$ rpki-client -vvf rpki.apnic.net/member_repository/A91C4D8E/589B933C06A411EAB3C66B38C4F9AE02/C9FF2A7E06A511EAA1FFDB3DC4F9AE02.roa File: C9FF2A7E06A511EAA1FFDB3DC4F9AE02.roa (raw, json) Hash identifier: JA2HpzDCryHkDWNPe1iufz5VrqW0EsAeEdiwzkNRDX8= Subject key identifier: ED:79:B3:96:2C:78:25:9E:89:CD:CF:6F:28:63:08:BE:00:50:CD:99 Certificate issuer: /CN=A91C4D8E/serialNumber=3F7D9BBAED7C5BFDBBA3A349ABE96B21AD27DA67 Certificate serial: 0B47 Authority key identifier: 3F:7D:9B:BA:ED:7C:5B:FD:BB:A3:A3:49:AB:E9:6B:21:AD:27:DA:67 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/P32buu18W_27o6NJq-lrIa0n2mc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C4D8E/589B933C06A411EAB3C66B38C4F9AE02/C9FF2A7E06A511EAA1FFDB3DC4F9AE02.roa Signing time: Sat 20 Jan 2024 19:27:08 +0000 ROA not before: Sat 20 Jan 2024 19:27:08 +0000 ROA not after: Mon 31 Mar 2025 00:00:00 +0000 asID: 138534 IP address blocks: 103.132.88.0/22 maxlen: 22 103.132.88.0/23 maxlen: 23 103.132.88.0/24 maxlen: 24 103.132.89.0/24 maxlen: 24 103.132.90.0/23 maxlen: 23 103.132.90.0/24 maxlen: 24 103.132.91.0/24 maxlen: 24 2404:3440::/32 maxlen: 32 2404:3440::/36 maxlen: 36 2404:3440:1000::/36 maxlen: 36 2404:3440:2000::/36 maxlen: 36 2404:3440:3000::/36 maxlen: 36 2404:3440:4000::/36 maxlen: 36 2404:3440:5000::/36 maxlen: 36 2404:3440:6000::/36 maxlen: 36 2404:3440:7000::/36 maxlen: 36 2404:3440:8000::/36 maxlen: 36 2404:3440:9000::/36 maxlen: 36 2404:3440:a000::/36 maxlen: 36 2404:3440:b000::/36 maxlen: 36 2404:3440:c000::/36 maxlen: 36 2404:3440:d000::/36 maxlen: 36 2404:3440:e000::/36 maxlen: 36 2404:3440:f000::/36 maxlen: 36 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C4D8E/589B933C06A411EAB3C66B38C4F9AE02/P32buu18W_27o6NJq-lrIa0n2mc.crl rsync://rpki.apnic.net/member_repository/A91C4D8E/589B933C06A411EAB3C66B38C4F9AE02/P32buu18W_27o6NJq-lrIa0n2mc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/P32buu18W_27o6NJq-lrIa0n2mc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Nov 2024 18:28:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2887 (0xb47) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C4D8E/serialNumber=3F7D9BBAED7C5BFDBBA3A349ABE96B21AD27DA67 Validity Not Before: Jan 20 19:27:08 2024 GMT Not After : Mar 31 00:00:00 2025 GMT Subject: CN=65ac1e8b-808c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:ec:cf:6d:7b:75:8f:f1:1b:21:7d:c4:5d:5e: a8:98:03:20:27:82:6f:8d:52:e6:26:09:ea:51:f4: aa:a5:85:3e:96:a3:9e:af:23:a2:46:4a:5a:4e:8a: bc:dc:a8:7f:26:b5:8e:27:3d:6c:84:d8:01:40:3f: 8b:52:fe:3a:c3:8f:d9:a8:9c:a8:0f:d2:59:10:1f: da:02:39:bb:ba:ad:a6:ee:14:5b:00:05:b3:7a:a4: c4:cf:db:88:7c:3f:90:c4:81:55:9a:06:5f:9e:09: 28:d7:3f:64:a9:7e:2d:37:d9:60:35:7f:c0:b1:c4: aa:46:1d:f3:f9:1a:e8:09:f0:0e:d4:c2:40:66:69: c3:04:00:38:43:99:b2:ca:c0:38:cc:99:6f:42:15: 94:31:97:e5:81:0d:48:8e:8e:24:fe:9d:3d:44:82: ef:7a:95:1d:16:9c:16:d0:31:4f:36:6c:c2:7b:15: 94:56:74:18:2c:2f:5e:dc:8a:19:c9:8e:24:a6:40: 65:3e:6c:51:cf:88:8e:41:9d:c8:34:a6:29:75:32: 90:53:1b:93:51:a0:98:23:f5:67:61:73:8f:2f:e6: ca:27:c1:ef:ff:19:fe:fb:ab:3e:2b:ae:4e:fc:c3: 5f:30:23:23:83:40:36:9d:80:9c:94:8c:c6:38:d7: c1:cb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: ED:79:B3:96:2C:78:25:9E:89:CD:CF:6F:28:63:08:BE:00:50:CD:99 X509v3 Authority Key Identifier: keyid:3F:7D:9B:BA:ED:7C:5B:FD:BB:A3:A3:49:AB:E9:6B:21:AD:27:DA:67 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C4D8E/589B933C06A411EAB3C66B38C4F9AE02/P32buu18W_27o6NJq-lrIa0n2mc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/P32buu18W_27o6NJq-lrIa0n2mc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C4D8E/589B933C06A411EAB3C66B38C4F9AE02/C9FF2A7E06A511EAA1FFDB3DC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.132.88.0/22 IPv6: 2404:3440::/32 Signature Algorithm: sha256WithRSAEncryption aa:50:f4:b6:e1:96:ed:bf:a1:f9:07:96:01:09:2f:74:f0:3c: eb:9a:d6:9e:00:5e:4d:99:5e:56:9a:63:b9:81:a8:f3:90:92: e8:e8:0f:61:b7:d6:c8:15:9f:07:70:67:2c:ae:77:10:0e:6f: 2c:0f:ea:15:d5:6d:bf:01:ed:95:8b:c9:ee:1e:ea:3e:ee:15: 71:ff:da:0b:60:36:da:c0:9d:84:43:5f:ca:41:cb:48:ee:2a: 0c:d8:dc:b6:ed:ed:ea:e1:1a:60:5c:1b:64:7c:f1:e7:98:c9: 06:c9:9e:eb:24:2f:79:03:ec:78:44:53:8d:b9:ca:30:1f:07: 2e:6e:12:d4:76:6e:ff:4f:aa:0f:55:0e:15:aa:76:28:21:a1: 8e:7e:c2:88:c3:03:b8:ea:c6:92:b5:68:b8:a1:12:c1:7d:13: 8b:fe:62:3b:00:fb:ad:9b:e1:5f:6c:3e:f6:66:e2:64:9a:07: 5b:1a:2b:73:bc:48:53:3b:47:3c:26:ac:6e:5c:95:8d:b8:bc: ad:ed:81:b7:f0:15:a0:c3:41:ff:a3:69:7f:f8:0c:04:29:f2: 80:f3:79:0a:49:64:1c:3a:c2:db:c6:c9:cb:e4:c1:ae:15:3d: cf:62:d0:66:69:9e:16:c6:f0:a2:b2:90:1c:c8:1a:50:e2:02: 41:3e:b9:8d -----BEGIN CERTIFICATE----- MIIFgDCCBGigAwIBAgICC0cwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QzREOEUxMTAvBgNVBAUTKDNGN0Q5QkJBRUQ3QzVCRkRCQkEzQTM0OUFCRTk2QjIx QUQyN0RBNjcwHhcNMjQwMTIwMTkyNzA4WhcNMjUwMzMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NWFjMWU4Yi04MDhjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEApezPbXt1j/EbIX3EXV6omAMgJ4JvjVLmJgnqUfSqpYU+lqOeryOiRkpaToq8 3Kh/JrWOJz1shNgBQD+LUv46w4/ZqJyoD9JZEB/aAjm7uq2m7hRbAAWzeqTEz9uI fD+QxIFVmgZfngko1z9kqX4tN9lgNX/AscSqRh3z+RroCfAO1MJAZmnDBAA4Q5my ysA4zJlvQhWUMZflgQ1Ijo4k/p09RILvepUdFpwW0DFPNmzCexWUVnQYLC9e3IoZ yY4kpkBlPmxRz4iOQZ3INKYpdTKQUxuTUaCYI/VnYXOPL+bKJ8Hv/xn++6s+K65O /MNfMCMjg0A2nYCclIzGONfBywIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFO15s5Ys eCWeic3PbyhjCL4AUM2ZMB8GA1UdIwQYMBaAFD99m7rtfFv9u6OjSavpayGtJ9pn MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDNEQ4RS81ODlCOTMzQzA2 QTQxMUVBQjNDNjZCMzhDNEY5QUUwMi9QMzJidXUxOFdfMjdvNk5KcS1scklhMG4y bWMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1AzMmJ1dTE4V18yN282TkpxLWxySWEwbjJtYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QzREOEUvNTg5QjkzM0MwNkE0MTFFQUIzQzY2QjM4QzRGOUFFMDIvQzlGRjJBN0Uw NkE1MTFFQUExRkZEQjNEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E HzAdMAwEAgABMAYDBAJnhFgwDQQCAAIwBwMFACQENEAwDQYJKoZIhvcNAQELBQAD ggEBAKpQ9Lbhlu2/ofkHlgEJL3TwPOua1p4AXk2ZXlaaY7mBqPOQkujoD2G31sgV nwdwZyyudxAObywP6hXVbb8B7ZWLye4e6j7uFXH/2gtgNtrAnYRDX8pBy0juKgzY 3Lbt7erhGmBcG2R88eeYyQbJnuskL3kD7HhEU425yjAfBy5uEtR2bv9Pqg9VDhWq dighoY5+wojDA7jqxpK1aLihEsF9E4v+YjsA+62b4V9sPvZm4mSaB1saK3O8SFM7 RzwmrG5clY24vK3tgbfwFaDDQf+jaX/4DAQp8oDzeQpJZBw6wtvGycvkwa4VPc9i 0GZpnhbG8KKykBzIGlDiAkE+uY0= -----END CERTIFICATE-----Generated at Fri Nov 22 19:45:03 2024 by rpki-client on console-fra.rpki-client.org