$ rpki-client -vvf rpki.apnic.net/member_repository/A91E13D0/D7A4BB5604AC11ECBEB50C79C4F9AE02/E86C4B1E04AE11EC92C8D079C4F9AE02.roa File: E86C4B1E04AE11EC92C8D079C4F9AE02.roa (raw, json) Hash identifier: gNJTzz5gTRCi7TWu8OqobzQyrN+9OUDBMZ0c3PoKanY= Subject key identifier: BF:B1:BA:51:2E:18:DD:CB:8F:EF:66:B7:0E:CC:33:67:6E:4B:FD:3F Certificate issuer: /CN=A91E13D0/serialNumber=FC80B49B507332FD4C9C92DD5E27A2DFCA8064DA Certificate serial: 049C Authority key identifier: FC:80:B4:9B:50:73:32:FD:4C:9C:92:DD:5E:27:A2:DF:CA:80:64:DA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_IC0m1BzMv1MnJLdXiei38qAZNo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E13D0/D7A4BB5604AC11ECBEB50C79C4F9AE02/E86C4B1E04AE11EC92C8D079C4F9AE02.roa Signing time: Wed 11 Sep 2024 02:03:52 +0000 ROA not before: Wed 11 Sep 2024 02:03:52 +0000 ROA not after: Fri 31 Oct 2025 00:00:00 +0000 asID: 139588 IP address blocks: 103.142.5.0/24 maxlen: 24 103.208.64.0/24 maxlen: 24 2001:df1:2280::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E13D0/D7A4BB5604AC11ECBEB50C79C4F9AE02/_IC0m1BzMv1MnJLdXiei38qAZNo.crl rsync://rpki.apnic.net/member_repository/A91E13D0/D7A4BB5604AC11ECBEB50C79C4F9AE02/_IC0m1BzMv1MnJLdXiei38qAZNo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_IC0m1BzMv1MnJLdXiei38qAZNo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Nov 2024 20:43:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1180 (0x49c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E13D0/serialNumber=FC80B49B507332FD4C9C92DD5E27A2DFCA8064DA Validity Not Before: Sep 11 02:03:52 2024 GMT Not After : Oct 31 00:00:00 2025 GMT Subject: CN=66e0fa87-f17a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:75:98:59:5a:c0:d0:33:67:79:bc:55:d6:91: ca:85:8f:c9:20:fd:af:ac:5c:67:13:01:9c:40:e6: 02:96:d6:0e:3f:30:d0:19:80:67:b2:ee:a5:e7:54: 34:e2:17:a5:f0:89:32:ba:22:a2:d7:40:98:b4:e3: e6:0e:82:f0:69:93:e6:4b:de:5e:c3:37:df:99:69: ac:88:03:55:d9:b7:e5:f9:15:c4:29:0e:43:1b:88: e5:97:fc:fd:cb:a0:79:e6:8f:bc:d5:61:93:94:b6: 04:53:49:f6:4f:41:4c:ff:07:fa:a1:17:14:a3:93: 93:12:87:1b:b9:30:fe:9b:ea:12:e9:80:a5:4e:fa: 5d:ce:f2:db:64:16:aa:67:ae:7e:5a:04:56:ac:2b: c1:25:59:57:cd:a1:b4:41:33:fa:25:a8:c1:0b:aa: 55:b8:b9:be:2a:7a:df:a2:9c:6a:6b:cf:c3:6c:4f: 48:80:a3:f5:c7:c3:f9:5a:12:d7:86:25:47:83:8f: 58:27:80:f3:dd:ec:1f:f3:af:15:30:9f:c1:2e:86: 3b:15:74:be:05:c9:99:60:99:58:42:fe:45:ee:92: d6:fb:64:5f:b2:16:44:27:cf:34:b7:1b:f1:46:39: ed:9e:2f:4e:1c:ff:85:d6:d3:ae:a4:17:2a:40:70: d6:e9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BF:B1:BA:51:2E:18:DD:CB:8F:EF:66:B7:0E:CC:33:67:6E:4B:FD:3F X509v3 Authority Key Identifier: keyid:FC:80:B4:9B:50:73:32:FD:4C:9C:92:DD:5E:27:A2:DF:CA:80:64:DA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E13D0/D7A4BB5604AC11ECBEB50C79C4F9AE02/_IC0m1BzMv1MnJLdXiei38qAZNo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_IC0m1BzMv1MnJLdXiei38qAZNo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E13D0/D7A4BB5604AC11ECBEB50C79C4F9AE02/E86C4B1E04AE11EC92C8D079C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.142.5.0/24 103.208.64.0/24 IPv6: 2001:df1:2280::/48 Signature Algorithm: sha256WithRSAEncryption 21:7b:30:7e:ca:7a:89:35:b9:a6:63:3a:98:a4:8e:9d:1e:e5: b2:a0:8c:4b:ca:65:18:b4:65:16:2a:ef:71:a5:8b:d0:41:3e: a3:5e:dd:03:99:67:5e:c2:ae:c4:0a:cb:6f:28:65:f0:2a:c0: 33:c2:4e:ba:dd:fc:e5:59:24:48:c8:0f:0b:d3:00:8f:98:ab: 5d:09:e0:08:6c:13:13:57:46:af:bc:2b:29:49:03:d3:62:f8: 87:89:42:52:fa:de:2d:f5:c2:82:13:86:fd:84:37:e5:de:2e: b0:42:59:da:d9:fc:84:db:af:ad:25:fc:6a:f0:8f:9e:69:02: e4:7b:8f:78:e2:3a:5a:9c:59:01:4a:26:76:68:34:cc:87:3b: 56:43:7e:94:ae:d5:ba:ba:58:59:24:66:32:4a:49:5a:2b:be: 68:ea:65:dc:26:aa:79:25:27:e1:98:2e:af:2e:ae:ca:08:7c: 1d:a7:07:c8:db:31:de:2b:fc:ab:ad:05:1d:65:a5:a6:ae:48: fa:a5:99:43:fe:7d:82:f4:f0:65:04:3b:cc:1f:96:91:78:fc: 0a:4f:ef:67:44:11:5b:0a:61:a2:4a:a1:09:54:c5:f4:b0:06: f5:4a:b3:6b:d0:08:f3:8b:2a:01:b7:42:cb:c0:fe:d4:ab:f0: 66:fc:20:83 -----BEGIN CERTIFICATE----- MIIFiDCCBHCgAwIBAgICBJwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTEzRDAxMTAvBgNVBAUTKEZDODBCNDlCNTA3MzMyRkQ0QzlDOTJERDVFMjdBMkRG Q0E4MDY0REEwHhcNMjQwOTExMDIwMzUyWhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NmUwZmE4Ny1mMTdhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAyHWYWVrA0DNnebxV1pHKhY/JIP2vrFxnEwGcQOYCltYOPzDQGYBnsu6l51Q0 4hel8IkyuiKi10CYtOPmDoLwaZPmS95ewzffmWmsiANV2bfl+RXEKQ5DG4jll/z9 y6B55o+81WGTlLYEU0n2T0FM/wf6oRcUo5OTEocbuTD+m+oS6YClTvpdzvLbZBaq Z65+WgRWrCvBJVlXzaG0QTP6JajBC6pVuLm+Knrfopxqa8/DbE9IgKP1x8P5WhLX hiVHg49YJ4Dz3ewf868VMJ/BLoY7FXS+BcmZYJlYQv5F7pLW+2RfshZEJ880txvx Rjntni9OHP+F1tOupBcqQHDW6QIDAQABo4ICrDCCAqgwHQYDVR0OBBYEFL+xulEu GN3Lj+9mtw7MM2duS/0/MB8GA1UdIwQYMBaAFPyAtJtQczL9TJyS3V4not/KgGTa MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFMTNEMC9EN0E0QkI1NjA0 QUMxMUVDQkVCNTBDNzlDNEY5QUUwMi9fSUMwbTFCek12MU1uSkxkWGllaTM4cUFa Tm8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL19JQzBtMUJ6TXYxTW5KTGRYaWVpMzhxQVpOby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RTEzRDAvRDdBNEJCNTYwNEFDMTFFQ0JFQjUwQzc5QzRGOUFFMDIvRTg2QzRCMUUw NEFFMTFFQzkyQzhEMDc5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNgYIKwYBBQUHAQcBAf8E JzAlMBIEAgABMAwDBABnjgUDBABn0EAwDwQCAAIwCQMHACABDfEigDANBgkqhkiG 9w0BAQsFAAOCAQEAIXswfsp6iTW5pmM6mKSOnR7lsqCMS8plGLRlFirvcaWL0EE+ o17dA5lnXsKuxArLbyhl8CrAM8JOut385VkkSMgPC9MAj5irXQngCGwTE1dGr7wr KUkD02L4h4lCUvreLfXCghOG/YQ35d4usEJZ2tn8hNuvrSX8avCPnmkC5HuPeOI6 WpxZAUomdmg0zIc7VkN+lK7VurpYWSRmMkpJWiu+aOpl3CaqeSUn4Zgury6uygh8 HacHyNsx3iv8q60FHWWlpq5I+qWZQ/59gvTwZQQ7zB+WkXj8Ck/vZ0QRWwphokqh CVTF9LAG9Uqza9AI84sqAbdCy8D+1KvwZvwggw== -----END CERTIFICATE-----Generated at Sat Nov 23 01:27:29 2024 by rpki-client on console-ams.rpki-client.org