$ rpki-client -vvf rpki.apnic.net/member_repository/A91E1887/84EE8B60355111EB9F41950EC4F9AE02/9F46C468355711EBA5B81020C4F9AE02.roa File: 9F46C468355711EBA5B81020C4F9AE02.roa (raw, json) Hash identifier: +mNdwjus2Kgr8/pfP9kkqV55Ej1FzQoLbQf0Qcf2IT0= Subject key identifier: 37:7B:D0:9C:0F:7E:5E:35:29:B2:10:16:01:17:1C:C2:24:F1:F4:40 Certificate issuer: /CN=A91E1887/serialNumber=E0E9B9399B8A4A5FDCDE209FC5BEC078AF95CF7B Certificate serial: 067C Authority key identifier: E0:E9:B9:39:9B:8A:4A:5F:DC:DE:20:9F:C5:BE:C0:78:AF:95:CF:7B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4Om5OZuKSl_c3iCfxb7AeK-Vz3s.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E1887/84EE8B60355111EB9F41950EC4F9AE02/9F46C468355711EBA5B81020C4F9AE02.roa Signing time: Thu 20 Jun 2024 23:16:53 +0000 ROA not before: Thu 20 Jun 2024 23:16:53 +0000 ROA not after: Sun 31 Aug 2025 00:00:00 +0000 asID: 135356 IP address blocks: 45.251.104.0/24 maxlen: 24 45.251.105.0/24 maxlen: 24 45.251.106.0/24 maxlen: 24 45.251.107.0/24 maxlen: 24 103.220.72.0/24 maxlen: 24 103.220.73.0/24 maxlen: 24 103.220.74.0/24 maxlen: 24 103.220.75.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E1887/84EE8B60355111EB9F41950EC4F9AE02/4Om5OZuKSl_c3iCfxb7AeK-Vz3s.crl rsync://rpki.apnic.net/member_repository/A91E1887/84EE8B60355111EB9F41950EC4F9AE02/4Om5OZuKSl_c3iCfxb7AeK-Vz3s.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4Om5OZuKSl_c3iCfxb7AeK-Vz3s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 Nov 2024 20:33:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1660 (0x67c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E1887/serialNumber=E0E9B9399B8A4A5FDCDE209FC5BEC078AF95CF7B Validity Not Before: Jun 20 23:16:53 2024 GMT Not After : Aug 31 00:00:00 2025 GMT Subject: CN=6674b865-baf4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:1c:4b:3f:40:6e:dc:81:8b:ac:be:c6:44:88: d0:cc:2b:a4:79:d0:19:c6:9f:3e:e6:ce:21:f4:65: 77:0a:dc:5e:40:62:96:94:67:c1:6a:a6:84:94:b1: 3b:fb:ca:cf:ec:0f:2a:fb:af:35:0d:4c:a6:35:6e: 02:3b:45:98:b8:0b:be:0a:98:dc:74:e6:72:77:01: 98:ef:aa:4a:10:d6:2f:2e:6a:e3:34:d2:79:cf:ed: ee:1f:63:b8:32:e7:c1:71:cf:3f:ad:4e:72:1e:ac: 56:ad:de:60:35:ce:54:6f:45:b0:69:db:9f:7b:8f: af:d6:63:fe:39:a6:bb:1b:c0:cb:b7:4f:e5:a1:66: e2:ff:ad:00:81:10:30:ab:3a:a7:d8:75:5c:4b:4b: 7d:42:93:cc:fd:e0:2d:44:43:e5:a9:f6:03:79:d4: 0b:f6:98:8c:c0:7c:50:65:8f:2c:6e:45:21:4a:ad: 1d:88:00:b8:bf:c1:02:31:ec:8f:67:a2:c7:4f:78: bf:59:5c:02:89:85:53:a4:2c:4a:10:ca:88:30:6c: 1d:1f:a4:dc:0e:70:be:aa:0a:4f:e1:34:ef:e5:63: ef:05:2d:83:86:b9:3e:77:b2:15:7b:cc:1d:92:3f: f9:53:6b:46:5d:36:0a:5a:a1:2b:ba:63:b8:14:ff: 8d:af Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 37:7B:D0:9C:0F:7E:5E:35:29:B2:10:16:01:17:1C:C2:24:F1:F4:40 X509v3 Authority Key Identifier: keyid:E0:E9:B9:39:9B:8A:4A:5F:DC:DE:20:9F:C5:BE:C0:78:AF:95:CF:7B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E1887/84EE8B60355111EB9F41950EC4F9AE02/4Om5OZuKSl_c3iCfxb7AeK-Vz3s.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4Om5OZuKSl_c3iCfxb7AeK-Vz3s.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E1887/84EE8B60355111EB9F41950EC4F9AE02/9F46C468355711EBA5B81020C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 45.251.104.0/22 103.220.72.0/22 Signature Algorithm: sha256WithRSAEncryption 7f:c8:6f:a3:08:3e:f2:a7:bf:38:6c:36:6f:88:6d:56:cd:bb: ef:31:b4:84:b7:ad:6d:dd:dd:3a:77:f2:00:a6:14:92:e2:2f: b7:47:47:95:17:fa:6c:9c:5f:63:9e:40:84:00:93:a8:17:9c: 71:da:a7:f8:54:a8:94:c7:a0:91:73:eb:09:6f:d8:40:51:cb: 87:47:ac:96:50:e5:39:4c:bc:c4:00:35:da:0d:ea:44:78:1f: a8:a5:b9:56:47:19:38:35:af:1c:1e:9d:05:e4:f9:a6:59:29: 29:07:9f:a5:f8:4e:39:bf:0e:d7:77:24:f2:e3:6e:6f:d9:d4: e9:01:3c:cb:0b:76:38:8a:b0:01:7a:d8:12:dc:4a:14:6d:b8: 5a:ec:31:73:56:bb:dc:84:6b:bb:7c:a9:9f:a2:1d:5e:18:f2: b8:c7:b8:f7:f3:9d:f6:07:3b:91:45:e4:1f:71:d7:52:f6:18: 46:3e:d0:65:57:9f:f7:a6:01:2f:d8:80:a0:49:ad:4a:82:d8: 09:c7:79:e3:6e:07:f1:e7:85:8b:70:2f:c7:d0:f7:e5:82:56: 7a:f5:cb:0b:84:3f:93:0b:3a:da:4c:bb:a9:3c:89:34:40:2c: 38:87:f0:7b:f3:54:43:89:0a:eb:51:05:d8:ef:8f:6e:90:4f: 7e:c1:27:1b -----BEGIN CERTIFICATE----- MIIFdzCCBF+gAwIBAgICBnwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTE4ODcxMTAvBgNVBAUTKEUwRTlCOTM5OUI4QTRBNUZEQ0RFMjA5RkM1QkVDMDc4 QUY5NUNGN0IwHhcNMjQwNjIwMjMxNjUzWhcNMjUwODMxMDAwMDAwWjAYMRYwFAYD VQQDEw02Njc0Yjg2NS1iYWY0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEApBxLP0Bu3IGLrL7GRIjQzCukedAZxp8+5s4h9GV3CtxeQGKWlGfBaqaElLE7 +8rP7A8q+681DUymNW4CO0WYuAu+CpjcdOZydwGY76pKENYvLmrjNNJ5z+3uH2O4 MufBcc8/rU5yHqxWrd5gNc5Ub0Wwadufe4+v1mP+Oaa7G8DLt0/loWbi/60AgRAw qzqn2HVcS0t9QpPM/eAtREPlqfYDedQL9piMwHxQZY8sbkUhSq0diAC4v8ECMeyP Z6LHT3i/WVwCiYVTpCxKEMqIMGwdH6TcDnC+qgpP4TTv5WPvBS2Dhrk+d7IVe8wd kj/5U2tGXTYKWqErumO4FP+NrwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFDd70JwP fl41KbIQFgEXHMIk8fRAMB8GA1UdIwQYMBaAFODpuTmbikpf3N4gn8W+wHivlc97 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFMTg4Ny84NEVFOEI2MDM1 NTExMUVCOUY0MTk1MEVDNEY5QUUwMi80T201T1p1S1NsX2MzaUNmeGI3QWVLLVZ6 M3MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzRPbTVPWnVLU2xfYzNpQ2Z4YjdBZUstVnozcy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RTE4ODcvODRFRThCNjAzNTUxMTFFQjlGNDE5NTBFQzRGOUFFMDIvOUY0NkM0Njgz NTU3MTFFQkE1QjgxMDIwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E FjAUMBIEAgABMAwDBAIt+2gDBAJn3EgwDQYJKoZIhvcNAQELBQADggEBAH/Ib6MI PvKnvzhsNm+IbVbNu+8xtIS3rW3d3Tp38gCmFJLiL7dHR5UX+mycX2OeQIQAk6gX nHHap/hUqJTHoJFz6wlv2EBRy4dHrJZQ5TlMvMQANdoN6kR4H6iluVZHGTg1rxwe nQXk+aZZKSkHn6X4Tjm/Dtd3JPLjbm/Z1OkBPMsLdjiKsAF62BLcShRtuFrsMXNW u9yEa7t8qZ+iHV4Y8rjHuPfznfYHO5FF5B9x11L2GEY+0GVXn/emAS/YgKBJrUqC 2AnHeeNuB/HnhYtwL8fQ9+WCVnr1ywuEP5MLOtpMu6k8iTRALDiH8HvzVEOJCutR Bdjvj26QT37BJxs= -----END CERTIFICATE-----Generated at Wed Nov 20 23:11:49 2024 by rpki-client on console-fra.rpki-client.org