$ rpki-client -vvf rpki.apnic.net/member_repository/A91CE978/3223F35E1D9811E28A8C2E8208B02CD2/E6F73E22B99E11EEBF189021C4F9AE02.roa File: E6F73E22B99E11EEBF189021C4F9AE02.roa (raw, json) Hash identifier: 5arC7pafcKh/AcWsnn6ZMn4yInbZRBna+RKiehfd8iA= Subject key identifier: 00:2B:C6:9D:1A:F4:60:0E:82:97:DF:76:6A:8D:63:93:B1:9C:99:29 Certificate issuer: /CN=A91CE978/serialNumber=6A1E4F72847EB3699522C93D26773F0DF8396EBE Certificate serial: 3474 Authority key identifier: 6A:1E:4F:72:84:7E:B3:69:95:22:C9:3D:26:77:3F:0D:F8:39:6E:BE Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ah5PcoR-s2mVIsk9Jnc_Dfg5br4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CE978/3223F35E1D9811E28A8C2E8208B02CD2/E6F73E22B99E11EEBF189021C4F9AE02.roa Signing time: Sat 04 May 2024 15:20:58 +0000 ROA not before: Sat 04 May 2024 15:20:58 +0000 ROA not after: Tue 01 Jul 2025 00:00:00 +0000 asID: 24192 IP address blocks: 103.7.168.0/22 maxlen: 24 103.253.192.0/24 maxlen: 24 103.253.194.0/23 maxlen: 24 202.174.81.0/24 maxlen: 24 202.174.82.0/23 maxlen: 24 202.174.84.0/22 maxlen: 24 202.174.112.0/21 maxlen: 21 2406:1200::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CE978/3223F35E1D9811E28A8C2E8208B02CD2/ah5PcoR-s2mVIsk9Jnc_Dfg5br4.crl rsync://rpki.apnic.net/member_repository/A91CE978/3223F35E1D9811E28A8C2E8208B02CD2/ah5PcoR-s2mVIsk9Jnc_Dfg5br4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ah5PcoR-s2mVIsk9Jnc_Dfg5br4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Nov 2024 14:54:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13428 (0x3474) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CE978/serialNumber=6A1E4F72847EB3699522C93D26773F0DF8396EBE Validity Not Before: May 4 15:20:58 2024 GMT Not After : Jul 1 00:00:00 2025 GMT Subject: CN=6636525a-af38 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:74:c4:67:84:55:17:bf:0d:d4:b1:09:0a:2d: 6d:b6:e5:be:42:53:0c:51:35:67:a9:bc:33:84:f1: b5:ed:fa:24:24:99:db:0e:13:b4:07:ee:a9:87:2e: 46:c2:f3:43:f0:20:2a:7e:30:5c:79:a0:a4:53:74: aa:3b:85:9b:ba:1f:13:21:56:3e:58:7c:c6:1e:8a: 73:d7:10:34:65:66:09:70:f8:3a:0f:92:51:e6:88: 23:21:39:f4:f2:70:35:90:e6:75:56:88:4b:ef:06: 5c:05:f4:0b:e0:13:5a:ef:27:db:0f:ff:2d:5e:84: 2a:dd:8f:6e:e1:f8:2d:4b:68:93:cb:84:1e:1d:ab: 5c:da:ab:d6:25:6a:ee:e8:13:af:8f:a5:37:2b:37: ad:a0:99:2c:7b:79:62:7d:1a:f9:a0:b9:2b:31:1f: c9:86:46:d2:44:3c:98:4a:86:eb:1c:f9:44:d1:d5: 06:96:3a:42:00:08:e0:aa:67:65:c0:06:a1:7c:3a: e3:18:1f:ec:64:08:d7:6e:f3:8f:7f:03:cc:ed:1f: da:a4:22:93:d6:bb:3b:0a:46:e4:3e:d0:96:22:d9: 9a:6b:dc:c1:2b:65:29:ec:14:17:26:f8:ac:a5:90: 18:d5:ad:de:39:75:11:45:66:64:fb:ee:e5:ee:68: 7c:5f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 00:2B:C6:9D:1A:F4:60:0E:82:97:DF:76:6A:8D:63:93:B1:9C:99:29 X509v3 Authority Key Identifier: keyid:6A:1E:4F:72:84:7E:B3:69:95:22:C9:3D:26:77:3F:0D:F8:39:6E:BE X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CE978/3223F35E1D9811E28A8C2E8208B02CD2/ah5PcoR-s2mVIsk9Jnc_Dfg5br4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ah5PcoR-s2mVIsk9Jnc_Dfg5br4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CE978/3223F35E1D9811E28A8C2E8208B02CD2/E6F73E22B99E11EEBF189021C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.7.168.0/22 103.253.192.0/24 103.253.194.0/23 202.174.81.0-202.174.87.255 202.174.112.0/21 IPv6: 2406:1200::/32 Signature Algorithm: sha256WithRSAEncryption 6a:5a:c7:ed:72:a4:02:eb:dd:1a:9a:1d:8e:1f:79:05:c3:31: ac:4a:4f:2d:05:bb:d9:ff:5a:4b:c6:ff:75:38:ec:9b:e7:ae: 40:f1:da:22:f1:0b:57:7c:16:d8:64:65:9d:a2:92:bb:7a:ad: b3:5d:e2:ab:1a:36:96:b4:7e:16:c2:4c:4a:3c:94:f7:3c:79: e2:b2:ef:50:f8:72:b6:dc:62:d9:9b:8e:0f:35:63:8c:07:28: bd:6f:b2:3b:92:c5:5f:11:c1:3e:cb:af:dc:ae:86:0a:79:2c: 20:65:90:20:e5:27:f2:6c:c1:01:1b:c7:da:cc:90:35:06:ea: 1a:b0:d1:a2:df:86:05:1e:0f:67:93:b3:cf:da:6c:b9:44:59: c0:37:7a:61:4b:f2:f9:96:14:67:d6:9a:01:55:2a:90:c3:f2: 72:c3:09:1a:45:52:84:bb:ee:72:57:57:70:3d:09:08:a0:75: 97:76:07:3b:9c:ef:0c:0a:21:c2:1a:5f:c6:5f:8e:46:9b:99: c3:d2:8c:ae:34:93:ea:b6:f6:95:7f:6a:55:91:6d:80:2e:d5: 10:0b:2a:b4:da:5f:27:4e:50:f3:bb:db:d0:f6:3a:3d:8f:fd: 57:2d:b8:eb:2d:2e:64:be:14:7a:fd:d8:c2:83:1f:1b:98:f8: 62:30:d7:48 -----BEGIN CERTIFICATE----- MIIFoDCCBIigAwIBAgICNHQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Q0U5NzgxMTAvBgNVBAUTKDZBMUU0RjcyODQ3RUIzNjk5NTIyQzkzRDI2NzczRjBE RjgzOTZFQkUwHhcNMjQwNTA0MTUyMDU4WhcNMjUwNzAxMDAwMDAwWjAYMRYwFAYD VQQDEw02NjM2NTI1YS1hZjM4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwXTEZ4RVF78N1LEJCi1ttuW+QlMMUTVnqbwzhPG17fokJJnbDhO0B+6phy5G wvND8CAqfjBceaCkU3SqO4Wbuh8TIVY+WHzGHopz1xA0ZWYJcPg6D5JR5ogjITn0 8nA1kOZ1VohL7wZcBfQL4BNa7yfbD/8tXoQq3Y9u4fgtS2iTy4QeHatc2qvWJWru 6BOvj6U3KzetoJkse3lifRr5oLkrMR/JhkbSRDyYSobrHPlE0dUGljpCAAjgqmdl wAahfDrjGB/sZAjXbvOPfwPM7R/apCKT1rs7CkbkPtCWItmaa9zBK2Up7BQXJvis pZAY1a3eOXURRWZk++7l7mh8XwIDAQABo4ICxDCCAsAwHQYDVR0OBBYEFAArxp0a 9GAOgpffdmqNY5OxnJkpMB8GA1UdIwQYMBaAFGoeT3KEfrNplSLJPSZ3Pw34OW6+ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDRTk3OC8zMjIzRjM1RTFE OTgxMUUyOEE4QzJFODIwOEIwMkNEMi9haDVQY29SLXMybVZJc2s5Sm5jX0RmZzVi cjQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2FoNVBjb1ItczJtVklzazlKbmNfRGZnNWJyNC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx Q0U5NzgvMzIyM0YzNUUxRDk4MTFFMjhBOEMyRTgyMDhCMDJDRDIvRTZGNzNFMjJC OTlFMTFFRUJGMTg5MDIxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwTgYIKwYBBQUHAQcBAf8E PzA9MCwEAgABMCYDBAJnB6gDBABn/cADBAFn/cIwDAMEAMquUQMEA8quUAMEA8qu cDANBAIAAjAHAwUAJAYSADANBgkqhkiG9w0BAQsFAAOCAQEAalrH7XKkAuvdGpod jh95BcMxrEpPLQW72f9aS8b/dTjsm+euQPHaIvELV3wW2GRlnaKSu3qts13iqxo2 lrR+FsJMSjyU9zx54rLvUPhyttxi2ZuODzVjjAcovW+yO5LFXxHBPsuv3K6GCnks IGWQIOUn8mzBARvH2syQNQbqGrDRot+GBR4PZ5Ozz9psuURZwDd6YUvy+ZYUZ9aa AVUqkMPycsMJGkVShLvucldXcD0JCKB1l3YHO5zvDAohwhpfxl+ORpuZw9KMrjST 6rb2lX9qVZFtgC7VEAsqtNpfJ05Q87vb0PY6PY/9Vy246y0uZL4Uev3YwoMfG5j4 YjDXSA== -----END CERTIFICATE-----Generated at Fri Nov 22 17:56:20 2024 by rpki-client on console-fra.rpki-client.org