$ rpki-client -vvf rpki.apnic.net/member_repository/A91D3102/D4AEE2C8768E11E399A957455911EA32/611D8094B13D11E59299870AC4F9AE02.roa File: 611D8094B13D11E59299870AC4F9AE02.roa (raw, json) Hash identifier: Ge8zFlpjpqEtuKQN0h56H1Urr1O0D0HMkBD9jJfCPmM= Subject key identifier: 95:A8:3E:2A:A5:26:22:08:13:5C:FD:EA:27:9B:CA:5B:F9:81:5E:85 Certificate issuer: /CN=A91D3102/serialNumber=F91A3A98314384C403A8FF22A453BCA1A3BA6CD8 Certificate serial: 2D72 Authority key identifier: F9:1A:3A:98:31:43:84:C4:03:A8:FF:22:A4:53:BC:A1:A3:BA:6C:D8 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-Ro6mDFDhMQDqP8ipFO8oaO6bNg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D3102/D4AEE2C8768E11E399A957455911EA32/611D8094B13D11E59299870AC4F9AE02.roa Signing time: Thu 14 Nov 2024 15:32:20 +0000 ROA not before: Thu 14 Nov 2024 15:32:20 +0000 ROA not after: Tue 30 Dec 2025 00:00:00 +0000 asID: 133075 IP address blocks: 103.72.208.0/23 maxlen: 23 103.242.68.0/22 maxlen: 22 220.158.212.0/22 maxlen: 22 220.158.212.0/24 maxlen: 24 220.158.213.0/24 maxlen: 24 220.158.214.0/24 maxlen: 24 220.158.215.0/24 maxlen: 24 2407:f100::/32 maxlen: 32 2407:f100:4::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D3102/D4AEE2C8768E11E399A957455911EA32/-Ro6mDFDhMQDqP8ipFO8oaO6bNg.crl rsync://rpki.apnic.net/member_repository/A91D3102/D4AEE2C8768E11E399A957455911EA32/-Ro6mDFDhMQDqP8ipFO8oaO6bNg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-Ro6mDFDhMQDqP8ipFO8oaO6bNg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Nov 2024 15:31:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 11634 (0x2d72) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D3102/serialNumber=F91A3A98314384C403A8FF22A453BCA1A3BA6CD8 Validity Not Before: Nov 14 15:32:20 2024 GMT Not After : Dec 30 00:00:00 2025 GMT Subject: CN=67361804-7b76 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:c6:6d:71:b8:c5:7b:46:d3:d4:18:15:58:bb: 72:2e:46:e6:50:b7:1f:1b:4c:1a:f8:12:08:8a:55: 99:06:75:53:61:60:fd:a2:9c:45:56:4a:63:27:73: 11:9e:a8:00:65:b0:c1:32:5f:bc:08:d4:2d:0d:15: 07:db:ce:f8:d8:ac:6e:eb:ad:5b:ee:be:01:1b:7c: 1c:40:61:7a:4b:b6:15:67:77:c3:d3:58:74:37:24: d5:c7:33:45:76:a4:dc:26:aa:d9:6d:1e:d1:58:9d: c0:16:6c:8e:01:4e:56:4e:f0:de:5c:c2:5e:db:83: 97:70:85:4f:ac:0a:07:1e:85:9f:52:5a:d4:2a:51: 47:ff:f1:03:69:08:54:38:f8:a5:92:5b:89:58:05: b2:d9:76:7f:54:e1:90:71:69:48:f4:d4:e7:a3:90: 24:6b:0e:90:2f:8e:1f:0b:2a:0c:07:73:48:df:01: 26:9f:ad:db:63:2c:d8:28:02:67:3a:4f:9e:1b:9f: e6:ce:a4:79:3b:da:e1:0d:c2:01:78:72:9e:7e:50: 5d:55:90:8c:08:75:a4:14:23:1e:8c:8f:78:07:bf: d5:c9:0e:fa:e2:6b:c7:7d:f9:cf:ef:a6:7a:78:e0: 89:e6:67:2d:c2:0f:b9:ce:78:2a:39:ba:23:a6:62: ce:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 95:A8:3E:2A:A5:26:22:08:13:5C:FD:EA:27:9B:CA:5B:F9:81:5E:85 X509v3 Authority Key Identifier: keyid:F9:1A:3A:98:31:43:84:C4:03:A8:FF:22:A4:53:BC:A1:A3:BA:6C:D8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D3102/D4AEE2C8768E11E399A957455911EA32/-Ro6mDFDhMQDqP8ipFO8oaO6bNg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-Ro6mDFDhMQDqP8ipFO8oaO6bNg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D3102/D4AEE2C8768E11E399A957455911EA32/611D8094B13D11E59299870AC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.72.208.0/23 103.242.68.0/22 220.158.212.0/22 IPv6: 2407:f100::/32 Signature Algorithm: sha256WithRSAEncryption 30:47:fa:97:34:8b:a2:06:9d:8e:be:26:8e:c4:11:d4:a8:39: aa:31:d1:b8:cd:55:67:c5:73:af:0d:d9:ea:4d:78:5e:d5:7b: 7f:fb:63:15:40:6a:b5:42:2f:b5:27:7c:df:9b:52:2a:24:50: f7:3b:da:ab:03:cf:db:f7:2b:a9:c8:0f:87:12:2c:fd:d0:e8: 20:ab:65:e7:6a:be:2f:25:92:60:c9:59:a7:bd:3e:d2:5e:12: 5b:33:af:90:74:80:bb:f5:e0:56:de:79:bc:dd:1e:07:35:0e: 98:fe:82:71:37:f9:1c:ec:11:8e:4c:93:77:d1:24:29:63:ed: fc:12:d0:ef:3d:53:39:16:00:1e:b6:8e:2f:46:6a:89:ef:01: 85:7b:8d:57:62:15:33:69:0d:67:39:3c:1c:15:ae:62:b4:1a: 2e:a2:57:37:d9:9a:18:f7:61:ef:1e:f8:8c:bd:88:6f:9c:8d: bf:d5:0d:37:0c:8a:1e:54:1f:93:e6:02:ca:53:ed:28:9c:cf: bc:af:16:c0:4d:b7:9a:51:da:52:d6:09:21:83:a1:a2:ee:a9: 5a:25:3b:5f:23:d0:e6:cc:04:e9:77:f4:c3:57:f3:9f:10:01: 53:7a:6c:f4:73:fa:31:fb:8c:0a:62:bf:63:56:53:ee:90:9b: 3e:76:3d:0e -----BEGIN CERTIFICATE----- MIIFjDCCBHSgAwIBAgICLXIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDMxMDIxMTAvBgNVBAUTKEY5MUEzQTk4MzE0Mzg0QzQwM0E4RkYyMkE0NTNCQ0Ex QTNCQTZDRDgwHhcNMjQxMTE0MTUzMjIwWhcNMjUxMjMwMDAwMDAwWjAYMRYwFAYD VQQDEw02NzM2MTgwNC03Yjc2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtcZtcbjFe0bT1BgVWLtyLkbmULcfG0wa+BIIilWZBnVTYWD9opxFVkpjJ3MR nqgAZbDBMl+8CNQtDRUH28742Kxu661b7r4BG3wcQGF6S7YVZ3fD01h0NyTVxzNF dqTcJqrZbR7RWJ3AFmyOAU5WTvDeXMJe24OXcIVPrAoHHoWfUlrUKlFH//EDaQhU OPilkluJWAWy2XZ/VOGQcWlI9NTno5Akaw6QL44fCyoMB3NI3wEmn63bYyzYKAJn Ok+eG5/mzqR5O9rhDcIBeHKeflBdVZCMCHWkFCMejI94B7/VyQ764mvHffnP76Z6 eOCJ5mctwg+5zngqObojpmLO2QIDAQABo4ICsDCCAqwwHQYDVR0OBBYEFJWoPiql JiIIE1z96iebylv5gV6FMB8GA1UdIwQYMBaAFPkaOpgxQ4TEA6j/IqRTvKGjumzY MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEMzEwMi9ENEFFRTJDODc2 OEUxMUUzOTlBOTU3NDU1OTExRUEzMi8tUm82bURGRGhNUURxUDhpcEZPOG9hTzZi TmcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLy1SbzZtREZEaE1RRHFQOGlwRk84b2FPNmJOZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RDMxMDIvRDRBRUUyQzg3NjhFMTFFMzk5QTk1NzQ1NTkxMUVBMzIvNjExRDgwOTRC MTNEMTFFNTkyOTk4NzBBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOgYIKwYBBQUHAQcBAf8E KzApMBgEAgABMBIDBAFnSNADBAJn8kQDBALcntQwDQQCAAIwBwMFACQH8QAwDQYJ KoZIhvcNAQELBQADggEBADBH+pc0i6IGnY6+Jo7EEdSoOaox0bjNVWfFc68N2epN eF7Ve3/7YxVAarVCL7UnfN+bUiokUPc72qsDz9v3K6nID4cSLP3Q6CCrZedqvi8l kmDJWae9PtJeElszr5B0gLv14FbeebzdHgc1Dpj+gnE3+RzsEY5Mk3fRJClj7fwS 0O89UzkWAB62ji9GaonvAYV7jVdiFTNpDWc5PBwVrmK0Gi6iVzfZmhj3Ye8e+Iy9 iG+cjb/VDTcMih5UH5PmAspT7Sicz7yvFsBNt5pR2lLWCSGDoaLuqVolO18j0ObM BOl39MNX858QAVN6bPRz+jH7jApiv2NWU+6Qmz52PQ4= -----END CERTIFICATE-----Generated at Fri Nov 22 17:56:21 2024 by rpki-client on console-fra.rpki-client.org