$ rpki-client -vvf rpki.apnic.net/member_repository/A9171634/942B83BC1D9011E2A36166F008B02CD2/AFA4CF3E606F11EFB9FCCC59C4F9AE02.roa File: AFA4CF3E606F11EFB9FCCC59C4F9AE02.roa (raw, json) Hash identifier: LFZEMiEZWVGVhw073oJZ6a3acteubVePOhbEcX4Y/2o= Subject key identifier: BB:79:C7:30:B0:4B:F1:7F:16:77:01:0F:63:6F:CC:E8:B2:68:A0:7D Certificate issuer: /CN=A9171634/serialNumber=3FC971292CE91A591A8CDFA7D1AE09CA46E03E87 Certificate serial: 3447 Authority key identifier: 3F:C9:71:29:2C:E9:1A:59:1A:8C:DF:A7:D1:AE:09:CA:46:E0:3E:87 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/P8lxKSzpGlkajN-n0a4JykbgPoc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9171634/942B83BC1D9011E2A36166F008B02CD2/AFA4CF3E606F11EFB9FCCC59C4F9AE02.roa Signing time: Thu 22 Aug 2024 10:17:08 +0000 ROA not before: Thu 22 Aug 2024 10:17:08 +0000 ROA not after: Tue 01 Jul 2025 00:00:00 +0000 asID: 153305 IP address blocks: 203.123.53.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9171634/942B83BC1D9011E2A36166F008B02CD2/P8lxKSzpGlkajN-n0a4JykbgPoc.crl rsync://rpki.apnic.net/member_repository/A9171634/942B83BC1D9011E2A36166F008B02CD2/P8lxKSzpGlkajN-n0a4JykbgPoc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/P8lxKSzpGlkajN-n0a4JykbgPoc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Nov 2024 14:41:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13383 (0x3447) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9171634/serialNumber=3FC971292CE91A591A8CDFA7D1AE09CA46E03E87 Validity Not Before: Aug 22 10:17:08 2024 GMT Not After : Jul 1 00:00:00 2025 GMT Subject: CN=66c71023-9071 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:db:32:a7:a0:6f:67:4e:a1:2b:b0:c2:eb:87: 3b:6d:03:b1:c0:fe:16:e2:ac:f3:87:69:99:ac:85: 37:fb:57:b9:70:35:ae:f5:31:98:e0:53:e8:e9:6c: a7:ba:85:8b:4d:c2:fd:ec:06:c3:f5:ff:69:f8:bc: 19:f1:35:28:64:c0:f2:95:2a:5d:6d:b0:c6:73:e0: 13:63:aa:ff:26:e4:07:d1:8b:66:0d:3e:44:34:49: ce:ff:75:91:ab:5d:5c:b7:3a:39:96:e5:12:ba:70: 5a:f8:f0:e8:b6:ab:18:94:4e:b7:7f:3c:ea:81:af: 54:9d:19:02:34:c0:ca:03:c8:7c:6d:9c:0a:b0:24: 50:d8:78:66:11:00:31:5e:bd:7b:30:96:ff:73:37: a5:9a:58:ac:99:b2:64:c7:d1:69:96:5f:47:98:5f: 3a:90:ce:a7:79:e5:5e:42:bf:a5:95:53:e9:b3:f4: db:57:3f:3c:df:39:76:72:04:b8:63:08:7e:45:62: be:9e:d2:3a:51:34:15:2a:fd:ef:1b:93:74:d0:27: 27:b7:03:7d:a6:54:53:19:07:39:49:b0:03:56:f1: f3:56:4c:39:86:fe:7b:09:93:2f:47:d9:35:e6:fe: ba:b5:c6:a5:a4:a1:a4:78:0d:64:d3:e6:01:80:51: 9f:07 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BB:79:C7:30:B0:4B:F1:7F:16:77:01:0F:63:6F:CC:E8:B2:68:A0:7D X509v3 Authority Key Identifier: keyid:3F:C9:71:29:2C:E9:1A:59:1A:8C:DF:A7:D1:AE:09:CA:46:E0:3E:87 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9171634/942B83BC1D9011E2A36166F008B02CD2/P8lxKSzpGlkajN-n0a4JykbgPoc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/P8lxKSzpGlkajN-n0a4JykbgPoc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9171634/942B83BC1D9011E2A36166F008B02CD2/AFA4CF3E606F11EFB9FCCC59C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 203.123.53.0/24 Signature Algorithm: sha256WithRSAEncryption 61:8a:0e:92:af:0f:ef:3b:c2:d9:69:e5:4e:67:92:24:0b:07: 3f:a3:09:9d:98:99:f2:1b:52:16:35:cd:b3:e0:a3:07:45:f6: f2:74:d3:f8:d7:8c:8f:ef:68:0b:18:15:0f:4e:c5:71:12:1d: 73:be:6e:f8:ee:63:27:52:6a:fd:c8:8f:6d:21:3f:b0:54:d6: 96:0a:78:eb:e7:cb:e5:c2:31:b1:84:36:ce:41:70:85:9f:43: d0:96:de:7c:a0:73:f0:a5:14:17:80:87:3e:c5:9d:62:25:a8: 67:ab:8a:df:09:87:bd:ac:5d:8b:56:eb:7c:bd:4f:09:e4:9b: 5c:14:1f:4d:8c:a6:a7:1d:82:cf:58:d2:4a:f0:46:48:c5:93: d3:fd:98:2c:9c:0d:ab:32:38:3c:1c:6c:d2:d9:75:11:63:4b: 56:01:ea:e4:59:7e:47:53:b4:80:69:f8:56:f4:5d:67:9e:f3: 9c:b0:b8:84:41:73:f7:22:0e:2f:c3:e1:e8:59:b5:89:8b:44: dc:9f:5b:d4:3b:db:9b:93:ac:0f:20:ff:b8:db:90:b4:10:90: 18:e7:fe:46:2f:fd:6f:2a:0e:f5:49:03:cd:23:11:8c:48:4d: 7e:eb:3e:95:12:0e:46:d2:a7:4e:4f:bd:78:8c:e2:a4:7b:05: f3:5c:57:87 -----BEGIN CERTIFICATE----- MIIFcTCCBFmgAwIBAgICNEcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NzE2MzQxMTAvBgNVBAUTKDNGQzk3MTI5MkNFOTFBNTkxQThDREZBN0QxQUUwOUNB NDZFMDNFODcwHhcNMjQwODIyMTAxNzA4WhcNMjUwNzAxMDAwMDAwWjAYMRYwFAYD VQQDEw02NmM3MTAyMy05MDcxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAptsyp6BvZ06hK7DC64c7bQOxwP4W4qzzh2mZrIU3+1e5cDWu9TGY4FPo6Wyn uoWLTcL97AbD9f9p+LwZ8TUoZMDylSpdbbDGc+ATY6r/JuQH0YtmDT5ENEnO/3WR q11ctzo5luUSunBa+PDotqsYlE63fzzqga9UnRkCNMDKA8h8bZwKsCRQ2HhmEQAx Xr17MJb/czelmlismbJkx9Fpll9HmF86kM6neeVeQr+llVPps/TbVz883zl2cgS4 Ywh+RWK+ntI6UTQVKv3vG5N00CcntwN9plRTGQc5SbADVvHzVkw5hv57CZMvR9k1 5v66tcalpKGkeA1k0+YBgFGfBwIDAQABo4IClTCCApEwHQYDVR0OBBYEFLt5xzCw S/F/FncBD2NvzOiyaKB9MB8GA1UdIwQYMBaAFD/JcSks6RpZGozfp9GuCcpG4D6H MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3MTYzNC85NDJCODNCQzFE OTAxMUUyQTM2MTY2RjAwOEIwMkNEMi9QOGx4S1N6cEdsa2FqTi1uMGE0SnlrYmdQ b2MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1A4bHhLU3pwR2xrYWpOLW4wYTRKeWtiZ1BvYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NzE2MzQvOTQyQjgzQkMxRDkwMTFFMkEzNjE2NkYwMDhCMDJDRDIvQUZBNENGM0U2 MDZGMTFFRkI5RkNDQzU5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E EDAOMAwEAgABMAYDBADLezUwDQYJKoZIhvcNAQELBQADggEBAGGKDpKvD+87wtlp 5U5nkiQLBz+jCZ2YmfIbUhY1zbPgowdF9vJ00/jXjI/vaAsYFQ9OxXESHXO+bvju YydSav3Ij20hP7BU1pYKeOvny+XCMbGENs5BcIWfQ9CW3nygc/ClFBeAhz7FnWIl qGerit8Jh72sXYtW63y9Twnkm1wUH02Mpqcdgs9Y0krwRkjFk9P9mCycDasyODwc bNLZdRFjS1YB6uRZfkdTtIBp+Fb0XWee85ywuIRBc/ciDi/D4ehZtYmLRNyfW9Q7 25uTrA8g/7jbkLQQkBjn/kYv/W8qDvVJA80jEYxITX7rPpUSDkbSp05PvXiM4qR7 BfNcV4c= -----END CERTIFICATE-----Generated at Fri Nov 22 15:25:38 2024 by rpki-client on console-fra.rpki-client.org