$ rpki-client -vvf rpki.apnic.net/member_repository/A91E01AF/8CB85456BD1F11EBBAFD3D10C4F9AE02/129AA26CBD2111EBA76A3E11C4F9AE02.roa File: 129AA26CBD2111EBA76A3E11C4F9AE02.roa (raw, json) Hash identifier: YxPwMr4MBHxV8GdUwwcGZ9ThhhxxM846OSPi1905C3k= Subject key identifier: DF:43:4B:7A:B1:F7:13:C2:1E:A9:A4:25:1C:69:6F:7B:BE:4C:0B:A4 Certificate issuer: /CN=A91E01AF/serialNumber=74480F37C4B65762A8FD81BC7EDBEBDE6C81645F Certificate serial: 056C Authority key identifier: 74:48:0F:37:C4:B6:57:62:A8:FD:81:BC:7E:DB:EB:DE:6C:81:64:5F Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dEgPN8S2V2Ko_YG8ftvr3myBZF8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E01AF/8CB85456BD1F11EBBAFD3D10C4F9AE02/129AA26CBD2111EBA76A3E11C4F9AE02.roa Signing time: Wed 06 Nov 2024 23:02:23 +0000 ROA not before: Wed 06 Nov 2024 23:02:23 +0000 ROA not after: Sat 31 Jan 2026 00:00:00 +0000 asID: 135345 IP address blocks: 103.125.148.0/24 maxlen: 24 103.125.149.0/24 maxlen: 24 103.125.150.0/24 maxlen: 24 103.125.151.0/24 maxlen: 24 2403:f640::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E01AF/8CB85456BD1F11EBBAFD3D10C4F9AE02/dEgPN8S2V2Ko_YG8ftvr3myBZF8.crl rsync://rpki.apnic.net/member_repository/A91E01AF/8CB85456BD1F11EBBAFD3D10C4F9AE02/dEgPN8S2V2Ko_YG8ftvr3myBZF8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dEgPN8S2V2Ko_YG8ftvr3myBZF8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Nov 2024 20:43:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1388 (0x56c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E01AF/serialNumber=74480F37C4B65762A8FD81BC7EDBEBDE6C81645F Validity Not Before: Nov 6 23:02:23 2024 GMT Not After : Jan 31 00:00:00 2026 GMT Subject: CN=672bf57f-4375 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:4c:69:b6:6e:a6:ea:51:15:c5:42:98:e6:36: 63:51:b8:d4:3e:43:9d:c0:08:ef:c7:72:a6:4d:6d: 3e:f7:08:6b:69:93:03:6c:79:49:cf:ef:39:fe:92: 03:ab:63:74:3d:8a:c3:14:b4:40:35:73:f7:a4:86: 56:5f:c2:78:fd:6a:a2:b7:8c:6e:7d:86:de:f4:bc: 31:a3:89:e4:67:e5:76:1f:4f:62:4c:0f:fe:f1:d0: bf:0b:5e:85:26:32:b4:e0:f2:a0:6f:67:34:ec:73: 50:25:e5:67:6f:d7:f8:e3:b6:d5:ef:55:f2:14:af: 5d:4d:40:40:aa:73:a9:bd:1d:58:b9:fb:84:b6:dc: 0f:3a:cf:51:24:40:a7:8e:1c:0c:60:0f:2a:78:c9: 7c:d5:23:8c:10:2a:e4:ac:f3:dc:28:12:a2:69:ca: 9b:2a:d4:1f:ee:61:a6:86:a9:85:88:9c:3f:37:4a: ec:23:a5:1e:b0:11:14:3e:61:c7:f6:77:62:92:1b: f2:73:6f:aa:19:91:9e:d8:05:bf:95:11:19:33:39: 72:73:ff:cb:6f:63:47:1d:bd:94:ac:9d:c0:02:a8: 39:81:54:79:9c:53:c0:af:1b:17:36:9f:ea:91:af: 37:b5:7c:f9:85:ed:5e:9b:cb:17:d2:b3:e3:6d:38: d5:5f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DF:43:4B:7A:B1:F7:13:C2:1E:A9:A4:25:1C:69:6F:7B:BE:4C:0B:A4 X509v3 Authority Key Identifier: keyid:74:48:0F:37:C4:B6:57:62:A8:FD:81:BC:7E:DB:EB:DE:6C:81:64:5F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E01AF/8CB85456BD1F11EBBAFD3D10C4F9AE02/dEgPN8S2V2Ko_YG8ftvr3myBZF8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dEgPN8S2V2Ko_YG8ftvr3myBZF8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E01AF/8CB85456BD1F11EBBAFD3D10C4F9AE02/129AA26CBD2111EBA76A3E11C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.125.148.0/22 IPv6: 2403:f640::/32 Signature Algorithm: sha256WithRSAEncryption 90:cb:f8:00:c2:5d:80:d9:34:a3:0a:fb:42:30:5b:88:3c:96: 1c:78:f3:79:78:26:e2:e4:02:77:a7:8b:b9:d6:42:8b:c2:4e: fc:08:a7:54:51:6e:97:9a:ec:dc:a0:ac:6f:cd:b8:0b:47:e2: 6b:b4:f4:f8:4b:e0:08:2a:5e:fc:4a:03:e4:98:4e:6d:4c:04: b7:ae:1d:04:df:96:6d:4a:5c:89:08:b2:09:41:b2:6c:b2:ab: 8f:d5:83:64:d3:61:74:f3:3d:d5:c4:67:cd:da:1f:92:25:82: 69:ee:db:e7:fd:4e:a1:ce:45:f5:eb:07:1a:09:45:a4:11:41: 0d:07:8f:d8:75:f3:13:71:fd:0c:de:2c:61:62:5a:4a:8a:e2: 5f:6b:b9:3f:3a:a6:1a:55:e4:a7:80:0e:65:3d:de:49:6f:6e: 3e:fb:12:02:39:58:cd:f8:67:2c:45:99:70:f0:dc:42:cd:9a: c4:8a:ab:47:24:b9:98:95:8f:6b:c6:09:3f:4d:a7:0b:66:41: e7:26:84:a1:30:63:c2:36:11:60:5f:91:1a:b5:72:a1:5e:1c: ec:f0:69:9a:18:3f:52:af:66:d4:99:bc:5e:bb:59:6c:98:9b: 3c:cb:58:da:71:24:11:87:aa:7b:3f:f9:70:af:ee:d1:cb:f5: bb:e3:d5:b1 -----BEGIN CERTIFICATE----- MIIFgDCCBGigAwIBAgICBWwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTAxQUYxMTAvBgNVBAUTKDc0NDgwRjM3QzRCNjU3NjJBOEZEODFCQzdFREJFQkRF NkM4MTY0NUYwHhcNMjQxMTA2MjMwMjIzWhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NzJiZjU3Zi00Mzc1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEArExptm6m6lEVxUKY5jZjUbjUPkOdwAjvx3KmTW0+9whraZMDbHlJz+85/pID q2N0PYrDFLRANXP3pIZWX8J4/Wqit4xufYbe9Lwxo4nkZ+V2H09iTA/+8dC/C16F JjK04PKgb2c07HNQJeVnb9f447bV71XyFK9dTUBAqnOpvR1YufuEttwPOs9RJECn jhwMYA8qeMl81SOMECrkrPPcKBKiacqbKtQf7mGmhqmFiJw/N0rsI6UesBEUPmHH 9ndikhvyc2+qGZGe2AW/lREZMzlyc//Lb2NHHb2UrJ3AAqg5gVR5nFPArxsXNp/q ka83tXz5he1em8sX0rPjbTjVXwIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFN9DS3qx 9xPCHqmkJRxpb3u+TAukMB8GA1UdIwQYMBaAFHRIDzfEtldiqP2BvH7b695sgWRf MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFMDFBRi84Q0I4NTQ1NkJE MUYxMUVCQkFGRDNEMTBDNEY5QUUwMi9kRWdQTjhTMlYyS29fWUc4ZnR2cjNteUJa RjguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2RFZ1BOOFMyVjJLb19ZRzhmdHZyM215QlpGOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RTAxQUYvOENCODU0NTZCRDFGMTFFQkJBRkQzRDEwQzRGOUFFMDIvMTI5QUEyNkNC RDIxMTFFQkE3NkEzRTExQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E HzAdMAwEAgABMAYDBAJnfZQwDQQCAAIwBwMFACQD9kAwDQYJKoZIhvcNAQELBQAD ggEBAJDL+ADCXYDZNKMK+0IwW4g8lhx483l4JuLkAneni7nWQovCTvwIp1RRbpea 7NygrG/NuAtH4mu09PhL4AgqXvxKA+SYTm1MBLeuHQTflm1KXIkIsglBsmyyq4/V g2TTYXTzPdXEZ83aH5Ilgmnu2+f9TqHORfXrBxoJRaQRQQ0Hj9h18xNx/QzeLGFi WkqK4l9ruT86phpV5KeADmU93klvbj77EgI5WM34ZyxFmXDw3ELNmsSKq0ckuZiV j2vGCT9NpwtmQecmhKEwY8I2EWBfkRq1cqFeHOzwaZoYP1KvZtSZvF67WWyYmzzL WNpxJBGHqns/+XCv7tHL9bvj1bE= -----END CERTIFICATE-----Generated at Fri Nov 22 23:39:35 2024 by rpki-client on console-fra.rpki-client.org