$ rpki-client -vvf rpki.apnic.net/member_repository/A9143B09/3B367BCE33B711E9AD0F587AC4F9AE02/E1204FC4B08411EFAB2B3E23C4F9AE02.roa File: E1204FC4B08411EFAB2B3E23C4F9AE02.roa (raw, json) Hash identifier: ykQKViNxk5zASsr8quw9f2EYyud/AjjPgSyVl/lSosc= Subject key identifier: 6A:5D:0A:17:70:29:DC:34:86:56:D8:EB:AD:13:CE:A5:81:C9:1E:E8 Certificate issuer: /CN=A9143B09/serialNumber=5329700B4DDDAD9E3FCDC3273F4D18D3E3045DC0 Certificate serial: 0863 Authority key identifier: 53:29:70:0B:4D:DD:AD:9E:3F:CD:C3:27:3F:4D:18:D3:E3:04:5D:C0 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UylwC03drZ4_zcMnP00Y0-MEXcA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9143B09/3B367BCE33B711E9AD0F587AC4F9AE02/E1204FC4B08411EFAB2B3E23C4F9AE02.roa Signing time: Mon 02 Dec 2024 08:10:23 +0000 ROA not before: Mon 02 Dec 2024 08:10:23 +0000 ROA not after: Wed 28 May 2025 00:00:00 +0000 asID: 133957 IP address blocks: 45.118.68.0/24 maxlen: 24 45.118.69.0/24 maxlen: 24 45.118.71.0/24 maxlen: 24 103.49.200.0/24 maxlen: 24 103.49.202.0/24 maxlen: 24 103.49.203.0/24 maxlen: 24 2402:1c80::/32 maxlen: 33 2402:1c80::/34 maxlen: 34 2402:1c80:a000::/36 maxlen: 36 2402:1c80:b000::/36 maxlen: 36 2402:1c80:c000::/34 maxlen: 40 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9143B09/3B367BCE33B711E9AD0F587AC4F9AE02/UylwC03drZ4_zcMnP00Y0-MEXcA.crl rsync://rpki.apnic.net/member_repository/A9143B09/3B367BCE33B711E9AD0F587AC4F9AE02/UylwC03drZ4_zcMnP00Y0-MEXcA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UylwC03drZ4_zcMnP00Y0-MEXcA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 11 Apr 2025 17:27:47 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2147 (0x863) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9143B09 Validity Not Before: Dec 2 08:10:23 2024 GMT Not After : May 28 00:00:00 2025 GMT Subject: CN=674d6b6f-001a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:90:43:75:9f:9e:18:2c:73:91:1c:0c:d9:96: df:22:c9:d4:ac:04:b4:4c:63:6f:1a:01:4e:62:8a: ad:79:d9:6d:9e:d5:ab:af:ce:4d:29:36:dd:98:c5: c1:61:33:e4:a4:3d:a8:d1:db:73:97:34:77:0f:08: ef:68:89:81:fd:a6:08:d4:8a:04:8d:d9:81:7b:b4: 4b:cd:80:c6:c0:bc:0d:2e:1d:1f:67:0f:05:3d:2b: 6a:65:c8:74:52:1a:fe:23:02:3d:e6:8d:5c:80:54: ab:87:3a:69:d0:cd:34:06:a2:5f:b1:ab:bc:be:e2: e8:d1:f2:8e:2a:9d:b5:36:41:ce:09:11:16:a3:76: 15:06:a2:66:95:7a:7a:ae:af:55:29:e8:27:69:93: 15:07:28:f8:da:6c:67:53:f0:d4:4d:ec:39:34:a5: 47:e2:e2:92:14:de:66:c6:d5:31:42:9e:5f:f1:df: f8:40:75:f7:06:89:99:a5:1f:eb:de:04:e1:7b:f4: 7e:b9:65:52:1e:1f:4f:f7:11:e5:7e:5b:6f:42:f2: da:ab:f8:97:13:ec:80:65:9e:24:33:20:a9:59:03: f6:5b:b5:aa:17:13:80:0e:d1:bf:77:6f:d4:b5:65: 4c:c2:03:e9:b0:86:ab:ab:66:3f:0f:2d:e3:c5:3e: 10:1b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6A:5D:0A:17:70:29:DC:34:86:56:D8:EB:AD:13:CE:A5:81:C9:1E:E8 X509v3 Authority Key Identifier: keyid:53:29:70:0B:4D:DD:AD:9E:3F:CD:C3:27:3F:4D:18:D3:E3:04:5D:C0 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9143B09/3B367BCE33B711E9AD0F587AC4F9AE02/UylwC03drZ4_zcMnP00Y0-MEXcA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UylwC03drZ4_zcMnP00Y0-MEXcA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9143B09/3B367BCE33B711E9AD0F587AC4F9AE02/E1204FC4B08411EFAB2B3E23C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 45.118.68.0/23 45.118.71.0/24 103.49.200.0/24 103.49.202.0/23 IPv6: 2402:1c80::/32 Signature Algorithm: sha256WithRSAEncryption 94:0d:9a:17:8b:95:6f:e0:3e:58:93:e7:a5:72:1c:26:17:3e: 47:71:97:9d:1d:69:18:fb:77:5b:f7:6a:e7:da:e4:7b:bf:d5: be:79:fe:87:a8:72:b8:0a:8a:bf:3b:cb:9a:aa:dc:22:60:e5: dd:06:b3:a3:55:59:e4:44:22:c5:22:2f:12:ec:aa:72:1e:e3: 1e:b1:4b:ad:84:fe:b2:65:64:80:8b:e4:c8:2b:6d:ed:2b:17: fa:c3:1c:ea:e7:77:97:15:5c:02:54:98:37:4f:9c:21:2c:65: 97:37:f6:6d:38:1a:30:d3:81:e2:67:30:19:b4:5c:dd:9e:b5: 45:af:88:8b:ed:66:1d:d2:cf:a7:48:e1:b4:78:52:24:10:be: 27:d4:a1:06:c1:07:a1:f0:c5:57:89:3c:c4:8b:94:72:ad:28: 82:f9:ef:f0:55:50:9d:93:b7:73:5c:af:e8:4e:5d:50:5c:80: 40:c2:c5:62:d2:dc:61:4f:7d:94:c2:5c:ae:29:93:85:bd:bf: b6:0f:79:98:b4:01:6f:cb:0d:33:30:3c:63:60:ca:2e:e8:41: 60:07:94:cb:cf:16:e2:14:42:e4:53:39:21:05:46:06:80:e4: 3c:d0:9a:69:e6:b3:ea:8e:df:31:37:b7:ef:61:02:91:5d:a7: 31:b0:5f:dd -----BEGIN CERTIFICATE----- MIIFkjCCBHqgAwIBAgICCGMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDNCMDkxMTAvBgNVBAUTKDUzMjk3MDBCNEREREFEOUUzRkNEQzMyNzNGNEQxOEQz RTMwNDVEQzAwHhcNMjQxMjAyMDgxMDIzWhcNMjUwNTI4MDAwMDAwWjAYMRYwFAYD VQQDEw02NzRkNmI2Zi0wMDFhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAsJBDdZ+eGCxzkRwM2ZbfIsnUrAS0TGNvGgFOYoqtedltntWrr85NKTbdmMXB YTPkpD2o0dtzlzR3DwjvaImB/aYI1IoEjdmBe7RLzYDGwLwNLh0fZw8FPStqZch0 Uhr+IwI95o1cgFSrhzpp0M00BqJfsau8vuLo0fKOKp21NkHOCREWo3YVBqJmlXp6 rq9VKegnaZMVByj42mxnU/DUTew5NKVH4uKSFN5mxtUxQp5f8d/4QHX3BomZpR/r 3gThe/R+uWVSHh9P9xHlfltvQvLaq/iXE+yAZZ4kMyCpWQP2W7WqFxOADtG/d2/U tWVMwgPpsIarq2Y/Dy3jxT4QGwIDAQABo4ICtjCCArIwHQYDVR0OBBYEFGpdChdw Kdw0hlbY660TzqWByR7oMB8GA1UdIwQYMBaAFFMpcAtN3a2eP83DJz9NGNPjBF3A MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0M0IwOS8zQjM2N0JDRTMz QjcxMUU5QUQwRjU4N0FDNEY5QUUwMi9VeWx3QzAzZHJaNF96Y01uUDAwWTAtTUVY Y0EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1V5bHdDMDNkclo0X3pjTW5QMDBZMC1NRVhjQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NDNCMDkvM0IzNjdCQ0UzM0I3MTFFOUFEMEY1ODdBQzRGOUFFMDIvRTEyMDRGQzRC MDg0MTFFRkFCMkIzRTIzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQAYIKwYBBQUHAQcBAf8E MTAvMB4EAgABMBgDBAEtdkQDBAAtdkcDBABnMcgDBAFnMcowDQQCAAIwBwMFACQC HIAwDQYJKoZIhvcNAQELBQADggEBAJQNmheLlW/gPliT56VyHCYXPkdxl50daRj7 d1v3aufa5Hu/1b55/oeocrgKir87y5qq3CJg5d0Gs6NVWeREIsUiLxLsqnIe4x6x S62E/rJlZICL5Mgrbe0rF/rDHOrnd5cVXAJUmDdPnCEsZZc39m04GjDTgeJnMBm0 XN2etUWviIvtZh3Sz6dI4bR4UiQQvifUoQbBB6HwxVeJPMSLlHKtKIL57/BVUJ2T t3Ncr+hOXVBcgEDCxWLS3GFPfZTCXK4pk4W9v7YPeZi0AW/LDTMwPGNgyi7oQWAH lMvPFuIUQuRTOSEFRgaA5DzQmmnms+qO3zE3t+9hApFdpzGwX90= -----END CERTIFICATE-----Generated at Sat Apr 5 02:03:07 2025 by rpki-client