$ rpki-client -vvf rpki.apnic.net/member_repository/A917B51E/59CDD54A0FE911EB9F30C725C4F9AE02/EFA17F260FEA11EB8FA8CB2AC4F9AE02.roa File: EFA17F260FEA11EB8FA8CB2AC4F9AE02.roa (raw, json) Hash identifier: jLCgtQuVltt3/VZJ3eAvwdfbtQsE4HY8zDX+9B0R7hY= Subject key identifier: 92:4B:B7:A6:F3:48:D9:40:87:66:38:89:5C:AC:20:DA:0B:14:89:B2 Certificate issuer: /CN=A917B51E/serialNumber=0C47EDE3048E35A6E6E8CB0CE44FC8437271EB3D Certificate serial: 0724 Authority key identifier: 0C:47:ED:E3:04:8E:35:A6:E6:E8:CB:0C:E4:4F:C8:43:72:71:EB:3D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DEft4wSONabm6MsM5E_IQ3Jx6z0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917B51E/59CDD54A0FE911EB9F30C725C4F9AE02/EFA17F260FEA11EB8FA8CB2AC4F9AE02.roa Signing time: Thu 24 Oct 2024 22:11:15 +0000 ROA not before: Thu 24 Oct 2024 22:11:15 +0000 ROA not after: Sat 31 Jan 2026 00:00:00 +0000 asID: 141346 IP address blocks: 103.157.94.0/23 maxlen: 23 103.157.94.0/24 maxlen: 24 103.157.95.0/24 maxlen: 24 2406:9d40::/32 maxlen: 32 2406:9d40::/40 maxlen: 40 2406:9d40::/48 maxlen: 48 2406:9d40:100::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917B51E/59CDD54A0FE911EB9F30C725C4F9AE02/DEft4wSONabm6MsM5E_IQ3Jx6z0.crl rsync://rpki.apnic.net/member_repository/A917B51E/59CDD54A0FE911EB9F30C725C4F9AE02/DEft4wSONabm6MsM5E_IQ3Jx6z0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DEft4wSONabm6MsM5E_IQ3Jx6z0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Nov 2024 20:43:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1828 (0x724) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917B51E/serialNumber=0C47EDE3048E35A6E6E8CB0CE44FC8437271EB3D Validity Not Before: Oct 24 22:11:15 2024 GMT Not After : Jan 31 00:00:00 2026 GMT Subject: CN=671ac603-b9b1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:ec:34:cb:b6:f3:15:66:98:4f:e1:54:8d:a5: c8:5f:b1:b2:66:0f:4d:bf:1c:d3:5a:9e:82:be:f0: 8b:6b:88:db:fc:db:64:9f:fd:a0:85:59:77:16:60: bd:3b:96:ee:bd:52:7b:10:bb:64:12:e1:dd:87:90: f6:72:79:91:8d:31:86:29:c4:95:d2:72:ae:a2:5d: b2:c2:9e:08:eb:55:5a:8c:60:9b:36:ff:d7:58:94: 4c:7a:f9:7f:17:3a:e6:52:0f:7a:44:c3:9e:92:3d: 78:0b:a9:88:d9:2b:1c:f3:cd:8b:00:23:a5:b0:15: 6a:d0:67:52:be:4b:23:99:92:d1:0f:57:f8:06:20: 77:a8:ec:ad:be:33:ca:26:30:43:8c:5f:b6:1c:40: 2b:2a:93:89:d0:5d:51:bf:a5:74:ce:2f:01:1c:3a: 03:ea:88:56:83:dc:06:07:10:33:1d:3b:bc:30:8f: 4e:26:51:6c:b0:c8:53:26:42:c9:82:47:02:fe:40: a8:12:2d:69:b6:6f:ed:3e:03:a6:72:81:0e:23:e0: b8:07:35:46:6f:e3:b3:00:a1:01:d3:d4:bd:50:6f: c0:f7:3a:87:b5:9d:0f:6e:cf:69:d4:71:86:7b:34: 9d:47:ed:e4:3c:3b:81:04:b2:c9:75:eb:b1:00:21: d6:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 92:4B:B7:A6:F3:48:D9:40:87:66:38:89:5C:AC:20:DA:0B:14:89:B2 X509v3 Authority Key Identifier: keyid:0C:47:ED:E3:04:8E:35:A6:E6:E8:CB:0C:E4:4F:C8:43:72:71:EB:3D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917B51E/59CDD54A0FE911EB9F30C725C4F9AE02/DEft4wSONabm6MsM5E_IQ3Jx6z0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DEft4wSONabm6MsM5E_IQ3Jx6z0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917B51E/59CDD54A0FE911EB9F30C725C4F9AE02/EFA17F260FEA11EB8FA8CB2AC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.157.94.0/23 IPv6: 2406:9d40::/32 Signature Algorithm: sha256WithRSAEncryption 78:a1:06:e1:df:0d:11:6b:1d:f0:99:7c:74:d3:c3:f8:8b:28: 79:ed:87:6b:9b:85:bb:97:e7:bd:9d:2f:e2:49:10:30:c5:24: 99:38:8c:84:12:b5:64:6d:92:8d:96:c6:fb:17:5d:41:02:71: f3:44:38:38:7f:e9:6b:13:09:e5:c5:27:74:6e:f6:37:75:f8: 22:e7:4e:ae:24:2f:b8:51:d2:6c:3f:5d:32:9f:ef:4f:fb:9a: ca:8c:eb:b1:10:ff:15:90:dc:24:25:22:9d:1c:7a:f3:5a:6d: 5a:f9:9d:d0:4c:8d:9c:fc:0e:2b:09:8d:8b:fe:c6:4c:c8:ad: 6a:ac:9d:93:2c:25:72:9f:69:ca:78:e5:9f:2d:e8:83:35:b7: 69:01:bb:f6:4c:12:c5:b4:01:4e:c1:67:1b:35:34:96:0c:d2: 73:15:03:94:85:7d:36:82:db:41:19:16:83:b1:47:ca:55:3f: fe:1e:a6:c2:09:39:d7:ac:19:e0:00:c2:c1:67:bd:24:27:14: 11:f7:d5:0d:32:26:12:fb:5a:1b:cc:13:29:f8:dd:b0:57:31: c5:d3:62:9d:76:32:fb:32:2e:82:38:11:0a:49:2c:75:ff:19: ee:36:22:7f:74:47:76:8a:c9:ff:8c:02:f6:fd:8b:59:54:45: 5e:18:07:87 -----BEGIN CERTIFICATE----- MIIFgDCCBGigAwIBAgICByQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0I1MUUxMTAvBgNVBAUTKDBDNDdFREUzMDQ4RTM1QTZFNkU4Q0IwQ0U0NEZDODQz NzI3MUVCM0QwHhcNMjQxMDI0MjIxMTE1WhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NzFhYzYwMy1iOWIxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAqew0y7bzFWaYT+FUjaXIX7GyZg9NvxzTWp6CvvCLa4jb/Ntkn/2ghVl3FmC9 O5buvVJ7ELtkEuHdh5D2cnmRjTGGKcSV0nKuol2ywp4I61VajGCbNv/XWJRMevl/ FzrmUg96RMOekj14C6mI2Ssc882LACOlsBVq0GdSvksjmZLRD1f4BiB3qOytvjPK JjBDjF+2HEArKpOJ0F1Rv6V0zi8BHDoD6ohWg9wGBxAzHTu8MI9OJlFssMhTJkLJ gkcC/kCoEi1ptm/tPgOmcoEOI+C4BzVGb+OzAKEB09S9UG/A9zqHtZ0Pbs9p1HGG ezSdR+3kPDuBBLLJdeuxACHWKwIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFJJLt6bz SNlAh2Y4iVysINoLFImyMB8GA1UdIwQYMBaAFAxH7eMEjjWm5ujLDORPyENyces9 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3QjUxRS81OUNERDU0QTBG RTkxMUVCOUYzMEM3MjVDNEY5QUUwMi9ERWZ0NHdTT05hYm02TXNNNUVfSVEzSng2 ejAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0RFZnQ0d1NPTmFibTZNc001RV9JUTNKeDZ6MC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx N0I1MUUvNTlDREQ1NEEwRkU5MTFFQjlGMzBDNzI1QzRGOUFFMDIvRUZBMTdGMjYw RkVBMTFFQjhGQThDQjJBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E HzAdMAwEAgABMAYDBAFnnV4wDQQCAAIwBwMFACQGnUAwDQYJKoZIhvcNAQELBQAD ggEBAHihBuHfDRFrHfCZfHTTw/iLKHnth2ubhbuX572dL+JJEDDFJJk4jIQStWRt ko2WxvsXXUECcfNEODh/6WsTCeXFJ3Ru9jd1+CLnTq4kL7hR0mw/XTKf70/7msqM 67EQ/xWQ3CQlIp0cevNabVr5ndBMjZz8DisJjYv+xkzIrWqsnZMsJXKfacp45Z8t 6IM1t2kBu/ZMEsW0AU7BZxs1NJYM0nMVA5SFfTaC20EZFoOxR8pVP/4epsIJOdes GeAAwsFnvSQnFBH31Q0yJhL7WhvMEyn43bBXMcXTYp12MvsyLoI4EQpJLHX/Ge42 In90R3aKyf+MAvb9i1lURV4YB4c= -----END CERTIFICATE-----Generated at Fri Nov 22 22:14:31 2024 by rpki-client on console-ams.rpki-client.org