$ rpki-client -vvf rpki.apnic.net/member_repository/A91C23FE/825CE9AAF9EB11E6BDE7A968C4F9AE02/A88F22ECCC7011ED931BD15FC4F9AE02.roa File: A88F22ECCC7011ED931BD15FC4F9AE02.roa (raw, json) Hash identifier: BCcYD/VfHPlrE1idB6qMcYHXBoKVsq99H3ysbvhT4uw= Subject key identifier: 97:E0:29:20:3F:9B:E1:62:3D:39:07:65:60:8F:3C:A0:DB:9B:DD:1A Certificate issuer: /CN=A91C23FE/serialNumber=E2F0742AD80A9DBB2875184EE0DD5E94DD75784B Certificate serial: 1B67 Authority key identifier: E2:F0:74:2A:D8:0A:9D:BB:28:75:18:4E:E0:DD:5E:94:DD:75:78:4B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4vB0KtgKnbsodRhO4N1elN11eEs.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C23FE/825CE9AAF9EB11E6BDE7A968C4F9AE02/A88F22ECCC7011ED931BD15FC4F9AE02.roa Signing time: Thu 10 Oct 2024 16:53:49 +0000 ROA not before: Thu 10 Oct 2024 16:53:49 +0000 ROA not after: Tue 30 Dec 2025 00:00:00 +0000 asID: 134674 IP address blocks: 45.127.47.0/24 maxlen: 24 58.84.60.0/22 maxlen: 24 103.80.160.0/22 maxlen: 24 103.113.140.0/24 maxlen: 24 103.113.141.0/24 maxlen: 24 103.113.142.0/24 maxlen: 24 103.113.143.0/24 maxlen: 24 103.197.72.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C23FE/825CE9AAF9EB11E6BDE7A968C4F9AE02/4vB0KtgKnbsodRhO4N1elN11eEs.crl rsync://rpki.apnic.net/member_repository/A91C23FE/825CE9AAF9EB11E6BDE7A968C4F9AE02/4vB0KtgKnbsodRhO4N1elN11eEs.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4vB0KtgKnbsodRhO4N1elN11eEs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Nov 2024 16:15:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7015 (0x1b67) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C23FE/serialNumber=E2F0742AD80A9DBB2875184EE0DD5E94DD75784B Validity Not Before: Oct 10 16:53:49 2024 GMT Not After : Dec 30 00:00:00 2025 GMT Subject: CN=6708069c-20c1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:54:4b:c8:db:36:1c:07:d3:07:72:d8:3e:1c: db:7c:15:3c:f2:6e:b9:ed:03:59:2b:d3:f5:36:87: 04:44:3a:24:ef:0b:2d:ee:b0:7e:b7:47:38:2c:b5: a8:03:79:1f:ca:32:d2:bb:2e:12:69:29:28:ca:fc: 51:9a:49:dd:40:d3:f5:b5:e5:43:89:5a:f5:e8:01: 79:82:df:f6:bb:36:c4:f6:8b:89:3c:ed:16:4c:71: 85:1c:dc:61:f0:f5:60:dd:77:58:db:20:c8:15:ff: 81:f4:b4:c6:a4:d0:4f:40:0c:58:34:65:7e:d9:59: ad:0e:13:11:4f:fe:51:ec:55:f1:98:9d:d8:0c:b2: ae:42:f6:c0:47:e6:04:34:1c:a2:1f:a3:35:b8:63: 63:fc:3c:2b:a2:41:7f:c4:eb:25:3e:e3:76:1b:65: af:2c:ca:0f:95:45:59:8f:15:bb:97:7d:4f:10:b7: 08:4d:d6:f9:b4:91:56:dd:a2:3e:11:ed:88:c3:a4: f9:53:5a:49:80:62:b4:12:ac:04:8f:04:12:ba:f5: f4:76:bb:65:e9:56:b3:71:a9:0b:ab:60:ac:57:e0: 88:16:d1:d4:83:5b:8b:55:8d:cd:84:b0:60:38:b7: b2:60:c0:a4:2b:64:28:41:2c:ec:ae:4a:4b:c5:36: 0e:67 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 97:E0:29:20:3F:9B:E1:62:3D:39:07:65:60:8F:3C:A0:DB:9B:DD:1A X509v3 Authority Key Identifier: keyid:E2:F0:74:2A:D8:0A:9D:BB:28:75:18:4E:E0:DD:5E:94:DD:75:78:4B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C23FE/825CE9AAF9EB11E6BDE7A968C4F9AE02/4vB0KtgKnbsodRhO4N1elN11eEs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4vB0KtgKnbsodRhO4N1elN11eEs.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C23FE/825CE9AAF9EB11E6BDE7A968C4F9AE02/A88F22ECCC7011ED931BD15FC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 45.127.47.0/24 58.84.60.0/22 103.80.160.0/22 103.113.140.0/22 103.197.72.0/22 Signature Algorithm: sha256WithRSAEncryption 26:e5:62:1b:24:41:ee:d2:20:4e:cf:ce:cb:4a:32:46:2d:54: 76:af:1a:02:c4:fa:66:a0:41:49:22:47:3f:d7:ec:98:1f:66: 07:5b:29:7e:12:a3:f5:8d:82:c8:c9:28:42:c1:05:65:4a:8a: 58:e0:b1:de:b1:7b:0c:cb:f4:19:54:ba:86:e5:d1:ad:19:5b: a8:76:b5:35:b2:10:05:f1:96:7f:b3:43:97:a4:9d:c1:d3:4f: df:fd:1d:65:94:f9:a3:c4:41:32:76:a8:ae:9c:ec:29:2e:aa: 00:d5:07:c0:0b:80:5c:d1:94:61:51:4d:8c:de:d9:c1:f1:37: cb:24:8e:bd:57:31:ac:e2:63:52:4e:ff:0c:0a:9d:23:8e:d3: 57:e3:59:ab:92:7d:5e:de:c2:0b:97:f6:2b:7a:e3:11:a8:c6: 60:6e:f3:ca:24:64:41:29:32:32:10:14:d6:19:67:c7:71:2e: b5:e4:f0:20:c6:f2:58:c8:9f:4b:0f:33:0c:3a:06:a9:99:ca: 1a:69:6a:1f:de:c7:a0:8a:de:88:2d:14:b0:c9:93:9b:10:44: 79:31:f4:7f:18:1e:ad:b8:dc:f2:11:0e:ed:8b:c8:4b:3d:7a: 53:cb:ee:90:9a:81:a7:83:aa:67:2c:12:fd:96:49:a2:00:dc: 38:67:64:0a -----BEGIN CERTIFICATE----- MIIFiTCCBHGgAwIBAgICG2cwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QzIzRkUxMTAvBgNVBAUTKEUyRjA3NDJBRDgwQTlEQkIyODc1MTg0RUUwREQ1RTk0 REQ3NTc4NEIwHhcNMjQxMDEwMTY1MzQ5WhcNMjUxMjMwMDAwMDAwWjAYMRYwFAYD VQQDEw02NzA4MDY5Yy0yMGMxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEApVRLyNs2HAfTB3LYPhzbfBU88m657QNZK9P1NocERDok7wst7rB+t0c4LLWo A3kfyjLSuy4SaSkoyvxRmkndQNP1teVDiVr16AF5gt/2uzbE9ouJPO0WTHGFHNxh 8PVg3XdY2yDIFf+B9LTGpNBPQAxYNGV+2VmtDhMRT/5R7FXxmJ3YDLKuQvbAR+YE NByiH6M1uGNj/DwrokF/xOslPuN2G2WvLMoPlUVZjxW7l31PELcITdb5tJFW3aI+ Ee2Iw6T5U1pJgGK0EqwEjwQSuvX0drtl6VazcakLq2CsV+CIFtHUg1uLVY3NhLBg OLeyYMCkK2QoQSzsrkpLxTYOZwIDAQABo4ICrTCCAqkwHQYDVR0OBBYEFJfgKSA/ m+FiPTkHZWCPPKDbm90aMB8GA1UdIwQYMBaAFOLwdCrYCp27KHUYTuDdXpTddXhL MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDMjNGRS84MjVDRTlBQUY5 RUIxMUU2QkRFN0E5NjhDNEY5QUUwMi80dkIwS3RnS25ic29kUmhPNE4xZWxOMTFl RXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzR2QjBLdGdLbmJzb2RSaE80TjFlbE4xMWVFcy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QzIzRkUvODI1Q0U5QUFGOUVCMTFFNkJERTdBOTY4QzRGOUFFMDIvQTg4RjIyRUND QzcwMTFFRDkzMUJEMTVGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNwYIKwYBBQUHAQcBAf8E KDAmMCQEAgABMB4DBAAtfy8DBAI6VDwDBAJnUKADBAJncYwDBAJnxUgwDQYJKoZI hvcNAQELBQADggEBACblYhskQe7SIE7PzstKMkYtVHavGgLE+magQUkiRz/X7Jgf ZgdbKX4So/WNgsjJKELBBWVKiljgsd6xewzL9BlUuobl0a0ZW6h2tTWyEAXxln+z Q5ekncHTT9/9HWWU+aPEQTJ2qK6c7CkuqgDVB8ALgFzRlGFRTYze2cHxN8skjr1X MaziY1JO/wwKnSOO01fjWauSfV7ewguX9it64xGoxmBu88okZEEpMjIQFNYZZ8dx LrXk8CDG8ljIn0sPMww6BqmZyhppah/ex6CK3ogtFLDJk5sQRHkx9H8YHq243PIR Du2LyEs9elPL7pCagaeDqmcsEv2WSaIA3DhnZAo= -----END CERTIFICATE-----Generated at Fri Nov 22 19:50:16 2024 by rpki-client on console-ams.rpki-client.org