$ rpki-client -vvf rpki.apnic.net/member_repository/A91EA2CC/F26E06CE11F911EA9CB88C35C4F9AE02/A1A3D7886B9911EF898D4645C4F9AE02.roa File: A1A3D7886B9911EF898D4645C4F9AE02.roa (raw, json) Hash identifier: RFkMnKmypwqhoKuW5rUexAXXk8MOX8lKq4I17M92bNs= Subject key identifier: DA:5C:82:18:1B:22:00:48:DC:96:D6:08:93:FB:E8:15:88:56:1D:A5 Certificate issuer: /CN=A91EA2CC/serialNumber=90A98450B9DA938118A2D5AD534D8828F4B94634 Certificate serial: 0B8D Authority key identifier: 90:A9:84:50:B9:DA:93:81:18:A2:D5:AD:53:4D:88:28:F4:B9:46:34 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kKmEULnak4EYotWtU02IKPS5RjQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EA2CC/F26E06CE11F911EA9CB88C35C4F9AE02/A1A3D7886B9911EF898D4645C4F9AE02.roa Signing time: Thu 05 Sep 2024 15:15:06 +0000 ROA not before: Thu 05 Sep 2024 15:15:06 +0000 ROA not after: Thu 01 May 2025 00:00:00 +0000 asID: 136022 IP address blocks: 103.134.40.0/24 maxlen: 24 103.134.41.0/24 maxlen: 24 103.134.42.0/24 maxlen: 24 2404:5cc0::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EA2CC/F26E06CE11F911EA9CB88C35C4F9AE02/kKmEULnak4EYotWtU02IKPS5RjQ.crl rsync://rpki.apnic.net/member_repository/A91EA2CC/F26E06CE11F911EA9CB88C35C4F9AE02/kKmEULnak4EYotWtU02IKPS5RjQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kKmEULnak4EYotWtU02IKPS5RjQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Nov 2024 18:35:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2957 (0xb8d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EA2CC/serialNumber=90A98450B9DA938118A2D5AD534D8828F4B94634 Validity Not Before: Sep 5 15:15:06 2024 GMT Not After : May 1 00:00:00 2025 GMT Subject: CN=66d9cafa-4f99 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:31:57:fb:66:ef:65:36:55:c3:df:db:28:99: a3:9e:92:17:ae:64:c3:ce:f2:57:4f:c4:ff:db:e1: 59:a3:50:39:f9:48:a2:c9:6c:03:3c:27:b1:7f:7d: 21:9d:3c:40:19:4a:fe:e7:7d:3e:9f:50:b1:b9:01: 6a:31:e7:cb:7b:53:11:c6:b9:74:25:72:41:ce:7a: 5c:aa:6a:82:fa:4b:4c:6f:79:5e:46:c8:fd:82:5a: 03:aa:e2:f7:72:39:57:8c:84:88:92:40:48:cc:54: 25:f1:4b:0b:f2:ca:40:d6:70:46:32:fb:b8:78:1b: bb:bf:4d:5f:eb:97:08:51:28:14:14:be:ae:8e:82: 57:3e:a3:97:6d:e8:df:ac:5a:c7:84:72:dd:15:0d: 7f:8e:bc:d9:2b:cf:30:42:4f:6b:a3:3f:e3:23:57: 82:ab:aa:78:16:23:45:1a:ec:a5:3d:79:60:1a:fc: 8e:d2:58:31:4d:fa:a8:e2:25:2d:5e:e5:48:06:01: 33:be:54:e6:ce:72:fc:67:c8:d9:c6:88:41:7e:35: 0c:50:50:91:82:c5:25:2d:f6:25:25:8c:14:bf:07: 6c:b4:76:89:65:10:f6:b0:23:bb:e3:ac:41:12:fc: ce:38:a8:5d:05:22:44:34:99:76:eb:97:d9:03:67: a2:c9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DA:5C:82:18:1B:22:00:48:DC:96:D6:08:93:FB:E8:15:88:56:1D:A5 X509v3 Authority Key Identifier: keyid:90:A9:84:50:B9:DA:93:81:18:A2:D5:AD:53:4D:88:28:F4:B9:46:34 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EA2CC/F26E06CE11F911EA9CB88C35C4F9AE02/kKmEULnak4EYotWtU02IKPS5RjQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kKmEULnak4EYotWtU02IKPS5RjQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EA2CC/F26E06CE11F911EA9CB88C35C4F9AE02/A1A3D7886B9911EF898D4645C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.134.40.0-103.134.42.255 IPv6: 2404:5cc0::/32 Signature Algorithm: sha256WithRSAEncryption 5f:44:27:a9:d7:7e:fb:71:3b:74:62:9e:b8:f9:1f:63:1f:e4: c8:cb:15:de:f6:3f:54:03:30:51:fd:82:a2:a3:11:3e:75:91: d0:39:df:5c:81:d9:1f:a7:d7:57:cf:f1:8b:3d:5a:ab:3e:21: fd:b1:c0:c2:41:58:60:1e:8b:11:91:4f:b0:d3:d9:66:dd:df: 9a:3a:89:c7:e5:9e:20:39:cf:01:33:bd:00:c0:af:9d:b7:43: ef:75:18:6f:cd:e0:4d:33:7f:83:59:dd:e2:c4:6c:ab:87:73: e1:4c:e7:62:46:32:7d:63:bd:c9:ac:64:4d:5c:23:85:8f:83: 7d:98:f5:89:c1:a7:a5:bc:17:66:42:b5:42:a3:f4:1e:3e:7f: 14:28:15:4c:64:a9:38:cd:9a:d6:20:98:ff:59:97:a8:d0:1d: d2:bd:f6:6a:d2:02:90:67:7a:be:39:f1:fa:04:27:06:c6:d5: 94:e1:e6:db:49:1c:3c:75:3c:61:6f:d2:52:15:36:34:9c:34: e8:03:d6:cb:37:44:16:73:1b:a2:8a:ec:2e:aa:65:d5:8e:57: a4:c7:84:2e:d3:11:7f:67:64:b6:7e:8f:c3:06:f9:5d:4a:b8: 48:7f:56:40:09:31:0a:d7:46:4d:40:fa:81:e4:ab:33:2f:d7: 07:51:57:54 -----BEGIN CERTIFICATE----- MIIFiDCCBHCgAwIBAgICC40wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RUEyQ0MxMTAvBgNVBAUTKDkwQTk4NDUwQjlEQTkzODExOEEyRDVBRDUzNEQ4ODI4 RjRCOTQ2MzQwHhcNMjQwOTA1MTUxNTA2WhcNMjUwNTAxMDAwMDAwWjAYMRYwFAYD VQQDEw02NmQ5Y2FmYS00Zjk5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtzFX+2bvZTZVw9/bKJmjnpIXrmTDzvJXT8T/2+FZo1A5+UiiyWwDPCexf30h nTxAGUr+530+n1CxuQFqMefLe1MRxrl0JXJBznpcqmqC+ktMb3leRsj9gloDquL3 cjlXjISIkkBIzFQl8UsL8spA1nBGMvu4eBu7v01f65cIUSgUFL6ujoJXPqOXbejf rFrHhHLdFQ1/jrzZK88wQk9roz/jI1eCq6p4FiNFGuylPXlgGvyO0lgxTfqo4iUt XuVIBgEzvlTmznL8Z8jZxohBfjUMUFCRgsUlLfYlJYwUvwdstHaJZRD2sCO746xB EvzOOKhdBSJENJl265fZA2eiyQIDAQABo4ICrDCCAqgwHQYDVR0OBBYEFNpcghgb IgBI3JbWCJP76BWIVh2lMB8GA1UdIwQYMBaAFJCphFC52pOBGKLVrVNNiCj0uUY0 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQTJDQy9GMjZFMDZDRTEx RjkxMUVBOUNCODhDMzVDNEY5QUUwMi9rS21FVUxuYWs0RVlvdFd0VTAySUtQUzVS alEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2tLbUVVTG5hazRFWW90V3RVMDJJS1BTNVJqUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RUEyQ0MvRjI2RTA2Q0UxMUY5MTFFQTlDQjg4QzM1QzRGOUFFMDIvQTFBM0Q3ODg2 Qjk5MTFFRjg5OEQ0NjQ1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNgYIKwYBBQUHAQcBAf8E JzAlMBQEAgABMA4wDAMEA2eGKAMEAGeGKjANBAIAAjAHAwUAJARcwDANBgkqhkiG 9w0BAQsFAAOCAQEAX0Qnqdd++3E7dGKeuPkfYx/kyMsV3vY/VAMwUf2CoqMRPnWR 0DnfXIHZH6fXV8/xiz1aqz4h/bHAwkFYYB6LEZFPsNPZZt3fmjqJx+WeIDnPATO9 AMCvnbdD73UYb83gTTN/g1nd4sRsq4dz4UznYkYyfWO9yaxkTVwjhY+DfZj1icGn pbwXZkK1QqP0Hj5/FCgVTGSpOM2a1iCY/1mXqNAd0r32atICkGd6vjnx+gQnBsbV lOHm20kcPHU8YW/SUhU2NJw06APWyzdEFnMboorsLqpl1Y5XpMeELtMRf2dktn6P wwb5XUq4SH9WQAkxCtdGTUD6geSrMy/XB1FXVA== -----END CERTIFICATE-----Generated at Fri Nov 22 19:50:22 2024 by rpki-client on console-ams.rpki-client.org