$ rpki-client -vvf rpki.apnic.net/member_repository/A91C7B68/53A7B92CB0A511EA8F92ED17C4F9AE02/F1F41742F91711EEB4D4960FC4F9AE02.roa File: F1F41742F91711EEB4D4960FC4F9AE02.roa (raw, json) Hash identifier: mvRnKDmDedNBvqDLXoynNj96PT2TR1yHm2QmcBcjWmY= Subject key identifier: BA:21:E5:7E:43:00:D5:A2:9F:EB:0D:DB:35:7D:84:9C:47:E8:9C:18 Certificate issuer: /CN=A91C7B68/serialNumber=9ACB806663FB0FCF6EBC43C010B935E05214FC9F Certificate serial: 71 Authority key identifier: 9A:CB:80:66:63:FB:0F:CF:6E:BC:43:C0:10:B9:35:E0:52:14:FC:9F Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/msuAZmP7D89uvEPAELk14FIU_J8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C7B68/53A7B92CB0A511EA8F92ED17C4F9AE02/F1F41742F91711EEB4D4960FC4F9AE02.roa Signing time: Sat 05 Oct 2024 10:01:41 +0000 ROA not before: Sat 05 Oct 2024 10:01:41 +0000 ROA not after: Wed 30 Jul 2025 00:00:00 +0000 asID: 135339 IP address blocks: 103.214.156.0/22 maxlen: 22 103.214.156.0/23 maxlen: 23 103.214.156.0/24 maxlen: 24 103.214.157.0/24 maxlen: 24 103.214.158.0/24 maxlen: 24 144.48.112.0/22 maxlen: 22 144.48.112.0/23 maxlen: 23 144.48.112.0/24 maxlen: 24 144.48.113.0/24 maxlen: 24 144.48.114.0/24 maxlen: 24 2407:ea40::/32 maxlen: 34 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C7B68/53A7B92CB0A511EA8F92ED17C4F9AE02/msuAZmP7D89uvEPAELk14FIU_J8.crl rsync://rpki.apnic.net/member_repository/A91C7B68/53A7B92CB0A511EA8F92ED17C4F9AE02/msuAZmP7D89uvEPAELk14FIU_J8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/msuAZmP7D89uvEPAELk14FIU_J8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Nov 2024 20:22:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 113 (0x71) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C7B68/serialNumber=9ACB806663FB0FCF6EBC43C010B935E05214FC9F Validity Not Before: Oct 5 10:01:41 2024 GMT Not After : Jul 30 00:00:00 2025 GMT Subject: CN=67010e84-221e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:64:1a:c1:d5:25:37:0f:a2:1e:76:4f:22:f7: c5:46:6b:45:4c:b1:14:15:f2:14:89:d4:69:c4:0a: db:7f:4a:28:97:05:67:4a:62:0c:79:d4:15:17:c4: aa:cb:3f:12:76:a0:a3:d5:a2:ba:06:ff:de:71:d7: 01:0a:94:52:b7:59:a7:c9:0c:d0:ff:21:e3:a8:f7: b3:4e:8e:f0:45:47:28:29:d7:e5:bb:6a:0d:b3:c6: c6:dd:94:4e:5d:79:63:5d:a1:8b:6d:dc:78:ca:d2: 8b:69:ff:e4:08:c8:5c:d5:85:e2:65:78:ca:35:e2: 86:f6:e9:e1:69:b3:63:8b:4b:b0:a8:1a:5c:d6:18: bc:13:a4:10:3a:84:61:11:6f:12:36:89:2f:29:32: c5:e9:0f:90:8f:e6:b7:4f:59:ef:4a:eb:3f:5b:4b: f5:56:68:41:45:cd:89:f5:e1:b6:32:ea:36:ad:07: 82:62:c8:41:a6:b9:66:e4:21:e1:0f:d8:53:dd:36: a7:9b:d1:be:ec:03:19:b7:06:e1:8e:02:ad:bb:fd: a3:f0:e5:c8:68:da:e4:18:00:e7:1e:60:ec:cb:f9: 45:29:9c:d0:0d:93:f2:89:6d:22:d8:64:d9:61:5d: a1:04:f6:9b:5d:8a:af:b3:ea:dd:83:19:2c:8b:d8: 20:7f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BA:21:E5:7E:43:00:D5:A2:9F:EB:0D:DB:35:7D:84:9C:47:E8:9C:18 X509v3 Authority Key Identifier: keyid:9A:CB:80:66:63:FB:0F:CF:6E:BC:43:C0:10:B9:35:E0:52:14:FC:9F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C7B68/53A7B92CB0A511EA8F92ED17C4F9AE02/msuAZmP7D89uvEPAELk14FIU_J8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/msuAZmP7D89uvEPAELk14FIU_J8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C7B68/53A7B92CB0A511EA8F92ED17C4F9AE02/F1F41742F91711EEB4D4960FC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.214.156.0/22 144.48.112.0/22 IPv6: 2407:ea40::/32 Signature Algorithm: sha256WithRSAEncryption 6f:f3:cb:19:bb:07:9e:02:97:b7:29:2a:8a:04:90:54:4e:13: 75:dd:aa:87:f4:b0:79:4f:ff:d0:1d:83:41:d0:c0:78:43:3d: d7:e2:c9:d1:c3:21:c0:85:ef:0b:73:6b:e8:f5:8d:a1:00:0e: 99:cc:71:4a:e5:e6:7b:3f:9a:78:94:96:23:94:c5:c0:02:d5: 95:3e:c2:8b:2d:83:d8:7d:f9:ab:9f:ea:a8:81:ac:0e:58:37: a1:e8:fb:a3:1b:7b:80:ba:df:71:14:89:b9:09:0b:87:7e:2b: 8e:ff:1e:aa:19:ee:59:30:9e:d0:d3:a0:e0:24:6a:99:56:1e: e3:e0:82:2f:5e:bc:f9:5d:58:02:7f:7e:24:3d:f7:bb:a9:0d: f0:c7:fa:75:9d:93:3e:ca:d8:e1:f2:c2:bd:6e:95:f4:25:ba: 56:84:f6:f2:c0:f2:0e:b5:15:3a:e0:36:83:0f:09:fb:0c:23: e5:d8:77:d8:2c:09:2b:54:dd:9a:e8:0a:6a:6d:4b:52:71:17: cf:b3:b6:90:d7:bc:a3:bc:00:68:74:8a:99:65:8e:34:cf:e4: 4c:d5:f6:b3:80:97:c8:4b:46:2e:49:fb:c2:5e:38:82:b8:33: 18:4d:32:0e:b2:86:ae:b0:3e:30:bf:db:b1:49:b0:7f:2b:37: 93:64:fd:00 -----BEGIN CERTIFICATE----- MIIFhTCCBG2gAwIBAgIBcTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFD N0I2ODExMC8GA1UEBRMoOUFDQjgwNjY2M0ZCMEZDRjZFQkM0M0MwMTBCOTM1RTA1 MjE0RkM5RjAeFw0yNDEwMDUxMDAxNDFaFw0yNTA3MzAwMDAwMDBaMBgxFjAUBgNV BAMTDTY3MDEwZTg0LTIyMWUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDUZBrB1SU3D6Iedk8i98VGa0VMsRQV8hSJ1GnECtt/SiiXBWdKYgx51BUXxKrL PxJ2oKPVoroG/95x1wEKlFK3WafJDND/IeOo97NOjvBFRygp1+W7ag2zxsbdlE5d eWNdoYtt3HjK0otp/+QIyFzVheJleMo14ob26eFps2OLS7CoGlzWGLwTpBA6hGER bxI2iS8pMsXpD5CP5rdPWe9K6z9bS/VWaEFFzYn14bYy6jatB4JiyEGmuWbkIeEP 2FPdNqeb0b7sAxm3BuGOAq27/aPw5cho2uQYAOceYOzL+UUpnNANk/KJbSLYZNlh XaEE9ptdiq+z6t2DGSyL2CB/AgMBAAGjggKqMIICpjAdBgNVHQ4EFgQUuiHlfkMA 1aKf6w3bNX2EnEfonBgwHwYDVR0jBBgwFoAUmsuAZmP7D89uvEPAELk14FIU/J8w DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUM3QjY4LzUzQTdCOTJDQjBB NTExRUE4RjkyRUQxN0M0RjlBRTAyL21zdUFabVA3RDg5dXZFUEFFTGsxNEZJVV9K OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvbXN1QVptUDdEODl1dkVQQUVMazE0RklVX0o4LmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD N0I2OC81M0E3QjkyQ0IwQTUxMUVBOEY5MkVEMTdDNEY5QUUwMi9GMUY0MTc0MkY5 MTcxMUVFQjRENDk2MEZDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDA0BggrBgEFBQcBBwEB/wQl MCMwEgQCAAEwDAMEAmfWnAMEApAwcDANBAIAAjAHAwUAJAfqQDANBgkqhkiG9w0B AQsFAAOCAQEAb/PLGbsHngKXtykqigSQVE4Tdd2qh/SweU//0B2DQdDAeEM91+LJ 0cMhwIXvC3Nr6PWNoQAOmcxxSuXmez+aeJSWI5TFwALVlT7Ciy2D2H35q5/qqIGs Dlg3oej7oxt7gLrfcRSJuQkLh34rjv8eqhnuWTCe0NOg4CRqmVYe4+CCL168+V1Y An9+JD33u6kN8Mf6dZ2TPsrY4fLCvW6V9CW6VoT28sDyDrUVOuA2gw8J+wwj5dh3 2CwJK1TdmugKam1LUnEXz7O2kNe8o7wAaHSKmWWONM/kTNX2s4CXyEtGLkn7wl44 grgzGE0yDrKGrrA+ML/bsUmwfys3k2T9AA== -----END CERTIFICATE-----Generated at Fri Nov 22 22:14:40 2024 by rpki-client on console-ams.rpki-client.org