$ rpki-client -vvf rpki.apnic.net/member_repository/A9171A1B/DC58CC5A5C4111EB81D7C60BC4F9AE02/34CC285A5C6011EB80D50F0CC4F9AE02.roa File: 34CC285A5C6011EB80D50F0CC4F9AE02.roa (raw, json) Hash identifier: gAGSLxf5tFApE12cv2B6l8rBNTtC/4BB/4TsOzWKxtk= Subject key identifier: 25:58:57:A2:03:36:DA:93:A4:24:39:E3:AA:20:21:F6:9C:DE:4E:9C Certificate issuer: /CN=A9171A1B/serialNumber=4C349C51CA598907D5C07CB1F24851FC048DAD1A Certificate serial: 0683 Authority key identifier: 4C:34:9C:51:CA:59:89:07:D5:C0:7C:B1:F2:48:51:FC:04:8D:AD:1A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TDScUcpZiQfVwHyx8khR_ASNrRo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9171A1B/DC58CC5A5C4111EB81D7C60BC4F9AE02/34CC285A5C6011EB80D50F0CC4F9AE02.roa Signing time: Mon 02 Dec 2024 22:31:35 +0000 ROA not before: Mon 02 Dec 2024 22:31:35 +0000 ROA not after: Sat 31 Jan 2026 00:00:00 +0000 asID: 138399 IP address blocks: 103.124.132.0/22 maxlen: 22 103.124.132.0/24 maxlen: 24 103.124.133.0/24 maxlen: 24 103.124.134.0/24 maxlen: 24 103.124.135.0/24 maxlen: 24 2403:e040::/32 maxlen: 34 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9171A1B/DC58CC5A5C4111EB81D7C60BC4F9AE02/TDScUcpZiQfVwHyx8khR_ASNrRo.crl rsync://rpki.apnic.net/member_repository/A9171A1B/DC58CC5A5C4111EB81D7C60BC4F9AE02/TDScUcpZiQfVwHyx8khR_ASNrRo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TDScUcpZiQfVwHyx8khR_ASNrRo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 27 Apr 2025 21:48:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1667 (0x683) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9171A1B, serialNumber=4C349C51CA598907D5C07CB1F24851FC048DAD1A Validity Not Before: Dec 2 22:31:35 2024 GMT Not After : Jan 31 00:00:00 2026 GMT Subject: CN=674e3547-c5b1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:82:a2:3b:80:6b:08:ef:3b:37:d8:6f:a2:ff: 31:40:ee:a3:da:6c:a0:ab:77:c9:5b:73:1e:c8:ad: 0c:cd:27:18:79:cd:28:76:80:29:94:77:4c:6e:57: 37:99:2c:01:17:23:14:80:b1:ac:6e:a1:79:3c:64: a7:2c:a5:24:c0:a5:3b:8e:b1:a9:cb:47:09:cb:c1: f0:84:14:e6:a8:fb:73:8c:ab:c6:5b:5f:0c:47:fa: 54:06:8a:f1:98:ec:39:94:e9:0b:dd:82:9f:b1:08: 0e:b8:e7:8c:6c:91:f6:45:74:42:17:75:90:49:fa: 23:67:73:1a:6d:8a:0b:17:c2:32:5a:7d:5a:56:0a: 95:7b:f1:2a:78:4f:b9:b0:20:76:bf:6b:2d:44:ae: 3d:55:de:99:11:c0:eb:b2:8f:91:09:ec:e0:e7:ad: 2e:8b:3e:db:ea:1a:4d:c3:f8:bd:06:55:86:e1:76: 2d:51:7c:c9:e8:c8:c0:63:94:94:27:56:f0:03:d8: 42:6e:42:3a:dd:d5:a3:ab:0c:78:80:cf:bc:a9:85: 9d:35:27:1c:27:f7:5c:9b:aa:aa:5f:85:eb:f6:7b: 8e:85:ce:fb:ec:dd:91:1b:ba:b1:7e:e3:82:58:85: 79:62:a6:3b:4a:d4:47:0f:77:f8:6c:e8:22:71:1e: b3:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 25:58:57:A2:03:36:DA:93:A4:24:39:E3:AA:20:21:F6:9C:DE:4E:9C X509v3 Authority Key Identifier: keyid:4C:34:9C:51:CA:59:89:07:D5:C0:7C:B1:F2:48:51:FC:04:8D:AD:1A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9171A1B/DC58CC5A5C4111EB81D7C60BC4F9AE02/TDScUcpZiQfVwHyx8khR_ASNrRo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TDScUcpZiQfVwHyx8khR_ASNrRo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9171A1B/DC58CC5A5C4111EB81D7C60BC4F9AE02/34CC285A5C6011EB80D50F0CC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.124.132.0/22 IPv6: 2403:e040::/32 Signature Algorithm: sha256WithRSAEncryption cb:70:89:0f:08:9b:7d:27:1a:a3:bd:85:47:25:00:21:4a:2f: e1:db:ba:dc:ce:74:44:52:f9:f8:9c:02:f4:24:3d:cc:bb:21: 56:b6:d9:4f:1e:ad:4a:f4:3d:39:4b:91:a5:3f:3d:c4:83:a7: 08:84:d2:fa:54:ee:2c:1c:c8:be:51:dd:bf:c7:d0:b6:b6:4c: cb:50:99:a1:d4:12:5f:07:ad:d3:33:7a:c9:14:a8:50:d5:a7: ec:bd:ea:85:80:41:65:38:a5:d0:3b:2e:48:cf:11:90:10:d8: 59:64:ec:14:43:cd:3c:2d:fd:c1:73:ef:3f:22:6a:81:65:35: be:81:66:13:3a:d6:c8:ae:6c:3f:72:0d:5b:d2:b5:a9:9b:81: 9a:22:1a:d3:98:3d:f9:36:f4:a0:6b:e0:51:d1:55:dc:03:0e: 3e:fa:eb:e1:b8:ed:ac:f0:71:47:b3:38:76:f8:2f:46:09:0b: ef:bb:43:a0:c9:84:c0:b4:33:29:32:00:aa:66:56:62:df:d9: 77:4a:10:87:13:16:dd:34:51:03:64:e0:50:27:0f:b9:4f:73: 17:c0:e9:0c:a9:9c:69:4a:30:ba:8b:85:94:97:9f:a1:3a:1a: c9:45:d1:f6:a9:2d:0b:7d:d8:39:2e:c2:13:86:fa:b9:42:34: 53:bb:03:ba -----BEGIN CERTIFICATE----- MIIFgDCCBGigAwIBAgICBoMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NzFBMUIxMTAvBgNVBAUTKDRDMzQ5QzUxQ0E1OTg5MDdENUMwN0NCMUYyNDg1MUZD MDQ4REFEMUEwHhcNMjQxMjAyMjIzMTM1WhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NzRlMzU0Ny1jNWIxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvIKiO4BrCO87N9hvov8xQO6j2mygq3fJW3MeyK0MzScYec0odoAplHdMblc3 mSwBFyMUgLGsbqF5PGSnLKUkwKU7jrGpy0cJy8HwhBTmqPtzjKvGW18MR/pUBorx mOw5lOkL3YKfsQgOuOeMbJH2RXRCF3WQSfojZ3MabYoLF8IyWn1aVgqVe/EqeE+5 sCB2v2stRK49Vd6ZEcDrso+RCezg560uiz7b6hpNw/i9BlWG4XYtUXzJ6MjAY5SU J1bwA9hCbkI63dWjqwx4gM+8qYWdNSccJ/dcm6qqX4Xr9nuOhc777N2RG7qxfuOC WIV5YqY7StRHD3f4bOgicR6zZQIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFCVYV6ID NtqTpCQ546ogIfac3k6cMB8GA1UdIwQYMBaAFEw0nFHKWYkH1cB8sfJIUfwEja0a MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3MUExQi9EQzU4Q0M1QTVD NDExMUVCODFEN0M2MEJDNEY5QUUwMi9URFNjVWNwWmlRZlZ3SHl4OGtoUl9BU05y Um8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1REU2NVY3BaaVFmVndIeXg4a2hSX0FTTnJSby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NzFBMUIvREM1OENDNUE1QzQxMTFFQjgxRDdDNjBCQzRGOUFFMDIvMzRDQzI4NUE1 QzYwMTFFQjgwRDUwRjBDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E HzAdMAwEAgABMAYDBAJnfIQwDQQCAAIwBwMFACQD4EAwDQYJKoZIhvcNAQELBQAD ggEBAMtwiQ8Im30nGqO9hUclACFKL+HbutzOdERS+ficAvQkPcy7IVa22U8erUr0 PTlLkaU/PcSDpwiE0vpU7iwcyL5R3b/H0La2TMtQmaHUEl8HrdMzeskUqFDVp+y9 6oWAQWU4pdA7LkjPEZAQ2Flk7BRDzTwt/cFz7z8iaoFlNb6BZhM61siubD9yDVvS tambgZoiGtOYPfk29KBr4FHRVdwDDj766+G47azwcUezOHb4L0YJC++7Q6DJhMC0 MykyAKpmVmLf2XdKEIcTFt00UQNk4FAnD7lPcxfA6QypnGlKMLqLhZSXn6E6GslF 0fapLQt92DkuwhOG+rlCNFO7A7o= -----END CERTIFICATE-----Generated at Tue Apr 22 06:13:01 2025 by rpki-client