$ rpki-client -vvf rpki.apnic.net/member_repository/A91F2089/E1C4A41E4CE811ECBD05FA7CC4F9AE02/3C4374804CEC11ECAE6AB280C4F9AE02.roa File: 3C4374804CEC11ECAE6AB280C4F9AE02.roa (raw, json) Hash identifier: F010fbR+bi9xTUBl3AUBVvzkCJVPeJDxWa/Ivtr1ZK4= Subject key identifier: 71:3A:AE:DB:B5:83:14:FA:01:8B:DF:FC:56:CF:E0:96:0B:5E:80:AB Certificate issuer: /CN=A91F2089/serialNumber=F14D6C3D3DE6CB1074F7A2E905D9F85451045A65 Certificate serial: 03FD Authority key identifier: F1:4D:6C:3D:3D:E6:CB:10:74:F7:A2:E9:05:D9:F8:54:51:04:5A:65 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8U1sPT3myxB096LpBdn4VFEEWmU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F2089/E1C4A41E4CE811ECBD05FA7CC4F9AE02/3C4374804CEC11ECAE6AB280C4F9AE02.roa Signing time: Tue 05 Nov 2024 00:03:20 +0000 ROA not before: Tue 05 Nov 2024 00:03:20 +0000 ROA not after: Tue 30 Dec 2025 00:00:00 +0000 asID: 63991 IP address blocks: 103.176.228.0/23 maxlen: 24 2400:36a0::/32 maxlen: 32 2400:36a0::/48 maxlen: 48 2400:36a0:3c::/48 maxlen: 48 2400:36a0:3f::/48 maxlen: 48 2400:36a0:54::/48 maxlen: 48 2400:36a0:80::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F2089/E1C4A41E4CE811ECBD05FA7CC4F9AE02/8U1sPT3myxB096LpBdn4VFEEWmU.crl rsync://rpki.apnic.net/member_repository/A91F2089/E1C4A41E4CE811ECBD05FA7CC4F9AE02/8U1sPT3myxB096LpBdn4VFEEWmU.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8U1sPT3myxB096LpBdn4VFEEWmU.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 04 Dec 2024 00:00:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1021 (0x3fd) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F2089/serialNumber=F14D6C3D3DE6CB1074F7A2E905D9F85451045A65 Validity Not Before: Nov 5 00:03:20 2024 GMT Not After : Dec 30 00:00:00 2025 GMT Subject: CN=672960c8-8462 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:70:2a:16:83:ad:06:51:c1:df:77:1d:3e:97: b6:e2:5b:6b:2b:a1:77:42:b9:1d:33:51:35:73:e5: f7:d9:46:ae:f3:c5:d7:67:29:19:0d:a2:9a:38:22: 60:61:6e:85:2d:b7:83:92:ee:1c:af:02:76:b3:cc: 1f:d5:d2:0b:d2:77:64:41:34:9b:7d:8a:c4:c8:5a: d4:bb:6f:e2:23:02:e9:e4:f6:e5:76:33:05:26:53: ee:60:3d:c5:a1:44:c1:90:f0:39:c7:75:bd:9d:b1: 0a:0c:84:d5:09:ae:5b:cb:f8:e0:ec:94:4a:9e:63: 8b:a6:22:bc:d1:d9:a3:36:59:17:b6:78:3c:56:56: 83:e2:ce:88:cc:00:1b:07:0d:27:e2:14:a2:b4:17: c4:b2:77:b7:e9:c3:62:2a:7f:dc:b5:f2:a4:03:78: 32:ad:b5:70:75:d9:1e:af:27:d5:f9:fa:8c:83:51: 66:24:23:8e:35:3c:27:ac:4c:e0:1e:ee:c2:b0:3d: 90:a5:01:d8:ac:a4:0d:81:ab:f2:86:38:67:f1:29: f6:e5:0e:f4:d3:9c:e9:55:e3:48:4e:d5:85:85:6a: 2c:5b:7c:07:95:5d:8e:0b:37:2c:89:2a:1c:09:b7: 96:6b:5a:2d:05:df:de:00:37:e0:67:d6:7b:e1:f3: 0c:0b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 71:3A:AE:DB:B5:83:14:FA:01:8B:DF:FC:56:CF:E0:96:0B:5E:80:AB X509v3 Authority Key Identifier: keyid:F1:4D:6C:3D:3D:E6:CB:10:74:F7:A2:E9:05:D9:F8:54:51:04:5A:65 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F2089/E1C4A41E4CE811ECBD05FA7CC4F9AE02/8U1sPT3myxB096LpBdn4VFEEWmU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8U1sPT3myxB096LpBdn4VFEEWmU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F2089/E1C4A41E4CE811ECBD05FA7CC4F9AE02/3C4374804CEC11ECAE6AB280C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.176.228.0/23 IPv6: 2400:36a0::/32 Signature Algorithm: sha256WithRSAEncryption 24:2a:40:9e:6b:70:f4:be:20:e2:e9:ed:c1:b9:5e:76:70:c1: 07:00:c7:78:e9:9a:34:bb:49:1d:ee:83:4e:5a:68:ab:01:89: 4d:11:e6:77:82:3f:d7:c4:d4:5a:bb:e2:49:ff:87:f4:f6:b4: 13:6b:f5:a6:4c:40:5a:d8:1d:6c:db:4b:43:a7:a2:3a:7d:f8: 3e:b3:e9:39:ac:5f:e7:05:e4:fb:6c:6c:a2:45:7e:01:2a:74: 20:76:0e:de:86:61:b2:eb:da:a8:31:9f:a7:29:70:e0:e2:5b: 5a:28:70:13:a1:05:c6:40:5b:79:6e:f7:f1:f9:cd:a5:d9:7c: ba:08:04:9d:5e:bb:a4:9b:69:15:ef:d9:bf:df:d7:d0:17:36: d4:3f:eb:e4:0d:13:da:1e:5b:8a:93:bf:aa:df:a4:ee:b0:fc: d9:ce:85:76:c4:6b:5d:cf:3d:62:fc:8c:87:28:af:20:d4:41: 64:c4:c7:fb:ee:65:b9:be:43:b9:9c:5f:db:73:2f:09:26:f8: e0:21:d0:65:5d:63:10:c1:e4:85:56:a2:ee:51:71:66:5f:0a: 3b:f0:36:cd:fe:33:be:1a:6b:2b:eb:a3:1e:29:2c:f4:e0:36: f7:46:f0:99:5d:93:9b:35:27:9d:d5:21:53:9d:80:bb:0d:d1: e7:1d:1a:c1 -----BEGIN CERTIFICATE----- MIIFgDCCBGigAwIBAgICA/0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjIwODkxMTAvBgNVBAUTKEYxNEQ2QzNEM0RFNkNCMTA3NEY3QTJFOTA1RDlGODU0 NTEwNDVBNjUwHhcNMjQxMTA1MDAwMzIwWhcNMjUxMjMwMDAwMDAwWjAYMRYwFAYD VQQDEw02NzI5NjBjOC04NDYyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA13AqFoOtBlHB33cdPpe24ltrK6F3QrkdM1E1c+X32Uau88XXZykZDaKaOCJg YW6FLbeDku4crwJ2s8wf1dIL0ndkQTSbfYrEyFrUu2/iIwLp5PbldjMFJlPuYD3F oUTBkPA5x3W9nbEKDITVCa5by/jg7JRKnmOLpiK80dmjNlkXtng8VlaD4s6IzAAb Bw0n4hSitBfEsne36cNiKn/ctfKkA3gyrbVwddkeryfV+fqMg1FmJCOONTwnrEzg Hu7CsD2QpQHYrKQNgavyhjhn8Sn25Q7005zpVeNITtWFhWosW3wHlV2OCzcsiSoc CbeWa1otBd/eADfgZ9Z74fMMCwIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFHE6rtu1 gxT6AYvf/FbP4JYLXoCrMB8GA1UdIwQYMBaAFPFNbD095ssQdPei6QXZ+FRRBFpl MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGMjA4OS9FMUM0QTQxRTRD RTgxMUVDQkQwNUZBN0NDNEY5QUUwMi84VTFzUFQzbXl4QjA5NkxwQmRuNFZGRUVX bVUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzhVMXNQVDNteXhCMDk2THBCZG40VkZFRVdtVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RjIwODkvRTFDNEE0MUU0Q0U4MTFFQ0JEMDVGQTdDQzRGOUFFMDIvM0M0Mzc0ODA0 Q0VDMTFFQ0FFNkFCMjgwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E HzAdMAwEAgABMAYDBAFnsOQwDQQCAAIwBwMFACQANqAwDQYJKoZIhvcNAQELBQAD ggEBACQqQJ5rcPS+IOLp7cG5XnZwwQcAx3jpmjS7SR3ug05aaKsBiU0R5neCP9fE 1Fq74kn/h/T2tBNr9aZMQFrYHWzbS0Onojp9+D6z6TmsX+cF5PtsbKJFfgEqdCB2 Dt6GYbLr2qgxn6cpcODiW1oocBOhBcZAW3lu9/H5zaXZfLoIBJ1eu6SbaRXv2b/f 19AXNtQ/6+QNE9oeW4qTv6rfpO6w/NnOhXbEa13PPWL8jIcoryDUQWTEx/vuZbm+ Q7mcX9tzLwkm+OAh0GVdYxDB5IVWou5RcWZfCjvwNs3+M74aayvrox4pLPTgNvdG 8Jldk5s1J53VIVOdgLsN0ecdGsE= -----END CERTIFICATE-----Generated at Wed Nov 27 02:04:30 2024 by rpki-client on console-ams.rpki-client.org