$ rpki-client -vvf rpki.apnic.net/member_repository/A917D121/8B0F8B0C0EC811EBA5042C2AC4F9AE02/DAAB94840EC911EBA913852BC4F9AE02.roa File: DAAB94840EC911EBA913852BC4F9AE02.roa (raw, json) Hash identifier: Ra2znUTkgYIAlMI3Nb4TxH0Q0Xt60h4LRpNWU6qPbaU= Subject key identifier: 80:30:A3:E4:6F:AF:77:30:33:12:A0:B0:FA:29:D0:9C:66:17:1A:54 Certificate issuer: /CN=A917D121/serialNumber=72A51F4EEAA218B7336EEFF7A7A58CB1AE544239 Certificate serial: 072E Authority key identifier: 72:A5:1F:4E:EA:A2:18:B7:33:6E:EF:F7:A7:A5:8C:B1:AE:54:42:39 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cqUfTuqiGLczbu_3p6WMsa5UQjk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917D121/8B0F8B0C0EC811EBA5042C2AC4F9AE02/DAAB94840EC911EBA913852BC4F9AE02.roa Signing time: Fri 22 Nov 2024 21:30:02 +0000 ROA not before: Fri 22 Nov 2024 21:30:02 +0000 ROA not after: Tue 30 Dec 2025 00:00:00 +0000 asID: 23729 IP address blocks: 103.100.92.0/22 maxlen: 22 103.100.92.0/24 maxlen: 24 103.100.93.0/24 maxlen: 24 103.100.94.0/24 maxlen: 24 103.100.95.0/24 maxlen: 24 118.179.0.0/21 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917D121/8B0F8B0C0EC811EBA5042C2AC4F9AE02/cqUfTuqiGLczbu_3p6WMsa5UQjk.crl rsync://rpki.apnic.net/member_repository/A917D121/8B0F8B0C0EC811EBA5042C2AC4F9AE02/cqUfTuqiGLczbu_3p6WMsa5UQjk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cqUfTuqiGLczbu_3p6WMsa5UQjk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Nov 2024 20:43:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1838 (0x72e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917D121/serialNumber=72A51F4EEAA218B7336EEFF7A7A58CB1AE544239 Validity Not Before: Nov 22 21:30:02 2024 GMT Not After : Dec 30 00:00:00 2025 GMT Subject: CN=6740f7da-b28f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:48:ca:18:a1:26:40:fb:c1:3e:0b:b3:8e:8d: cd:45:28:5d:e0:98:58:d7:0f:8e:e7:39:b8:5f:c3: 99:2f:af:7b:29:59:5c:f0:1c:bc:0f:69:dd:7f:87: 96:87:9e:b5:6d:f8:b5:33:b1:fb:89:7b:6e:1b:14: 3a:e4:35:b7:f0:de:06:fa:2b:ac:6d:f5:77:ef:49: 98:62:51:07:a4:f3:fd:f9:6d:d5:5c:fc:7d:b3:32: ea:78:30:96:9a:55:f9:12:3b:a3:0d:85:4d:0c:56: 54:9c:83:96:0e:4b:04:11:1d:12:bd:4d:26:d9:de: 3a:72:64:00:62:ad:e2:fd:d2:58:fe:fb:2d:ae:35: b8:e6:84:ce:44:ec:10:3d:97:78:bc:6c:65:bf:27: 26:54:00:0f:1e:12:da:79:d6:90:04:40:b7:64:fb: 30:56:32:83:a4:ad:cb:e5:31:96:6b:be:26:99:b1: 97:bf:b8:05:90:1b:7e:6a:05:d3:79:63:23:5b:64: bb:63:43:e3:62:8c:47:45:d5:8b:51:28:a6:cb:6d: a4:c0:e6:32:8b:1c:99:54:bc:69:4a:58:60:de:df: ed:ec:e1:01:1c:99:b7:a4:83:ef:35:35:14:83:54: 9c:a1:c3:e6:88:4b:2e:5d:5e:09:11:c8:5e:73:de: 2a:77 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 80:30:A3:E4:6F:AF:77:30:33:12:A0:B0:FA:29:D0:9C:66:17:1A:54 X509v3 Authority Key Identifier: keyid:72:A5:1F:4E:EA:A2:18:B7:33:6E:EF:F7:A7:A5:8C:B1:AE:54:42:39 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917D121/8B0F8B0C0EC811EBA5042C2AC4F9AE02/cqUfTuqiGLczbu_3p6WMsa5UQjk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cqUfTuqiGLczbu_3p6WMsa5UQjk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917D121/8B0F8B0C0EC811EBA5042C2AC4F9AE02/DAAB94840EC911EBA913852BC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.100.92.0/22 118.179.0.0/21 Signature Algorithm: sha256WithRSAEncryption 0f:33:ec:87:6d:55:08:a3:51:14:d2:18:6c:bc:90:cd:bc:91: fb:76:6e:99:c6:81:e9:aa:e2:5d:95:4f:e7:a1:eb:ad:16:12: a3:f7:54:2a:98:db:13:82:25:88:05:b7:00:07:87:9c:76:a6: 1d:60:17:01:c1:29:79:a9:95:ab:ca:e9:7d:04:14:a3:a1:66: e5:b8:90:7c:13:e2:35:fc:d4:b1:af:0b:1b:b0:8e:5a:9d:46: 07:7a:2c:de:72:4e:76:07:20:c9:bd:1c:05:ed:73:9a:7e:b9: fb:d3:a9:b7:e3:a5:81:d9:d3:5b:f9:cc:79:42:b8:f2:72:fc: d0:3e:1e:65:46:73:e7:79:c5:f1:3d:0a:14:f0:8e:c5:53:ac: 17:bd:13:a3:2c:59:4d:f9:91:24:3c:7b:71:b3:5d:c3:6a:09: c9:72:2e:30:7c:73:59:9c:f5:eb:57:ae:e8:6d:03:d3:a5:de: f6:0e:1c:97:24:e4:47:9b:be:1e:23:6b:80:af:0b:99:b0:61: 40:19:52:aa:3c:f2:e0:ef:1e:74:d0:e1:2c:ae:e0:49:62:ef: 63:b2:f1:dc:d3:44:b6:55:b9:81:74:b1:bc:ca:46:02:5f:9d: 90:b1:77:64:e0:f1:d2:ee:4f:38:a6:39:62:42:96:7f:c1:4f: 6b:ab:d8:9c -----BEGIN CERTIFICATE----- MIIFdzCCBF+gAwIBAgICBy4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0QxMjExMTAvBgNVBAUTKDcyQTUxRjRFRUFBMjE4QjczMzZFRUZGN0E3QTU4Q0Ix QUU1NDQyMzkwHhcNMjQxMTIyMjEzMDAyWhcNMjUxMjMwMDAwMDAwWjAYMRYwFAYD VQQDEw02NzQwZjdkYS1iMjhmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAz0jKGKEmQPvBPguzjo3NRShd4JhY1w+O5zm4X8OZL697KVlc8By8D2ndf4eW h561bfi1M7H7iXtuGxQ65DW38N4G+iusbfV370mYYlEHpPP9+W3VXPx9szLqeDCW mlX5EjujDYVNDFZUnIOWDksEER0SvU0m2d46cmQAYq3i/dJY/vstrjW45oTOROwQ PZd4vGxlvycmVAAPHhLaedaQBEC3ZPswVjKDpK3L5TGWa74mmbGXv7gFkBt+agXT eWMjW2S7Y0PjYoxHRdWLUSimy22kwOYyixyZVLxpSlhg3t/t7OEBHJm3pIPvNTUU g1ScocPmiEsuXV4JEchec94qdwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFIAwo+Rv r3cwMxKgsPop0JxmFxpUMB8GA1UdIwQYMBaAFHKlH07qohi3M27v96eljLGuVEI5 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3RDEyMS84QjBGOEIwQzBF QzgxMUVCQTUwNDJDMkFDNEY5QUUwMi9jcVVmVHVxaUdMY3pidV8zcDZXTXNhNVVR amsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2NxVWZUdXFpR0xjemJ1XzNwNldNc2E1VVFqay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx N0QxMjEvOEIwRjhCMEMwRUM4MTFFQkE1MDQyQzJBQzRGOUFFMDIvREFBQjk0ODQw RUM5MTFFQkE5MTM4NTJCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E FjAUMBIEAgABMAwDBAJnZFwDBAN2swAwDQYJKoZIhvcNAQELBQADggEBAA8z7Idt VQijURTSGGy8kM28kft2bpnGgemq4l2VT+eh660WEqP3VCqY2xOCJYgFtwAHh5x2 ph1gFwHBKXmplavK6X0EFKOhZuW4kHwT4jX81LGvCxuwjlqdRgd6LN5yTnYHIMm9 HAXtc5p+ufvTqbfjpYHZ01v5zHlCuPJy/NA+HmVGc+d5xfE9ChTwjsVTrBe9E6Ms WU35kSQ8e3GzXcNqCclyLjB8c1mc9etXruhtA9Ol3vYOHJck5Eebvh4ja4CvC5mw YUAZUqo88uDvHnTQ4Syu4Eli72Oy8dzTRLZVuYF0sbzKRgJfnZCxd2Tg8dLuTzim OWJCln/BT2ur2Jw= -----END CERTIFICATE-----Generated at Sat Nov 23 00:08:43 2024 by rpki-client on console-ams.rpki-client.org