$ rpki-client -vvf rpki.apnic.net/member_repository/A91C1621/99D68DCE1D6911E2A4640DA708B02CD2/CDE36D52DB9511E99F3F673EC4F9AE02.roa File: CDE36D52DB9511E99F3F673EC4F9AE02.roa (raw, json) Hash identifier: zbmIG6CT7ypIn3HcTtsDFC7ihfXsVyZlUb242ctePDw= Subject key identifier: C0:4B:CF:8D:83:6D:15:09:C7:7B:DF:72:C1:DF:08:58:20:A7:03:64 Certificate issuer: /CN=A91C1621/serialNumber=FA4179627F5B26594E5630353A0B7785E0D692C5 Certificate serial: 3449 Authority key identifier: FA:41:79:62:7F:5B:26:59:4E:56:30:35:3A:0B:77:85:E0:D6:92:C5 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-kF5Yn9bJllOVjA1Ogt3heDWksU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C1621/99D68DCE1D6911E2A4640DA708B02CD2/CDE36D52DB9511E99F3F673EC4F9AE02.roa Signing time: Thu 24 Oct 2024 14:30:12 +0000 ROA not before: Thu 24 Oct 2024 14:30:12 +0000 ROA not after: Sat 31 Jan 2026 00:00:00 +0000 asID: 55805 IP address blocks: 27.123.212.0/22 maxlen: 22 27.123.212.0/24 maxlen: 24 27.123.213.0/24 maxlen: 24 27.123.214.0/24 maxlen: 24 27.123.215.0/24 maxlen: 24 103.29.144.0/22 maxlen: 22 103.29.144.0/24 maxlen: 24 103.29.145.0/24 maxlen: 24 103.29.146.0/24 maxlen: 24 103.29.147.0/24 maxlen: 24 103.98.68.0/22 maxlen: 22 103.98.68.0/24 maxlen: 24 103.98.69.0/24 maxlen: 24 103.98.70.0/24 maxlen: 24 103.98.71.0/24 maxlen: 24 202.126.88.0/22 maxlen: 22 202.126.88.0/24 maxlen: 24 202.126.89.0/24 maxlen: 24 202.126.90.0/24 maxlen: 24 202.126.91.0/24 maxlen: 24 2401:90c0::/32 maxlen: 48 2405:600::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C1621/99D68DCE1D6911E2A4640DA708B02CD2/-kF5Yn9bJllOVjA1Ogt3heDWksU.crl rsync://rpki.apnic.net/member_repository/A91C1621/99D68DCE1D6911E2A4640DA708B02CD2/-kF5Yn9bJllOVjA1Ogt3heDWksU.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-kF5Yn9bJllOVjA1Ogt3heDWksU.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Nov 2024 14:16:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13385 (0x3449) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C1621/serialNumber=FA4179627F5B26594E5630353A0B7785E0D692C5 Validity Not Before: Oct 24 14:30:12 2024 GMT Not After : Jan 31 00:00:00 2026 GMT Subject: CN=671a59f3-7e44 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e9:52:c3:a8:d0:0b:b8:ad:83:45:e8:57:6e:6c: ce:b5:46:c4:76:b5:54:99:cf:da:81:de:c9:e4:64: ad:39:31:16:8c:c8:a3:fa:f0:9d:72:ae:e4:73:e9: 92:46:ac:79:14:cf:76:2f:64:55:1b:76:eb:e1:32: 0b:41:e4:39:0e:ed:c4:80:63:3e:61:34:c3:4c:d1: aa:4c:56:38:c3:e9:b1:c0:91:3b:46:ef:93:9c:cc: ac:20:dd:82:bb:63:ba:92:a7:e9:06:90:05:42:3e: 0e:53:e2:2a:db:55:59:c1:c1:9c:35:38:8b:d8:47: d5:51:95:fa:62:f1:34:c4:c7:b3:11:e4:81:03:59: 47:58:bf:3f:4b:b2:37:76:68:55:56:ca:82:3e:b9: ca:2b:ee:0b:5c:39:55:2a:c3:8a:0c:e1:95:99:3e: d7:14:01:34:3d:b4:71:c7:0b:d8:a2:4d:c9:9e:7e: 07:e8:41:7b:97:a3:5f:a9:33:f2:ce:d6:1d:75:6d: 85:09:79:19:70:fd:ef:61:5b:29:81:77:40:71:81: 68:62:fb:9f:da:19:d6:dc:73:b8:40:fb:ff:78:89: d9:5e:74:67:aa:6b:26:7b:7b:cb:2e:be:0e:cc:cc: da:af:2e:58:37:9a:6b:c6:60:1c:33:07:3a:77:a8: 7a:c3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C0:4B:CF:8D:83:6D:15:09:C7:7B:DF:72:C1:DF:08:58:20:A7:03:64 X509v3 Authority Key Identifier: keyid:FA:41:79:62:7F:5B:26:59:4E:56:30:35:3A:0B:77:85:E0:D6:92:C5 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C1621/99D68DCE1D6911E2A4640DA708B02CD2/-kF5Yn9bJllOVjA1Ogt3heDWksU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-kF5Yn9bJllOVjA1Ogt3heDWksU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C1621/99D68DCE1D6911E2A4640DA708B02CD2/CDE36D52DB9511E99F3F673EC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 27.123.212.0/22 103.29.144.0/22 103.98.68.0/22 202.126.88.0/22 IPv6: 2401:90c0::/32 2405:600::/32 Signature Algorithm: sha256WithRSAEncryption 26:6e:d4:42:6d:5c:45:19:1f:e7:7e:e6:52:1e:66:91:67:6a: 26:bc:e0:77:ef:0c:6e:3f:d3:0b:37:5a:37:1a:31:5f:7d:7f: 68:44:cd:00:13:cb:08:88:81:e7:47:d0:dd:82:a2:f1:fd:be: a4:73:0e:25:ec:cd:ff:8e:4e:01:38:1c:31:ad:ff:3c:52:fa: c6:32:61:81:ad:cc:16:ce:eb:d7:71:f7:46:90:5f:56:72:f8: fd:57:b4:d7:b3:b2:b6:73:d6:25:f5:64:16:1e:74:51:7e:81: 78:a0:df:21:8d:0b:f2:2f:c2:7a:2f:d6:75:db:b7:32:96:93: 07:9b:f2:b6:62:43:e4:30:ae:f5:b5:e9:ef:06:ed:c5:e9:d9: d8:87:09:98:b4:d2:d9:3b:df:79:c3:12:49:00:ef:4c:5a:df: f3:f6:76:14:24:4c:c4:6b:a0:ba:06:fc:9d:58:fd:e2:a6:f8: a8:b5:38:67:87:c5:8c:56:0f:50:e4:0d:6b:b2:05:d0:42:be: 16:00:e4:1e:ed:f8:a5:6f:ab:50:18:34:09:99:ce:e3:7b:1f: b0:1f:81:79:79:a7:80:34:3c:89:18:a7:11:8b:83:a9:d0:64: 9b:ac:85:51:8d:99:93:c8:17:b3:84:07:79:74:86:8d:9c:be: b3:65:2f:67 -----BEGIN CERTIFICATE----- MIIFmTCCBIGgAwIBAgICNEkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QzE2MjExMTAvBgNVBAUTKEZBNDE3OTYyN0Y1QjI2NTk0RTU2MzAzNTNBMEI3Nzg1 RTBENjkyQzUwHhcNMjQxMDI0MTQzMDEyWhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NzFhNTlmMy03ZTQ0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA6VLDqNALuK2DRehXbmzOtUbEdrVUmc/agd7J5GStOTEWjMij+vCdcq7kc+mS Rqx5FM92L2RVG3br4TILQeQ5Du3EgGM+YTTDTNGqTFY4w+mxwJE7Ru+TnMysIN2C u2O6kqfpBpAFQj4OU+Iq21VZwcGcNTiL2EfVUZX6YvE0xMezEeSBA1lHWL8/S7I3 dmhVVsqCPrnKK+4LXDlVKsOKDOGVmT7XFAE0PbRxxwvYok3Jnn4H6EF7l6NfqTPy ztYddW2FCXkZcP3vYVspgXdAcYFoYvuf2hnW3HO4QPv/eInZXnRnqmsme3vLLr4O zMzary5YN5prxmAcMwc6d6h6wwIDAQABo4ICvTCCArkwHQYDVR0OBBYEFMBLz42D bRUJx3vfcsHfCFggpwNkMB8GA1UdIwQYMBaAFPpBeWJ/WyZZTlYwNToLd4Xg1pLF MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDMTYyMS85OUQ2OERDRTFE NjkxMUUyQTQ2NDBEQTcwOEIwMkNEMi8ta0Y1WW45YkpsbE9WakExT2d0M2hlRFdr c1UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLy1rRjVZbjliSmxsT1ZqQTFPZ3QzaGVEV2tzVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QzE2MjEvOTlENjhEQ0UxRDY5MTFFMkE0NjQwREE3MDhCMDJDRDIvQ0RFMzZENTJE Qjk1MTFFOTlGM0Y2NzNFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwRwYIKwYBBQUHAQcBAf8E ODA2MB4EAgABMBgDBAIbe9QDBAJnHZADBAJnYkQDBALKflgwFAQCAAIwDgMFACQB kMADBQAkBQYAMA0GCSqGSIb3DQEBCwUAA4IBAQAmbtRCbVxFGR/nfuZSHmaRZ2om vOB37wxuP9MLN1o3GjFffX9oRM0AE8sIiIHnR9DdgqLx/b6kcw4l7M3/jk4BOBwx rf88UvrGMmGBrcwWzuvXcfdGkF9Wcvj9V7TXs7K2c9Yl9WQWHnRRfoF4oN8hjQvy L8J6L9Z127cylpMHm/K2YkPkMK71tenvBu3F6dnYhwmYtNLZO995wxJJAO9MWt/z 9nYUJEzEa6C6BvydWP3ipviotThnh8WMVg9Q5A1rsgXQQr4WAOQe7filb6tQGDQJ mc7jex+wH4F5eaeANDyJGKcRi4Op0GSbrIVRjZmTyBezhAd5dIaNnL6zZS9n -----END CERTIFICATE-----Generated at Fri Nov 22 16:50:03 2024 by rpki-client on console-ams.rpki-client.org