$ rpki-client -vvf rpki.apnic.net/member_repository/A91E2A61/EDC08FE6960B11ECBBE4BE64C4F9AE02/457D2B5A28DC11ED839D6243C4F9AE02.roa File: 457D2B5A28DC11ED839D6243C4F9AE02.roa (raw, json) Hash identifier: 4G2u0IIjNz0CyenUMTN7OBV5SwfSrRJSXkJu6HMP/+w= Subject key identifier: D5:43:62:86:77:54:98:EC:69:37:BA:C1:E9:31:24:AF:3F:A0:E0:41 Certificate issuer: /CN=A91E2A61/serialNumber=2B517C6B79E3CEB0389D41ABC5ECE2107FEC53FB Certificate serial: 0343 Authority key identifier: 2B:51:7C:6B:79:E3:CE:B0:38:9D:41:AB:C5:EC:E2:10:7F:EC:53:FB Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/K1F8a3njzrA4nUGrxeziEH_sU_s.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E2A61/EDC08FE6960B11ECBBE4BE64C4F9AE02/457D2B5A28DC11ED839D6243C4F9AE02.roa Signing time: Thu 17 Oct 2024 01:14:30 +0000 ROA not before: Thu 17 Oct 2024 01:14:30 +0000 ROA not after: Tue 30 Dec 2025 00:00:00 +0000 asID: 133861 IP address blocks: 43.255.28.0/24 maxlen: 24 43.255.29.0/24 maxlen: 24 43.255.30.0/24 maxlen: 24 43.255.31.0/24 maxlen: 24 103.74.192.0/24 maxlen: 24 103.74.193.0/24 maxlen: 24 103.74.194.0/24 maxlen: 24 103.74.195.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E2A61/EDC08FE6960B11ECBBE4BE64C4F9AE02/K1F8a3njzrA4nUGrxeziEH_sU_s.crl rsync://rpki.apnic.net/member_repository/A91E2A61/EDC08FE6960B11ECBBE4BE64C4F9AE02/K1F8a3njzrA4nUGrxeziEH_sU_s.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/K1F8a3njzrA4nUGrxeziEH_sU_s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 Nov 2024 20:33:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 835 (0x343) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E2A61/serialNumber=2B517C6B79E3CEB0389D41ABC5ECE2107FEC53FB Validity Not Before: Oct 17 01:14:30 2024 GMT Not After : Dec 30 00:00:00 2025 GMT Subject: CN=671064f6-0df9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:dc:43:7c:e0:e2:52:04:db:d4:82:08:3d:2e: 5e:cf:be:14:12:e3:77:5e:97:f3:a9:ed:39:e6:3d: fc:9f:35:6e:86:aa:fe:83:27:e9:4f:3c:0d:f3:59: 07:98:3a:6b:fb:b6:49:12:5d:13:ae:08:b1:aa:74: c1:37:b4:47:68:3a:6a:67:8e:69:c3:07:3e:dd:2f: c9:06:ea:a2:6a:dc:83:2e:2a:c9:76:c9:92:e3:a7: 27:05:74:2c:97:e8:d3:db:ca:a0:6a:14:0e:65:56: bf:90:0c:5e:04:c2:e1:47:9d:d5:9b:91:52:c2:4d: 18:21:62:fb:9c:68:30:fb:7d:f0:4e:cf:b4:ce:9a: d4:b5:49:a3:8b:c3:0a:76:91:37:72:2d:8e:50:8a: fb:08:04:04:e4:30:73:4d:38:c9:7c:0a:f7:71:36: ee:66:19:3d:81:02:d0:40:17:41:43:4d:6e:7f:bd: 5a:41:25:fc:84:0d:02:29:e7:01:57:3e:b1:ec:19: be:e6:f3:2d:54:f8:82:b4:49:f2:e1:57:67:5c:c9: 60:9d:ba:99:77:6f:4f:99:f4:b9:5a:1c:60:ec:a8: 2e:83:8e:1f:ca:ec:5d:46:1a:25:82:9b:03:e0:47: 6c:6d:3b:28:85:1e:6e:10:a1:04:c7:34:27:e7:ea: 3e:0f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D5:43:62:86:77:54:98:EC:69:37:BA:C1:E9:31:24:AF:3F:A0:E0:41 X509v3 Authority Key Identifier: keyid:2B:51:7C:6B:79:E3:CE:B0:38:9D:41:AB:C5:EC:E2:10:7F:EC:53:FB X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E2A61/EDC08FE6960B11ECBBE4BE64C4F9AE02/K1F8a3njzrA4nUGrxeziEH_sU_s.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/K1F8a3njzrA4nUGrxeziEH_sU_s.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E2A61/EDC08FE6960B11ECBBE4BE64C4F9AE02/457D2B5A28DC11ED839D6243C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.255.28.0/22 103.74.192.0/22 Signature Algorithm: sha256WithRSAEncryption b5:5b:0b:af:14:b1:5d:57:e3:fa:f3:83:24:f6:a6:83:fa:ed: e5:47:ac:18:c9:4f:7f:9c:6d:1b:9d:17:a1:51:9d:50:55:54: e5:54:60:76:74:d9:04:d4:dd:83:d7:b8:1d:81:4e:05:3f:e5: e5:28:bc:df:a3:0a:d1:59:76:f1:6d:78:5b:2b:5e:59:a7:c7: 68:19:7f:1a:2e:a1:8b:3f:6f:46:86:46:eb:5a:d8:4c:78:f4: e2:28:89:9f:08:47:46:38:52:2e:ec:85:35:e7:5c:76:2e:9c: 32:2e:a9:51:96:77:f6:49:88:cd:5c:8c:32:5a:3a:fd:17:99: ee:cf:83:8d:d3:4b:f4:80:be:04:2e:77:67:22:b0:a2:5f:60: 03:2e:ad:8f:17:87:26:f4:7c:11:48:0e:6f:59:90:77:b7:0d: 2a:59:9f:f8:d3:f8:a8:8f:da:11:af:1f:20:7d:78:e8:c8:94: f6:ee:ec:a2:1a:8f:70:3e:16:b3:fa:72:5d:1d:91:7e:33:0e: a8:ef:1f:b7:90:d1:05:2a:76:e4:19:eb:6b:0f:55:59:17:fb: 20:de:f0:b3:54:44:b8:f9:80:3a:81:6b:7c:b6:1d:1f:64:83: 41:fe:77:7e:2c:d6:cb:1d:b1:80:69:7d:15:01:0e:b1:27:d3: 8d:95:a7:d6 -----BEGIN CERTIFICATE----- MIIFdzCCBF+gAwIBAgICA0MwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTJBNjExMTAvBgNVBAUTKDJCNTE3QzZCNzlFM0NFQjAzODlENDFBQkM1RUNFMjEw N0ZFQzUzRkIwHhcNMjQxMDE3MDExNDMwWhcNMjUxMjMwMDAwMDAwWjAYMRYwFAYD VQQDEw02NzEwNjRmNi0wZGY5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAp9xDfODiUgTb1IIIPS5ez74UEuN3Xpfzqe055j38nzVuhqr+gyfpTzwN81kH mDpr+7ZJEl0TrgixqnTBN7RHaDpqZ45pwwc+3S/JBuqiatyDLirJdsmS46cnBXQs l+jT28qgahQOZVa/kAxeBMLhR53Vm5FSwk0YIWL7nGgw+33wTs+0zprUtUmji8MK dpE3ci2OUIr7CAQE5DBzTTjJfAr3cTbuZhk9gQLQQBdBQ01uf71aQSX8hA0CKecB Vz6x7Bm+5vMtVPiCtEny4VdnXMlgnbqZd29PmfS5Whxg7Kgug44fyuxdRholgpsD 4EdsbTsohR5uEKEExzQn5+o+DwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFNVDYoZ3 VJjsaTe6wekxJK8/oOBBMB8GA1UdIwQYMBaAFCtRfGt5486wOJ1Bq8Xs4hB/7FP7 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFMkE2MS9FREMwOEZFNjk2 MEIxMUVDQkJFNEJFNjRDNEY5QUUwMi9LMUY4YTNuanpyQTRuVUdyeGV6aUVIX3NV X3MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0sxRjhhM25qenJBNG5VR3J4ZXppRUhfc1Vfcy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RTJBNjEvRURDMDhGRTY5NjBCMTFFQ0JCRTRCRTY0QzRGOUFFMDIvNDU3RDJCNUEy OERDMTFFRDgzOUQ2MjQzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E FjAUMBIEAgABMAwDBAIr/xwDBAJnSsAwDQYJKoZIhvcNAQELBQADggEBALVbC68U sV1X4/rzgyT2poP67eVHrBjJT3+cbRudF6FRnVBVVOVUYHZ02QTU3YPXuB2BTgU/ 5eUovN+jCtFZdvFteFsrXlmnx2gZfxouoYs/b0aGRuta2Ex49OIoiZ8IR0Y4Ui7s hTXnXHYunDIuqVGWd/ZJiM1cjDJaOv0Xme7Pg43TS/SAvgQud2cisKJfYAMurY8X hyb0fBFIDm9ZkHe3DSpZn/jT+KiP2hGvHyB9eOjIlPbu7KIaj3A+FrP6cl0dkX4z DqjvH7eQ0QUqduQZ62sPVVkX+yDe8LNURLj5gDqBa3y2HR9kg0H+d34s1ssdsYBp fRUBDrEn042Vp9Y= -----END CERTIFICATE-----Generated at Thu Nov 21 01:26:06 2024 by rpki-client on console-ams.rpki-client.org