$ rpki-client -vvf rpki.apnic.net/member_repository/A91F4FB0/058CEC1419BD11EFBD33E082C4F9AE02/0B5DBB081C0311EF8B8AB54DC4F9AE02.roa File: 0B5DBB081C0311EF8B8AB54DC4F9AE02.roa (raw, json) Hash identifier: B21B4+qRYhX2tkCnPdFcKuu/ugCWvS4k86ubDHtxqyA= Subject key identifier: F9:8B:B4:F3:75:E6:99:F9:A5:70:1C:CA:1D:9B:DF:01:67:B7:AF:AB Certificate issuer: /CN=A91F4FB0/serialNumber=876E6813BF2C1811CD11DE99281ACD44BEC0DE73 Certificate serial: 4C Authority key identifier: 87:6E:68:13:BF:2C:18:11:CD:11:DE:99:28:1A:CD:44:BE:C0:DE:73 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/h25oE78sGBHNEd6ZKBrNRL7A3nM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F4FB0/058CEC1419BD11EFBD33E082C4F9AE02/0B5DBB081C0311EF8B8AB54DC4F9AE02.roa Signing time: Wed 05 Jun 2024 12:09:13 +0000 ROA not before: Wed 05 Jun 2024 12:09:13 +0000 ROA not after: Mon 31 Mar 2025 00:00:00 +0000 asID: 16509 IP address blocks: 103.177.196.0/23 maxlen: 24 2400:3d20::/44 maxlen: 48 2400:3d20:1000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F4FB0/058CEC1419BD11EFBD33E082C4F9AE02/h25oE78sGBHNEd6ZKBrNRL7A3nM.crl rsync://rpki.apnic.net/member_repository/A91F4FB0/058CEC1419BD11EFBD33E082C4F9AE02/h25oE78sGBHNEd6ZKBrNRL7A3nM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/h25oE78sGBHNEd6ZKBrNRL7A3nM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 14 Sep 2024 03:20:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 76 (0x4c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F4FB0/serialNumber=876E6813BF2C1811CD11DE99281ACD44BEC0DE73 Validity Not Before: Jun 5 12:09:13 2024 GMT Not After : Mar 31 00:00:00 2025 GMT Subject: CN=66605568-3178 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e2:57:ac:d3:46:3a:d8:d7:05:b8:dd:e3:4b:83: 6e:27:21:4a:c5:98:12:a3:f8:cf:1a:05:d0:4a:13: da:06:1c:c4:47:dd:fc:5a:f2:45:9f:41:da:50:24: c4:3c:4a:af:e8:ea:59:e5:a1:0f:a0:4a:f7:93:91: 13:8b:79:98:83:22:1f:ab:04:c0:1b:99:0b:3e:48: 02:19:2c:1b:ae:2f:4c:7a:c4:67:e1:d6:46:67:6d: 51:b5:21:b4:fa:f6:1a:3c:21:d5:e7:2e:9a:10:29: 9b:b2:bf:b2:c4:7b:6f:6e:01:58:82:45:e5:2f:17: 04:1d:78:ce:89:81:61:42:ad:d1:c0:3a:fb:26:f4: a5:32:11:ac:f9:f7:b6:a3:40:97:a3:b4:05:19:c7: f5:40:1e:ac:ef:75:bd:dd:ab:37:cf:e3:a2:82:d2: d3:a1:ed:2c:91:f8:81:f3:a7:c8:93:51:45:00:73: c9:a6:be:d3:22:2f:ad:a3:9c:f6:31:47:50:5b:cd: 5e:e5:13:87:56:7d:b2:2b:32:3e:53:cb:3c:28:2d: 5d:a7:12:0d:bd:3d:9e:37:59:0c:88:e4:88:e4:30: ea:9f:86:bd:2e:fa:7d:97:95:70:b4:ed:d0:23:89: 4e:ea:b8:87:da:2f:fc:bc:cb:e8:95:e9:51:a2:07: 30:8d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F9:8B:B4:F3:75:E6:99:F9:A5:70:1C:CA:1D:9B:DF:01:67:B7:AF:AB X509v3 Authority Key Identifier: keyid:87:6E:68:13:BF:2C:18:11:CD:11:DE:99:28:1A:CD:44:BE:C0:DE:73 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F4FB0/058CEC1419BD11EFBD33E082C4F9AE02/h25oE78sGBHNEd6ZKBrNRL7A3nM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/h25oE78sGBHNEd6ZKBrNRL7A3nM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F4FB0/058CEC1419BD11EFBD33E082C4F9AE02/0B5DBB081C0311EF8B8AB54DC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.177.196.0/23 IPv6: 2400:3d20::/44 2400:3d20:1000::/40 Signature Algorithm: sha256WithRSAEncryption 7e:a2:02:5b:50:f7:b2:9a:3b:de:e0:bb:b9:c4:7f:57:46:c6: 7d:8d:a0:8a:b7:2d:d0:38:a8:c0:33:3f:01:23:52:c7:12:55: 30:56:e4:21:f9:01:91:c8:8d:a3:72:8e:6a:01:b4:b0:5e:55: ec:4f:91:40:c7:62:90:cb:cd:8d:62:96:41:11:ff:d2:d7:03: 6c:f8:7f:5a:cc:89:24:ba:08:cc:20:3b:31:4e:c8:04:39:a3: ea:a5:48:62:e4:4f:ec:c1:85:02:a0:68:aa:84:ba:0e:93:b7: 7e:84:2c:ed:11:d7:d2:e7:77:26:03:c4:e2:7a:f2:68:ec:00: 91:72:6e:32:b3:22:12:3f:bc:38:6f:3b:ab:36:4a:ec:7c:a3: cf:fc:c7:86:cc:dd:c6:9b:7e:02:ca:32:54:de:99:ce:ce:f1: 4e:4e:2f:02:6c:6c:83:7f:a8:d8:5b:d2:7b:a4:d1:57:cc:30: 48:da:97:59:54:25:e2:dd:44:4a:7f:b7:6b:1d:57:4f:c1:37: 18:b8:df:86:da:c3:90:c6:9c:9a:7d:3f:ab:4a:72:84:4f:6f: 1f:d8:fc:11:7b:a5:fc:78:02:10:3d:2d:65:5e:08:66:19:ec: 33:79:19:02:1d:20:5f:4a:ec:77:06:0e:2d:c6:31:4f:89:22: 91:4e:c5:3f -----BEGIN CERTIFICATE----- MIIFiTCCBHGgAwIBAgIBTDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFG NEZCMDExMC8GA1UEBRMoODc2RTY4MTNCRjJDMTgxMUNEMTFERTk5MjgxQUNENDRC RUMwREU3MzAeFw0yNDA2MDUxMjA5MTNaFw0yNTAzMzEwMDAwMDBaMBgxFjAUBgNV BAMTDTY2NjA1NTY4LTMxNzgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDiV6zTRjrY1wW43eNLg24nIUrFmBKj+M8aBdBKE9oGHMRH3fxa8kWfQdpQJMQ8 Sq/o6lnloQ+gSveTkROLeZiDIh+rBMAbmQs+SAIZLBuuL0x6xGfh1kZnbVG1IbT6 9ho8IdXnLpoQKZuyv7LEe29uAViCReUvFwQdeM6JgWFCrdHAOvsm9KUyEaz597aj QJejtAUZx/VAHqzvdb3dqzfP46KC0tOh7SyR+IHzp8iTUUUAc8mmvtMiL62jnPYx R1BbzV7lE4dWfbIrMj5TyzwoLV2nEg29PZ43WQyI5IjkMOqfhr0u+n2XlXC07dAj iU7quIfaL/y8y+iV6VGiBzCNAgMBAAGjggKuMIICqjAdBgNVHQ4EFgQU+Yu083Xm mfmlcBzKHZvfAWe3r6swHwYDVR0jBBgwFoAUh25oE78sGBHNEd6ZKBrNRL7A3nMw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUY0RkIwLzA1OENFQzE0MTlC RDExRUZCRDMzRTA4MkM0RjlBRTAyL2gyNW9FNzhzR0JITkVkNlpLQnJOUkw3QTNu TS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvaDI1b0U3OHNHQkhORWQ2WktCck5STDdBM25NLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG NEZCMC8wNThDRUMxNDE5QkQxMUVGQkQzM0UwODJDNEY5QUUwMi8wQjVEQkIwODFD MDMxMUVGOEI4QUI1NERDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDA4BggrBgEFBQcBBwEB/wQp MCcwDAQCAAEwBgMEAWexxDAXBAIAAjARAwcEJAA9IAAAAwYAJAA9IBAwDQYJKoZI hvcNAQELBQADggEBAH6iAltQ97KaO97gu7nEf1dGxn2NoIq3LdA4qMAzPwEjUscS VTBW5CH5AZHIjaNyjmoBtLBeVexPkUDHYpDLzY1ilkER/9LXA2z4f1rMiSS6CMwg OzFOyAQ5o+qlSGLkT+zBhQKgaKqEug6Tt36ELO0R19LndyYDxOJ68mjsAJFybjKz IhI/vDhvO6s2Sux8o8/8x4bM3cabfgLKMlTemc7O8U5OLwJsbIN/qNhb0nuk0VfM MEjal1lUJeLdREp/t2sdV0/BNxi434baw5DGnJp9P6tKcoRPbx/Y/BF7pfx4AhA9 LWVeCGYZ7DN5GQIdIF9K7HcGDi3GMU+JIpFOxT8= -----END CERTIFICATE-----Generated at Sat Sep 7 09:45:14 2024 by rpki-client on console-ams.rpki-client.org