$ rpki-client -vvf rpki.apnic.net/member_repository/A91DB63B/2E2CEA169F4611EA988D0B65C4F9AE02/FF57D3205A4611EF88B33287C4F9AE02.roa File: FF57D3205A4611EF88B33287C4F9AE02.roa (raw, json) Hash identifier: 2i86HvqqruP2HLn2/0YD1Ofb8VdhIBy3sY51fKOAOAo= Subject key identifier: 3F:60:80:3C:7D:D7:37:86:E2:C1:77:02:C3:55:F9:97:22:7B:DD:5D Certificate issuer: /CN=A91DB63B/serialNumber=5EF72F9BE4E3A28DE3569E76DE2D2225DBF3FD8A Certificate serial: 08A9 Authority key identifier: 5E:F7:2F:9B:E4:E3:A2:8D:E3:56:9E:76:DE:2D:22:25:DB:F3:FD:8A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Xvcvm-Tjoo3jVp523i0iJdvz_Yo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91DB63B/2E2CEA169F4611EA988D0B65C4F9AE02/FF57D3205A4611EF88B33287C4F9AE02.roa Signing time: Wed 04 Sep 2024 21:09:45 +0000 ROA not before: Wed 04 Sep 2024 21:09:45 +0000 ROA not after: Fri 31 Oct 2025 00:00:00 +0000 asID: 38084 IP address blocks: 103.72.88.0/24 maxlen: 24 103.108.168.0/22 maxlen: 24 203.27.21.0/24 maxlen: 24 210.48.208.0/21 maxlen: 24 2406:7600::/32 maxlen: 33 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91DB63B/2E2CEA169F4611EA988D0B65C4F9AE02/Xvcvm-Tjoo3jVp523i0iJdvz_Yo.crl rsync://rpki.apnic.net/member_repository/A91DB63B/2E2CEA169F4611EA988D0B65C4F9AE02/Xvcvm-Tjoo3jVp523i0iJdvz_Yo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Xvcvm-Tjoo3jVp523i0iJdvz_Yo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Nov 2024 20:12:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2217 (0x8a9) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91DB63B/serialNumber=5EF72F9BE4E3A28DE3569E76DE2D2225DBF3FD8A Validity Not Before: Sep 4 21:09:45 2024 GMT Not After : Oct 31 00:00:00 2025 GMT Subject: CN=66d8cc99-b495 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:4a:c0:75:ec:5c:6b:50:30:d2:ce:48:e6:c8: b8:09:77:19:4e:4d:a4:97:fe:76:76:83:4f:09:d2: 91:51:0e:75:42:a6:a9:97:9b:bd:69:9d:0a:78:2a: 2a:4f:09:79:c9:2a:4c:2b:e1:cc:f4:85:72:24:0e: 64:3e:a9:18:83:f6:c8:63:f2:28:d0:e9:3f:5c:3c: 95:fb:f7:14:86:71:68:35:b4:60:84:93:c4:99:64: 0a:7e:80:5f:12:4f:6d:a5:78:64:c2:fb:86:a3:6a: 40:2b:de:a7:65:69:1f:fb:95:ec:d7:4c:c4:1b:44: d7:0b:47:58:1c:0b:7b:ba:0b:97:41:59:40:d8:05: d8:d0:64:9f:f2:9a:3f:af:26:b2:23:9e:53:16:c6: 11:5f:76:1b:1e:a1:b9:24:b0:d4:9f:19:59:4f:c7: d0:8e:51:47:71:e0:e2:19:6d:64:38:e7:0a:d4:e4: 82:63:45:b8:98:eb:bc:80:4f:14:c2:3a:a6:8a:75: e2:eb:2e:53:c3:d1:3d:fb:89:b8:f5:24:e9:e2:0b: 01:e7:87:7f:3f:cc:c8:16:76:5d:fa:19:62:1f:4c: ee:b2:e5:4a:3b:9f:b1:5c:ca:8f:63:71:06:7f:6c: 91:6a:f3:11:6a:93:c6:67:74:55:4f:f8:57:35:fa: d2:59 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3F:60:80:3C:7D:D7:37:86:E2:C1:77:02:C3:55:F9:97:22:7B:DD:5D X509v3 Authority Key Identifier: keyid:5E:F7:2F:9B:E4:E3:A2:8D:E3:56:9E:76:DE:2D:22:25:DB:F3:FD:8A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91DB63B/2E2CEA169F4611EA988D0B65C4F9AE02/Xvcvm-Tjoo3jVp523i0iJdvz_Yo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Xvcvm-Tjoo3jVp523i0iJdvz_Yo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DB63B/2E2CEA169F4611EA988D0B65C4F9AE02/FF57D3205A4611EF88B33287C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.72.88.0/24 103.108.168.0/22 203.27.21.0/24 210.48.208.0/21 IPv6: 2406:7600::/32 Signature Algorithm: sha256WithRSAEncryption 0d:f3:a8:ae:50:ba:6f:0a:bd:34:de:bc:7e:8f:31:9e:5e:30: 9f:c6:d8:3e:d4:8a:03:82:4f:95:99:96:3a:8c:40:df:25:c7: 63:0d:d3:0f:e0:f7:16:0c:93:23:34:05:7d:fe:93:bb:4c:06: ee:62:c6:7e:1d:d2:5f:5e:0d:83:04:40:f0:14:80:43:e7:9e: 7d:11:07:35:4a:aa:7d:90:d8:c0:e4:cb:85:f9:b3:f7:fd:50: 9d:39:50:21:99:b1:90:72:e3:57:ec:79:ce:6e:c3:36:06:44: 5d:51:16:3c:12:69:a8:0c:d3:c0:b4:e2:5a:97:38:09:24:e1: 81:fd:0f:1e:e4:53:0a:81:d0:ac:aa:e7:30:d0:25:08:9c:fa: c8:44:55:54:2b:d9:98:6f:57:f5:69:95:94:6f:d2:84:35:ca: 26:54:d5:b1:9d:be:4f:60:54:3b:ed:6e:9c:21:13:e3:a0:c0: 9b:b3:27:4c:e8:3e:bd:68:23:0f:c7:e4:d6:5c:f2:39:67:69: 2c:c2:10:c7:b6:60:56:3e:e3:2c:79:0a:e3:10:f9:10:15:b1: 68:23:c3:23:c0:bd:e1:8a:66:01:93:1a:cf:46:7c:20:32:a9: a8:c1:b2:ff:70:d1:59:a6:a9:c1:5c:9c:e7:ed:c6:2e:6b:a9: 02:7c:7a:f0 -----BEGIN CERTIFICATE----- MIIFkjCCBHqgAwIBAgICCKkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx REI2M0IxMTAvBgNVBAUTKDVFRjcyRjlCRTRFM0EyOERFMzU2OUU3NkRFMkQyMjI1 REJGM0ZEOEEwHhcNMjQwOTA0MjEwOTQ1WhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NmQ4Y2M5OS1iNDk1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxUrAdexca1Aw0s5I5si4CXcZTk2kl/52doNPCdKRUQ51Qqapl5u9aZ0KeCoq Twl5ySpMK+HM9IVyJA5kPqkYg/bIY/Io0Ok/XDyV+/cUhnFoNbRghJPEmWQKfoBf Ek9tpXhkwvuGo2pAK96nZWkf+5Xs10zEG0TXC0dYHAt7uguXQVlA2AXY0GSf8po/ ryayI55TFsYRX3YbHqG5JLDUnxlZT8fQjlFHceDiGW1kOOcK1OSCY0W4mOu8gE8U wjqminXi6y5Tw9E9+4m49STp4gsB54d/P8zIFnZd+hliH0zusuVKO5+xXMqPY3EG f2yRavMRapPGZ3RVT/hXNfrSWQIDAQABo4ICtjCCArIwHQYDVR0OBBYEFD9ggDx9 1zeG4sF3AsNV+Zcie91dMB8GA1UdIwQYMBaAFF73L5vk46KN41aedt4tIiXb8/2K MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEQjYzQi8yRTJDRUExNjlG NDYxMUVBOTg4RDBCNjVDNEY5QUUwMi9YdmN2bS1Uam9vM2pWcDUyM2kwaUpkdnpf WW8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1h2Y3ZtLVRqb28zalZwNTIzaTBpSmR2el9Zby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx REI2M0IvMkUyQ0VBMTY5RjQ2MTFFQTk4OEQwQjY1QzRGOUFFMDIvRkY1N0QzMjA1 QTQ2MTFFRjg4QjMzMjg3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQAYIKwYBBQUHAQcBAf8E MTAvMB4EAgABMBgDBABnSFgDBAJnbKgDBADLGxUDBAPSMNAwDQQCAAIwBwMFACQG dgAwDQYJKoZIhvcNAQELBQADggEBAA3zqK5Qum8KvTTevH6PMZ5eMJ/G2D7UigOC T5WZljqMQN8lx2MN0w/g9xYMkyM0BX3+k7tMBu5ixn4d0l9eDYMEQPAUgEPnnn0R BzVKqn2Q2MDky4X5s/f9UJ05UCGZsZBy41fsec5uwzYGRF1RFjwSaagM08C04lqX OAkk4YH9Dx7kUwqB0Kyq5zDQJQic+shEVVQr2ZhvV/VplZRv0oQ1yiZU1bGdvk9g VDvtbpwhE+OgwJuzJ0zoPr1oIw/H5NZc8jlnaSzCEMe2YFY+4yx5CuMQ+RAVsWgj wyPAveGKZgGTGs9GfCAyqajBsv9w0VmmqcFcnOftxi5rqQJ8evA= -----END CERTIFICATE-----Generated at Fri Nov 22 22:14:41 2024 by rpki-client on console-ams.rpki-client.org