$ rpki-client -vvf rpki.apnic.net/member_repository/A91E80FB/628D520C8FB611EC92BD2510C4F9AE02/CFA920BC8FB811EC92086311C4F9AE02.roa File: CFA920BC8FB811EC92086311C4F9AE02.roa (raw, json) Hash identifier: 1OBuY5MU83EkVfnkNYYd7uHi9h21/DvPnEdx+2Gx7SA= Subject key identifier: 94:6B:0A:F3:B8:2F:1D:34:58:06:74:D7:77:D8:A0:01:AE:EC:71:6E Certificate issuer: /CN=A91E80FB/serialNumber=4085AE134B6338A127657283EBBC16C12F20B862 Certificate serial: 02FB Authority key identifier: 40:85:AE:13:4B:63:38:A1:27:65:72:83:EB:BC:16:C1:2F:20:B8:62 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QIWuE0tjOKEnZXKD67wWwS8guGI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E80FB/628D520C8FB611EC92BD2510C4F9AE02/CFA920BC8FB811EC92086311C4F9AE02.roa Signing time: Thu 09 May 2024 10:19:24 +0000 ROA not before: Thu 09 May 2024 10:19:24 +0000 ROA not after: Mon 31 Mar 2025 00:00:00 +0000 asID: 141688 IP address blocks: 103.162.4.0/23 maxlen: 23 103.162.4.0/24 maxlen: 24 103.162.5.0/24 maxlen: 24 2407:bc0::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E80FB/628D520C8FB611EC92BD2510C4F9AE02/QIWuE0tjOKEnZXKD67wWwS8guGI.crl rsync://rpki.apnic.net/member_repository/A91E80FB/628D520C8FB611EC92BD2510C4F9AE02/QIWuE0tjOKEnZXKD67wWwS8guGI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QIWuE0tjOKEnZXKD67wWwS8guGI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Nov 2024 20:43:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 763 (0x2fb) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E80FB/serialNumber=4085AE134B6338A127657283EBBC16C12F20B862 Validity Not Before: May 9 10:19:24 2024 GMT Not After : Mar 31 00:00:00 2025 GMT Subject: CN=663ca32b-6ad0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:06:af:78:6e:d1:13:91:43:0a:fa:f1:ea:e2: 9a:5f:fd:37:68:1e:7f:15:f3:01:5f:d8:11:d1:c7: 2f:6d:5a:ea:b3:f4:89:87:ef:71:cf:dc:5d:96:8c: 78:b3:63:3e:e6:c0:83:db:3d:19:18:a0:cf:79:d7: f6:63:62:44:55:ca:e0:96:87:35:d9:d6:f2:96:81: 3f:e6:69:bd:be:f8:62:58:9b:d2:2d:cf:67:93:14: 7e:1d:d5:56:ea:9a:73:ce:79:e2:e5:f6:cb:53:7f: 51:2e:f9:10:13:ee:45:35:e5:d5:c9:44:e3:54:cb: 49:c9:12:30:45:18:b4:9b:65:ae:16:d6:eb:58:9c: fc:c5:00:3e:7d:83:81:7c:e9:1f:14:4f:ca:36:57: 45:98:b6:46:cd:1d:a7:69:23:92:aa:94:72:58:33: 2e:4e:49:de:d2:16:11:52:8a:0a:43:10:13:33:0d: ea:f8:3a:3b:52:1e:94:fa:b5:5c:88:d2:40:a4:06: 71:1b:2c:ee:54:29:a5:c8:d7:2f:03:7c:7e:82:e0: 43:d9:69:be:ba:52:c6:a3:d7:b6:ce:85:84:55:15: 79:cb:c2:3c:40:04:57:e8:84:45:c4:d7:ad:09:d5: e5:ae:f8:8e:cc:6b:4f:69:97:2e:18:2d:ca:98:2e: 03:97 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 94:6B:0A:F3:B8:2F:1D:34:58:06:74:D7:77:D8:A0:01:AE:EC:71:6E X509v3 Authority Key Identifier: keyid:40:85:AE:13:4B:63:38:A1:27:65:72:83:EB:BC:16:C1:2F:20:B8:62 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E80FB/628D520C8FB611EC92BD2510C4F9AE02/QIWuE0tjOKEnZXKD67wWwS8guGI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QIWuE0tjOKEnZXKD67wWwS8guGI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E80FB/628D520C8FB611EC92BD2510C4F9AE02/CFA920BC8FB811EC92086311C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.162.4.0/23 IPv6: 2407:bc0::/32 Signature Algorithm: sha256WithRSAEncryption 52:75:99:4e:ed:9b:a3:50:d6:d0:4c:c6:d3:09:e1:01:3e:e3: b7:d4:4b:18:2b:80:da:ba:16:03:e0:97:16:30:a7:b7:c3:59: 60:0b:c6:3f:79:b2:35:d1:ec:35:a7:e3:1d:7b:ed:e7:50:d4: fa:fa:3b:cd:63:12:f1:7f:e4:c9:fc:72:91:30:12:e9:dd:12: 8d:92:b7:aa:b4:ad:40:39:0f:44:5c:1e:4b:29:3e:19:f8:1b: 2e:d2:ec:47:fe:ab:d1:c1:82:8f:12:73:79:f3:2e:9c:bc:26: bb:43:6c:19:3f:94:51:e5:c4:d5:aa:63:2e:d5:24:2e:18:48: 9b:05:8c:34:85:fa:17:0f:83:a7:1f:55:f9:bc:71:76:1e:26: d8:76:39:cb:e2:73:41:b5:e6:e1:ea:69:bc:8b:4a:7c:b4:97: 3d:a2:9a:ff:83:fc:d1:ac:c8:e6:af:29:09:55:f1:f1:b9:c4: 42:8e:ec:ab:dc:a0:ae:df:7f:6c:a9:8f:1b:c2:10:7f:23:cc: d5:58:93:dc:f6:58:de:60:93:d5:b7:a2:d6:fa:0a:4c:27:5b: e4:23:02:c5:6a:69:04:a9:d4:df:b7:08:3a:ca:3d:85:c1:4b: fa:53:98:bf:82:46:13:48:a6:a4:e5:4c:5e:55:9e:1c:93:80: 5b:fe:32:3e -----BEGIN CERTIFICATE----- MIIFgDCCBGigAwIBAgICAvswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTgwRkIxMTAvBgNVBAUTKDQwODVBRTEzNEI2MzM4QTEyNzY1NzI4M0VCQkMxNkMx MkYyMEI4NjIwHhcNMjQwNTA5MTAxOTI0WhcNMjUwMzMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NjNjYTMyYi02YWQwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvwaveG7RE5FDCvrx6uKaX/03aB5/FfMBX9gR0ccvbVrqs/SJh+9xz9xdlox4 s2M+5sCD2z0ZGKDPedf2Y2JEVcrgloc12dbyloE/5mm9vvhiWJvSLc9nkxR+HdVW 6ppzznni5fbLU39RLvkQE+5FNeXVyUTjVMtJyRIwRRi0m2WuFtbrWJz8xQA+fYOB fOkfFE/KNldFmLZGzR2naSOSqpRyWDMuTkne0hYRUooKQxATMw3q+Do7Uh6U+rVc iNJApAZxGyzuVCmlyNcvA3x+guBD2Wm+ulLGo9e2zoWEVRV5y8I8QARX6IRFxNet CdXlrviOzGtPaZcuGC3KmC4DlwIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFJRrCvO4 Lx00WAZ013fYoAGu7HFuMB8GA1UdIwQYMBaAFECFrhNLYzihJ2Vyg+u8FsEvILhi MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFODBGQi82MjhENTIwQzhG QjYxMUVDOTJCRDI1MTBDNEY5QUUwMi9RSVd1RTB0ak9LRW5aWEtENjd3V3dTOGd1 R0kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1FJV3VFMHRqT0tFblpYS0Q2N3dXd1M4Z3VHSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RTgwRkIvNjI4RDUyMEM4RkI2MTFFQzkyQkQyNTEwQzRGOUFFMDIvQ0ZBOTIwQkM4 RkI4MTFFQzkyMDg2MzExQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E HzAdMAwEAgABMAYDBAFnogQwDQQCAAIwBwMFACQHC8AwDQYJKoZIhvcNAQELBQAD ggEBAFJ1mU7tm6NQ1tBMxtMJ4QE+47fUSxgrgNq6FgPglxYwp7fDWWALxj95sjXR 7DWn4x177edQ1Pr6O81jEvF/5Mn8cpEwEundEo2St6q0rUA5D0RcHkspPhn4Gy7S 7Ef+q9HBgo8Sc3nzLpy8JrtDbBk/lFHlxNWqYy7VJC4YSJsFjDSF+hcPg6cfVfm8 cXYeJth2Ocvic0G15uHqabyLSny0lz2imv+D/NGsyOavKQlV8fG5xEKO7KvcoK7f f2ypjxvCEH8jzNVYk9z2WN5gk9W3otb6CkwnW+QjAsVqaQSp1N+3CDrKPYXBS/pT mL+CRhNIpqTlTF5VnhyTgFv+Mj4= -----END CERTIFICATE-----Generated at Sat Nov 23 01:27:29 2024 by rpki-client on console-ams.rpki-client.org