$ rpki-client -vvf rpki.apnic.net/member_repository/A91E868C/3FB93368A9DB11E984285286C4F9AE02/3FE88D863D8211EEA0E4DD46C4F9AE02.roa File: 3FE88D863D8211EEA0E4DD46C4F9AE02.roa (raw, json) Hash identifier: GkH732I1xtgGbCxpuKwxGejcreu2f5sOzAx51TVl89I= Subject key identifier: 69:25:AA:0C:79:C5:C1:0F:81:2C:1D:D4:86:98:91:90:1C:CA:4A:68 Certificate issuer: /CN=A91E868C/serialNumber=28E670C2E37012F05C63BB566E203C51DC45E2B2 Certificate serial: 0DFC Authority key identifier: 28:E6:70:C2:E3:70:12:F0:5C:63:BB:56:6E:20:3C:51:DC:45:E2:B2 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KOZwwuNwEvBcY7tWbiA8UdxF4rI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E868C/3FB93368A9DB11E984285286C4F9AE02/3FE88D863D8211EEA0E4DD46C4F9AE02.roa Signing time: Wed 04 Sep 2024 18:36:26 +0000 ROA not before: Wed 04 Sep 2024 18:36:26 +0000 ROA not after: Fri 31 Oct 2025 00:00:00 +0000 asID: 132021 IP address blocks: 103.5.0.0/22 maxlen: 22 103.5.0.0/23 maxlen: 23 103.5.0.0/24 maxlen: 24 103.5.1.0/24 maxlen: 24 103.5.2.0/23 maxlen: 23 103.5.2.0/24 maxlen: 24 103.5.3.0/24 maxlen: 24 2403:cd00::/32 maxlen: 32 2403:cd00::/33 maxlen: 33 2403:cd00:8000::/33 maxlen: 33 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E868C/3FB93368A9DB11E984285286C4F9AE02/KOZwwuNwEvBcY7tWbiA8UdxF4rI.crl rsync://rpki.apnic.net/member_repository/A91E868C/3FB93368A9DB11E984285286C4F9AE02/KOZwwuNwEvBcY7tWbiA8UdxF4rI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KOZwwuNwEvBcY7tWbiA8UdxF4rI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Nov 2024 17:50:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3580 (0xdfc) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E868C/serialNumber=28E670C2E37012F05C63BB566E203C51DC45E2B2 Validity Not Before: Sep 4 18:36:26 2024 GMT Not After : Oct 31 00:00:00 2025 GMT Subject: CN=66d8a8a9-36f3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:5b:e7:12:7b:8d:59:0b:e1:d2:ea:ec:f2:c7: b5:e5:a2:18:d1:e1:34:3e:5f:3b:1d:a6:b5:24:58: e6:22:c9:f2:6b:f2:8a:0e:80:af:0b:c0:98:c0:0c: 27:6d:1d:df:44:ef:99:85:c3:30:fa:78:3e:08:fc: 6c:0d:10:2b:7e:11:c7:c1:db:f3:e7:44:f0:59:65: 97:e6:95:af:b9:2f:9f:90:d7:36:7c:86:09:19:16: e8:3c:e2:18:76:d0:8a:b8:0d:74:ed:55:01:33:9a: 8d:27:92:bc:e4:a3:c5:a9:9d:22:29:ad:21:ea:8b: ba:8e:91:ea:a7:d3:7e:32:c2:65:4e:fb:74:ea:06: 9b:e1:b8:4c:ab:9e:47:d1:17:bc:14:e0:ca:2e:33: 4f:b6:41:63:94:92:ed:ec:fd:e3:1f:29:14:3f:4d: ad:34:b5:cc:9f:7b:89:aa:b0:69:ce:a0:2f:81:24: 29:a3:29:ea:6b:b7:5e:16:9b:52:aa:72:66:8f:f0: ec:de:67:47:c3:47:56:4d:5e:15:42:36:d6:d4:b9: 53:85:6c:62:5e:ad:c3:2c:a6:38:45:96:3a:47:c0: 8a:af:fb:58:5f:da:df:a6:e2:a0:71:51:4d:f4:45: 4e:e9:ee:91:eb:ed:85:b2:8c:85:c9:fe:73:84:e5: 80:a5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 69:25:AA:0C:79:C5:C1:0F:81:2C:1D:D4:86:98:91:90:1C:CA:4A:68 X509v3 Authority Key Identifier: keyid:28:E6:70:C2:E3:70:12:F0:5C:63:BB:56:6E:20:3C:51:DC:45:E2:B2 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E868C/3FB93368A9DB11E984285286C4F9AE02/KOZwwuNwEvBcY7tWbiA8UdxF4rI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KOZwwuNwEvBcY7tWbiA8UdxF4rI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E868C/3FB93368A9DB11E984285286C4F9AE02/3FE88D863D8211EEA0E4DD46C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.5.0.0/22 IPv6: 2403:cd00::/32 Signature Algorithm: sha256WithRSAEncryption 27:23:7c:0d:ea:70:19:cd:28:3b:f6:70:a3:9e:4b:30:ac:56: 8f:72:2e:9b:41:e9:80:be:05:3f:5b:8c:f5:ce:e5:a4:0b:b7: 4c:fd:27:a4:35:57:89:5b:7a:be:48:63:7b:03:d9:6c:e8:6d: fa:81:18:a6:ed:e8:e8:58:f8:7c:ab:f8:a7:8e:a2:91:e2:51: 5c:8c:ad:f8:6d:94:10:b7:0e:4b:a0:46:8a:63:03:e1:48:73: 92:56:99:df:0f:25:27:95:3e:7d:37:86:7b:f3:ef:73:03:49: 8f:65:cf:2a:a9:0a:dd:11:cc:a5:17:ba:e5:f2:f3:dc:d5:b4: 9d:7f:d2:6e:4a:29:bc:87:a2:3a:8e:35:49:6f:99:4b:f5:5f: 3e:ae:f8:0e:67:4f:12:a7:51:ea:ba:c6:38:03:0d:01:72:56: d9:72:04:00:25:e7:2b:8e:64:97:b1:15:3d:3b:7b:5e:2f:2e: 66:03:df:2a:34:93:a6:35:dc:c8:f7:0b:47:0f:32:92:39:29: 96:7c:bf:a1:64:9d:2b:13:a9:90:b0:10:d0:db:17:aa:01:37: ae:b5:57:59:9e:ed:4e:0d:74:65:3b:fc:6a:e1:97:4b:36:9e: 81:91:53:30:2c:84:91:85:90:7c:c7:ef:ec:ff:df:ac:e5:00: 0f:14:24:28 -----BEGIN CERTIFICATE----- MIIFgDCCBGigAwIBAgICDfwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTg2OEMxMTAvBgNVBAUTKDI4RTY3MEMyRTM3MDEyRjA1QzYzQkI1NjZFMjAzQzUx REM0NUUyQjIwHhcNMjQwOTA0MTgzNjI2WhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NmQ4YThhOS0zNmYzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAsFvnEnuNWQvh0urs8se15aIY0eE0Pl87Haa1JFjmIsnya/KKDoCvC8CYwAwn bR3fRO+ZhcMw+ng+CPxsDRArfhHHwdvz50TwWWWX5pWvuS+fkNc2fIYJGRboPOIY dtCKuA107VUBM5qNJ5K85KPFqZ0iKa0h6ou6jpHqp9N+MsJlTvt06gab4bhMq55H 0Re8FODKLjNPtkFjlJLt7P3jHykUP02tNLXMn3uJqrBpzqAvgSQpoynqa7deFptS qnJmj/Ds3mdHw0dWTV4VQjbW1LlThWxiXq3DLKY4RZY6R8CKr/tYX9rfpuKgcVFN 9EVO6e6R6+2FsoyFyf5zhOWApQIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFGklqgx5 xcEPgSwd1IaYkZAcykpoMB8GA1UdIwQYMBaAFCjmcMLjcBLwXGO7Vm4gPFHcReKy MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFODY4Qy8zRkI5MzM2OEE5 REIxMUU5ODQyODUyODZDNEY5QUUwMi9LT1p3d3VOd0V2QmNZN3RXYmlBOFVkeEY0 ckkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0tPWnd3dU53RXZCY1k3dFdiaUE4VWR4RjRySS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RTg2OEMvM0ZCOTMzNjhBOURCMTFFOTg0Mjg1Mjg2QzRGOUFFMDIvM0ZFODhEODYz RDgyMTFFRUEwRTRERDQ2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E HzAdMAwEAgABMAYDBAJnBQAwDQQCAAIwBwMFACQDzQAwDQYJKoZIhvcNAQELBQAD ggEBACcjfA3qcBnNKDv2cKOeSzCsVo9yLptB6YC+BT9bjPXO5aQLt0z9J6Q1V4lb er5IY3sD2WzobfqBGKbt6OhY+Hyr+KeOopHiUVyMrfhtlBC3DkugRopjA+FIc5JW md8PJSeVPn03hnvz73MDSY9lzyqpCt0RzKUXuuXy89zVtJ1/0m5KKbyHojqONUlv mUv1Xz6u+A5nTxKnUeq6xjgDDQFyVtlyBAAl5yuOZJexFT07e14vLmYD3yo0k6Y1 3Mj3C0cPMpI5KZZ8v6FknSsTqZCwENDbF6oBN661V1me7U4NdGU7/Grhl0s2noGR UzAshJGFkHzH7+z/36zlAA8UJCg= -----END CERTIFICATE-----Generated at Fri Nov 22 19:50:21 2024 by rpki-client on console-ams.rpki-client.org