$ rpki-client -vvf rpki.apnic.net/member_repository/A91C77BD/38937198DF4011E58232734AC4F9AE02/A257A95EA9DC11E9AA03780DC4F9AE02.roa File: A257A95EA9DC11E9AA03780DC4F9AE02.roa (raw, json) Hash identifier: c5EKgRZbwGkR1Dt53R8CSRSf7zLCY2912iZh8le8ZQE= Subject key identifier: DE:8B:E5:32:6E:C3:B5:8D:0A:DB:2A:C6:C4:6D:34:34:88:37:94:EA Certificate issuer: /CN=A91C77BD/serialNumber=A3EB7C435063BC54D3573D81DBDC1873987663E0 Certificate serial: 20EC Authority key identifier: A3:EB:7C:43:50:63:BC:54:D3:57:3D:81:DB:DC:18:73:98:76:63:E0 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/o-t8Q1BjvFTTVz2B29wYc5h2Y-A.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C77BD/38937198DF4011E58232734AC4F9AE02/A257A95EA9DC11E9AA03780DC4F9AE02.roa Signing time: Fri 20 Sep 2024 16:33:39 +0000 ROA not before: Fri 20 Sep 2024 16:33:39 +0000 ROA not after: Mon 01 Dec 2025 00:00:00 +0000 asID: 134707 IP address blocks: 103.196.136.0/22 maxlen: 22 203.189.116.0/22 maxlen: 22 223.25.60.0/22 maxlen: 22 2404:3380::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C77BD/38937198DF4011E58232734AC4F9AE02/o-t8Q1BjvFTTVz2B29wYc5h2Y-A.crl rsync://rpki.apnic.net/member_repository/A91C77BD/38937198DF4011E58232734AC4F9AE02/o-t8Q1BjvFTTVz2B29wYc5h2Y-A.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/o-t8Q1BjvFTTVz2B29wYc5h2Y-A.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Nov 2024 15:55:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8428 (0x20ec) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C77BD/serialNumber=A3EB7C435063BC54D3573D81DBDC1873987663E0 Validity Not Before: Sep 20 16:33:39 2024 GMT Not After : Dec 1 00:00:00 2025 GMT Subject: CN=66eda3e2-6ef4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:08:8e:02:9d:28:a8:52:f9:71:ac:bb:79:e0: b8:70:ab:44:92:d1:4b:71:56:95:1c:a0:93:80:62: 65:7f:0d:8c:c6:18:cf:45:d4:cc:2f:6a:48:79:76: 9c:df:cb:d8:17:42:a8:83:fd:03:47:69:c3:58:74: 43:91:d2:4a:46:ce:eb:ed:fd:e6:cd:6b:5f:53:a1: 5e:f6:dc:a6:cd:f7:e2:c8:f9:dc:a4:1f:3a:35:bb: 87:73:fb:2c:71:4f:98:5e:87:dc:61:cf:b4:c7:33: cb:8a:35:41:bd:6e:86:1a:cf:c2:c3:33:f9:8a:88: bf:4e:ad:58:6a:bd:a6:ec:cd:af:05:ba:e1:19:ec: c2:2f:fe:36:31:8c:86:0a:c2:2a:ae:10:df:27:ab: 83:20:3e:fd:af:fe:72:9f:ac:05:fa:b0:76:ab:a0: d9:68:de:be:f6:ac:ee:39:0e:bc:50:2a:ff:25:54: 3f:26:f7:2c:45:dd:cb:03:c3:5e:68:66:0f:9e:e1: aa:8c:40:5c:44:db:ff:bc:0e:7f:ac:6f:9f:5f:fd: 5e:2f:ba:7a:01:27:0f:7d:3d:73:0c:c0:44:21:4d: 44:8b:ef:3c:22:08:64:25:a9:20:26:01:a5:32:a2: 6f:39:34:76:c6:24:fd:ee:be:9a:11:54:ba:da:08: 79:41 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DE:8B:E5:32:6E:C3:B5:8D:0A:DB:2A:C6:C4:6D:34:34:88:37:94:EA X509v3 Authority Key Identifier: keyid:A3:EB:7C:43:50:63:BC:54:D3:57:3D:81:DB:DC:18:73:98:76:63:E0 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C77BD/38937198DF4011E58232734AC4F9AE02/o-t8Q1BjvFTTVz2B29wYc5h2Y-A.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/o-t8Q1BjvFTTVz2B29wYc5h2Y-A.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C77BD/38937198DF4011E58232734AC4F9AE02/A257A95EA9DC11E9AA03780DC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.196.136.0/22 203.189.116.0/22 223.25.60.0/22 IPv6: 2404:3380::/32 Signature Algorithm: sha256WithRSAEncryption ef:60:ae:af:3f:a1:a0:1e:23:3c:6f:a8:df:c0:15:3f:70:8e: 53:7c:1a:c0:53:b6:7e:f4:9e:ed:70:bf:66:3c:52:1b:76:c0: cd:18:57:44:08:52:a6:69:53:08:7c:0c:65:f7:83:aa:99:da: 1f:bc:2a:ad:74:73:80:1e:10:38:7f:64:9e:27:4d:b1:30:be: 88:48:10:bd:af:5b:c9:3e:af:39:a3:c1:58:10:f8:24:c2:08: 74:93:fe:7b:45:23:39:c1:72:0e:9d:4a:64:c8:fb:5f:21:45: d0:e3:2f:86:3f:e3:6c:0a:6f:e3:28:0f:b4:9f:d3:42:a0:ac: 2b:cd:06:22:44:16:a2:c3:48:7c:c7:36:0b:38:be:89:91:5d: 84:d3:c2:d2:10:46:47:a0:47:2c:70:1d:97:31:49:79:51:bb: fd:0c:2a:1b:da:37:f0:aa:0d:bc:1d:de:c4:c1:1c:2b:b5:a9: 7a:78:4d:fc:fc:fb:7f:f4:66:8d:9a:0d:19:41:5e:f8:a0:ac: 6a:d2:de:89:9f:ed:b8:f2:e9:1a:32:63:07:3d:a3:5b:36:2d: ef:3e:e1:9d:9e:c4:c3:fc:ce:8a:89:db:e2:e7:98:41:ec:e6: 2f:07:a0:94:24:9d:74:55:5d:f9:78:fc:57:8a:09:31:5e:d6: 6a:2f:75:28 -----BEGIN CERTIFICATE----- MIIFjDCCBHSgAwIBAgICIOwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Qzc3QkQxMTAvBgNVBAUTKEEzRUI3QzQzNTA2M0JDNTREMzU3M0Q4MURCREMxODcz OTg3NjYzRTAwHhcNMjQwOTIwMTYzMzM5WhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD VQQDEw02NmVkYTNlMi02ZWY0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAugiOAp0oqFL5cay7eeC4cKtEktFLcVaVHKCTgGJlfw2MxhjPRdTML2pIeXac 38vYF0Kog/0DR2nDWHRDkdJKRs7r7f3mzWtfU6Fe9tymzffiyPncpB86NbuHc/ss cU+YXofcYc+0xzPLijVBvW6GGs/CwzP5ioi/Tq1Yar2m7M2vBbrhGezCL/42MYyG CsIqrhDfJ6uDID79r/5yn6wF+rB2q6DZaN6+9qzuOQ68UCr/JVQ/JvcsRd3LA8Ne aGYPnuGqjEBcRNv/vA5/rG+fX/1eL7p6AScPfT1zDMBEIU1Ei+88IghkJakgJgGl MqJvOTR2xiT97r6aEVS62gh5QQIDAQABo4ICsDCCAqwwHQYDVR0OBBYEFN6L5TJu w7WNCtsqxsRtNDSIN5TqMB8GA1UdIwQYMBaAFKPrfENQY7xU01c9gdvcGHOYdmPg MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDNzdCRC8zODkzNzE5OERG NDAxMUU1ODIzMjczNEFDNEY5QUUwMi9vLXQ4UTFCanZGVFRWejJCMjl3WWM1aDJZ LUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL28tdDhRMUJqdkZUVFZ6MkIyOXdZYzVoMlktQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx Qzc3QkQvMzg5MzcxOThERjQwMTFFNTgyMzI3MzRBQzRGOUFFMDIvQTI1N0E5NUVB OURDMTFFOUFBMDM3ODBEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOgYIKwYBBQUHAQcBAf8E KzApMBgEAgABMBIDBAJnxIgDBALLvXQDBALfGTwwDQQCAAIwBwMFACQEM4AwDQYJ KoZIhvcNAQELBQADggEBAO9grq8/oaAeIzxvqN/AFT9wjlN8GsBTtn70nu1wv2Y8 Uht2wM0YV0QIUqZpUwh8DGX3g6qZ2h+8Kq10c4AeEDh/ZJ4nTbEwvohIEL2vW8k+ rzmjwVgQ+CTCCHST/ntFIznBcg6dSmTI+18hRdDjL4Y/42wKb+MoD7Sf00KgrCvN BiJEFqLDSHzHNgs4vomRXYTTwtIQRkegRyxwHZcxSXlRu/0MKhvaN/CqDbwd3sTB HCu1qXp4Tfz8+3/0Zo2aDRlBXvigrGrS3omf7bjy6RoyYwc9o1s2Le8+4Z2exMP8 zoqJ2+LnmEHs5i8HoJQknXRVXfl4/FeKCTFe1movdSg= -----END CERTIFICATE-----Generated at Fri Nov 22 19:50:17 2024 by rpki-client on console-ams.rpki-client.org