$ rpki-client -vvf rpki.apnic.net/member_repository/A9138447/4CEB3C3CB0FD11EA8A099242C4F9AE02/6AD73A584A8811ED8D0B8B38C4F9AE02.roa File: 6AD73A584A8811ED8D0B8B38C4F9AE02.roa (raw, json) Hash identifier: fXl2igGJye4ZYwQR43jAvZ6b6h7qYdiNfyIYWYelBPs= Subject key identifier: 71:BD:80:31:FB:D6:1D:96:78:F8:62:A6:A0:E6:84:E6:64:C9:DE:4E Certificate issuer: /CN=A9138447/serialNumber=1F6C334EBC6462A26452867ABB5F84EF68ADC02C Certificate serial: 085F Authority key identifier: 1F:6C:33:4E:BC:64:62:A2:64:52:86:7A:BB:5F:84:EF:68:AD:C0:2C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/H2wzTrxkYqJkUoZ6u1-E72itwCw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9138447/4CEB3C3CB0FD11EA8A099242C4F9AE02/6AD73A584A8811ED8D0B8B38C4F9AE02.roa Signing time: Wed 04 Sep 2024 21:29:15 +0000 ROA not before: Wed 04 Sep 2024 21:29:15 +0000 ROA not after: Fri 31 Oct 2025 00:00:00 +0000 asID: 55707 IP address blocks: 103.1.108.0/22 maxlen: 22 103.1.108.0/24 maxlen: 24 103.1.109.0/24 maxlen: 24 103.1.110.0/24 maxlen: 24 103.1.111.0/24 maxlen: 24 103.23.104.0/23 maxlen: 24 103.23.106.0/23 maxlen: 24 163.47.252.0/22 maxlen: 24 203.31.114.0/23 maxlen: 24 223.25.112.0/21 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9138447/4CEB3C3CB0FD11EA8A099242C4F9AE02/H2wzTrxkYqJkUoZ6u1-E72itwCw.crl rsync://rpki.apnic.net/member_repository/A9138447/4CEB3C3CB0FD11EA8A099242C4F9AE02/H2wzTrxkYqJkUoZ6u1-E72itwCw.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/H2wzTrxkYqJkUoZ6u1-E72itwCw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Nov 2024 20:22:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2143 (0x85f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9138447/serialNumber=1F6C334EBC6462A26452867ABB5F84EF68ADC02C Validity Not Before: Sep 4 21:29:15 2024 GMT Not After : Oct 31 00:00:00 2025 GMT Subject: CN=66d8d12a-4663 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:32:5e:e0:a1:8f:ae:32:d3:62:63:f8:94:86: dd:91:cb:0d:41:2e:dc:b0:94:57:20:71:8a:45:73: 75:87:45:21:d0:b5:77:50:b5:e8:7e:ea:c9:e4:df: a7:53:97:b0:0d:d7:fe:d9:bf:73:0c:d4:56:bc:10: 3c:ad:37:ea:69:aa:4f:70:13:31:13:fb:e3:3e:88: 74:d8:b2:6a:a7:0b:97:86:4a:a4:2e:ef:a5:19:d7: 30:98:34:2c:b8:82:dd:ab:c0:1e:07:25:2a:eb:fb: 5d:fe:05:f2:aa:4b:cc:4c:11:6d:3b:29:c0:9b:b0: 40:c1:1c:ef:1c:7f:ec:01:63:a5:3f:f9:79:ce:6d: 45:a1:ad:c8:e6:3e:c1:0e:ca:eb:78:4f:f8:e8:14: 81:96:8e:5e:7e:41:9c:d8:6a:50:87:d4:d7:17:98: a2:1b:8f:4f:8f:19:5c:e8:ec:3c:f1:c5:74:b1:ce: b5:cd:6b:9f:76:cb:43:9e:79:bb:36:bb:71:ec:1a: 07:0f:c4:5f:81:8e:b3:f7:74:f4:9f:9a:c5:c1:ef: 7f:9f:f8:39:ff:99:10:f6:04:92:96:62:51:2f:e5: e4:85:3e:86:9c:c2:85:73:2d:8e:3d:f6:2b:55:02: e0:06:dd:c9:cf:54:f3:6c:6b:4e:82:77:39:e2:a4: 98:49 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 71:BD:80:31:FB:D6:1D:96:78:F8:62:A6:A0:E6:84:E6:64:C9:DE:4E X509v3 Authority Key Identifier: keyid:1F:6C:33:4E:BC:64:62:A2:64:52:86:7A:BB:5F:84:EF:68:AD:C0:2C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9138447/4CEB3C3CB0FD11EA8A099242C4F9AE02/H2wzTrxkYqJkUoZ6u1-E72itwCw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/H2wzTrxkYqJkUoZ6u1-E72itwCw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9138447/4CEB3C3CB0FD11EA8A099242C4F9AE02/6AD73A584A8811ED8D0B8B38C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.1.108.0/22 103.23.104.0/22 163.47.252.0/22 203.31.114.0/23 223.25.112.0/21 Signature Algorithm: sha256WithRSAEncryption 18:cf:69:77:19:21:a7:7d:35:18:4d:3d:37:04:6f:d6:cc:a9: 46:99:e6:05:56:ba:f1:78:5d:2d:98:68:af:91:3d:4e:02:fa: 5e:79:2e:76:9e:d5:8a:d9:16:e3:77:5c:d9:3c:6a:05:e3:4f: 31:10:90:3a:34:4b:de:9e:16:91:b4:99:df:9d:52:32:97:80: 41:0f:e9:5c:64:8f:a8:a5:f7:90:ec:10:eb:0e:cf:f4:76:00: df:0f:b2:46:68:37:71:99:39:6b:50:d0:80:5f:31:54:cb:fe: 60:70:b3:60:c0:32:c9:db:19:48:bc:ca:9b:7e:15:6e:62:ca: bc:4e:1f:2f:19:58:92:03:df:42:1a:07:0a:50:d2:04:1a:6c: c9:98:6b:50:fc:1d:32:4a:64:7d:d0:93:61:bc:0a:4b:e9:05: fd:b9:fb:3c:36:a9:21:b1:07:d4:6d:b8:dd:f0:32:83:4f:cd: 3e:4d:ad:05:f7:2d:bb:08:66:ad:2f:5f:a0:0c:bd:23:5a:8b: 25:25:ee:5d:6e:22:81:74:25:e7:0b:f9:f7:26:7f:cf:bc:bd: 39:f4:86:6a:4c:b3:48:7c:e3:33:98:ce:b2:cc:b7:31:5b:4f: 57:ab:ae:6f:ef:82:84:e0:06:d4:9b:67:a2:59:8e:7a:a1:47: 9d:9c:15:ae -----BEGIN CERTIFICATE----- MIIFiTCCBHGgAwIBAgICCF8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Mzg0NDcxMTAvBgNVBAUTKDFGNkMzMzRFQkM2NDYyQTI2NDUyODY3QUJCNUY4NEVG NjhBREMwMkMwHhcNMjQwOTA0MjEyOTE1WhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NmQ4ZDEyYS00NjYzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEApDJe4KGPrjLTYmP4lIbdkcsNQS7csJRXIHGKRXN1h0Uh0LV3ULXofurJ5N+n U5ewDdf+2b9zDNRWvBA8rTfqaapPcBMxE/vjPoh02LJqpwuXhkqkLu+lGdcwmDQs uILdq8AeByUq6/td/gXyqkvMTBFtOynAm7BAwRzvHH/sAWOlP/l5zm1Foa3I5j7B DsrreE/46BSBlo5efkGc2GpQh9TXF5iiG49Pjxlc6Ow88cV0sc61zWufdstDnnm7 Nrtx7BoHD8RfgY6z93T0n5rFwe9/n/g5/5kQ9gSSlmJRL+XkhT6GnMKFcy2OPfYr VQLgBt3Jz1TzbGtOgnc54qSYSQIDAQABo4ICrTCCAqkwHQYDVR0OBBYEFHG9gDH7 1h2WePhipqDmhOZkyd5OMB8GA1UdIwQYMBaAFB9sM068ZGKiZFKGertfhO9orcAs MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzODQ0Ny80Q0VCM0MzQ0Iw RkQxMUVBOEEwOTkyNDJDNEY5QUUwMi9IMnd6VHJ4a1lxSmtVb1o2dTEtRTcyaXR3 Q3cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0gyd3pUcnhrWXFKa1VvWjZ1MS1FNzJpdHdDdy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx Mzg0NDcvNENFQjNDM0NCMEZEMTFFQThBMDk5MjQyQzRGOUFFMDIvNkFENzNBNTg0 QTg4MTFFRDhEMEI4QjM4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNwYIKwYBBQUHAQcBAf8E KDAmMCQEAgABMB4DBAJnAWwDBAJnF2gDBAKjL/wDBAHLH3IDBAPfGXAwDQYJKoZI hvcNAQELBQADggEBABjPaXcZIad9NRhNPTcEb9bMqUaZ5gVWuvF4XS2YaK+RPU4C +l55Lnae1YrZFuN3XNk8agXjTzEQkDo0S96eFpG0md+dUjKXgEEP6Vxkj6il95Ds EOsOz/R2AN8PskZoN3GZOWtQ0IBfMVTL/mBws2DAMsnbGUi8ypt+FW5iyrxOHy8Z WJID30IaBwpQ0gQabMmYa1D8HTJKZH3Qk2G8CkvpBf25+zw2qSGxB9RtuN3wMoNP zT5NrQX3LbsIZq0vX6AMvSNaiyUl7l1uIoF0JecL+fcmf8+8vTn0hmpMs0h84zOY zrLMtzFbT1errm/vgoTgBtSbZ6JZjnqhR52cFa4= -----END CERTIFICATE-----Generated at Fri Nov 22 22:14:24 2024 by rpki-client on console-ams.rpki-client.org