$ rpki-client -vvf rpki.apnic.net/member_repository/A91E892A/F810E9A4881511E78BF7D14EC4F9AE02/D421D958881611E78B9B0850C4F9AE02.roa File: D421D958881611E78B9B0850C4F9AE02.roa (raw, json) Hash identifier: CS+09tEdeSx7uIOBkaLSiPeVYQX/xw7ybPJk0cnYVHY= Subject key identifier: 79:1B:B9:26:16:58:5F:2A:A1:AB:C5:FE:65:EA:11:51:FC:BD:C0:D5 Certificate issuer: /CN=A91E892A/serialNumber=23B96037AB8AD237E6326F7ED0F81E318E8A14AB Certificate serial: 186B Authority key identifier: 23:B9:60:37:AB:8A:D2:37:E6:32:6F:7E:D0:F8:1E:31:8E:8A:14:AB Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/I7lgN6uK0jfmMm9-0PgeMY6KFKs.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E892A/F810E9A4881511E78BF7D14EC4F9AE02/D421D958881611E78B9B0850C4F9AE02.roa Signing time: Wed 04 Sep 2024 16:54:12 +0000 ROA not before: Wed 04 Sep 2024 16:54:12 +0000 ROA not after: Mon 01 Dec 2025 00:00:00 +0000 asID: 136926 IP address blocks: 103.99.42.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E892A/F810E9A4881511E78BF7D14EC4F9AE02/I7lgN6uK0jfmMm9-0PgeMY6KFKs.crl rsync://rpki.apnic.net/member_repository/A91E892A/F810E9A4881511E78BF7D14EC4F9AE02/I7lgN6uK0jfmMm9-0PgeMY6KFKs.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/I7lgN6uK0jfmMm9-0PgeMY6KFKs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Nov 2024 16:29:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6251 (0x186b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E892A/serialNumber=23B96037AB8AD237E6326F7ED0F81E318E8A14AB Validity Not Before: Sep 4 16:54:12 2024 GMT Not After : Dec 1 00:00:00 2025 GMT Subject: CN=66d890b4-766e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:62:4f:55:f1:2e:df:69:c3:dc:f4:a7:6f:45: d4:c0:17:c7:6e:5a:67:4e:91:f7:f2:ea:ff:5d:37: 41:fb:04:5e:b9:73:3a:e0:00:e3:f8:4d:90:d7:0f: 8b:9a:3c:40:00:4f:d8:9d:68:90:13:18:63:eb:37: 9b:4a:3e:f3:1c:c8:e0:83:1a:6c:14:33:16:c0:e3: d6:45:ae:96:c5:bb:08:01:dd:49:0b:d2:bf:aa:02: d3:78:39:a8:2d:a1:b6:88:6d:7e:58:e3:1d:d4:48: 4c:0f:a3:fc:64:f4:03:23:50:86:ac:7e:cb:81:c6: ec:b8:cb:7e:62:ad:b9:64:2e:73:7f:1c:12:c5:f1: 5e:01:10:36:3d:01:be:4b:32:a2:8a:79:a1:ed:1d: aa:63:c8:c8:8b:99:fe:de:cb:a5:0e:45:35:8b:fd: 85:32:b4:35:10:b2:da:32:37:91:87:0a:83:78:12: f3:ff:9d:3e:7e:76:fa:98:60:ea:1a:94:9e:ed:b8: 0b:bb:67:ac:5d:12:2d:c6:f3:bc:26:97:8d:70:52: fc:e9:bb:ca:7e:1f:33:d0:07:ba:54:15:09:fa:a8: 91:df:d2:6a:a1:66:bd:69:26:db:a9:3f:2f:0d:df: 7c:af:1d:bd:3f:9f:4b:02:89:d1:55:12:96:ab:01: 80:7f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 79:1B:B9:26:16:58:5F:2A:A1:AB:C5:FE:65:EA:11:51:FC:BD:C0:D5 X509v3 Authority Key Identifier: keyid:23:B9:60:37:AB:8A:D2:37:E6:32:6F:7E:D0:F8:1E:31:8E:8A:14:AB X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E892A/F810E9A4881511E78BF7D14EC4F9AE02/I7lgN6uK0jfmMm9-0PgeMY6KFKs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/I7lgN6uK0jfmMm9-0PgeMY6KFKs.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E892A/F810E9A4881511E78BF7D14EC4F9AE02/D421D958881611E78B9B0850C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.99.42.0/24 Signature Algorithm: sha256WithRSAEncryption 2b:58:82:2d:d2:14:25:b6:49:d9:c8:f8:d3:42:f8:6c:f8:98: 8b:a3:15:bb:7c:d2:8c:b9:2e:94:0a:81:c2:56:8a:23:34:82: e2:12:ab:5c:ef:e4:1d:ef:3a:d8:66:e5:8d:bf:40:ca:85:12: 85:78:f8:0d:27:92:2f:7b:b3:c7:e4:9c:77:04:1e:f2:68:1a: 8c:aa:fc:0a:eb:e7:03:0a:a4:e0:a6:c9:1e:f2:5f:f7:49:19: 55:a1:2f:59:fe:2e:d7:31:82:00:08:55:6a:34:51:80:4a:02: 3d:87:63:a7:89:5a:2b:ce:de:04:56:48:f1:28:16:75:b5:f8: cf:e2:c1:24:48:61:20:19:f1:7f:95:98:aa:d6:2c:f1:e6:5d: d3:6f:6d:07:cd:b9:1c:0b:34:a9:3f:3b:34:40:24:df:4e:90: 4c:e2:70:cf:48:c2:8b:be:c7:a4:4d:b9:94:45:4f:fa:d6:bb: 81:82:dd:22:5a:a9:b4:e4:51:8d:ac:40:f1:97:e5:4f:b6:0d: ce:9d:28:93:94:8f:18:ad:f2:f2:11:07:b3:60:75:d4:0e:17: ab:25:e2:60:7b:e1:97:78:5a:33:f5:d7:75:5a:68:f0:7a:f1: ae:e8:31:65:05:a5:38:1e:29:0f:93:08:cb:73:24:86:86:8a: ba:2a:69:f6 -----BEGIN CERTIFICATE----- MIIFcTCCBFmgAwIBAgICGGswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTg5MkExMTAvBgNVBAUTKDIzQjk2MDM3QUI4QUQyMzdFNjMyNkY3RUQwRjgxRTMx OEU4QTE0QUIwHhcNMjQwOTA0MTY1NDEyWhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD VQQDEw02NmQ4OTBiNC03NjZlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA2GJPVfEu32nD3PSnb0XUwBfHblpnTpH38ur/XTdB+wReuXM64ADj+E2Q1w+L mjxAAE/YnWiQExhj6zebSj7zHMjggxpsFDMWwOPWRa6WxbsIAd1JC9K/qgLTeDmo LaG2iG1+WOMd1EhMD6P8ZPQDI1CGrH7LgcbsuMt+Yq25ZC5zfxwSxfFeARA2PQG+ SzKiinmh7R2qY8jIi5n+3sulDkU1i/2FMrQ1ELLaMjeRhwqDeBLz/50+fnb6mGDq GpSe7bgLu2esXRItxvO8JpeNcFL86bvKfh8z0Ae6VBUJ+qiR39JqoWa9aSbbqT8v Dd98rx29P59LAonRVRKWqwGAfwIDAQABo4IClTCCApEwHQYDVR0OBBYEFHkbuSYW WF8qoavF/mXqEVH8vcDVMB8GA1UdIwQYMBaAFCO5YDeritI35jJvftD4HjGOihSr MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFODkyQS9GODEwRTlBNDg4 MTUxMUU3OEJGN0QxNEVDNEY5QUUwMi9JN2xnTjZ1SzBqZm1NbTktMFBnZU1ZNktG S3MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0k3bGdONnVLMGpmbU1tOS0wUGdlTVk2S0ZLcy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RTg5MkEvRjgxMEU5QTQ4ODE1MTFFNzhCRjdEMTRFQzRGOUFFMDIvRDQyMUQ5NTg4 ODE2MTFFNzhCOUIwODUwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E EDAOMAwEAgABMAYDBABnYyowDQYJKoZIhvcNAQELBQADggEBACtYgi3SFCW2SdnI +NNC+Gz4mIujFbt80oy5LpQKgcJWiiM0guISq1zv5B3vOthm5Y2/QMqFEoV4+A0n ki97s8fknHcEHvJoGoyq/Arr5wMKpOCmyR7yX/dJGVWhL1n+LtcxggAIVWo0UYBK Aj2HY6eJWivO3gRWSPEoFnW1+M/iwSRIYSAZ8X+VmKrWLPHmXdNvbQfNuRwLNKk/ OzRAJN9OkEzicM9Iwou+x6RNuZRFT/rWu4GC3SJaqbTkUY2sQPGX5U+2Dc6dKJOU jxit8vIRB7NgddQOF6sl4mB74Zd4WjP113VaaPB68a7oMWUFpTgeKQ+TCMtzJIaG iroqafY= -----END CERTIFICATE-----Generated at Fri Nov 22 19:50:21 2024 by rpki-client on console-ams.rpki-client.org