$ rpki-client -vvf rpki.apnic.net/member_repository/A91CEA40/8E964BCEAF7911EB84217A58C4F9AE02/96F093D4BEA011EB8CAD965FC4F9AE02.roa File: 96F093D4BEA011EB8CAD965FC4F9AE02.roa (raw, json) Hash identifier: tUpWMGgns2Ra5uYPNGoUZuaPcBF5972rD5DY0SVhjt4= Subject key identifier: 5E:FB:E5:87:12:14:4C:E7:FD:66:EB:BB:23:3A:FD:F9:C8:CC:22:6D Certificate issuer: /CN=A91CEA40/serialNumber=2C3D235A1B219F416610900B003B8ABFDC1702A2 Certificate serial: 05A4 Authority key identifier: 2C:3D:23:5A:1B:21:9F:41:66:10:90:0B:00:3B:8A:BF:DC:17:02:A2 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LD0jWhshn0FmEJALADuKv9wXAqI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CEA40/8E964BCEAF7911EB84217A58C4F9AE02/96F093D4BEA011EB8CAD965FC4F9AE02.roa Signing time: Tue 05 Nov 2024 01:38:32 +0000 ROA not before: Tue 05 Nov 2024 01:38:32 +0000 ROA not after: Mon 31 Mar 2025 00:00:00 +0000 asID: 139898 IP address blocks: 43.245.56.0/22 maxlen: 24 103.25.140.0/22 maxlen: 24 103.116.88.0/23 maxlen: 24 103.146.200.0/23 maxlen: 24 125.254.50.0/23 maxlen: 24 2405:9f40::/32 maxlen: 40 2405:9f40::/41 maxlen: 48 2405:9f40:80::/41 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CEA40/8E964BCEAF7911EB84217A58C4F9AE02/LD0jWhshn0FmEJALADuKv9wXAqI.crl rsync://rpki.apnic.net/member_repository/A91CEA40/8E964BCEAF7911EB84217A58C4F9AE02/LD0jWhshn0FmEJALADuKv9wXAqI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LD0jWhshn0FmEJALADuKv9wXAqI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Nov 2024 20:43:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1444 (0x5a4) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CEA40/serialNumber=2C3D235A1B219F416610900B003B8ABFDC1702A2 Validity Not Before: Nov 5 01:38:32 2024 GMT Not After : Mar 31 00:00:00 2025 GMT Subject: CN=67297718-e4c6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:0c:78:49:9f:40:06:ad:d0:4f:43:c7:55:28: ba:a4:4e:27:03:ac:9e:fe:2f:1b:ef:96:d8:f2:00: 3f:f3:e9:d4:53:4d:e6:7a:a2:b6:be:b5:f1:6e:f5: 35:87:00:94:13:89:23:6b:06:92:bd:f5:fa:17:f5: e2:6f:10:40:d9:34:1e:36:60:2f:13:03:43:be:1f: 96:99:9c:32:3a:f6:5a:ee:31:cd:88:5a:31:c8:ec: 80:3e:a0:10:8f:65:ab:d4:8e:8c:f5:c9:8c:0f:4e: 66:90:7b:c7:4b:78:5f:75:b3:f0:8d:25:6d:91:07: 02:74:ea:cc:5d:31:c3:ce:c9:ca:17:f2:f0:e8:e9: 08:09:bd:db:7a:ca:b3:30:3a:d7:97:93:f9:09:9e: 23:5b:d3:31:8d:0a:2b:ab:7e:ec:5f:79:36:b0:00: ff:b4:74:cd:c9:00:67:d4:ae:06:7b:c0:c3:13:64: 39:0a:45:95:00:06:86:89:f2:1e:44:0c:87:e6:34: 41:52:0c:a7:00:57:3c:e2:7b:d5:2c:37:22:fa:54: f1:49:cc:7d:6f:cc:43:ee:b9:37:5f:bd:0b:0b:99: 4a:3b:18:79:26:5c:07:08:2e:ea:93:05:4f:ac:2e: 99:e1:55:85:94:2c:0d:87:ff:31:ea:d3:9e:71:d1: 76:f5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5E:FB:E5:87:12:14:4C:E7:FD:66:EB:BB:23:3A:FD:F9:C8:CC:22:6D X509v3 Authority Key Identifier: keyid:2C:3D:23:5A:1B:21:9F:41:66:10:90:0B:00:3B:8A:BF:DC:17:02:A2 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CEA40/8E964BCEAF7911EB84217A58C4F9AE02/LD0jWhshn0FmEJALADuKv9wXAqI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LD0jWhshn0FmEJALADuKv9wXAqI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CEA40/8E964BCEAF7911EB84217A58C4F9AE02/96F093D4BEA011EB8CAD965FC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.245.56.0/22 103.25.140.0/22 103.116.88.0/23 103.146.200.0/23 125.254.50.0/23 IPv6: 2405:9f40::/32 Signature Algorithm: sha256WithRSAEncryption 0e:93:2a:10:3d:53:af:31:e9:9a:80:b3:54:9e:7f:10:71:6e: 06:4d:29:08:e0:ff:a9:25:e4:37:ae:8a:e9:1f:81:0d:25:16: 8e:16:1c:e8:be:08:53:48:9a:45:3f:4e:32:fe:d0:dd:c2:ca: 27:3b:1f:1b:f3:cb:9b:93:31:09:c5:a8:3d:95:be:4a:eb:c9: 5f:6e:6c:56:a1:1c:72:33:2f:48:4a:e8:c2:71:6c:dc:5a:3b: 68:79:43:b7:46:15:cd:79:20:ae:4d:dd:d0:97:18:41:58:74: 6f:88:2c:ba:2d:83:7c:0b:86:cc:8f:6b:11:fb:04:b3:6f:fe: 41:b4:1e:27:b0:51:b8:2a:9d:1e:45:26:fb:70:32:8d:44:1c: 62:b1:2d:15:8a:04:93:91:36:51:73:96:0b:30:04:9a:72:cd: 24:03:3d:2e:f4:32:c8:36:61:ac:b3:71:dc:a2:cb:19:95:29: 5b:b6:3d:3b:ca:e7:85:c5:c2:bb:99:57:2d:5a:a3:3f:7f:69: d0:7b:9f:6b:8e:53:83:89:1f:25:3a:4f:e1:c0:7d:54:00:41: 89:3f:cb:7f:21:4c:2c:53:e7:fb:3d:0f:db:23:34:02:b8:f8: 2a:0b:3c:a7:80:bb:54:9c:d7:56:8b:61:63:41:34:5a:96:53: bb:c5:d3:37 -----BEGIN CERTIFICATE----- MIIFmDCCBICgAwIBAgICBaQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Q0VBNDAxMTAvBgNVBAUTKDJDM0QyMzVBMUIyMTlGNDE2NjEwOTAwQjAwM0I4QUJG REMxNzAyQTIwHhcNMjQxMTA1MDEzODMyWhcNMjUwMzMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NzI5NzcxOC1lNGM2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEArQx4SZ9ABq3QT0PHVSi6pE4nA6ye/i8b75bY8gA/8+nUU03meqK2vrXxbvU1 hwCUE4kjawaSvfX6F/XibxBA2TQeNmAvEwNDvh+WmZwyOvZa7jHNiFoxyOyAPqAQ j2Wr1I6M9cmMD05mkHvHS3hfdbPwjSVtkQcCdOrMXTHDzsnKF/Lw6OkICb3besqz MDrXl5P5CZ4jW9MxjQorq37sX3k2sAD/tHTNyQBn1K4Ge8DDE2Q5CkWVAAaGifIe RAyH5jRBUgynAFc84nvVLDci+lTxScx9b8xD7rk3X70LC5lKOxh5JlwHCC7qkwVP rC6Z4VWFlCwNh/8x6tOecdF29QIDAQABo4ICvDCCArgwHQYDVR0OBBYEFF775YcS FEzn/WbruyM6/fnIzCJtMB8GA1UdIwQYMBaAFCw9I1obIZ9BZhCQCwA7ir/cFwKi MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDRUE0MC84RTk2NEJDRUFG NzkxMUVCODQyMTdBNThDNEY5QUUwMi9MRDBqV2hzaG4wRm1FSkFMQUR1S3Y5d1hB cUkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0xEMGpXaHNobjBGbUVKQUxBRHVLdjl3WEFxSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx Q0VBNDAvOEU5NjRCQ0VBRjc5MTFFQjg0MjE3QTU4QzRGOUFFMDIvOTZGMDkzRDRC RUEwMTFFQjhDQUQ5NjVGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwRgYIKwYBBQUHAQcBAf8E NzA1MCQEAgABMB4DBAIr9TgDBAJnGYwDBAFndFgDBAFnksgDBAF9/jIwDQQCAAIw BwMFACQFn0AwDQYJKoZIhvcNAQELBQADggEBAA6TKhA9U68x6ZqAs1SefxBxbgZN KQjg/6kl5DeuiukfgQ0lFo4WHOi+CFNImkU/TjL+0N3Cyic7Hxvzy5uTMQnFqD2V vkrryV9ubFahHHIzL0hK6MJxbNxaO2h5Q7dGFc15IK5N3dCXGEFYdG+ILLotg3wL hsyPaxH7BLNv/kG0HiewUbgqnR5FJvtwMo1EHGKxLRWKBJORNlFzlgswBJpyzSQD PS70Msg2YayzcdyiyxmVKVu2PTvK54XFwruZVy1aoz9/adB7n2uOU4OJHyU6T+HA fVQAQYk/y38hTCxT5/s9D9sjNAK4+CoLPKeAu1Sc11aLYWNBNFqWU7vF0zc= -----END CERTIFICATE-----Generated at Fri Nov 22 23:39:34 2024 by rpki-client on console-fra.rpki-client.org