$ rpki-client -vvf rpki.apnic.net/member_repository/A91DC4E1/2004F144160111E7A8AC225DC4F9AE02/20772F82207611E7AD8F8459C4F9AE02.roa File: 20772F82207611E7AD8F8459C4F9AE02.roa (raw, json) Hash identifier: Pb6kM9WouPrp2XawpESgoX55xTNZIYJEDsvGscWBa08= Subject key identifier: A0:88:88:F0:8C:71:3E:C6:0C:02:15:A4:42:EC:2A:3A:8C:B9:F4:57 Certificate issuer: /CN=A91DC4E1/serialNumber=DC1B39B54F60891AC778A9316D71B0BE8006396E Certificate serial: 1A8D Authority key identifier: DC:1B:39:B5:4F:60:89:1A:C7:78:A9:31:6D:71:B0:BE:80:06:39:6E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3Bs5tU9giRrHeKkxbXGwvoAGOW4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91DC4E1/2004F144160111E7A8AC225DC4F9AE02/20772F82207611E7AD8F8459C4F9AE02.roa Signing time: Thu 02 May 2024 17:04:49 +0000 ROA not before: Thu 02 May 2024 17:04:49 +0000 ROA not after: Tue 01 Jul 2025 00:00:00 +0000 asID: 136473 IP address blocks: 103.89.140.0/22 maxlen: 22 103.89.140.0/24 maxlen: 24 103.89.141.0/24 maxlen: 24 103.89.142.0/24 maxlen: 24 103.89.143.0/24 maxlen: 24 202.14.204.0/22 maxlen: 22 202.14.204.0/24 maxlen: 24 202.14.205.0/24 maxlen: 24 202.14.206.0/24 maxlen: 24 202.14.207.0/24 maxlen: 24 2400:f040::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91DC4E1/2004F144160111E7A8AC225DC4F9AE02/3Bs5tU9giRrHeKkxbXGwvoAGOW4.crl rsync://rpki.apnic.net/member_repository/A91DC4E1/2004F144160111E7A8AC225DC4F9AE02/3Bs5tU9giRrHeKkxbXGwvoAGOW4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3Bs5tU9giRrHeKkxbXGwvoAGOW4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 Nov 2024 16:16:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6797 (0x1a8d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91DC4E1/serialNumber=DC1B39B54F60891AC778A9316D71B0BE8006396E Validity Not Before: May 2 17:04:49 2024 GMT Not After : Jul 1 00:00:00 2025 GMT Subject: CN=6633c7b1-c2e8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e0:0f:2f:c8:79:32:64:25:d5:87:dd:e8:28:4a: 19:8f:53:ac:24:2c:27:8b:44:a6:0a:cb:da:d9:7b: 2e:77:f6:aa:6b:6d:ed:c6:fb:3a:7a:46:7d:e3:34: 99:8e:11:4a:a8:ca:bd:06:37:cd:07:13:20:9b:e0: c3:0d:38:d2:34:aa:1c:8e:b4:91:e5:85:08:d7:bc: a7:94:42:8e:b3:3e:78:09:b1:6c:6d:2b:5b:8a:b3: ea:50:d7:95:f7:b2:6d:05:b7:24:10:f8:6d:35:45: 40:c2:c8:f6:4d:ae:fa:8f:68:fd:d6:95:48:f5:2f: 69:66:b2:10:0c:04:26:a8:75:cf:03:73:19:fc:96: 1c:cc:4f:3a:3c:9f:c7:f8:6a:99:2e:5e:b3:da:05: 5a:41:29:48:01:8e:bb:49:56:46:46:03:ac:a3:35: 2c:e8:10:12:fe:bd:e4:28:ce:89:57:07:de:9e:a1: 05:9e:1b:3e:92:2b:cc:37:ed:3e:58:52:38:8b:e0: e3:0c:18:1a:ed:d5:2e:5e:14:ad:ff:1b:31:0e:8d: 13:9b:a9:7a:5c:f1:1e:aa:eb:5a:ee:0d:7e:0e:f7: d5:3f:19:25:1c:56:54:7b:08:59:b0:8d:c1:87:87: 16:60:a1:84:2d:66:b5:0d:06:c6:5b:f9:a2:b1:1c: 25:0b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A0:88:88:F0:8C:71:3E:C6:0C:02:15:A4:42:EC:2A:3A:8C:B9:F4:57 X509v3 Authority Key Identifier: keyid:DC:1B:39:B5:4F:60:89:1A:C7:78:A9:31:6D:71:B0:BE:80:06:39:6E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91DC4E1/2004F144160111E7A8AC225DC4F9AE02/3Bs5tU9giRrHeKkxbXGwvoAGOW4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3Bs5tU9giRrHeKkxbXGwvoAGOW4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DC4E1/2004F144160111E7A8AC225DC4F9AE02/20772F82207611E7AD8F8459C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.89.140.0/22 202.14.204.0/22 IPv6: 2400:f040::/32 Signature Algorithm: sha256WithRSAEncryption 1d:07:a1:b0:b3:d3:5c:c3:f9:52:0d:c7:f8:d2:15:b1:b3:2f: 8a:30:20:4d:fc:ea:d4:f8:4f:3a:77:64:3e:e9:8e:2b:52:c1: 84:76:51:59:2d:a5:84:7c:32:62:63:e1:53:01:b6:f7:cc:be: 2f:04:6d:18:9a:0c:38:38:43:f0:e9:a7:a7:11:84:df:e0:80: 59:f2:79:1c:53:e7:14:41:40:f9:79:82:7b:8e:17:bf:4c:26: be:b7:57:08:6e:ae:1b:10:68:2a:e7:c4:a4:34:d8:fe:ee:3f: 7b:a4:33:19:33:e6:90:d6:23:e6:d8:33:7a:13:f1:8f:ec:25: cc:84:c0:62:13:3e:92:43:85:12:10:7f:da:2d:b7:3e:8b:c1: a8:0a:62:e2:43:19:11:c3:0a:8a:8e:99:2d:0d:c7:b3:af:e8: ca:e4:d8:73:0f:53:16:c1:26:7e:0f:e5:f4:df:38:5d:4c:12: 3c:39:e5:49:42:dc:31:e5:a8:27:f2:09:06:5b:40:69:61:7c: 78:ee:73:e0:dc:00:34:8b:a9:25:96:60:3a:31:25:c5:dd:d0: b4:a8:fc:bc:70:60:25:dc:c1:c1:43:5d:0b:aa:83:09:cd:46: 78:df:40:3f:17:75:d4:ff:7e:58:77:a2:ae:e6:0f:fc:87:55: eb:ba:f5:00 -----BEGIN CERTIFICATE----- MIIFhjCCBG6gAwIBAgICGo0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx REM0RTExMTAvBgNVBAUTKERDMUIzOUI1NEY2MDg5MUFDNzc4QTkzMTZENzFCMEJF ODAwNjM5NkUwHhcNMjQwNTAyMTcwNDQ5WhcNMjUwNzAxMDAwMDAwWjAYMRYwFAYD VQQDEw02NjMzYzdiMS1jMmU4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA4A8vyHkyZCXVh93oKEoZj1OsJCwni0SmCsva2Xsud/aqa23txvs6ekZ94zSZ jhFKqMq9BjfNBxMgm+DDDTjSNKocjrSR5YUI17ynlEKOsz54CbFsbStbirPqUNeV 97JtBbckEPhtNUVAwsj2Ta76j2j91pVI9S9pZrIQDAQmqHXPA3MZ/JYczE86PJ/H +GqZLl6z2gVaQSlIAY67SVZGRgOsozUs6BAS/r3kKM6JVwfenqEFnhs+kivMN+0+ WFI4i+DjDBga7dUuXhSt/xsxDo0Tm6l6XPEequta7g1+DvfVPxklHFZUewhZsI3B h4cWYKGELWa1DQbGW/misRwlCwIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFKCIiPCM cT7GDAIVpELsKjqMufRXMB8GA1UdIwQYMBaAFNwbObVPYIkax3ipMW1xsL6ABjlu MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEQzRFMS8yMDA0RjE0NDE2 MDExMUU3QThBQzIyNURDNEY5QUUwMi8zQnM1dFU5Z2lSckhlS2t4YlhHd3ZvQUdP VzQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzNCczV0VTlnaVJySGVLa3hiWEd3dm9BR09XNC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx REM0RTEvMjAwNEYxNDQxNjAxMTFFN0E4QUMyMjVEQzRGOUFFMDIvMjA3NzJGODIy MDc2MTFFN0FEOEY4NDU5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E JTAjMBIEAgABMAwDBAJnWYwDBALKDswwDQQCAAIwBwMFACQA8EAwDQYJKoZIhvcN AQELBQADggEBAB0HobCz01zD+VINx/jSFbGzL4owIE386tT4Tzp3ZD7pjitSwYR2 UVktpYR8MmJj4VMBtvfMvi8EbRiaDDg4Q/Dpp6cRhN/ggFnyeRxT5xRBQPl5gnuO F79MJr63VwhurhsQaCrnxKQ02P7uP3ukMxkz5pDWI+bYM3oT8Y/sJcyEwGITPpJD hRIQf9ottz6LwagKYuJDGRHDCoqOmS0Nx7Ov6Mrk2HMPUxbBJn4P5fTfOF1MEjw5 5UlC3DHlqCfyCQZbQGlhfHjuc+DcADSLqSWWYDoxJcXd0LSo/LxwYCXcwcFDXQuq gwnNRnjfQD8XddT/flh3oq7mD/yHVeu69QA= -----END CERTIFICATE-----Generated at Wed Nov 20 18:45:06 2024 by rpki-client on console-fra.rpki-client.org