$ rpki-client -vvf rpki.apnic.net/member_repository/A91F61DD/7C78E2BC309311ECAB68433FC4F9AE02/BFEEB5E4309D11ECABBBBF25C4F9AE02.roa File: BFEEB5E4309D11ECABBBBF25C4F9AE02.roa (raw, json) Hash identifier: CjEb36vV7LXCUvQdsPq41e7nYE3GW5xo8YCCxuuK9YE= Subject key identifier: 2A:AF:0F:00:DC:D3:CB:41:74:6A:FB:6D:65:55:68:C8:E1:26:47:AC Certificate issuer: /CN=A91F61DD/serialNumber=15D60D60D6A4F50091099A72E0D05EEF3EAF76E9 Certificate serial: 042B Authority key identifier: 15:D6:0D:60:D6:A4:F5:00:91:09:9A:72:E0:D0:5E:EF:3E:AF:76:E9 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FdYNYNak9QCRCZpy4NBe7z6vduk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F61DD/7C78E2BC309311ECAB68433FC4F9AE02/BFEEB5E4309D11ECABBBBF25C4F9AE02.roa Signing time: Sun 25 Aug 2024 01:03:21 +0000 ROA not before: Sun 25 Aug 2024 01:03:21 +0000 ROA not after: Mon 01 Dec 2025 00:00:00 +0000 asID: 147174 IP address blocks: 103.171.20.0/23 maxlen: 23 103.171.20.0/24 maxlen: 24 103.171.21.0/24 maxlen: 24 2407:bcc0::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F61DD/7C78E2BC309311ECAB68433FC4F9AE02/FdYNYNak9QCRCZpy4NBe7z6vduk.crl rsync://rpki.apnic.net/member_repository/A91F61DD/7C78E2BC309311ECAB68433FC4F9AE02/FdYNYNak9QCRCZpy4NBe7z6vduk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FdYNYNak9QCRCZpy4NBe7z6vduk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Nov 2024 20:43:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1067 (0x42b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F61DD/serialNumber=15D60D60D6A4F50091099A72E0D05EEF3EAF76E9 Validity Not Before: Aug 25 01:03:21 2024 GMT Not After : Dec 1 00:00:00 2025 GMT Subject: CN=66ca82d9-77a9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:7b:50:eb:ca:a3:b8:ba:e5:b2:79:16:6b:61: 40:86:46:94:18:15:ba:81:b3:ad:3c:d3:ba:cc:be: 1a:96:58:07:c3:09:0e:19:44:10:7e:e2:f8:51:ce: 4d:d2:67:d2:84:ff:72:04:21:d0:a9:88:3b:04:45: 1d:01:ea:c7:51:e6:6d:b8:a5:77:e2:79:ad:fe:f1: f4:c9:8b:f6:26:63:ce:0b:bf:36:bb:50:67:da:e1: 62:e2:67:89:9b:0d:d3:c5:96:00:16:36:d4:5e:11: 5f:46:71:12:08:c9:e6:06:db:eb:4c:57:3e:01:0f: 24:be:c0:cf:de:9e:0a:47:75:50:cd:e8:b1:95:c7: e1:ae:bc:bc:cf:6a:3a:2b:3d:eb:d3:4d:63:53:bd: 06:33:1e:4e:82:ad:ec:af:93:8f:f0:e8:1e:91:fc: 1f:0d:c8:c9:e1:e0:8a:c8:0b:06:54:8d:79:c5:ba: 69:78:e5:eb:b2:0c:c2:1d:24:c8:94:18:96:33:4f: 62:8a:21:43:86:18:d6:7f:85:7f:32:b4:11:fe:32: 4e:a4:c5:8d:24:46:71:9f:34:e3:06:02:a9:f4:02: 9d:09:2c:05:4e:98:0d:05:6b:c8:41:de:a3:fd:ef: c2:d3:24:37:1c:e9:b7:3e:18:62:65:98:56:01:4a: 06:cd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2A:AF:0F:00:DC:D3:CB:41:74:6A:FB:6D:65:55:68:C8:E1:26:47:AC X509v3 Authority Key Identifier: keyid:15:D6:0D:60:D6:A4:F5:00:91:09:9A:72:E0:D0:5E:EF:3E:AF:76:E9 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F61DD/7C78E2BC309311ECAB68433FC4F9AE02/FdYNYNak9QCRCZpy4NBe7z6vduk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FdYNYNak9QCRCZpy4NBe7z6vduk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F61DD/7C78E2BC309311ECAB68433FC4F9AE02/BFEEB5E4309D11ECABBBBF25C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.171.20.0/23 IPv6: 2407:bcc0::/32 Signature Algorithm: sha256WithRSAEncryption a6:99:cd:43:d4:81:02:2c:0e:ba:8f:a9:3a:68:a0:06:f2:63: e7:a8:39:ee:e5:64:1b:d5:5a:61:b5:58:f1:9a:db:02:aa:2b: 1c:52:b9:40:1e:33:83:18:76:57:ff:ff:7f:42:0d:fd:60:0b: b7:4c:2a:7b:7a:f1:f9:01:f2:f2:d3:0d:26:2a:50:43:88:fe: 77:36:a6:1f:89:fd:49:b5:14:61:f0:e0:25:fd:ec:5b:9a:78: 0a:49:27:39:cf:1a:c9:b1:85:3d:30:a5:13:31:e2:b9:8e:d4: 83:f8:a2:72:e6:79:18:f5:8c:f9:bd:24:09:58:29:e3:84:12: f2:36:88:ff:6d:0a:9d:18:48:69:8e:aa:49:fb:3d:8d:b0:4c: 74:ec:30:0e:58:ce:95:fd:5c:ea:77:c1:78:89:8a:fc:f2:65: c3:d6:9a:2c:15:87:6c:69:31:04:0a:d0:7f:1e:3f:84:87:6a: 8e:44:06:d7:31:93:ba:93:58:7b:a0:13:ed:9a:b5:4e:67:86: cc:63:2f:33:d7:94:58:4b:1b:40:b9:4d:39:23:f7:be:ea:a2: da:2b:82:00:78:d8:21:3d:c5:e2:12:db:09:80:59:75:84:79: df:80:82:0d:de:92:da:09:ec:e7:59:b5:9c:b5:09:d6:a8:6a: 45:57:c2:fb -----BEGIN CERTIFICATE----- MIIFgDCCBGigAwIBAgICBCswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjYxREQxMTAvBgNVBAUTKDE1RDYwRDYwRDZBNEY1MDA5MTA5OUE3MkUwRDA1RUVG M0VBRjc2RTkwHhcNMjQwODI1MDEwMzIxWhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD VQQDEw02NmNhODJkOS03N2E5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvntQ68qjuLrlsnkWa2FAhkaUGBW6gbOtPNO6zL4allgHwwkOGUQQfuL4Uc5N 0mfShP9yBCHQqYg7BEUdAerHUeZtuKV34nmt/vH0yYv2JmPOC782u1Bn2uFi4meJ mw3TxZYAFjbUXhFfRnESCMnmBtvrTFc+AQ8kvsDP3p4KR3VQzeixlcfhrry8z2o6 Kz3r001jU70GMx5Ogq3sr5OP8OgekfwfDcjJ4eCKyAsGVI15xbppeOXrsgzCHSTI lBiWM09iiiFDhhjWf4V/MrQR/jJOpMWNJEZxnzTjBgKp9AKdCSwFTpgNBWvIQd6j /e/C0yQ3HOm3PhhiZZhWAUoGzQIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFCqvDwDc 08tBdGr7bWVVaMjhJkesMB8GA1UdIwQYMBaAFBXWDWDWpPUAkQmacuDQXu8+r3bp MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGNjFERC83Qzc4RTJCQzMw OTMxMUVDQUI2ODQzM0ZDNEY5QUUwMi9GZFlOWU5hazlRQ1JDWnB5NE5CZTd6NnZk dWsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0ZkWU5ZTmFrOVFDUkNacHk0TkJlN3o2dmR1ay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RjYxREQvN0M3OEUyQkMzMDkzMTFFQ0FCNjg0MzNGQzRGOUFFMDIvQkZFRUI1RTQz MDlEMTFFQ0FCQkJCRjI1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E HzAdMAwEAgABMAYDBAFnqxQwDQQCAAIwBwMFACQHvMAwDQYJKoZIhvcNAQELBQAD ggEBAKaZzUPUgQIsDrqPqTpooAbyY+eoOe7lZBvVWmG1WPGa2wKqKxxSuUAeM4MY dlf//39CDf1gC7dMKnt68fkB8vLTDSYqUEOI/nc2ph+J/Um1FGHw4CX97FuaeApJ JznPGsmxhT0wpRMx4rmO1IP4onLmeRj1jPm9JAlYKeOEEvI2iP9tCp0YSGmOqkn7 PY2wTHTsMA5YzpX9XOp3wXiJivzyZcPWmiwVh2xpMQQK0H8eP4SHao5EBtcxk7qT WHugE+2atU5nhsxjLzPXlFhLG0C5TTkj977qotorggB42CE9xeIS2wmAWXWEed+A gg3ektoJ7OdZtZy1CdaoakVXwvs= -----END CERTIFICATE-----Generated at Sat Nov 23 01:27:30 2024 by rpki-client on console-ams.rpki-client.org