$ rpki-client -vvf rpki.apnic.net/member_repository/A91E9721/8AEC2AC43FC411E992A3E62DC4F9AE02/16EA264C3FC611E9A0E68A30C4F9AE02.roa File: 16EA264C3FC611E9A0E68A30C4F9AE02.roa (raw, json) Hash identifier: y5NX1YIUJkNfdZYbpVfh0lEdhrqmAzue7Svt0KDhStg= Subject key identifier: 39:26:4B:BB:C2:87:05:6F:BB:83:80:21:08:FF:5A:9A:39:44:86:D1 Certificate issuer: /CN=A91E9721/serialNumber=7DA589CED57F1E5CC48603D1384223936E16027E Certificate serial: 0F96 Authority key identifier: 7D:A5:89:CE:D5:7F:1E:5C:C4:86:03:D1:38:42:23:93:6E:16:02:7E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/faWJztV_HlzEhgPROEIjk24WAn4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E9721/8AEC2AC43FC411E992A3E62DC4F9AE02/16EA264C3FC611E9A0E68A30C4F9AE02.roa Signing time: Sat 06 Jul 2024 18:05:36 +0000 ROA not before: Sat 06 Jul 2024 18:05:36 +0000 ROA not after: Tue 30 Sep 2025 00:00:00 +0000 asID: 45259 IP address blocks: 103.139.109.0/24 maxlen: 24 202.59.230.0/24 maxlen: 24 202.90.36.0/24 maxlen: 24 2001:df1:ba00::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E9721/8AEC2AC43FC411E992A3E62DC4F9AE02/faWJztV_HlzEhgPROEIjk24WAn4.crl rsync://rpki.apnic.net/member_repository/A91E9721/8AEC2AC43FC411E992A3E62DC4F9AE02/faWJztV_HlzEhgPROEIjk24WAn4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/faWJztV_HlzEhgPROEIjk24WAn4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Nov 2024 17:27:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3990 (0xf96) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E9721/serialNumber=7DA589CED57F1E5CC48603D1384223936E16027E Validity Not Before: Jul 6 18:05:36 2024 GMT Not After : Sep 30 00:00:00 2025 GMT Subject: CN=66898770-4741 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:9c:27:84:2c:86:9b:c3:43:71:1b:92:d9:ad: ce:81:ab:25:08:76:be:6a:7e:68:dd:15:b4:da:22: a4:5e:da:36:f9:04:7f:77:be:c9:ca:24:77:c0:a0: 06:f5:bd:f0:5d:d8:ae:26:43:6b:7e:97:95:10:4c: a9:22:90:c2:30:a1:99:2f:f0:bb:89:69:54:95:e7: 89:4f:3e:e7:dc:95:60:98:c8:92:ab:04:f1:d8:81: c3:4c:e9:48:3f:1d:41:d3:94:a4:55:ff:e5:d0:87: 34:e0:a5:8a:4d:e7:85:d7:62:08:80:44:d7:b2:44: 0b:61:38:72:0c:5a:ba:3c:5a:33:8f:fb:0c:08:67: 6a:6d:f5:3e:a9:77:24:1e:be:b7:91:55:30:ea:ae: 4a:24:d7:b6:2f:99:8e:8b:7f:2a:65:5f:cf:44:ca: a7:bc:7a:e1:aa:ae:66:c0:5b:11:d3:13:25:d0:70: 6f:0b:40:a4:73:66:0e:b3:76:19:eb:1c:9b:b2:16: 4c:2d:bd:32:da:c6:8b:e5:6c:c6:f1:65:f1:c0:78: ce:00:53:7a:8b:d9:40:1f:fb:01:2a:63:5e:ae:65: 89:15:a4:ea:2c:52:83:77:81:66:8b:a3:1a:cb:66: cf:22:4b:92:b9:a3:17:2d:93:8f:21:2d:08:a6:e4: 37:c1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 39:26:4B:BB:C2:87:05:6F:BB:83:80:21:08:FF:5A:9A:39:44:86:D1 X509v3 Authority Key Identifier: keyid:7D:A5:89:CE:D5:7F:1E:5C:C4:86:03:D1:38:42:23:93:6E:16:02:7E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E9721/8AEC2AC43FC411E992A3E62DC4F9AE02/faWJztV_HlzEhgPROEIjk24WAn4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/faWJztV_HlzEhgPROEIjk24WAn4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E9721/8AEC2AC43FC411E992A3E62DC4F9AE02/16EA264C3FC611E9A0E68A30C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.139.109.0/24 202.59.230.0/24 202.90.36.0/24 IPv6: 2001:df1:ba00::/48 Signature Algorithm: sha256WithRSAEncryption 2d:c9:c9:97:a3:bc:7f:e4:89:3d:a1:86:59:ae:09:f8:ff:a6: 8f:22:b8:6c:e6:0b:6c:3d:65:3f:28:1c:99:36:1f:3e:41:bb: 0e:11:49:ed:88:13:c5:1c:70:19:9b:29:d8:07:9b:e1:ba:4c: 8f:a7:fe:04:62:c3:0e:4c:2d:e2:b6:9d:21:ab:40:08:20:df: 38:62:b5:dc:d0:7d:fe:32:cf:7d:f0:2a:af:8c:43:09:55:66: ef:66:08:9d:7d:d2:64:3a:50:4d:3f:9d:df:7c:cf:3e:96:56: 35:37:71:b7:01:b0:2e:5e:e8:76:fe:ff:35:65:ad:38:b4:5b: 51:9f:57:58:12:d7:4c:c3:e9:1c:30:e6:80:13:31:e4:96:ec: e0:6f:3b:14:10:e9:c5:b9:3d:8a:9b:03:1f:8d:2c:ea:ef:4e: e0:82:21:fd:fe:93:8b:3e:e8:b0:c9:5f:ac:9a:bb:2f:a1:3c: 92:87:77:27:53:1e:1b:19:66:49:88:9c:ae:24:48:8e:4e:98: 16:d1:87:a7:8a:0c:78:44:11:5e:90:fb:ed:94:1a:4f:95:ff: 25:4d:b1:93:d2:64:85:4d:36:f9:82:ad:cc:06:2a:10:68:7c: 77:dd:97:a6:71:9f:c5:ea:a3:67:0d:ff:3b:42:df:5d:37:ba: 91:bb:41:9f -----BEGIN CERTIFICATE----- MIIFjjCCBHagAwIBAgICD5YwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTk3MjExMTAvBgNVBAUTKDdEQTU4OUNFRDU3RjFFNUNDNDg2MDNEMTM4NDIyMzkz NkUxNjAyN0UwHhcNMjQwNzA2MTgwNTM2WhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD VQQDEw02Njg5ODc3MC00NzQxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAv5wnhCyGm8NDcRuS2a3OgaslCHa+an5o3RW02iKkXto2+QR/d77JyiR3wKAG 9b3wXdiuJkNrfpeVEEypIpDCMKGZL/C7iWlUleeJTz7n3JVgmMiSqwTx2IHDTOlI Px1B05SkVf/l0Ic04KWKTeeF12IIgETXskQLYThyDFq6PFozj/sMCGdqbfU+qXck Hr63kVUw6q5KJNe2L5mOi38qZV/PRMqnvHrhqq5mwFsR0xMl0HBvC0Ckc2YOs3YZ 6xybshZMLb0y2saL5WzG8WXxwHjOAFN6i9lAH/sBKmNermWJFaTqLFKDd4Fmi6Ma y2bPIkuSuaMXLZOPIS0IpuQ3wQIDAQABo4ICsjCCAq4wHQYDVR0OBBYEFDkmS7vC hwVvu4OAIQj/Wpo5RIbRMB8GA1UdIwQYMBaAFH2lic7Vfx5cxIYD0ThCI5NuFgJ+ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFOTcyMS84QUVDMkFDNDNG QzQxMUU5OTJBM0U2MkRDNEY5QUUwMi9mYVdKenRWX0hsekVoZ1BST0VJamsyNFdB bjQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2ZhV0p6dFZfSGx6RWhnUFJPRUlqazI0V0FuNC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RTk3MjEvOEFFQzJBQzQzRkM0MTFFOTkyQTNFNjJEQzRGOUFFMDIvMTZFQTI2NEMz RkM2MTFFOUEwRTY4QTMwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwPAYIKwYBBQUHAQcBAf8E LTArMBgEAgABMBIDBABni20DBADKO+YDBADKWiQwDwQCAAIwCQMHACABDfG6ADAN BgkqhkiG9w0BAQsFAAOCAQEALcnJl6O8f+SJPaGGWa4J+P+mjyK4bOYLbD1lPygc mTYfPkG7DhFJ7YgTxRxwGZsp2Aeb4bpMj6f+BGLDDkwt4radIatACCDfOGK13NB9 /jLPffAqr4xDCVVm72YInX3SZDpQTT+d33zPPpZWNTdxtwGwLl7odv7/NWWtOLRb UZ9XWBLXTMPpHDDmgBMx5Jbs4G87FBDpxbk9ipsDH40s6u9O4IIh/f6Tiz7osMlf rJq7L6E8kod3J1MeGxlmSYicriRIjk6YFtGHp4oMeEQRXpD77ZQaT5X/JU2xk9Jk hU02+YKtzAYqEGh8d92XpnGfxeqjZw3/O0LfXTe6kbtBnw== -----END CERTIFICATE-----Generated at Fri Nov 22 19:50:22 2024 by rpki-client on console-ams.rpki-client.org