$ rpki-client -vvf rpki.apnic.net/member_repository/A91E268B/426F57C08D3911EBB9F4CB17C4F9AE02/3F4ECBD2744D11EDB5D08682C4F9AE02.roa File: 3F4ECBD2744D11EDB5D08682C4F9AE02.roa (raw, json) Hash identifier: ZeJbsszOVNBw1F6cW7wRD7CJip07y61hhmb9ROUNvfs= Subject key identifier: 44:E5:BD:37:93:C6:89:F0:7A:B1:33:87:25:17:D9:61:62:10:EF:CC Certificate issuer: /CN=A91E268B/serialNumber=462B16D327972EA771226A01588B5205EFEA4496 Certificate serial: 0589 Authority key identifier: 46:2B:16:D3:27:97:2E:A7:71:22:6A:01:58:8B:52:05:EF:EA:44:96 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/RisW0yeXLqdxImoBWItSBe_qRJY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E268B/426F57C08D3911EBB9F4CB17C4F9AE02/3F4ECBD2744D11EDB5D08682C4F9AE02.roa Signing time: Wed 03 Apr 2024 01:03:23 +0000 ROA not before: Wed 03 Apr 2024 01:03:23 +0000 ROA not after: Tue 01 Jul 2025 00:00:00 +0000 asID: 38215 IP address blocks: 103.164.236.0/23 maxlen: 24 103.164.236.0/30 maxlen: 30 2001:df6:5180::/48 maxlen: 48 2400:bf60::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E268B/426F57C08D3911EBB9F4CB17C4F9AE02/RisW0yeXLqdxImoBWItSBe_qRJY.crl rsync://rpki.apnic.net/member_repository/A91E268B/426F57C08D3911EBB9F4CB17C4F9AE02/RisW0yeXLqdxImoBWItSBe_qRJY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/RisW0yeXLqdxImoBWItSBe_qRJY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 21 Feb 2025 05:15:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1417 (0x589) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E268B Validity Not Before: Apr 3 01:03:23 2024 GMT Not After : Jul 1 00:00:00 2025 GMT Subject: CN=660caadb-cedc Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:fa:e3:56:f6:23:06:88:13:8e:4d:74:cf:ab: 96:4e:24:d9:0e:3e:62:9f:4e:ab:66:32:c9:a8:51: ee:36:ae:0c:1a:95:8e:ca:ca:fd:55:90:b8:23:90: d5:ac:03:54:ea:40:73:4c:74:72:9c:1d:19:05:a6: 71:f9:71:25:1d:d8:98:c0:ef:f6:1a:e7:67:bd:ac: 5d:fd:15:df:10:d8:d5:47:b9:24:41:f9:bd:34:7b: 27:ef:ba:f2:e9:36:e0:b4:55:ad:1c:2a:4e:64:b5: 53:3f:36:42:50:20:50:76:df:13:21:20:c0:cd:a8: 17:95:2b:78:e3:62:93:cd:d2:8f:d0:c4:2c:5b:0c: 6f:43:8d:c5:f6:91:c3:de:b2:1e:ae:2c:72:65:4c: c1:81:cd:f8:02:79:27:b5:3e:78:f8:08:a3:7d:12: 2b:27:0c:b2:58:07:dd:21:de:3c:fc:8c:e1:52:73: 25:f2:1d:dd:a2:e3:74:b2:c5:61:7d:3d:c0:20:f9: 84:87:d4:3a:da:2f:20:7e:3b:2c:ca:d3:cb:ec:7e: 9b:1d:d1:07:ab:a1:50:b2:53:d3:5e:da:a7:bf:92: 49:2e:6a:44:0b:10:ab:7f:3a:0a:d9:d3:30:81:62: bf:52:e5:34:2d:e2:30:66:c6:0b:a8:ce:89:ee:00: d9:07 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 44:E5:BD:37:93:C6:89:F0:7A:B1:33:87:25:17:D9:61:62:10:EF:CC X509v3 Authority Key Identifier: keyid:46:2B:16:D3:27:97:2E:A7:71:22:6A:01:58:8B:52:05:EF:EA:44:96 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E268B/426F57C08D3911EBB9F4CB17C4F9AE02/RisW0yeXLqdxImoBWItSBe_qRJY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/RisW0yeXLqdxImoBWItSBe_qRJY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E268B/426F57C08D3911EBB9F4CB17C4F9AE02/3F4ECBD2744D11EDB5D08682C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.164.236.0/23 IPv6: 2001:df6:5180::/48 2400:bf60::/32 Signature Algorithm: sha256WithRSAEncryption a9:9a:3e:b8:82:1b:68:6a:2b:77:bd:61:4d:2b:cc:23:f3:4a: cd:77:2b:c0:eb:05:15:81:1a:89:be:b2:a8:80:89:cb:4f:94: 4b:b7:f0:e7:71:1d:bd:c2:2b:19:35:d9:db:72:b2:97:ff:78: ac:66:fc:8b:74:7c:24:d1:e6:61:35:f6:45:ef:06:b2:a5:e5: 8e:5a:90:0a:88:58:d5:f9:22:5e:ca:03:d0:38:47:83:9d:5e: 4f:de:f6:57:fb:4c:91:79:6e:1d:9a:14:96:79:3f:5e:b3:45: d3:6f:58:a3:bb:4c:c8:11:56:94:57:62:b2:28:06:72:8e:41: 2f:e3:e9:59:bc:9d:3d:ab:a1:f4:4f:fc:1b:a0:9f:ed:53:42: a5:c3:34:00:0e:5c:0d:62:cb:88:63:3c:60:ae:95:53:f4:c9: 0f:eb:9f:ce:91:98:8c:27:3b:cb:b2:70:71:23:9f:6b:f5:0b: 55:6b:4a:34:15:5a:4a:ca:46:c5:f2:17:62:a3:f0:5a:39:75: 37:33:34:c0:b0:b7:df:44:2b:14:3d:04:63:f4:ec:90:8a:0b: cd:60:ce:2b:66:ba:67:f5:2e:30:a2:77:68:53:97:fe:83:3e: 67:b7:25:61:03:ea:2b:28:ca:c7:14:3a:e2:6f:ee:9c:69:0d: c5:5c:dd:9c -----BEGIN CERTIFICATE----- MIIFiTCCBHGgAwIBAgICBYkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTI2OEIxMTAvBgNVBAUTKDQ2MkIxNkQzMjc5NzJFQTc3MTIyNkEwMTU4OEI1MjA1 RUZFQTQ0OTYwHhcNMjQwNDAzMDEwMzIzWhcNMjUwNzAxMDAwMDAwWjAYMRYwFAYD VQQDEw02NjBjYWFkYi1jZWRjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAp/rjVvYjBogTjk10z6uWTiTZDj5in06rZjLJqFHuNq4MGpWOysr9VZC4I5DV rANU6kBzTHRynB0ZBaZx+XElHdiYwO/2Gudnvaxd/RXfENjVR7kkQfm9NHsn77ry 6TbgtFWtHCpOZLVTPzZCUCBQdt8TISDAzagXlSt442KTzdKP0MQsWwxvQ43F9pHD 3rIerixyZUzBgc34AnkntT54+AijfRIrJwyyWAfdId48/IzhUnMl8h3douN0ssVh fT3AIPmEh9Q62i8gfjssytPL7H6bHdEHq6FQslPTXtqnv5JJLmpECxCrfzoK2dMw gWK/UuU0LeIwZsYLqM6J7gDZBwIDAQABo4ICrTCCAqkwHQYDVR0OBBYEFETlvTeT xonwerEzhyUX2WFiEO/MMB8GA1UdIwQYMBaAFEYrFtMnly6ncSJqAViLUgXv6kSW MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFMjY4Qi80MjZGNTdDMDhE MzkxMUVCQjlGNENCMTdDNEY5QUUwMi9SaXNXMHllWExxZHhJbW9CV0l0U0JlX3FS SlkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1Jpc1cweWVYTHFkeEltb0JXSXRTQmVfcVJKWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RTI2OEIvNDI2RjU3QzA4RDM5MTFFQkI5RjRDQjE3QzRGOUFFMDIvM0Y0RUNCRDI3 NDREMTFFREI1RDA4NjgyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNwYIKwYBBQUHAQcBAf8E KDAmMAwEAgABMAYDBAFnpOwwFgQCAAIwEAMHACABDfZRgAMFACQAv2AwDQYJKoZI hvcNAQELBQADggEBAKmaPriCG2hqK3e9YU0rzCPzSs13K8DrBRWBGom+sqiAictP lEu38OdxHb3CKxk12dtyspf/eKxm/It0fCTR5mE19kXvBrKl5Y5akAqIWNX5Il7K A9A4R4OdXk/e9lf7TJF5bh2aFJZ5P16zRdNvWKO7TMgRVpRXYrIoBnKOQS/j6Vm8 nT2rofRP/Bugn+1TQqXDNAAOXA1iy4hjPGCulVP0yQ/rn86RmIwnO8uycHEjn2v1 C1VrSjQVWkrKRsXyF2Kj8Fo5dTczNMCwt99EKxQ9BGP07JCKC81gzitmumf1LjCi d2hTl/6DPme3JWED6isoyscUOuJv7pxpDcVc3Zw= -----END CERTIFICATE-----Generated at Sun Feb 16 21:41:28 2025 by rpki-client