$ rpki-client -vvf rpki.apnic.net/member_repository/A91EB9C0/D364F0CCD21A11E983F9E524C4F9AE02/1004D41ED21D11E992825429C4F9AE02.roa File: 1004D41ED21D11E992825429C4F9AE02.roa (raw, json) Hash identifier: VSbvOJwGGe/ohiP+L17bAesxp9bgmYgwB4Rs+JtW0oQ= Subject key identifier: 1D:43:58:14:8B:06:E1:92:F4:9D:FA:C8:BB:46:85:63:27:A0:C1:01 Certificate issuer: /CN=A91EB9C0/serialNumber=EFCF052D989292CEB10509129C8DE203D49F6804 Certificate serial: 0C9D Authority key identifier: EF:CF:05:2D:98:92:92:CE:B1:05:09:12:9C:8D:E2:03:D4:9F:68:04 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/788FLZiSks6xBQkSnI3iA9SfaAQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EB9C0/D364F0CCD21A11E983F9E524C4F9AE02/1004D41ED21D11E992825429C4F9AE02.roa Signing time: Wed 12 Jun 2024 19:32:57 +0000 ROA not before: Wed 12 Jun 2024 19:32:57 +0000 ROA not after: Wed 30 Jul 2025 00:00:00 +0000 asID: 136379 IP address blocks: 103.138.192.0/24 maxlen: 24 103.138.193.0/24 maxlen: 24 2001:df0:5080::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EB9C0/D364F0CCD21A11E983F9E524C4F9AE02/788FLZiSks6xBQkSnI3iA9SfaAQ.crl rsync://rpki.apnic.net/member_repository/A91EB9C0/D364F0CCD21A11E983F9E524C4F9AE02/788FLZiSks6xBQkSnI3iA9SfaAQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/788FLZiSks6xBQkSnI3iA9SfaAQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Nov 2024 18:00:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3229 (0xc9d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EB9C0/serialNumber=EFCF052D989292CEB10509129C8DE203D49F6804 Validity Not Before: Jun 12 19:32:57 2024 GMT Not After : Jul 30 00:00:00 2025 GMT Subject: CN=6669f7e9-7f75 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:27:e8:a2:a3:f6:91:7f:0a:b8:16:62:4d:e5: d1:a1:aa:d5:d7:80:7e:2e:b6:88:82:c2:a8:5c:00: 74:0d:a4:c3:c8:7d:79:84:59:d4:06:d5:97:bd:8b: 44:73:84:d0:b8:e1:56:13:bf:4f:48:88:04:84:e4: cd:b1:a2:e4:2f:cc:05:84:45:a6:27:c0:30:cf:a3: ee:6e:26:3d:df:22:ca:95:bf:b4:00:09:a6:bc:04: f6:aa:e5:3a:6e:38:f0:aa:df:ea:4c:24:e5:51:8f: 84:6f:8d:f3:4c:aa:b7:57:a3:5d:7c:8e:1e:11:b8: 17:64:59:76:94:5d:93:e1:af:bf:c9:3b:d4:cd:5a: 78:9f:da:2a:54:4b:fd:72:74:8c:b7:60:a4:cb:c8: 4a:54:22:cc:3c:47:c0:ce:cc:86:65:57:ce:09:7b: 0f:b8:8d:ef:8f:f3:82:13:09:86:05:a3:df:6d:16: ba:b6:40:4a:2c:6f:19:c5:cd:7c:8f:f2:6e:a8:40: 51:53:a2:12:b3:4d:a3:7a:b3:68:25:5c:f7:04:d5: da:e7:4f:29:a5:df:bb:ed:14:54:9d:09:5d:99:1a: 84:ec:8d:26:5a:38:1f:41:d0:e2:bc:d9:72:45:68: 32:8c:57:81:28:7f:0d:ea:51:23:be:82:71:24:9f: 25:81 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1D:43:58:14:8B:06:E1:92:F4:9D:FA:C8:BB:46:85:63:27:A0:C1:01 X509v3 Authority Key Identifier: keyid:EF:CF:05:2D:98:92:92:CE:B1:05:09:12:9C:8D:E2:03:D4:9F:68:04 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EB9C0/D364F0CCD21A11E983F9E524C4F9AE02/788FLZiSks6xBQkSnI3iA9SfaAQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/788FLZiSks6xBQkSnI3iA9SfaAQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EB9C0/D364F0CCD21A11E983F9E524C4F9AE02/1004D41ED21D11E992825429C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.138.192.0/23 IPv6: 2001:df0:5080::/48 Signature Algorithm: sha256WithRSAEncryption 98:da:fe:25:0b:44:7b:87:68:63:a5:e8:28:8b:8b:f7:94:f2: 22:dd:30:4f:2d:ec:02:4d:d4:34:9f:33:89:62:45:64:fe:20: 21:58:cd:f4:2b:75:23:8e:01:31:89:f5:cf:69:d8:b7:a4:c7: 7a:db:ff:2a:77:a8:7f:0c:1f:c7:ce:bf:8a:f3:ff:ab:d5:2a: c2:3e:28:a5:cf:c4:24:c4:dd:f4:23:e8:2e:a9:32:df:75:cd: 88:62:62:bd:0a:fe:cf:50:a3:f6:7d:da:b5:5b:33:7a:68:b1: 53:f8:03:c9:d7:17:4b:b9:29:73:a9:d4:26:6f:0b:d2:38:a0: 68:86:a6:68:df:0b:3d:a4:00:6b:bb:4b:70:ff:ca:e6:10:7c: fc:22:8e:de:16:96:bc:cc:9c:98:66:5b:7e:e8:25:a9:0b:c3: a0:b6:9c:79:75:fb:05:b0:65:42:9f:d3:c0:fc:03:82:14:68: d2:24:dd:9e:b3:51:50:bf:51:62:bd:0f:82:f8:a0:c4:fd:ae: ea:1d:58:64:06:8e:17:e0:b2:8a:b7:fa:dc:76:30:79:9f:b2: 16:82:11:d8:8d:bb:d2:46:64:c5:cf:81:64:2a:64:00:bc:60: 79:7a:00:bc:d1:01:ac:7e:3b:3a:b8:f6:3b:e8:f3:c5:a4:72: f2:99:72:72 -----BEGIN CERTIFICATE----- MIIFgjCCBGqgAwIBAgICDJ0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RUI5QzAxMTAvBgNVBAUTKEVGQ0YwNTJEOTg5MjkyQ0VCMTA1MDkxMjlDOERFMjAz RDQ5RjY4MDQwHhcNMjQwNjEyMTkzMjU3WhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD VQQDEw02NjY5ZjdlOS03Zjc1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAryfooqP2kX8KuBZiTeXRoarV14B+LraIgsKoXAB0DaTDyH15hFnUBtWXvYtE c4TQuOFWE79PSIgEhOTNsaLkL8wFhEWmJ8Awz6PubiY93yLKlb+0AAmmvAT2quU6 bjjwqt/qTCTlUY+Eb43zTKq3V6NdfI4eEbgXZFl2lF2T4a+/yTvUzVp4n9oqVEv9 cnSMt2Cky8hKVCLMPEfAzsyGZVfOCXsPuI3vj/OCEwmGBaPfbRa6tkBKLG8Zxc18 j/JuqEBRU6ISs02jerNoJVz3BNXa508ppd+77RRUnQldmRqE7I0mWjgfQdDivNly RWgyjFeBKH8N6lEjvoJxJJ8lgQIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFB1DWBSL BuGS9J36yLtGhWMnoMEBMB8GA1UdIwQYMBaAFO/PBS2YkpLOsQUJEpyN4gPUn2gE MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQjlDMC9EMzY0RjBDQ0Qy MUExMUU5ODNGOUU1MjRDNEY5QUUwMi83ODhGTFppU2tzNnhCUWtTbkkzaUE5U2Zh QVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzc4OEZMWmlTa3M2eEJRa1NuSTNpQTlTZmFBUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RUI5QzAvRDM2NEYwQ0NEMjFBMTFFOTgzRjlFNTI0QzRGOUFFMDIvMTAwNEQ0MUVE MjFEMTFFOTkyODI1NDI5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E ITAfMAwEAgABMAYDBAFnisAwDwQCAAIwCQMHACABDfBQgDANBgkqhkiG9w0BAQsF AAOCAQEAmNr+JQtEe4doY6XoKIuL95TyIt0wTy3sAk3UNJ8ziWJFZP4gIVjN9Ct1 I44BMYn1z2nYt6THetv/Kneofwwfx86/ivP/q9Uqwj4opc/EJMTd9CPoLqky33XN iGJivQr+z1Cj9n3atVszemixU/gDydcXS7kpc6nUJm8L0jigaIamaN8LPaQAa7tL cP/K5hB8/CKO3haWvMycmGZbfuglqQvDoLaceXX7BbBlQp/TwPwDghRo0iTdnrNR UL9RYr0PgvigxP2u6h1YZAaOF+Cyirf63HYweZ+yFoIR2I270kZkxc+BZCpkALxg eXoAvNEBrH47Orj2O+jzxaRy8plycg== -----END CERTIFICATE-----Generated at Fri Nov 22 19:50:22 2024 by rpki-client on console-ams.rpki-client.org