$ rpki-client -vvf rpki.apnic.net/member_repository/A9153134/E65FA8A0545311EF8AD77409C4F9AE02/F32DDE98545411EFA3BC6B2BC4F9AE02.roa File: F32DDE98545411EFA3BC6B2BC4F9AE02.roa (raw, json) Hash identifier: jlXohEw0btRgU9kVspXT8+fcohZF13SEjwBaXsRZEVQ= Subject key identifier: F1:31:25:F2:25:C1:EB:C4:E6:E9:39:35:A1:46:97:E4:69:0E:F7:6E Certificate issuer: /CN=A9153134/serialNumber=8442DC46024006011AD5CF48CD7E4C48BB97A11E Certificate serial: 5F Authority key identifier: 84:42:DC:46:02:40:06:01:1A:D5:CF:48:CD:7E:4C:48:BB:97:A1:1E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hELcRgJABgEa1c9IzX5MSLuXoR4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9153134/E65FA8A0545311EF8AD77409C4F9AE02/F32DDE98545411EFA3BC6B2BC4F9AE02.roa Signing time: Fri 25 Oct 2024 01:08:46 +0000 ROA not before: Fri 25 Oct 2024 01:08:45 +0000 ROA not after: Fri 31 Oct 2025 00:00:00 +0000 asID: 138189 IP address blocks: 103.122.40.0/22 maxlen: 22 103.122.40.0/24 maxlen: 24 103.122.41.0/24 maxlen: 24 103.122.42.0/24 maxlen: 24 103.122.43.0/24 maxlen: 24 202.36.32.0/24 maxlen: 24 203.132.4.0/22 maxlen: 24 2001:df6:6500::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9153134/E65FA8A0545311EF8AD77409C4F9AE02/hELcRgJABgEa1c9IzX5MSLuXoR4.crl rsync://rpki.apnic.net/member_repository/A9153134/E65FA8A0545311EF8AD77409C4F9AE02/hELcRgJABgEa1c9IzX5MSLuXoR4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hELcRgJABgEa1c9IzX5MSLuXoR4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 30 Nov 2024 02:50:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 95 (0x5f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9153134/serialNumber=8442DC46024006011AD5CF48CD7E4C48BB97A11E Validity Not Before: Oct 25 01:08:45 2024 GMT Not After : Oct 31 00:00:00 2025 GMT Subject: CN=671aef9d-fa80 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dd:6a:13:49:98:03:70:37:d3:12:2c:bb:c4:71: 75:8e:bd:58:0c:59:77:40:52:1e:a5:96:38:b3:f9: 0f:c6:10:9b:7a:df:fe:02:ba:1e:7e:53:5a:b8:21: df:37:16:ca:89:ab:26:66:b5:02:b3:6c:1e:21:ea: bb:71:72:3a:08:3f:3e:32:90:f8:20:6b:0f:00:e8: bc:4d:62:5a:2e:2f:7d:4d:93:15:a0:d6:85:e0:01: ff:a3:84:06:ec:0e:0e:59:29:d8:de:98:14:16:85: f6:d7:d3:97:32:91:9e:86:cf:19:47:e2:5c:14:e8: ac:7b:43:b5:ef:f0:86:d0:b6:f5:6c:16:43:84:c2: 71:0c:64:e5:6c:b4:6b:1d:51:14:60:14:9f:96:e6: 87:95:d1:fd:d4:97:f3:6c:86:02:b0:28:ee:36:2f: da:d7:3a:61:cd:30:bc:a7:43:0f:9f:2b:c3:7d:13: ff:cb:05:28:df:ac:f5:d6:02:7a:1f:00:bb:4d:53: c5:b6:57:da:7b:03:97:45:a8:bf:8f:9b:91:fc:35: ca:de:ef:4d:69:1a:bf:66:83:3d:d9:f4:5e:74:cd: b6:30:a7:21:ed:d5:31:52:6c:a8:ee:ae:3d:01:9b: d8:84:a8:2b:45:fc:07:ca:d4:63:f3:dd:ca:50:52: 18:3d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F1:31:25:F2:25:C1:EB:C4:E6:E9:39:35:A1:46:97:E4:69:0E:F7:6E X509v3 Authority Key Identifier: keyid:84:42:DC:46:02:40:06:01:1A:D5:CF:48:CD:7E:4C:48:BB:97:A1:1E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9153134/E65FA8A0545311EF8AD77409C4F9AE02/hELcRgJABgEa1c9IzX5MSLuXoR4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hELcRgJABgEa1c9IzX5MSLuXoR4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9153134/E65FA8A0545311EF8AD77409C4F9AE02/F32DDE98545411EFA3BC6B2BC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.122.40.0/22 202.36.32.0/24 203.132.4.0/22 IPv6: 2001:df6:6500::/48 Signature Algorithm: sha256WithRSAEncryption 44:2d:9a:dd:65:1a:86:b1:8f:ed:26:1c:27:b7:f9:1a:bc:92: 58:b5:21:cc:62:c0:45:5b:ec:ab:08:30:03:a2:78:1f:13:21: 4b:32:18:62:83:7e:35:a4:58:f7:79:d2:5c:f8:bb:89:30:be: 55:19:5a:46:4d:5d:26:15:97:9b:62:fc:af:58:16:c4:d3:f3: bb:ce:27:ad:ae:f0:2d:15:27:fb:54:35:74:d8:99:a2:70:fc: ed:f3:17:5a:62:c1:04:23:04:80:ec:63:f9:46:89:2d:c5:6c: c8:4c:36:74:f8:2f:88:c1:c4:16:cd:77:6a:d3:d2:64:79:e5: 6b:e9:3d:61:e8:07:45:d0:65:67:5e:5e:63:46:22:f1:66:7b: 48:f6:be:d2:83:45:82:97:4f:8b:59:85:c8:e6:9b:f8:04:aa: 1b:4a:5e:73:7b:09:55:08:3b:b4:b6:63:82:70:a1:67:0d:a4: 74:fe:ac:ef:12:4a:d0:7e:5b:d4:ce:9c:45:aa:41:7b:4a:bf: 7a:f7:fa:34:9d:42:48:ae:ef:91:90:95:c0:d1:b2:8d:1d:11: a6:ba:45:96:25:31:2f:77:a8:ae:87:15:2e:14:6c:d1:c4:eb: f1:91:25:e3:42:cf:9d:ca:61:a1:93:87:51:f8:c9:4e:50:f3: 52:20:90:e4 -----BEGIN CERTIFICATE----- MIIFjTCCBHWgAwIBAgIBXzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE1 MzEzNDExMC8GA1UEBRMoODQ0MkRDNDYwMjQwMDYwMTFBRDVDRjQ4Q0Q3RTRDNDhC Qjk3QTExRTAeFw0yNDEwMjUwMTA4NDVaFw0yNTEwMzEwMDAwMDBaMBgxFjAUBgNV BAMTDTY3MWFlZjlkLWZhODAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDdahNJmANwN9MSLLvEcXWOvVgMWXdAUh6lljiz+Q/GEJt63/4Cuh5+U1q4Id83 FsqJqyZmtQKzbB4h6rtxcjoIPz4ykPggaw8A6LxNYlouL31NkxWg1oXgAf+jhAbs Dg5ZKdjemBQWhfbX05cykZ6GzxlH4lwU6Kx7Q7Xv8IbQtvVsFkOEwnEMZOVstGsd URRgFJ+W5oeV0f3Ul/NshgKwKO42L9rXOmHNMLynQw+fK8N9E//LBSjfrPXWAnof ALtNU8W2V9p7A5dFqL+Pm5H8Ncre701pGr9mgz3Z9F50zbYwpyHt1TFSbKjurj0B m9iEqCtF/AfK1GPz3cpQUhg9AgMBAAGjggKyMIICrjAdBgNVHQ4EFgQU8TEl8iXB 68Tm6Tk1oUaX5GkO924wHwYDVR0jBBgwFoAUhELcRgJABgEa1c9IzX5MSLuXoR4w DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTUzMTM0L0U2NUZBOEEwNTQ1 MzExRUY4QUQ3NzQwOUM0RjlBRTAyL2hFTGNSZ0pBQmdFYTFjOUl6WDVNU0x1WG9S NC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvaEVMY1JnSkFCZ0VhMWM5SXpYNU1TTHVYb1I0LmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1 MzEzNC9FNjVGQThBMDU0NTMxMUVGOEFENzc0MDlDNEY5QUUwMi9GMzJEREU5ODU0 NTQxMUVGQTNCQzZCMkJDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDA8BggrBgEFBQcBBwEB/wQt MCswGAQCAAEwEgMEAmd6KAMEAMokIAMEAsuEBDAPBAIAAjAJAwcAIAEN9mUAMA0G CSqGSIb3DQEBCwUAA4IBAQBELZrdZRqGsY/tJhwnt/kavJJYtSHMYsBFW+yrCDAD ongfEyFLMhhig341pFj3edJc+LuJML5VGVpGTV0mFZebYvyvWBbE0/O7zietrvAt FSf7VDV02JmicPzt8xdaYsEEIwSA7GP5RoktxWzITDZ0+C+IwcQWzXdq09JkeeVr 6T1h6AdF0GVnXl5jRiLxZntI9r7Sg0WCl0+LWYXI5pv4BKobSl5zewlVCDu0tmOC cKFnDaR0/qzvEkrQflvUzpxFqkF7Sr969/o0nUJIru+RkJXA0bKNHRGmukWWJTEv d6iuhxUuFGzRxOvxkSXjQs+dymGhk4dR+MlOUPNSIJDk -----END CERTIFICATE-----Generated at Sat Nov 23 06:21:24 2024 by rpki-client on console-fra.rpki-client.org