$ rpki-client -vvf rpki.apnic.net/member_repository/A91EA6A1/315B7E08FF7B11EDA62DF10EC4F9AE02/1DDE652A03C211EEB2272068C4F9AE02.roa File: 1DDE652A03C211EEB2272068C4F9AE02.roa (raw, json) Hash identifier: bHJCi6Fx94Tr82fyaUmP4Kxgcl4MBtO25etlERplKes= Subject key identifier: 09:C2:4B:64:E5:C9:89:B3:6A:38:36:46:89:66:EE:E2:73:8F:66:E3 Certificate issuer: /CN=A91EA6A1/serialNumber=CDD7CC5994E3404E6C23AE942A59218B57C5C131 Certificate serial: 65 Authority key identifier: CD:D7:CC:59:94:E3:40:4E:6C:23:AE:94:2A:59:21:8B:57:C5:C1:31 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zdfMWZTjQE5sI66UKlkhi1fFwTE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EA6A1/315B7E08FF7B11EDA62DF10EC4F9AE02/1DDE652A03C211EEB2272068C4F9AE02.roa Signing time: Wed 29 Nov 2023 06:17:25 +0000 ROA not before: Wed 29 Nov 2023 06:17:25 +0000 ROA not after: Fri 31 Jan 2025 00:00:00 +0000 asID: 137418 IP address blocks: 103.197.201.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EA6A1/315B7E08FF7B11EDA62DF10EC4F9AE02/zdfMWZTjQE5sI66UKlkhi1fFwTE.crl rsync://rpki.apnic.net/member_repository/A91EA6A1/315B7E08FF7B11EDA62DF10EC4F9AE02/zdfMWZTjQE5sI66UKlkhi1fFwTE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zdfMWZTjQE5sI66UKlkhi1fFwTE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 03 Jun 2024 06:39:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 101 (0x65) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EA6A1/serialNumber=CDD7CC5994E3404E6C23AE942A59218B57C5C131 Validity Not Before: Nov 29 06:17:25 2023 GMT Not After : Jan 31 00:00:00 2025 GMT Subject: CN=6566d775-5037 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:4a:65:8a:fa:49:4d:39:6f:58:d3:8f:78:8c: 01:cd:0b:52:85:9b:48:68:be:e6:9c:eb:d0:4d:0e: 6d:fd:3f:fc:f3:63:b3:a6:8d:70:81:35:70:2d:4b: de:9f:b5:ee:ad:ac:d3:39:10:0a:54:51:89:2b:2a: 47:d8:fd:08:98:32:f0:51:02:8a:e3:d8:b9:a4:0c: 5c:1c:a6:f5:8e:a1:6f:95:71:21:4b:85:25:5a:fd: ca:df:be:ce:2a:d0:a8:03:44:84:0c:49:f0:e7:9f: 43:cf:6c:4b:d5:af:17:6b:48:91:cc:7d:cf:18:d1: 7b:ab:5f:ef:01:70:5e:10:e7:b7:20:f0:09:dc:94: b9:4d:17:97:fd:e0:cc:eb:36:cc:40:89:37:3f:3a: 5e:80:87:5f:ae:9b:55:b5:60:d1:cf:dc:98:46:1a: b5:9e:8f:25:df:2e:d4:1c:7c:25:b1:2d:e9:32:5a: 96:86:32:72:56:d6:e5:f7:d6:a3:c4:15:7b:17:45: 85:60:a8:ea:70:11:7d:be:05:0b:0c:ff:ec:e3:75: 1d:23:1e:54:07:a8:2a:58:81:2d:a3:dd:e9:6a:c0: b4:a2:19:de:09:22:d0:20:b1:2d:bb:bf:72:b3:ff: 69:81:9c:ae:76:b0:16:7e:4a:09:7c:88:06:af:1f: e8:83 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 09:C2:4B:64:E5:C9:89:B3:6A:38:36:46:89:66:EE:E2:73:8F:66:E3 X509v3 Authority Key Identifier: keyid:CD:D7:CC:59:94:E3:40:4E:6C:23:AE:94:2A:59:21:8B:57:C5:C1:31 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EA6A1/315B7E08FF7B11EDA62DF10EC4F9AE02/zdfMWZTjQE5sI66UKlkhi1fFwTE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zdfMWZTjQE5sI66UKlkhi1fFwTE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EA6A1/315B7E08FF7B11EDA62DF10EC4F9AE02/1DDE652A03C211EEB2272068C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.197.201.0/24 Signature Algorithm: sha256WithRSAEncryption 9a:85:66:23:5e:fd:a5:12:40:78:a9:87:02:91:18:07:fd:e1: 21:d1:46:7d:90:aa:02:e7:aa:58:ef:7e:6a:15:87:7b:94:21: 45:8f:97:24:ce:3b:7e:e2:c2:be:6b:a2:69:48:b4:e9:a5:84: a9:b3:39:dd:fb:5f:ae:da:16:9f:ba:7a:50:36:5a:af:4b:e1: d9:81:5c:14:fd:a5:a8:99:25:bb:ee:87:62:c9:e7:f8:83:cb: 10:58:c6:e1:20:4c:33:86:37:0c:52:de:17:db:09:e4:64:82: 56:d1:3a:4a:8c:58:f9:98:13:4f:62:c2:53:2a:6f:1d:80:12: fa:40:2e:22:70:0a:e0:e6:be:99:8c:8f:a2:76:ca:40:f0:78: c8:df:be:94:5f:02:f0:c9:a5:09:49:bb:d2:36:42:71:bf:d9: 16:ed:b4:3a:a5:36:e8:c3:a7:e0:ea:1d:3b:1c:79:1c:a2:39: fb:43:34:14:fd:f9:8d:51:8b:8e:25:54:3d:a4:97:e4:73:3e: 7c:c9:07:2c:32:26:a3:52:ed:34:b6:85:95:41:06:b4:fb:ba: e1:8a:7c:9d:23:33:74:f7:0d:96:81:2d:c3:ae:c0:f6:d1:91: e8:59:0d:53:49:d1:95:ee:0f:fe:f0:e8:f7:36:15:4b:39:30: 41:67:2e:57 -----BEGIN CERTIFICATE----- MIIFcDCCBFigAwIBAgIBZTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFF QTZBMTExMC8GA1UEBRMoQ0REN0NDNTk5NEUzNDA0RTZDMjNBRTk0MkE1OTIxOEI1 N0M1QzEzMTAeFw0yMzExMjkwNjE3MjVaFw0yNTAxMzEwMDAwMDBaMBgxFjAUBgNV BAMTDTY1NjZkNzc1LTUwMzcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDMSmWK+klNOW9Y0494jAHNC1KFm0hovuac69BNDm39P/zzY7OmjXCBNXAtS96f te6trNM5EApUUYkrKkfY/QiYMvBRAorj2LmkDFwcpvWOoW+VcSFLhSVa/crfvs4q 0KgDRIQMSfDnn0PPbEvVrxdrSJHMfc8Y0XurX+8BcF4Q57cg8AnclLlNF5f94Mzr NsxAiTc/Ol6Ah1+um1W1YNHP3JhGGrWejyXfLtQcfCWxLekyWpaGMnJW1uX31qPE FXsXRYVgqOpwEX2+BQsM/+zjdR0jHlQHqCpYgS2j3elqwLSiGd4JItAgsS27v3Kz /2mBnK52sBZ+Sgl8iAavH+iDAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUCcJLZOXJ ibNqODZGiWbu4nOPZuMwHwYDVR0jBBgwFoAUzdfMWZTjQE5sI66UKlkhi1fFwTEw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUVBNkExLzMxNUI3RTA4RkY3 QjExRURBNjJERjEwRUM0RjlBRTAyL3pkZk1XWlRqUUU1c0k2NlVLbGtoaTFmRndU RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvemRmTVdaVGpRRTVzSTY2VUtsa2hpMWZGd1RFLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF QTZBMS8zMTVCN0UwOEZGN0IxMUVEQTYyREYxMEVDNEY5QUUwMi8xRERFNjUyQTAz QzIxMUVFQjIyNzIwNjhDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ MA4wDAQCAAEwBgMEAGfFyTANBgkqhkiG9w0BAQsFAAOCAQEAmoVmI179pRJAeKmH ApEYB/3hIdFGfZCqAueqWO9+ahWHe5QhRY+XJM47fuLCvmuiaUi06aWEqbM53ftf rtoWn7p6UDZar0vh2YFcFP2lqJklu+6HYsnn+IPLEFjG4SBMM4Y3DFLeF9sJ5GSC VtE6SoxY+ZgTT2LCUypvHYAS+kAuInAK4Oa+mYyPonbKQPB4yN++lF8C8MmlCUm7 0jZCcb/ZFu20OqU26MOn4OodOxx5HKI5+0M0FP35jVGLjiVUPaSX5HM+fMkHLDIm o1LtNLaFlUEGtPu64Yp8nSMzdPcNloEtw67A9tGR6FkNU0nRle4P/vDo9zYVSzkw QWcuVw== -----END CERTIFICATE-----Generated at Mon May 27 08:08:54 2024 by rpki-client on console-ams.rpki-client.org