$ rpki-client -vvf rpki.apnic.net/member_repository/A91E9BC4/92E821F0A46011E9810A5C0BC4F9AE02/3B495FFCA46211E9B730310FC4F9AE02.roa File: 3B495FFCA46211E9B730310FC4F9AE02.roa (raw, json) Hash identifier: 9CcirKqxpdNHPxtXI8/MHTjJYP2t94IiPdFAh8Rx4sE= Subject key identifier: FE:9C:3B:AE:4A:56:4A:8A:ED:8E:36:D2:EA:DE:C6:32:7E:91:70:E5 Certificate issuer: /CN=A91E9BC4/serialNumber=83CE853A7A66EAB9E1F23346711D3DC97D575978 Certificate serial: 0D5F Authority key identifier: 83:CE:85:3A:7A:66:EA:B9:E1:F2:33:46:71:1D:3D:C9:7D:57:59:78 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/g86FOnpm6rnh8jNGcR09yX1XWXg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E9BC4/92E821F0A46011E9810A5C0BC4F9AE02/3B495FFCA46211E9B730310FC4F9AE02.roa Signing time: Mon 08 Apr 2024 18:57:17 +0000 ROA not before: Mon 08 Apr 2024 18:57:17 +0000 ROA not after: Tue 01 Jul 2025 00:00:00 +0000 asID: 55482 IP address blocks: 103.78.32.0/24 maxlen: 24 103.78.33.0/24 maxlen: 24 103.78.34.0/24 maxlen: 24 103.78.35.0/24 maxlen: 24 182.173.72.0/22 maxlen: 22 182.173.72.0/24 maxlen: 24 182.173.73.0/24 maxlen: 24 182.173.74.0/24 maxlen: 24 182.173.75.0/24 maxlen: 24 2401:3140::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E9BC4/92E821F0A46011E9810A5C0BC4F9AE02/g86FOnpm6rnh8jNGcR09yX1XWXg.crl rsync://rpki.apnic.net/member_repository/A91E9BC4/92E821F0A46011E9810A5C0BC4F9AE02/g86FOnpm6rnh8jNGcR09yX1XWXg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/g86FOnpm6rnh8jNGcR09yX1XWXg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 23 May 2024 18:35:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3423 (0xd5f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E9BC4/serialNumber=83CE853A7A66EAB9E1F23346711D3DC97D575978 Validity Not Before: Apr 8 18:57:17 2024 GMT Not After : Jul 1 00:00:00 2025 GMT Subject: CN=66143e0c-48d5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:bb:0f:a2:26:90:ba:96:0c:f0:98:f6:5c:72: bd:16:16:8f:54:51:bd:b4:d5:74:fb:6a:b1:18:1f: 78:6c:bc:da:06:1b:d1:aa:22:f9:e5:c7:b3:7d:fa: f2:b1:4f:8a:e4:41:75:ff:45:0b:e7:3a:92:b1:8f: 29:34:c9:22:24:87:9c:73:99:31:5e:19:b4:46:cb: b4:96:90:b9:62:28:b9:86:5a:82:49:4a:1d:c0:ff: 6c:64:95:48:1f:8f:6b:45:5d:d8:91:3c:cc:ec:67: 9b:93:2e:28:e8:2b:b7:ad:ea:13:bf:a7:86:04:ab: e5:c7:83:9b:f3:31:3c:43:44:8c:b0:6a:68:ae:b2: 76:a4:c8:5d:51:5d:bc:de:93:88:e5:c7:7c:75:a5: 07:b3:22:78:89:93:1b:5f:9d:93:73:36:1e:ac:0b: 72:ed:ff:32:3f:72:78:bb:e4:0a:f6:60:d5:ca:17: 07:db:14:43:43:62:c2:b2:1b:5b:d4:27:e5:94:b5: 98:73:80:f5:59:29:4a:21:a3:49:71:2b:4b:8f:e7: d6:8a:49:1f:93:a2:3d:8f:dd:27:ba:39:12:b6:1f: 8f:cb:14:7d:95:4e:e1:03:83:47:a3:d8:f8:e4:39: e8:48:9b:10:df:c8:c8:e9:e5:5a:15:2b:bc:05:49: f6:09 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FE:9C:3B:AE:4A:56:4A:8A:ED:8E:36:D2:EA:DE:C6:32:7E:91:70:E5 X509v3 Authority Key Identifier: keyid:83:CE:85:3A:7A:66:EA:B9:E1:F2:33:46:71:1D:3D:C9:7D:57:59:78 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E9BC4/92E821F0A46011E9810A5C0BC4F9AE02/g86FOnpm6rnh8jNGcR09yX1XWXg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/g86FOnpm6rnh8jNGcR09yX1XWXg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E9BC4/92E821F0A46011E9810A5C0BC4F9AE02/3B495FFCA46211E9B730310FC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.78.32.0/22 182.173.72.0/22 IPv6: 2401:3140::/48 Signature Algorithm: sha256WithRSAEncryption 26:e3:b6:10:f8:06:3b:b3:e0:4b:76:db:b8:8a:74:41:7d:e5: 25:6b:3c:f1:dc:2d:6d:f9:5a:72:fd:91:ec:f5:21:96:21:b2: 17:5a:e8:73:e0:e0:1c:6b:b4:db:3d:3a:67:7e:69:cb:e0:2b: 63:18:87:85:1f:b0:12:21:96:76:cb:4c:3c:30:e5:78:20:0b: d5:9b:c5:bb:39:0d:32:39:e6:89:63:f5:0d:29:c0:74:3c:1e: 83:00:44:7d:28:58:cf:79:22:1d:34:3a:6d:eb:07:2d:9f:ab: 27:d4:1a:80:46:33:0b:d9:a1:46:d0:3b:f2:9c:ee:6e:02:b1: 2b:25:fc:dc:20:27:33:64:e6:f8:1f:78:01:74:d0:8c:50:f4: 1b:8b:75:09:47:51:55:e3:39:9f:5d:cb:ab:2d:97:94:5a:d0: 33:39:46:ca:e0:4f:8c:2b:df:7b:7d:52:81:8f:81:9b:0c:32: 0a:73:31:54:ec:c4:0a:e1:17:24:33:4d:a3:49:c2:c6:00:22: 2b:e7:6c:20:5a:1d:51:3d:f2:b7:d4:58:e1:12:be:e2:bd:ab: ef:1c:ae:b8:19:9e:f6:62:63:27:60:5c:45:b9:41:83:0f:17: 97:3b:7a:26:1b:ab:65:ad:73:17:c3:8f:a4:ba:9e:d7:c7:1e: aa:3f:f0:b7 -----BEGIN CERTIFICATE----- MIIFiDCCBHCgAwIBAgICDV8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTlCQzQxMTAvBgNVBAUTKDgzQ0U4NTNBN0E2NkVBQjlFMUYyMzM0NjcxMUQzREM5 N0Q1NzU5NzgwHhcNMjQwNDA4MTg1NzE3WhcNMjUwNzAxMDAwMDAwWjAYMRYwFAYD VQQDEw02NjE0M2UwYy00OGQ1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvLsPoiaQupYM8Jj2XHK9FhaPVFG9tNV0+2qxGB94bLzaBhvRqiL55cezffry sU+K5EF1/0UL5zqSsY8pNMkiJIecc5kxXhm0Rsu0lpC5Yii5hlqCSUodwP9sZJVI H49rRV3YkTzM7Gebky4o6Cu3reoTv6eGBKvlx4Ob8zE8Q0SMsGporrJ2pMhdUV28 3pOI5cd8daUHsyJ4iZMbX52TczYerAty7f8yP3J4u+QK9mDVyhcH2xRDQ2LCshtb 1CfllLWYc4D1WSlKIaNJcStLj+fWikkfk6I9j90nujkSth+PyxR9lU7hA4NHo9j4 5DnoSJsQ38jI6eVaFSu8BUn2CQIDAQABo4ICrDCCAqgwHQYDVR0OBBYEFP6cO65K VkqK7Y420urexjJ+kXDlMB8GA1UdIwQYMBaAFIPOhTp6Zuq54fIzRnEdPcl9V1l4 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFOUJDNC85MkU4MjFGMEE0 NjAxMUU5ODEwQTVDMEJDNEY5QUUwMi9nODZGT25wbTZybmg4ak5HY1IwOXlYMVhX WGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2c4NkZPbnBtNnJuaDhqTkdjUjA5eVgxWFdYZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RTlCQzQvOTJFODIxRjBBNDYwMTFFOTgxMEE1QzBCQzRGOUFFMDIvM0I0OTVGRkNB NDYyMTFFOUI3MzAzMTBGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNgYIKwYBBQUHAQcBAf8E JzAlMBIEAgABMAwDBAJnTiADBAK2rUgwDwQCAAIwCQMHACQBMUAAADANBgkqhkiG 9w0BAQsFAAOCAQEAJuO2EPgGO7PgS3bbuIp0QX3lJWs88dwtbflacv2R7PUhliGy F1roc+DgHGu02z06Z35py+ArYxiHhR+wEiGWdstMPDDleCAL1ZvFuzkNMjnmiWP1 DSnAdDwegwBEfShYz3kiHTQ6besHLZ+rJ9QagEYzC9mhRtA78pzubgKxKyX83CAn M2Tm+B94AXTQjFD0G4t1CUdRVeM5n13Lqy2XlFrQMzlGyuBPjCvfe31SgY+Bmwwy CnMxVOzECuEXJDNNo0nCxgAiK+dsIFodUT3yt9RY4RK+4r2r7xyuuBme9mJjJ2Bc RblBgw8Xlzt6JhurZa1zF8OPpLqe18ceqj/wtw== -----END CERTIFICATE-----Generated at Thu May 16 19:10:57 2024 by rpki-client on console-fra.rpki-client.org