIwMkNEMi8ta0Y1WW45YkpsbE9WakExT2d0M2hlRFdr c1UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLy1rRjVZbjliSmxsT1ZqQTFPZ3QzaGVEV2tzVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QzE2MjEvOTlENjhEQ0UxRDY5MTFFMkE0NjQwREE3MDhCMDJDRDIvQkI4Rjg3QjRE NEIwMTFFQ0FBNDI3MzUxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOgYIKwYBBQUHAQcBAf8E KzApMBgEAgABMBIDBAIbe9QDBAJnHZADBALKflgwDQQCAAIwBwMFACQFBgAwDQYJ KoZIhvcNAQELBQADggEBAJInDneHPsKz1SNVdKZ9UL2fi4YMkZRX+j480DEqu7+u kKmhmKPvnY8M7q0XBPVQasLNdzEcKgIrcRulWJYtKV00ooDlKpAZs1UVuPMnzh67 xZ6tc6WsVvvOfRYdLori+UU8Eez60e0uw5oVPE7b51ZDb1TCTzBXFRLSVSt/+7Z0 zcOVaFhB42ay+MteNA96ygYkwVOzREKd2n+tRA1q8a+aXB8G5i38AQvEu/wJEeuq E2Y8Hdhc7cWNqCGiyOAI0R4Z3RIY0KM3Dh04diGEtlt1NGYv9oe2CqFOlmd5edUl Z6Obo1gnMaYshk1EpnfKTsgDH6q4NnTnAQWsTve38Mk= -----END CERTIFICATE-----Generated at Sun Feb 16 15:26:50 2025 by rpki-client