$ rpki-client -vvf rpki.apnic.net/member_repository/A913F721/6442437A53AC11EA9AD54B2FC4F9AE02/FDC0F2F89AEC11EFA68D4760C4F9AE02.roa File: FDC0F2F89AEC11EFA68D4760C4F9AE02.roa (raw, json) Hash identifier: UFuamErfceQj29/LKMOZcfd9a9NTziJPo7BP3Lh5pAA= Subject key identifier: 86:8A:0C:31:8B:B3:D9:53:5E:87:2D:CC:15:CE:6A:75:B2:0B:C8:A4 Certificate issuer: /CN=A913F721/serialNumber=1DD717B229936190CEB667C7CE1CA9F9BFB5FAC4 Certificate serial: 0A9B Authority key identifier: 1D:D7:17:B2:29:93:61:90:CE:B6:67:C7:CE:1C:A9:F9:BF:B5:FA:C4 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HdcXsimTYZDOtmfHzhyp-b-1-sQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A913F721/6442437A53AC11EA9AD54B2FC4F9AE02/FDC0F2F89AEC11EFA68D4760C4F9AE02.roa Signing time: Mon 04 Nov 2024 20:40:51 +0000 ROA not before: Mon 04 Nov 2024 20:40:51 +0000 ROA not after: Tue 01 Jul 2025 00:00:00 +0000 asID: 137703 IP address blocks: 103.113.192.0/22 maxlen: 24 2404:5e40::/33 maxlen: 33 2404:5e40::/48 maxlen: 48 2404:5e40:1::/48 maxlen: 48 2404:5e40:2::/48 maxlen: 48 2404:5e40:3::/48 maxlen: 48 2404:5e40:4::/48 maxlen: 48 2404:5e40:5::/48 maxlen: 48 2404:5e40:6::/48 maxlen: 48 2404:5e40:7::/48 maxlen: 48 2404:5e40:8::/48 maxlen: 48 2404:5e40:9::/48 maxlen: 48 2404:5e40:a::/48 maxlen: 48 2404:5e40:b::/48 maxlen: 48 2404:5e40:c::/48 maxlen: 48 2404:5e40:d::/48 maxlen: 48 2404:5e40:e::/48 maxlen: 48 2404:5e40:f::/48 maxlen: 48 2404:5e40:8000::/33 maxlen: 33 2404:5e40:8000::/48 maxlen: 48 2404:5e40:8001::/48 maxlen: 48 2404:5e40:8002::/48 maxlen: 48 2404:5e40:8003::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A913F721/6442437A53AC11EA9AD54B2FC4F9AE02/HdcXsimTYZDOtmfHzhyp-b-1-sQ.crl rsync://rpki.apnic.net/member_repository/A913F721/6442437A53AC11EA9AD54B2FC4F9AE02/HdcXsimTYZDOtmfHzhyp-b-1-sQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HdcXsimTYZDOtmfHzhyp-b-1-sQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Nov 2024 19:28:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2715 (0xa9b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A913F721/serialNumber=1DD717B229936190CEB667C7CE1CA9F9BFB5FAC4 Validity Not Before: Nov 4 20:40:51 2024 GMT Not After : Jul 1 00:00:00 2025 GMT Subject: CN=67293153-eae9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9f:1c:c6:a1:a5:05:cd:f6:d5:cc:27:47:d2:0b: 9e:2d:b9:de:a0:a4:e8:7c:45:ba:93:e7:78:2b:08: 9b:6d:f3:65:e0:ca:2e:2d:10:c9:60:60:db:d0:c8: 93:aa:75:fc:58:1a:16:f9:90:20:98:6f:e0:e7:b0: c2:a9:ad:38:b1:64:d2:f1:4a:0e:07:73:0f:6f:ef: b7:d3:62:9c:e7:9a:68:50:23:4b:59:32:0e:88:42: f1:bf:c6:2b:ad:de:61:66:d8:e0:64:c4:85:46:0c: 0b:7c:30:d4:9c:4e:13:f7:23:7c:e8:53:b6:8c:1f: 23:a7:ba:04:c8:a1:7f:e4:51:9a:95:40:50:c9:2d: 13:35:13:3d:c6:a4:f4:6f:50:57:4d:b1:cb:6b:f6: 06:23:45:17:5e:84:69:d2:19:d0:d4:ed:3a:90:06: 5a:3a:04:16:32:e7:73:3b:b2:eb:85:da:81:eb:89: cd:90:a8:67:20:a4:43:0d:c7:1a:6d:57:35:d8:c9: 13:b4:3f:a9:ff:31:51:5c:b7:55:8f:7e:c7:ea:02: f6:9e:45:c5:09:e1:f6:10:29:42:7f:56:ad:17:35: 2d:cd:c6:2c:55:ad:b7:23:26:0b:7b:83:7b:c0:19: c0:22:5c:cb:01:03:9d:06:de:4c:79:ce:8c:5c:65: c0:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 86:8A:0C:31:8B:B3:D9:53:5E:87:2D:CC:15:CE:6A:75:B2:0B:C8:A4 X509v3 Authority Key Identifier: keyid:1D:D7:17:B2:29:93:61:90:CE:B6:67:C7:CE:1C:A9:F9:BF:B5:FA:C4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A913F721/6442437A53AC11EA9AD54B2FC4F9AE02/HdcXsimTYZDOtmfHzhyp-b-1-sQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HdcXsimTYZDOtmfHzhyp-b-1-sQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913F721/6442437A53AC11EA9AD54B2FC4F9AE02/FDC0F2F89AEC11EFA68D4760C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.113.192.0/22 IPv6: 2404:5e40::/32 Signature Algorithm: sha256WithRSAEncryption 9e:ea:60:9b:51:84:5c:c2:25:a9:f8:fd:32:e4:08:31:6b:25: aa:c9:4f:75:00:5a:26:6f:92:3c:ca:cd:65:03:62:65:38:53: ba:5e:fb:66:fc:ac:65:cd:68:29:6d:13:8e:04:3f:df:4a:8f: 68:4b:6c:55:45:97:63:e0:dc:da:15:ae:4a:90:85:2d:39:f3: a9:d1:52:45:9a:25:e9:db:ee:77:14:a0:8d:54:37:4b:bc:58: 85:31:c5:fe:9d:5f:c2:44:f8:eb:e2:61:7e:41:c7:aa:a7:33: 3c:52:b8:e9:25:af:26:70:33:35:d5:9a:a2:0b:41:f6:b8:31: e9:31:ec:d6:55:80:ff:53:68:e5:a0:41:76:ec:47:5b:1d:d7: 2f:41:65:85:37:e9:84:a0:c1:8c:62:60:37:08:b6:88:1c:49: f5:3b:e7:7a:10:05:e3:dc:f3:fa:07:3c:20:54:00:dd:b5:3c: d8:72:60:69:26:ef:2e:2e:38:06:28:1e:da:11:fe:df:dc:17: 3e:c9:9e:49:02:c9:86:a4:a4:70:89:a0:82:42:ee:ef:60:97: 6a:7a:39:28:f3:7b:e6:b9:30:d7:78:f3:c0:7d:f5:63:47:6e: bd:d4:7e:62:e1:8a:c9:ab:e7:74:c1:d3:c4:5c:d5:93:1f:29: 8c:8c:38:21 -----BEGIN CERTIFICATE----- MIIFgDCCBGigAwIBAgICCpswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx M0Y3MjExMTAvBgNVBAUTKDFERDcxN0IyMjk5MzYxOTBDRUI2NjdDN0NFMUNBOUY5 QkZCNUZBQzQwHhcNMjQxMTA0MjA0MDUxWhcNMjUwNzAxMDAwMDAwWjAYMRYwFAYD VQQDEw02NzI5MzE1My1lYWU5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAnxzGoaUFzfbVzCdH0gueLbneoKTofEW6k+d4KwibbfNl4MouLRDJYGDb0MiT qnX8WBoW+ZAgmG/g57DCqa04sWTS8UoOB3MPb++302Kc55poUCNLWTIOiELxv8Yr rd5hZtjgZMSFRgwLfDDUnE4T9yN86FO2jB8jp7oEyKF/5FGalUBQyS0TNRM9xqT0 b1BXTbHLa/YGI0UXXoRp0hnQ1O06kAZaOgQWMudzO7LrhdqB64nNkKhnIKRDDcca bVc12MkTtD+p/zFRXLdVj37H6gL2nkXFCeH2EClCf1atFzUtzcYsVa23IyYLe4N7 wBnAIlzLAQOdBt5Mec6MXGXAZQIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFIaKDDGL s9lTXoctzBXOanWyC8ikMB8GA1UdIwQYMBaAFB3XF7Ipk2GQzrZnx84cqfm/tfrE MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzRjcyMS82NDQyNDM3QTUz QUMxMUVBOUFENTRCMkZDNEY5QUUwMi9IZGNYc2ltVFlaRE90bWZIemh5cC1iLTEt c1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0hkY1hzaW1UWVpET3RtZkh6aHlwLWItMS1zUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx M0Y3MjEvNjQ0MjQzN0E1M0FDMTFFQTlBRDU0QjJGQzRGOUFFMDIvRkRDMEYyRjg5 QUVDMTFFRkE2OEQ0NzYwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E HzAdMAwEAgABMAYDBAJnccAwDQQCAAIwBwMFACQEXkAwDQYJKoZIhvcNAQELBQAD ggEBAJ7qYJtRhFzCJan4/TLkCDFrJarJT3UAWiZvkjzKzWUDYmU4U7pe+2b8rGXN aCltE44EP99Kj2hLbFVFl2Pg3NoVrkqQhS0586nRUkWaJenb7ncUoI1UN0u8WIUx xf6dX8JE+OviYX5Bx6qnMzxSuOklryZwMzXVmqILQfa4Mekx7NZVgP9TaOWgQXbs R1sd1y9BZYU36YSgwYxiYDcItogcSfU753oQBePc8/oHPCBUAN21PNhyYGkm7y4u OAYoHtoR/t/cFz7JnkkCyYakpHCJoIJC7u9gl2p6OSjze+a5MNd488B99WNHbr3U fmLhismr53TB08Rc1ZMfKYyMOCE= -----END CERTIFICATE-----Generated at Fri Nov 22 21:05:27 2024 by rpki-client on console-fra.rpki-client.org