$ rpki-client -vvf rpki.apnic.net/member_repository/A9140F6E/D0E82DE0AF4311E9B3DFEE68C4F9AE02/33534662AF4511E9B648CE6AC4F9AE02.roa File: 33534662AF4511E9B648CE6AC4F9AE02.roa (raw, json) Hash identifier: qC1ZUsPrNWwJdA7aBQJNijhI12p3O3e9WwlBeIt463M= Subject key identifier: 16:B7:75:B6:34:B7:31:8D:DE:A9:47:7F:61:D7:ED:CB:7F:0B:44:F8 Certificate issuer: /CN=A9140F6E/serialNumber=EC0C482B2D97C28C896FAECD51F50E9B16257441 Certificate serial: 0D5D Authority key identifier: EC:0C:48:2B:2D:97:C2:8C:89:6F:AE:CD:51:F5:0E:9B:16:25:74:41 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7AxIKy2XwoyJb67NUfUOmxYldEE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9140F6E/D0E82DE0AF4311E9B3DFEE68C4F9AE02/33534662AF4511E9B648CE6AC4F9AE02.roa Signing time: Fri 12 Jul 2024 18:56:33 +0000 ROA not before: Fri 12 Jul 2024 18:56:33 +0000 ROA not after: Tue 30 Sep 2025 00:00:00 +0000 asID: 135582 IP address blocks: 103.66.222.0/23 maxlen: 23 103.66.222.0/24 maxlen: 24 103.66.223.0/24 maxlen: 24 103.100.136.0/23 maxlen: 23 103.100.136.0/24 maxlen: 24 103.100.137.0/24 maxlen: 24 2402:61c0::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9140F6E/D0E82DE0AF4311E9B3DFEE68C4F9AE02/7AxIKy2XwoyJb67NUfUOmxYldEE.crl rsync://rpki.apnic.net/member_repository/A9140F6E/D0E82DE0AF4311E9B3DFEE68C4F9AE02/7AxIKy2XwoyJb67NUfUOmxYldEE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7AxIKy2XwoyJb67NUfUOmxYldEE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Nov 2024 17:53:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3421 (0xd5d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9140F6E/serialNumber=EC0C482B2D97C28C896FAECD51F50E9B16257441 Validity Not Before: Jul 12 18:56:33 2024 GMT Not After : Sep 30 00:00:00 2025 GMT Subject: CN=66917c61-d9d4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:2c:47:0b:ea:bc:ca:29:b5:55:77:b7:7e:83: c8:2a:98:3e:8f:39:ff:17:6c:75:25:19:cf:11:ce: 8f:d4:18:1f:ef:b9:e7:a0:1c:28:19:f8:7a:48:2c: 37:06:c8:2d:37:94:8c:ac:21:56:8b:66:8e:ef:bf: 0d:57:f3:02:a0:2b:15:19:12:cd:00:3a:b1:50:f0: b7:b9:0a:45:05:e2:77:40:37:b9:7a:53:8e:2b:2d: 39:e4:95:ef:f1:7d:65:ff:cc:61:e1:29:f0:08:ac: 05:12:d5:56:d2:c3:0e:b9:f6:78:88:0a:a0:de:1c: 84:f6:08:25:69:86:87:64:bd:97:30:52:cb:90:d3: 25:a8:a5:b9:cc:8e:26:d0:6c:51:1b:cd:7c:a4:1e: cd:c5:be:4c:c6:90:3b:a3:00:0c:39:71:f9:b4:5f: e9:28:2d:f2:ec:f8:d6:e2:71:80:6e:71:78:c3:98: 8b:1b:c2:e7:4d:2e:aa:d8:fd:d6:24:8e:bd:03:56: 01:6c:ca:4f:0d:f8:b9:2c:aa:ab:1e:96:f3:de:bf: 5d:08:14:23:67:b5:24:3a:03:6e:ad:59:cd:0d:b6: 2a:93:0b:e1:a2:e9:40:b8:76:92:7a:16:45:d9:69: 38:5b:1d:26:14:50:ee:a9:f4:73:33:b5:ba:a6:93: f9:71 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 16:B7:75:B6:34:B7:31:8D:DE:A9:47:7F:61:D7:ED:CB:7F:0B:44:F8 X509v3 Authority Key Identifier: keyid:EC:0C:48:2B:2D:97:C2:8C:89:6F:AE:CD:51:F5:0E:9B:16:25:74:41 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9140F6E/D0E82DE0AF4311E9B3DFEE68C4F9AE02/7AxIKy2XwoyJb67NUfUOmxYldEE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7AxIKy2XwoyJb67NUfUOmxYldEE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9140F6E/D0E82DE0AF4311E9B3DFEE68C4F9AE02/33534662AF4511E9B648CE6AC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.66.222.0/23 103.100.136.0/23 IPv6: 2402:61c0::/32 Signature Algorithm: sha256WithRSAEncryption 7d:ba:84:63:28:09:d0:35:63:a7:41:69:f3:ae:a0:91:b2:94: 06:e9:2c:f8:bf:f9:25:9a:8a:fb:5b:0f:fe:e2:98:77:36:45: 2c:bb:cd:e1:c7:d1:22:29:d3:73:0f:3b:cc:f9:8b:eb:c4:f4: d6:7a:86:b6:0d:e4:72:c0:ad:56:40:89:d2:b9:81:7a:5d:e2: 0c:d1:35:34:4b:b3:47:af:03:d2:7a:3c:e2:2c:9a:ca:c7:14: d6:c7:c8:aa:d4:4a:4e:ee:a3:00:58:22:2a:5d:b7:80:6d:65: bf:36:d0:1b:26:eb:d4:86:38:cf:72:4e:b5:d1:38:b5:bc:b8: 17:5e:d2:e6:c1:c4:06:08:fc:a5:e0:fc:c1:c2:69:56:15:34: 78:76:08:8f:a0:31:81:3e:31:5e:28:e6:0e:41:d7:07:1b:30: d2:5a:41:71:0e:3b:d2:44:0b:16:8c:bc:2f:47:1d:20:45:02: 87:cf:8b:71:c4:2c:d3:fb:c7:21:5b:15:3a:21:ef:8c:1e:f3: 27:4b:d8:02:5d:8f:3a:f5:28:11:c4:3d:ac:25:d6:27:87:f7: be:83:70:04:b1:25:9f:df:8d:28:47:24:a6:06:4f:3b:cf:55: da:a7:d0:c9:17:03:19:76:4f:ab:9a:2f:ff:86:20:2e:af:64: 4c:4b:17:f7 -----BEGIN CERTIFICATE----- MIIFhjCCBG6gAwIBAgICDV0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDBGNkUxMTAvBgNVBAUTKEVDMEM0ODJCMkQ5N0MyOEM4OTZGQUVDRDUxRjUwRTlC MTYyNTc0NDEwHhcNMjQwNzEyMTg1NjMzWhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD VQQDEw02NjkxN2M2MS1kOWQ0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA2CxHC+q8yim1VXe3foPIKpg+jzn/F2x1JRnPEc6P1Bgf77nnoBwoGfh6SCw3 BsgtN5SMrCFWi2aO778NV/MCoCsVGRLNADqxUPC3uQpFBeJ3QDe5elOOKy055JXv 8X1l/8xh4SnwCKwFEtVW0sMOufZ4iAqg3hyE9gglaYaHZL2XMFLLkNMlqKW5zI4m 0GxRG818pB7Nxb5MxpA7owAMOXH5tF/pKC3y7PjW4nGAbnF4w5iLG8LnTS6q2P3W JI69A1YBbMpPDfi5LKqrHpbz3r9dCBQjZ7UkOgNurVnNDbYqkwvhoulAuHaSehZF 2Wk4Wx0mFFDuqfRzM7W6ppP5cQIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFBa3dbY0 tzGN3qlHf2HX7ct/C0T4MB8GA1UdIwQYMBaAFOwMSCstl8KMiW+uzVH1DpsWJXRB MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0MEY2RS9EMEU4MkRFMEFG NDMxMUU5QjNERkVFNjhDNEY5QUUwMi83QXhJS3kyWHdveUpiNjdOVWZVT214WWxk RUUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzdBeElLeTJYd295SmI2N05VZlVPbXhZbGRFRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NDBGNkUvRDBFODJERTBBRjQzMTFFOUIzREZFRTY4QzRGOUFFMDIvMzM1MzQ2NjJB RjQ1MTFFOUI2NDhDRTZBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E JTAjMBIEAgABMAwDBAFnQt4DBAFnZIgwDQQCAAIwBwMFACQCYcAwDQYJKoZIhvcN AQELBQADggEBAH26hGMoCdA1Y6dBafOuoJGylAbpLPi/+SWaivtbD/7imHc2RSy7 zeHH0SIp03MPO8z5i+vE9NZ6hrYN5HLArVZAidK5gXpd4gzRNTRLs0evA9J6POIs msrHFNbHyKrUSk7uowBYIipdt4BtZb820Bsm69SGOM9yTrXROLW8uBde0ubBxAYI /KXg/MHCaVYVNHh2CI+gMYE+MV4o5g5B1wcbMNJaQXEOO9JECxaMvC9HHSBFAofP i3HELNP7xyFbFToh74we8ydL2AJdjzr1KBHEPawl1ieH976DcASxJZ/fjShHJKYG TzvPVdqn0MkXAxl2T6uaL/+GIC6vZExLF/c= -----END CERTIFICATE-----Generated at Fri Nov 22 19:44:57 2024 by rpki-client on console-fra.rpki-client.org