$ rpki-client -vvf rpki.apnic.net/member_repository/A91CA8EA/D8CA13C2404911EC9B6EFE7BC4F9AE02/207388F2D45E11EE8D29793EC4F9AE02.roa File: 207388F2D45E11EE8D29793EC4F9AE02.roa (raw, json) Hash identifier: aIqnIQInPJrCMj5K0+1zGOgCOM0xLmrh4KbjkSzgqVY= Subject key identifier: B9:10:D1:EE:F5:6B:CA:2A:8A:66:EE:A7:37:5F:5E:2C:40:9B:06:D5 Certificate issuer: /CN=A91CA8EA/serialNumber=B628B8A925C45E3AC3A71BE4114662998BF4B3E0 Certificate serial: 0425 Authority key identifier: B6:28:B8:A9:25:C4:5E:3A:C3:A7:1B:E4:11:46:62:99:8B:F4:B3:E0 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tii4qSXEXjrDpxvkEUZimYv0s-A.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CA8EA/D8CA13C2404911EC9B6EFE7BC4F9AE02/207388F2D45E11EE8D29793EC4F9AE02.roa Signing time: Thu 17 Oct 2024 00:33:24 +0000 ROA not before: Thu 17 Oct 2024 00:33:24 +0000 ROA not after: Sat 31 Jan 2026 00:00:00 +0000 asID: 136897 IP address blocks: 103.175.196.0/23 maxlen: 23 103.175.196.0/24 maxlen: 24 2001:df7:fc80::/48 maxlen: 48 2001:df7:fc80::/56 maxlen: 56 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CA8EA/D8CA13C2404911EC9B6EFE7BC4F9AE02/tii4qSXEXjrDpxvkEUZimYv0s-A.crl rsync://rpki.apnic.net/member_repository/A91CA8EA/D8CA13C2404911EC9B6EFE7BC4F9AE02/tii4qSXEXjrDpxvkEUZimYv0s-A.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tii4qSXEXjrDpxvkEUZimYv0s-A.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Nov 2024 20:43:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1061 (0x425) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CA8EA/serialNumber=B628B8A925C45E3AC3A71BE4114662998BF4B3E0 Validity Not Before: Oct 17 00:33:24 2024 GMT Not After : Jan 31 00:00:00 2026 GMT Subject: CN=67105b54-1b96 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d9:cd:91:a3:8b:f3:a7:c5:08:77:d4:7c:b3:80: d3:b7:74:4a:c0:d9:cc:f2:a9:80:a1:0a:89:ae:d5: 63:34:b5:f3:2a:2d:69:93:55:57:86:38:55:11:e8: c1:1e:a1:d3:da:93:9a:4f:ea:7d:8e:94:00:25:89: ed:6e:d6:98:48:97:9c:2d:b1:8d:90:3b:27:77:b3: 5c:7e:fd:7c:58:10:76:60:b9:90:4c:ca:66:d6:be: f0:6f:26:e5:7b:c9:8c:c6:21:82:53:95:4d:c9:dd: 17:a8:11:d8:77:ce:0e:bf:01:fe:b1:b0:42:fc:82: 3e:2f:5f:c9:34:97:2b:78:73:2c:3d:2f:3a:bb:99: 7f:8e:1e:62:44:b7:26:24:48:3e:dd:e3:25:3d:46: fe:a2:27:db:31:43:b1:c5:5c:00:01:7c:29:03:dc: 9e:84:8e:7d:db:c1:94:6d:70:7b:f8:28:85:28:b3: 37:33:d9:74:1e:83:6f:1e:42:90:51:5a:fe:d0:7e: 5e:91:65:60:aa:1f:5c:f2:1e:20:09:d4:f9:a1:ad: 88:f3:ba:21:61:1e:2b:d1:75:cc:86:7f:7b:3a:f9: 56:b8:4d:2f:54:25:fc:32:c8:ed:81:9b:41:f8:7f: f2:52:58:58:82:e2:c3:6c:2e:1c:47:5d:bd:14:de: b3:7b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B9:10:D1:EE:F5:6B:CA:2A:8A:66:EE:A7:37:5F:5E:2C:40:9B:06:D5 X509v3 Authority Key Identifier: keyid:B6:28:B8:A9:25:C4:5E:3A:C3:A7:1B:E4:11:46:62:99:8B:F4:B3:E0 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CA8EA/D8CA13C2404911EC9B6EFE7BC4F9AE02/tii4qSXEXjrDpxvkEUZimYv0s-A.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tii4qSXEXjrDpxvkEUZimYv0s-A.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CA8EA/D8CA13C2404911EC9B6EFE7BC4F9AE02/207388F2D45E11EE8D29793EC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.175.196.0/23 IPv6: 2001:df7:fc80::/48 Signature Algorithm: sha256WithRSAEncryption 2e:b6:18:74:dc:95:f5:0e:ca:55:cf:f3:7c:7a:42:c7:2b:2f: a5:6d:91:81:62:a6:52:69:c2:4d:3d:3c:23:be:76:69:e4:5a: 2a:28:73:21:38:d4:f2:b6:b5:44:9c:45:5c:27:fb:01:17:50: 5e:c3:40:b5:86:94:2e:d7:7a:81:09:d0:aa:d3:dd:64:bf:2a: 6a:a2:8c:c0:d2:60:a0:8b:9c:09:d7:58:51:66:b4:26:43:1f: e8:fe:e9:e4:54:22:7e:12:6a:31:d3:6d:ef:58:98:bd:ce:6d: d1:e0:7d:c7:d9:a2:7e:7e:89:04:fc:a8:43:12:3b:c5:e2:31: c5:63:03:a9:40:80:0e:cd:68:2c:7b:b6:c4:33:75:4d:41:fa: 5c:58:68:86:36:90:61:6c:f5:ff:4e:0c:bd:f9:89:56:d7:4c: d1:13:76:b0:5f:4c:49:d9:e9:8e:27:da:f9:1b:44:4d:f4:6c: ef:8c:3b:ec:80:da:a8:c8:24:d1:03:0b:89:23:12:63:f5:9a: 2e:5e:c9:76:6c:de:3e:e3:75:d0:96:bb:7a:60:ac:07:3b:af: b0:dd:8d:a9:57:11:b8:23:40:cd:1a:53:3a:e3:f1:3b:b2:8e: ae:24:c1:26:e2:17:02:4b:61:f6:34:a9:e4:d2:d9:b8:a9:f8: 25:06:02:5b -----BEGIN CERTIFICATE----- MIIFgjCCBGqgAwIBAgICBCUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Q0E4RUExMTAvBgNVBAUTKEI2MjhCOEE5MjVDNDVFM0FDM0E3MUJFNDExNDY2Mjk5 OEJGNEIzRTAwHhcNMjQxMDE3MDAzMzI0WhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NzEwNWI1NC0xYjk2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA2c2Ro4vzp8UId9R8s4DTt3RKwNnM8qmAoQqJrtVjNLXzKi1pk1VXhjhVEejB HqHT2pOaT+p9jpQAJYntbtaYSJecLbGNkDsnd7Ncfv18WBB2YLmQTMpm1r7wbybl e8mMxiGCU5VNyd0XqBHYd84OvwH+sbBC/II+L1/JNJcreHMsPS86u5l/jh5iRLcm JEg+3eMlPUb+oifbMUOxxVwAAXwpA9yehI5928GUbXB7+CiFKLM3M9l0HoNvHkKQ UVr+0H5ekWVgqh9c8h4gCdT5oa2I87ohYR4r0XXMhn97OvlWuE0vVCX8MsjtgZtB +H/yUlhYguLDbC4cR129FN6zewIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFLkQ0e71 a8oqimbupzdfXixAmwbVMB8GA1UdIwQYMBaAFLYouKklxF46w6cb5BFGYpmL9LPg MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDQThFQS9EOENBMTNDMjQw NDkxMUVDOUI2RUZFN0JDNEY5QUUwMi90aWk0cVNYRVhqckRweHZrRVVaaW1ZdjBz LUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3RpaTRxU1hFWGpyRHB4dmtFVVppbVl2MHMtQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx Q0E4RUEvRDhDQTEzQzI0MDQ5MTFFQzlCNkVGRTdCQzRGOUFFMDIvMjA3Mzg4RjJE NDVFMTFFRThEMjk3OTNFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E ITAfMAwEAgABMAYDBAFnr8QwDwQCAAIwCQMHACABDff8gDANBgkqhkiG9w0BAQsF AAOCAQEALrYYdNyV9Q7KVc/zfHpCxysvpW2RgWKmUmnCTT08I752aeRaKihzITjU 8ra1RJxFXCf7ARdQXsNAtYaULtd6gQnQqtPdZL8qaqKMwNJgoIucCddYUWa0JkMf 6P7p5FQifhJqMdNt71iYvc5t0eB9x9mifn6JBPyoQxI7xeIxxWMDqUCADs1oLHu2 xDN1TUH6XFhohjaQYWz1/04MvfmJVtdM0RN2sF9MSdnpjifa+RtETfRs74w77IDa qMgk0QMLiSMSY/WaLl7JdmzePuN10Ja7emCsBzuvsN2NqVcRuCNAzRpTOuPxO7KO riTBJuIXAkth9jSp5NLZuKn4JQYCWw== -----END CERTIFICATE-----Generated at Sat Nov 23 00:49:37 2024 by rpki-client on console-fra.rpki-client.org