$ rpki-client -vvf rpki.apnic.net/member_repository/A91D09A2/1FEB5A208C6A11EB98DEDD68C4F9AE02/59AD29B88C6B11EBA286C569C4F9AE02.roa File: 59AD29B88C6B11EBA286C569C4F9AE02.roa (raw, json) Hash identifier: moTAt3VjmiOCHxAKpACaMWgI7E3LHjdxwtqNPvRROiY= Subject key identifier: 28:69:61:AB:19:89:CA:16:A6:BC:2B:40:88:12:4A:50:BF:F5:FF:A9 Certificate issuer: /CN=A91D09A2/serialNumber=EFC582B2A3CB2C10E8A31656E78F04BCD5BC5310 Certificate serial: 05AF Authority key identifier: EF:C5:82:B2:A3:CB:2C:10:E8:A3:16:56:E7:8F:04:BC:D5:BC:53:10 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/78WCsqPLLBDooxZW548EvNW8UxA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D09A2/1FEB5A208C6A11EB98DEDD68C4F9AE02/59AD29B88C6B11EBA286C569C4F9AE02.roa Signing time: Thu 11 Jul 2024 00:01:37 +0000 ROA not before: Thu 11 Jul 2024 00:01:37 +0000 ROA not after: Sun 31 Aug 2025 00:00:00 +0000 asID: 134788 IP address blocks: 103.62.152.0/22 maxlen: 22 103.62.152.0/24 maxlen: 24 103.62.153.0/24 maxlen: 24 103.62.154.0/24 maxlen: 24 103.62.155.0/24 maxlen: 24 2400:f2c0::/32 maxlen: 32 2400:f2c0::/36 maxlen: 36 2400:f2c0:1000::/36 maxlen: 36 2400:f2c0:2000::/36 maxlen: 36 2400:f2c0:3000::/36 maxlen: 36 2400:f2c0:4000::/36 maxlen: 36 2400:f2c0:5000::/36 maxlen: 36 2400:f2c0:6000::/36 maxlen: 36 2400:f2c0:7000::/36 maxlen: 36 2400:f2c0:8000::/36 maxlen: 36 2400:f2c0:9000::/36 maxlen: 36 2400:f2c0:a000::/36 maxlen: 36 2400:f2c0:b000::/36 maxlen: 36 2400:f2c0:c000::/36 maxlen: 36 2400:f2c0:d000::/36 maxlen: 36 2400:f2c0:e000::/36 maxlen: 36 2400:f2c0:f000::/36 maxlen: 36 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D09A2/1FEB5A208C6A11EB98DEDD68C4F9AE02/78WCsqPLLBDooxZW548EvNW8UxA.crl rsync://rpki.apnic.net/member_repository/A91D09A2/1FEB5A208C6A11EB98DEDD68C4F9AE02/78WCsqPLLBDooxZW548EvNW8UxA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/78WCsqPLLBDooxZW548EvNW8UxA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Nov 2024 20:43:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1455 (0x5af) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D09A2/serialNumber=EFC582B2A3CB2C10E8A31656E78F04BCD5BC5310 Validity Not Before: Jul 11 00:01:37 2024 GMT Not After : Aug 31 00:00:00 2025 GMT Subject: CN=668f20e1-6e0d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:05:11:d0:e0:be:6e:2f:62:61:d4:9b:fa:40: 21:f8:30:65:d9:0c:50:33:64:89:66:6c:19:ba:04: d6:8c:12:f8:5a:da:68:e0:19:cd:6d:ec:1c:b9:e3: 20:b1:87:08:34:a6:6d:9f:73:16:37:b1:2f:60:73: 70:29:c2:e0:44:6e:9c:a1:93:f6:43:29:cb:57:77: a3:e6:e4:59:b4:5b:3e:c9:f8:a1:3f:5a:db:86:b5: a5:92:77:71:c9:69:3b:f4:c4:b8:10:e3:eb:58:3b: f0:65:85:a7:af:f6:64:7b:58:92:68:e3:27:c6:12: fd:18:0a:7e:77:db:c1:a6:6c:91:7c:69:db:38:35: 3d:b4:cb:c1:6e:f1:aa:07:ca:ac:4c:7b:63:be:cc: c7:f2:3f:60:42:4e:cb:2b:ae:bf:e7:83:e6:6b:46: 04:55:4f:71:f4:9d:0a:d0:f0:a2:d5:5e:6e:80:56: f6:56:c6:52:bc:c5:53:47:57:d5:21:f7:1e:5e:c9: a7:d7:88:c4:bb:5c:eb:e2:22:4f:9f:1e:b7:d4:84: 75:fb:fe:59:4d:ed:0f:8d:6d:19:7f:8c:18:ef:1f: b9:36:47:56:47:ec:14:e7:97:e3:38:e6:e9:2f:9c: 35:d5:b5:9c:f1:c6:e1:3d:ba:0d:7d:31:3a:d2:6b: 80:db Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 28:69:61:AB:19:89:CA:16:A6:BC:2B:40:88:12:4A:50:BF:F5:FF:A9 X509v3 Authority Key Identifier: keyid:EF:C5:82:B2:A3:CB:2C:10:E8:A3:16:56:E7:8F:04:BC:D5:BC:53:10 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D09A2/1FEB5A208C6A11EB98DEDD68C4F9AE02/78WCsqPLLBDooxZW548EvNW8UxA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/78WCsqPLLBDooxZW548EvNW8UxA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D09A2/1FEB5A208C6A11EB98DEDD68C4F9AE02/59AD29B88C6B11EBA286C569C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.62.152.0/22 IPv6: 2400:f2c0::/32 Signature Algorithm: sha256WithRSAEncryption 3b:86:e5:cd:ad:7b:d9:92:18:93:8f:50:a9:b9:a9:4e:f6:77: 01:d3:2b:dc:14:90:a2:a1:80:5f:0a:6c:fe:1b:01:79:64:37: ba:59:db:8c:d1:ad:4f:48:85:28:74:18:a3:ab:d5:0a:af:df: 8a:dd:14:97:5b:d7:32:d6:43:c7:25:2e:e1:1f:11:1c:8c:00: 91:bd:86:3a:a5:4d:31:e0:62:40:76:fa:47:00:ad:29:68:ea: 13:75:52:0a:35:d6:ce:67:7c:ca:fb:ac:21:31:3c:00:ae:7a: 74:1e:26:8d:c7:57:07:b0:32:73:62:68:b4:44:1d:7e:01:36: c7:86:25:c4:59:9e:83:a3:00:a9:52:a7:7b:cb:22:2b:cb:a5: 0d:4c:76:56:62:a1:41:d4:2c:4f:c6:ec:d4:87:06:be:11:39: 8d:e8:07:be:39:d9:37:15:37:17:cc:5c:fa:46:26:4a:56:08: 3b:dd:ca:ed:48:a2:20:4f:a8:be:75:8f:2c:b9:00:ba:1b:c5: d4:78:d7:f2:45:88:cb:70:36:05:6f:c3:a7:7e:b5:a8:1f:88: 0a:f7:d1:e5:87:3b:20:7f:5c:df:46:8b:87:ff:4e:ed:78:c5: 12:33:33:01:76:62:7d:69:0d:db:fb:37:ce:a8:3f:ec:f6:0d: 84:9c:82:c8 -----BEGIN CERTIFICATE----- MIIFgDCCBGigAwIBAgICBa8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDA5QTIxMTAvBgNVBAUTKEVGQzU4MkIyQTNDQjJDMTBFOEEzMTY1NkU3OEYwNEJD RDVCQzUzMTAwHhcNMjQwNzExMDAwMTM3WhcNMjUwODMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NjhmMjBlMS02ZTBkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvwUR0OC+bi9iYdSb+kAh+DBl2QxQM2SJZmwZugTWjBL4Wtpo4BnNbewcueMg sYcINKZtn3MWN7EvYHNwKcLgRG6coZP2QynLV3ej5uRZtFs+yfihP1rbhrWlkndx yWk79MS4EOPrWDvwZYWnr/Zke1iSaOMnxhL9GAp+d9vBpmyRfGnbODU9tMvBbvGq B8qsTHtjvszH8j9gQk7LK66/54Pma0YEVU9x9J0K0PCi1V5ugFb2VsZSvMVTR1fV IfceXsmn14jEu1zr4iJPnx631IR1+/5ZTe0PjW0Zf4wY7x+5NkdWR+wU55fjOObp L5w11bWc8cbhPboNfTE60muA2wIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFChpYasZ icoWprwrQIgSSlC/9f+pMB8GA1UdIwQYMBaAFO/FgrKjyywQ6KMWVuePBLzVvFMQ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEMDlBMi8xRkVCNUEyMDhD NkExMUVCOThERURENjhDNEY5QUUwMi83OFdDc3FQTExCRG9veFpXNTQ4RXZOVzhV eEEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzc4V0NzcVBMTEJEb294Wlc1NDhFdk5XOFV4QS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RDA5QTIvMUZFQjVBMjA4QzZBMTFFQjk4REVERDY4QzRGOUFFMDIvNTlBRDI5Qjg4 QzZCMTFFQkEyODZDNTY5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E HzAdMAwEAgABMAYDBAJnPpgwDQQCAAIwBwMFACQA8sAwDQYJKoZIhvcNAQELBQAD ggEBADuG5c2te9mSGJOPUKm5qU72dwHTK9wUkKKhgF8KbP4bAXlkN7pZ24zRrU9I hSh0GKOr1Qqv34rdFJdb1zLWQ8clLuEfERyMAJG9hjqlTTHgYkB2+kcArSlo6hN1 Ugo11s5nfMr7rCExPACuenQeJo3HVwewMnNiaLREHX4BNseGJcRZnoOjAKlSp3vL IivLpQ1MdlZioUHULE/G7NSHBr4ROY3oB7452TcVNxfMXPpGJkpWCDvdyu1IoiBP qL51jyy5ALobxdR41/JFiMtwNgVvw6d+tagfiAr30eWHOyB/XN9Gi4f/Tu14xRIz MwF2Yn1pDdv7N86oP+z2DYScgsg= -----END CERTIFICATE-----Generated at Sat Nov 23 00:08:50 2024 by rpki-client on console-ams.rpki-client.org