$ rpki-client -vvf rpki.apnic.net/member_repository/A91DBB7D/3017096E2BB911ECB2B3674FC4F9AE02/D5C4A54A617B11EC82058668C4F9AE02.roa File: D5C4A54A617B11EC82058668C4F9AE02.roa (raw, json) Hash identifier: YIo4X33adLD8RwsAshCvfy7lRfDuoG21ebfjFnUBZ1Y= Subject key identifier: 45:B0:22:7A:50:D0:13:7C:C1:8D:6A:6D:E5:1D:B8:DD:E8:56:EA:39 Certificate issuer: /CN=A91DBB7D/serialNumber=DFBF5F830B50B3BFC1E5350B9C605BB756122E11 Certificate serial: 0455 Authority key identifier: DF:BF:5F:83:0B:50:B3:BF:C1:E5:35:0B:9C:60:5B:B7:56:12:2E:11 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/379fgwtQs7_B5TULnGBbt1YSLhE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91DBB7D/3017096E2BB911ECB2B3674FC4F9AE02/D5C4A54A617B11EC82058668C4F9AE02.roa Signing time: Sun 27 Oct 2024 00:05:47 +0000 ROA not before: Sun 27 Oct 2024 00:05:47 +0000 ROA not after: Tue 30 Dec 2025 00:00:00 +0000 asID: 147061 IP address blocks: 103.173.235.0/24 maxlen: 24 103.198.0.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91DBB7D/3017096E2BB911ECB2B3674FC4F9AE02/379fgwtQs7_B5TULnGBbt1YSLhE.crl rsync://rpki.apnic.net/member_repository/A91DBB7D/3017096E2BB911ECB2B3674FC4F9AE02/379fgwtQs7_B5TULnGBbt1YSLhE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/379fgwtQs7_B5TULnGBbt1YSLhE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Nov 2024 20:43:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1109 (0x455) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91DBB7D/serialNumber=DFBF5F830B50B3BFC1E5350B9C605BB756122E11 Validity Not Before: Oct 27 00:05:47 2024 GMT Not After : Dec 30 00:00:00 2025 GMT Subject: CN=671d83da-dc2a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:6d:97:77:de:7d:af:47:71:53:ae:2a:46:cf: 1c:26:3e:73:b9:47:13:c8:fb:87:07:e4:14:fa:4b: 6a:6d:2a:44:45:1c:cf:97:1e:49:62:22:b2:ee:b8: 20:4e:99:91:4a:af:79:6e:c2:2e:9a:7d:12:f9:e3: 53:d2:d7:4a:78:02:ca:aa:09:12:ce:15:a2:c6:f7: ed:ba:a1:3b:71:23:aa:84:a0:91:0e:0d:bf:28:a7: e3:ba:3b:9d:0d:66:8f:fc:af:e4:9f:4d:11:e3:03: 9f:19:22:f1:1b:25:b8:12:9a:d5:f3:21:20:e6:5c: 5b:5b:b0:b1:7a:47:42:bd:5a:61:4a:dc:51:2a:33: 68:98:ef:35:57:aa:70:84:3e:59:ba:20:ce:5f:50: 71:3f:76:02:2a:10:b3:e4:03:9c:fd:42:7a:8f:43: ba:2f:20:53:92:d2:63:ce:7b:41:45:ea:b4:04:52: 76:20:8d:64:71:48:60:67:6d:cd:f9:c9:d9:70:a4: 9f:93:87:cb:b2:51:69:2b:37:cb:e9:87:82:0e:d0: e9:b2:30:47:a4:7a:42:47:d4:b8:f5:34:17:f2:f1: 31:f4:35:cd:85:a7:bd:e1:52:3b:ac:5d:f8:21:13: 27:7c:a9:58:75:8e:b6:ee:47:b2:65:ad:e6:4f:bb: 2b:35 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 45:B0:22:7A:50:D0:13:7C:C1:8D:6A:6D:E5:1D:B8:DD:E8:56:EA:39 X509v3 Authority Key Identifier: keyid:DF:BF:5F:83:0B:50:B3:BF:C1:E5:35:0B:9C:60:5B:B7:56:12:2E:11 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91DBB7D/3017096E2BB911ECB2B3674FC4F9AE02/379fgwtQs7_B5TULnGBbt1YSLhE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/379fgwtQs7_B5TULnGBbt1YSLhE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DBB7D/3017096E2BB911ECB2B3674FC4F9AE02/D5C4A54A617B11EC82058668C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.173.235.0/24 103.198.0.0/24 Signature Algorithm: sha256WithRSAEncryption 84:92:9e:16:e2:da:44:70:e9:52:d0:38:09:dc:53:a4:b1:df: ed:33:0e:4c:31:39:ea:ef:93:1b:1e:89:3f:04:e3:56:11:01: 20:25:bb:13:b3:e6:51:a4:d3:07:2b:a9:98:a5:d8:ac:8f:85: 47:cc:6b:77:59:35:c4:71:bf:7e:2a:6f:87:55:37:6c:39:c4: 93:24:c0:aa:1a:0f:5a:b0:42:90:f6:1a:7e:06:d7:ed:30:0b: db:5f:52:45:75:8f:26:0a:c0:6e:61:33:d4:cb:b4:e2:70:aa: 97:6a:3f:c8:2d:5b:fe:6a:1d:4c:de:62:dc:62:ec:c5:3d:1e: 8e:9b:d3:5f:01:3e:31:d5:06:be:0c:bb:e7:fd:25:ab:76:03: 8b:ac:d2:f2:ca:1b:00:0b:91:71:d7:3c:02:47:dd:ce:b9:fd: 92:c6:76:2b:b6:0a:d9:ba:63:48:af:a6:25:33:c5:68:9f:f6: 56:27:66:e9:78:5a:bb:a5:2f:a8:9c:e4:05:b9:c5:3d:97:ab: e7:a7:b0:db:ad:1c:b3:4a:5c:5d:c7:ca:24:05:be:e9:6a:54: 7b:8c:10:16:69:1d:31:1a:4b:e2:9a:74:65:de:a4:c4:a8:8e: 66:1a:d2:19:1d:77:12:29:8c:7c:b1:db:81:28:81:9b:b7:44: 21:44:79:a6 -----BEGIN CERTIFICATE----- MIIFdzCCBF+gAwIBAgICBFUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx REJCN0QxMTAvBgNVBAUTKERGQkY1RjgzMEI1MEIzQkZDMUU1MzUwQjlDNjA1QkI3 NTYxMjJFMTEwHhcNMjQxMDI3MDAwNTQ3WhcNMjUxMjMwMDAwMDAwWjAYMRYwFAYD VQQDEw02NzFkODNkYS1kYzJhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAum2Xd959r0dxU64qRs8cJj5zuUcTyPuHB+QU+ktqbSpERRzPlx5JYiKy7rgg TpmRSq95bsIumn0S+eNT0tdKeALKqgkSzhWixvftuqE7cSOqhKCRDg2/KKfjujud DWaP/K/kn00R4wOfGSLxGyW4EprV8yEg5lxbW7CxekdCvVphStxRKjNomO81V6pw hD5ZuiDOX1BxP3YCKhCz5AOc/UJ6j0O6LyBTktJjzntBReq0BFJ2II1kcUhgZ23N +cnZcKSfk4fLslFpKzfL6YeCDtDpsjBHpHpCR9S49TQX8vEx9DXNhae94VI7rF34 IRMnfKlYdY627keyZa3mT7srNQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFEWwInpQ 0BN8wY1qbeUduN3oVuo5MB8GA1UdIwQYMBaAFN+/X4MLULO/weU1C5xgW7dWEi4R MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEQkI3RC8zMDE3MDk2RTJC QjkxMUVDQjJCMzY3NEZDNEY5QUUwMi8zNzlmZ3d0UXM3X0I1VFVMbkdCYnQxWVNM aEUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzM3OWZnd3RRczdfQjVUVUxuR0JidDFZU0xoRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx REJCN0QvMzAxNzA5NkUyQkI5MTFFQ0IyQjM2NzRGQzRGOUFFMDIvRDVDNEE1NEE2 MTdCMTFFQzgyMDU4NjY4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E FjAUMBIEAgABMAwDBABnresDBABnxgAwDQYJKoZIhvcNAQELBQADggEBAISSnhbi 2kRw6VLQOAncU6Sx3+0zDkwxOervkxseiT8E41YRASAluxOz5lGk0wcrqZil2KyP hUfMa3dZNcRxv34qb4dVN2w5xJMkwKoaD1qwQpD2Gn4G1+0wC9tfUkV1jyYKwG5h M9TLtOJwqpdqP8gtW/5qHUzeYtxi7MU9Ho6b018BPjHVBr4Mu+f9Jat2A4us0vLK GwALkXHXPAJH3c65/ZLGdiu2Ctm6Y0ivpiUzxWif9lYnZul4WrulL6ic5AW5xT2X q+ensNutHLNKXF3HyiQFvulqVHuMEBZpHTEaS+KadGXepMSojmYa0hkddxIpjHyx 24EogZu3RCFEeaY= -----END CERTIFICATE-----Generated at Sat Nov 23 00:49:38 2024 by rpki-client on console-fra.rpki-client.org