$ rpki-client -vvf rpki.apnic.net/member_repository/A916A071/280B09A483BE11EA8E1DF384C4F9AE02/9BAC68CC83C211EABCB66612C4F9AE02.roa File: 9BAC68CC83C211EABCB66612C4F9AE02.roa (raw, json) Hash identifier: wkGEAHzXvcSBB9vjvx4GS7uWmUUOnwXejpT3X/pRHM8= Subject key identifier: C7:7C:ED:A5:A8:BA:AD:F2:38:02:29:8D:FF:BB:F8:47:AF:EF:63:0A Certificate issuer: /CN=A916A071/serialNumber=CCF2A525C0901444CA78F05B9392C00457956761 Certificate serial: 08BC Authority key identifier: CC:F2:A5:25:C0:90:14:44:CA:78:F0:5B:93:92:C0:04:57:95:67:61 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zPKlJcCQFETKePBbk5LABFeVZ2E.cer Subject info access: rsync://rpki.apnic.net/member_repository/A916A071/280B09A483BE11EA8E1DF384C4F9AE02/9BAC68CC83C211EABCB66612C4F9AE02.roa Signing time: Fri 12 Jan 2024 21:08:52 +0000 ROA not before: Fri 12 Jan 2024 21:08:52 +0000 ROA not after: Sun 02 Mar 2025 00:00:00 +0000 asID: 58744 IP address blocks: 103.31.96.0/24 maxlen: 24 103.31.97.0/24 maxlen: 24 103.31.98.0/24 maxlen: 24 2402:9880:100::/40 maxlen: 40 2402:9880:200::/40 maxlen: 40 2402:9880:300::/40 maxlen: 40 2402:9880:400::/40 maxlen: 40 2402:9880:500::/40 maxlen: 40 2402:9880:600::/40 maxlen: 40 2402:9880:700::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A916A071/280B09A483BE11EA8E1DF384C4F9AE02/zPKlJcCQFETKePBbk5LABFeVZ2E.crl rsync://rpki.apnic.net/member_repository/A916A071/280B09A483BE11EA8E1DF384C4F9AE02/zPKlJcCQFETKePBbk5LABFeVZ2E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zPKlJcCQFETKePBbk5LABFeVZ2E.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Nov 2024 19:56:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2236 (0x8bc) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A916A071/serialNumber=CCF2A525C0901444CA78F05B9392C00457956761 Validity Not Before: Jan 12 21:08:52 2024 GMT Not After : Mar 2 00:00:00 2025 GMT Subject: CN=65a1aa64-9f52 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:26:d7:df:ea:ea:fc:cc:5e:34:a1:71:62:7a: 96:2b:80:fd:e4:f1:43:ea:bc:95:80:b6:f1:57:26: 7f:9c:c0:4e:92:a1:5b:38:ed:d0:42:e4:7f:53:22: bc:83:3b:dd:10:d2:ee:30:f8:3e:fe:b9:fe:77:23: 0a:5a:8d:01:74:e3:b4:d2:4d:0b:86:f7:04:f3:77: 2b:63:2a:d7:78:bc:2e:5d:ab:42:35:0b:6e:a5:b0: 99:07:11:89:32:b7:ca:b3:e3:43:8f:85:04:39:fe: 74:59:aa:98:72:9b:09:74:64:65:ff:2a:1b:54:ce: b7:d4:22:73:02:c2:41:a7:42:d4:4a:94:0e:3a:2a: 15:bf:4b:89:e2:74:87:ff:1c:3b:6a:c5:b6:50:02: af:52:1b:74:5f:9c:3a:d0:0c:10:a1:1a:c4:41:e1: 81:60:58:bf:de:35:49:35:d7:ed:4b:e3:49:56:a5: 7c:3d:72:7e:03:a6:f4:88:2c:bc:9a:e2:16:5a:13: ad:21:56:fe:a9:0a:04:3e:32:c2:59:e6:98:c5:08: 6b:8e:cb:06:b6:04:31:9b:92:6b:1f:84:5c:2c:33: 96:4b:20:74:a1:76:d1:06:c4:c5:d3:e5:be:7a:31: 52:55:e5:1c:bd:0c:b6:9a:6c:e2:20:49:9c:5e:f5: 75:77 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C7:7C:ED:A5:A8:BA:AD:F2:38:02:29:8D:FF:BB:F8:47:AF:EF:63:0A X509v3 Authority Key Identifier: keyid:CC:F2:A5:25:C0:90:14:44:CA:78:F0:5B:93:92:C0:04:57:95:67:61 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A916A071/280B09A483BE11EA8E1DF384C4F9AE02/zPKlJcCQFETKePBbk5LABFeVZ2E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zPKlJcCQFETKePBbk5LABFeVZ2E.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916A071/280B09A483BE11EA8E1DF384C4F9AE02/9BAC68CC83C211EABCB66612C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.31.96.0-103.31.98.255 IPv6: 2402:9880:100::-2402:9880:7ff:ffff:ffff:ffff:ffff:ffff Signature Algorithm: sha256WithRSAEncryption 79:87:56:f7:5c:2d:df:9d:e8:35:d6:93:02:49:bc:e8:ee:59: 6e:49:91:b2:b5:41:56:7d:e1:31:3c:34:b3:27:8a:75:4e:6b: bf:c5:59:c8:ac:76:81:f6:b0:65:0a:17:cb:b2:c0:6e:5b:43: 2f:57:9a:0e:7f:78:ed:a7:9a:a2:be:2c:eb:0f:90:30:fc:91: e8:38:23:73:ce:91:6b:f0:9f:d4:7c:1c:bf:52:a7:70:65:e6: bc:32:b0:da:ae:fa:fd:16:a9:b5:a4:c0:f5:b3:e9:52:97:98: b8:f5:1e:68:bd:1b:00:78:95:20:10:ef:35:89:24:da:21:16: a9:14:0d:ed:a9:95:fa:3d:b6:be:f3:52:f0:e5:bd:95:cc:11: 3c:29:63:4e:ed:8c:db:3e:0f:68:be:23:73:cc:40:3e:2e:b7: a2:86:1e:93:10:1c:db:73:69:2d:ac:d1:86:17:9d:df:d6:f7: 17:73:a3:69:33:fe:64:b5:09:49:88:31:db:0e:70:e3:0b:ee: 58:ae:7d:a6:02:90:d1:9e:19:06:6c:b9:37:29:0b:43:00:6a: d9:3f:26:5f:67:94:a4:67:db:d2:7c:d0:bc:26:79:7f:7d:4a: 1e:f4:df:00:ca:01:c4:6f:4d:dd:c8:a1:67:f9:8d:26:7b:76: 3c:cb:2c:90 -----BEGIN CERTIFICATE----- MIIFkzCCBHugAwIBAgICCLwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NkEwNzExMTAvBgNVBAUTKENDRjJBNTI1QzA5MDE0NDRDQTc4RjA1QjkzOTJDMDA0 NTc5NTY3NjEwHhcNMjQwMTEyMjEwODUyWhcNMjUwMzAyMDAwMDAwWjAYMRYwFAYD VQQDEw02NWExYWE2NC05ZjUyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxCbX3+rq/MxeNKFxYnqWK4D95PFD6ryVgLbxVyZ/nMBOkqFbOO3QQuR/UyK8 gzvdENLuMPg+/rn+dyMKWo0BdOO00k0LhvcE83crYyrXeLwuXatCNQtupbCZBxGJ MrfKs+NDj4UEOf50WaqYcpsJdGRl/yobVM631CJzAsJBp0LUSpQOOioVv0uJ4nSH /xw7asW2UAKvUht0X5w60AwQoRrEQeGBYFi/3jVJNdftS+NJVqV8PXJ+A6b0iCy8 muIWWhOtIVb+qQoEPjLCWeaYxQhrjssGtgQxm5JrH4RcLDOWSyB0oXbRBsTF0+W+ ejFSVeUcvQy2mmziIEmcXvV1dwIDAQABo4ICtzCCArMwHQYDVR0OBBYEFMd87aWo uq3yOAIpjf+7+Eev72MKMB8GA1UdIwQYMBaAFMzypSXAkBREynjwW5OSwARXlWdh MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2QTA3MS8yODBCMDlBNDgz QkUxMUVBOEUxREYzODRDNEY5QUUwMi96UEtsSmNDUUZFVEtlUEJiazVMQUJGZVZa MkUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3pQS2xKY0NRRkVUS2VQQmJrNUxBQkZlVloyRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NkEwNzEvMjgwQjA5QTQ4M0JFMTFFQThFMURGMzg0QzRGOUFFMDIvOUJBQzY4Q0M4 M0MyMTFFQUJDQjY2NjEyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQQYIKwYBBQUHAQcBAf8E MjAwMBQEAgABMA4wDAMEBWcfYAMEAGcfYjAYBAIAAjASMBADBgAkApiAAQMGAyQC mIAAMA0GCSqGSIb3DQEBCwUAA4IBAQB5h1b3XC3fneg11pMCSbzo7lluSZGytUFW feExPDSzJ4p1Tmu/xVnIrHaB9rBlChfLssBuW0MvV5oOf3jtp5qivizrD5Aw/JHo OCNzzpFr8J/UfBy/UqdwZea8MrDarvr9Fqm1pMD1s+lSl5i49R5ovRsAeJUgEO81 iSTaIRapFA3tqZX6Pba+81Lw5b2VzBE8KWNO7YzbPg9oviNzzEA+Lreihh6TEBzb c2ktrNGGF53f1vcXc6NpM/5ktQlJiDHbDnDjC+5Yrn2mApDRnhkGbLk3KQtDAGrZ PyZfZ5SkZ9vSfNC8Jnl/fUoe9N8AygHEb03dyKFn+Y0me3Y8yyyQ -----END CERTIFICATE-----Generated at Fri Nov 22 21:05:28 2024 by rpki-client on console-fra.rpki-client.org