$ rpki-client -vvf rpki.apnic.net/member_repository/A91C956C/FB305A5E0C8A11ECA3191B0CC4F9AE02/2F3F56C42BB411EF8D887F3AC4F9AE02.roa File: 2F3F56C42BB411EF8D887F3AC4F9AE02.roa (raw, json) Hash identifier: Qi+WEKvtCWtvGFWFUb38yBqHoAd83mtV7+scTOUOMc4= Subject key identifier: 3F:31:71:B8:C8:D7:39:17:1E:56:79:87:39:B7:7F:CC:EF:40:F7:12 Certificate issuer: /CN=A91C956C/serialNumber=512D9BDE813CB7BC77190A84F9B18DB8EB4E225F Certificate serial: 04A0 Authority key identifier: 51:2D:9B:DE:81:3C:B7:BC:77:19:0A:84:F9:B1:8D:B8:EB:4E:22:5F Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/US2b3oE8t7x3GQqE-bGNuOtOIl8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C956C/FB305A5E0C8A11ECA3191B0CC4F9AE02/2F3F56C42BB411EF8D887F3AC4F9AE02.roa Signing time: Sat 05 Oct 2024 00:04:01 +0000 ROA not before: Sat 05 Oct 2024 00:04:01 +0000 ROA not after: Mon 01 Dec 2025 00:00:00 +0000 asID: 151952 IP address blocks: 103.172.142.0/23 maxlen: 23 103.172.142.0/24 maxlen: 24 103.172.143.0/24 maxlen: 24 2001:df0:6a40::/48 maxlen: 48 2001:df0:6a40::/49 maxlen: 49 2001:df0:6a40:8000::/49 maxlen: 49 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C956C/FB305A5E0C8A11ECA3191B0CC4F9AE02/US2b3oE8t7x3GQqE-bGNuOtOIl8.crl rsync://rpki.apnic.net/member_repository/A91C956C/FB305A5E0C8A11ECA3191B0CC4F9AE02/US2b3oE8t7x3GQqE-bGNuOtOIl8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/US2b3oE8t7x3GQqE-bGNuOtOIl8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 23:29:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1184 (0x4a0) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C956C, serialNumber=512D9BDE813CB7BC77190A84F9B18DB8EB4E225F Validity Not Before: Oct 5 00:04:01 2024 GMT Not After : Dec 1 00:00:00 2025 GMT Subject: CN=67008271-946e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:b8:78:e4:c3:c4:6e:a4:92:38:fc:a9:6d:21: 62:99:ad:54:70:cb:f3:56:14:c0:5a:2b:26:ea:bb: 37:b0:1b:ae:d2:09:c1:83:df:aa:10:28:2a:35:30: b9:2a:e3:a2:b7:58:e6:bd:70:d2:cf:a4:f9:5c:4b: 2c:e9:04:1c:db:24:d8:9e:7e:8c:99:4c:46:ee:db: a0:25:3a:50:5b:86:db:fc:b7:04:67:ac:16:de:cb: d1:e6:66:65:fa:ac:ce:30:a6:2c:bb:fc:70:b7:19: 6a:1c:34:f4:fd:24:54:d0:1a:74:be:ee:8d:03:24: 19:53:3c:9c:26:e4:cf:7f:e2:c7:6e:63:a1:f6:48: 9c:04:37:29:09:fe:e8:b5:aa:e0:2b:ab:f1:8f:89: d8:ca:72:31:2d:3b:04:75:e7:5d:6f:d2:fe:3b:a4: d5:de:7e:bd:6a:4a:c4:2f:a4:b9:7f:0f:df:7e:81: 8c:04:a6:ba:1b:cf:87:55:00:a7:17:65:8e:69:12: d6:d2:e0:48:8f:38:ce:a2:97:96:c1:8c:83:ae:31: 42:a1:96:18:15:0a:c1:1d:bc:64:17:be:f9:70:19: da:c0:6f:93:d0:f8:97:07:ca:95:46:5d:bd:0b:51: 79:15:07:1a:e9:d0:ae:0d:82:9d:0f:1b:13:f9:0b: 62:19 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3F:31:71:B8:C8:D7:39:17:1E:56:79:87:39:B7:7F:CC:EF:40:F7:12 X509v3 Authority Key Identifier: keyid:51:2D:9B:DE:81:3C:B7:BC:77:19:0A:84:F9:B1:8D:B8:EB:4E:22:5F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C956C/FB305A5E0C8A11ECA3191B0CC4F9AE02/US2b3oE8t7x3GQqE-bGNuOtOIl8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/US2b3oE8t7x3GQqE-bGNuOtOIl8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C956C/FB305A5E0C8A11ECA3191B0CC4F9AE02/2F3F56C42BB411EF8D887F3AC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.172.142.0/23 IPv6: 2001:df0:6a40::/48 Signature Algorithm: sha256WithRSAEncryption 11:47:e7:64:d1:cb:5d:21:bd:f0:a0:b4:17:37:65:57:2b:24: df:b1:32:d0:8e:e0:bd:5c:11:7e:31:98:bc:c7:cb:e2:a6:d5: fb:de:22:81:fe:bb:00:d3:25:ae:34:c5:73:ae:48:1d:03:16: 5a:cc:cd:6b:c1:55:70:cb:84:11:81:d3:09:bb:29:4d:dc:09: a4:e7:05:e2:1b:9a:98:82:68:be:2f:63:91:48:5f:83:8c:7c: bb:ee:d9:3b:00:c6:98:35:2f:8c:c5:8f:03:f1:f0:60:43:2a: fe:12:df:96:2c:90:30:a1:2d:c4:68:9f:e6:6a:d1:f9:d3:72: 74:4a:c2:c1:bd:30:48:3f:5c:c4:31:af:fb:7e:52:a2:48:d6: d1:a7:fd:5b:d4:cd:a8:86:db:28:ec:8a:2d:37:ed:95:64:76: 79:0a:67:19:9e:c9:a7:1d:ac:f5:86:a1:4e:dd:3a:ca:ee:1a: 5e:5e:90:e7:4a:d2:16:c7:9c:ec:eb:15:d2:0e:05:ad:dc:59: 7d:b4:ea:25:23:d2:9d:7e:b7:10:f7:c5:8b:a0:7a:ae:19:4f: 72:67:cf:a1:c9:c4:ed:e0:63:69:20:f0:d8:82:49:71:cf:1f: 66:60:91:15:a3:70:3c:4f:7a:c0:d5:66:59:2b:d8:26:27:54: 66:b0:1a:72 -----BEGIN CERTIFICATE----- MIIFgjCCBGqgAwIBAgICBKAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Qzk1NkMxMTAvBgNVBAUTKDUxMkQ5QkRFODEzQ0I3QkM3NzE5MEE4NEY5QjE4REI4 RUI0RTIyNUYwHhcNMjQxMDA1MDAwNDAxWhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD VQQDEw02NzAwODI3MS05NDZlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAyrh45MPEbqSSOPypbSFima1UcMvzVhTAWism6rs3sBuu0gnBg9+qECgqNTC5 KuOit1jmvXDSz6T5XEss6QQc2yTYnn6MmUxG7tugJTpQW4bb/LcEZ6wW3svR5mZl +qzOMKYsu/xwtxlqHDT0/SRU0Bp0vu6NAyQZUzycJuTPf+LHbmOh9kicBDcpCf7o targK6vxj4nYynIxLTsEdeddb9L+O6TV3n69akrEL6S5fw/ffoGMBKa6G8+HVQCn F2WOaRLW0uBIjzjOopeWwYyDrjFCoZYYFQrBHbxkF775cBnawG+T0PiXB8qVRl29 C1F5FQca6dCuDYKdDxsT+QtiGQIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFD8xcbjI 1zkXHlZ5hzm3f8zvQPcSMB8GA1UdIwQYMBaAFFEtm96BPLe8dxkKhPmxjbjrTiJf MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDOTU2Qy9GQjMwNUE1RTBD OEExMUVDQTMxOTFCMENDNEY5QUUwMi9VUzJiM29FOHQ3eDNHUXFFLWJHTnVPdE9J bDguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1VTMmIzb0U4dDd4M0dRcUUtYkdOdU90T0lsOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx Qzk1NkMvRkIzMDVBNUUwQzhBMTFFQ0EzMTkxQjBDQzRGOUFFMDIvMkYzRjU2QzQy QkI0MTFFRjhEODg3RjNBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E ITAfMAwEAgABMAYDBAFnrI4wDwQCAAIwCQMHACABDfBqQDANBgkqhkiG9w0BAQsF AAOCAQEAEUfnZNHLXSG98KC0FzdlVysk37Ey0I7gvVwRfjGYvMfL4qbV+94igf67 ANMlrjTFc65IHQMWWszNa8FVcMuEEYHTCbspTdwJpOcF4huamIJovi9jkUhfg4x8 u+7ZOwDGmDUvjMWPA/HwYEMq/hLfliyQMKEtxGif5mrR+dNydErCwb0wSD9cxDGv +35SokjW0af9W9TNqIbbKOyKLTftlWR2eQpnGZ7Jpx2s9YahTt06yu4aXl6Q50rS Fsec7OsV0g4FrdxZfbTqJSPSnX63EPfFi6B6rhlPcmfPocnE7eBjaSDw2IJJcc8f ZmCRFaNwPE96wNVmWSvYJidUZrAacg== -----END CERTIFICATE-----Generated at Sat Apr 26 08:07:33 2025 by rpki-client