$ rpki-client -vvf rpki.apnic.net/member_repository/A918E4E6/2B3B2FCEFC6D11E98FC2C91CC4F9AE02/9C9660D4FC6E11E9BC6D4822C4F9AE02.roa File: 9C9660D4FC6E11E9BC6D4822C4F9AE02.roa (raw, json) Hash identifier: xyYlJncaSUNWmGDmUFY6Ptm1YpyAyeIUKxqpTgZgQ8c= Subject key identifier: 6F:7B:DB:95:F0:78:A9:FC:BC:7F:E5:AC:6E:9B:7C:AC:27:CA:5C:55 Certificate issuer: /CN=A918E4E6/serialNumber=97F9B906284765308EC268855D563DAB9186305B Certificate serial: 0C05 Authority key identifier: 97:F9:B9:06:28:47:65:30:8E:C2:68:85:5D:56:3D:AB:91:86:30:5B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l_m5BihHZTCOwmiFXVY9q5GGMFs.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918E4E6/2B3B2FCEFC6D11E98FC2C91CC4F9AE02/9C9660D4FC6E11E9BC6D4822C4F9AE02.roa Signing time: Mon 28 Oct 2024 18:47:51 +0000 ROA not before: Mon 28 Oct 2024 18:47:51 +0000 ROA not after: Tue 30 Dec 2025 00:00:00 +0000 asID: 139647 IP address blocks: 103.143.34.0/23 maxlen: 23 103.143.34.0/24 maxlen: 24 103.143.35.0/24 maxlen: 24 2001:df1:6a80::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918E4E6/2B3B2FCEFC6D11E98FC2C91CC4F9AE02/l_m5BihHZTCOwmiFXVY9q5GGMFs.crl rsync://rpki.apnic.net/member_repository/A918E4E6/2B3B2FCEFC6D11E98FC2C91CC4F9AE02/l_m5BihHZTCOwmiFXVY9q5GGMFs.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l_m5BihHZTCOwmiFXVY9q5GGMFs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Nov 2024 18:16:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3077 (0xc05) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918E4E6/serialNumber=97F9B906284765308EC268855D563DAB9186305B Validity Not Before: Oct 28 18:47:51 2024 GMT Not After : Dec 30 00:00:00 2025 GMT Subject: CN=671fdc57-02f7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:d2:cb:48:8b:b5:dd:36:3b:fe:c7:7f:fe:ff: 04:9c:67:c6:5f:8e:c1:c6:47:d6:47:df:9b:af:b4: e1:ee:bc:df:59:a2:7d:15:98:62:74:f0:16:7f:a7: 83:32:5f:c0:67:78:63:fe:db:0b:1f:85:65:f4:25: 1b:3c:4c:fe:16:c8:c5:28:eb:fd:f8:e5:73:69:61: a0:27:d4:7a:c5:13:20:d2:ed:25:cf:3f:25:3e:53: 8a:e1:3c:36:77:24:6a:c4:6d:20:45:a0:12:61:73: 91:72:07:57:bf:65:35:f2:d8:2c:c3:ae:46:d6:09: 2b:66:6a:0b:32:7a:5d:19:6d:8c:e3:85:9a:11:ef: 81:00:2d:c8:cb:9f:8c:68:d3:68:02:ab:38:9e:62: 01:5e:b9:22:97:de:d0:17:93:9a:29:8e:a7:2d:16: 15:fa:a2:88:93:95:90:aa:c0:78:58:ac:5f:af:62: 22:94:f5:f7:35:c6:a2:9a:46:7f:00:8a:52:c6:91: 9d:8a:19:ed:52:29:93:f3:26:d1:a1:5f:76:7a:76: 4e:24:2b:95:79:4c:e7:31:7f:33:5f:07:de:6c:24: 43:42:71:bd:8d:9e:57:ae:02:31:4b:63:97:b9:01: 09:62:39:35:e9:d7:5c:eb:e1:20:c7:3d:eb:f1:67: c1:73 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6F:7B:DB:95:F0:78:A9:FC:BC:7F:E5:AC:6E:9B:7C:AC:27:CA:5C:55 X509v3 Authority Key Identifier: keyid:97:F9:B9:06:28:47:65:30:8E:C2:68:85:5D:56:3D:AB:91:86:30:5B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918E4E6/2B3B2FCEFC6D11E98FC2C91CC4F9AE02/l_m5BihHZTCOwmiFXVY9q5GGMFs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l_m5BihHZTCOwmiFXVY9q5GGMFs.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918E4E6/2B3B2FCEFC6D11E98FC2C91CC4F9AE02/9C9660D4FC6E11E9BC6D4822C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.143.34.0/23 IPv6: 2001:df1:6a80::/48 Signature Algorithm: sha256WithRSAEncryption 77:a5:79:98:9a:99:58:49:ba:d5:f5:e7:86:1a:88:40:20:42: 91:ec:aa:59:cf:a0:21:3b:93:ad:9c:7f:16:4c:e2:89:45:cc: d6:74:c4:13:25:f2:7b:a4:2c:e1:c1:9b:43:cd:cf:bb:48:2b: 3c:c0:47:59:8d:e2:b0:bc:d7:0f:27:11:b3:f2:61:e4:d1:31: 66:ea:87:f3:61:8b:92:44:04:91:c1:32:79:c7:e1:37:2a:06: b3:2c:54:12:ef:e5:52:c5:bc:21:02:b9:22:b1:29:02:b9:c2: 7b:43:a3:a4:aa:d0:67:92:b1:82:38:d6:83:6d:0c:28:98:24: 9b:71:a4:65:52:b8:a9:74:9d:99:cb:64:27:09:42:81:33:75: ee:73:62:66:b3:5b:63:7e:52:51:ed:f0:5d:a6:0f:78:f6:24: 98:e7:8d:ee:fb:2b:47:2a:14:e8:c9:1e:57:b3:f3:f5:70:22: 5c:de:f5:df:ae:64:0a:79:f9:49:71:db:39:1a:89:6e:c1:14: 1c:7a:74:a0:dc:9f:22:ad:fa:09:48:96:b7:ec:5e:30:2e:48: 6e:dc:dd:47:e9:01:1a:d9:42:b2:c0:90:75:27:0e:8b:c4:21: 5e:d7:50:4d:c0:22:59:31:88:75:59:3a:09:6f:e2:1e:08:15: 6d:7f:13:09 -----BEGIN CERTIFICATE----- MIIFgjCCBGqgAwIBAgICDAUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OEU0RTYxMTAvBgNVBAUTKDk3RjlCOTA2Mjg0NzY1MzA4RUMyNjg4NTVENTYzREFC OTE4NjMwNUIwHhcNMjQxMDI4MTg0NzUxWhcNMjUxMjMwMDAwMDAwWjAYMRYwFAYD VQQDEw02NzFmZGM1Ny0wMmY3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwNLLSIu13TY7/sd//v8EnGfGX47BxkfWR9+br7Th7rzfWaJ9FZhidPAWf6eD Ml/AZ3hj/tsLH4Vl9CUbPEz+FsjFKOv9+OVzaWGgJ9R6xRMg0u0lzz8lPlOK4Tw2 dyRqxG0gRaASYXORcgdXv2U18tgsw65G1gkrZmoLMnpdGW2M44WaEe+BAC3Iy5+M aNNoAqs4nmIBXrkil97QF5OaKY6nLRYV+qKIk5WQqsB4WKxfr2IilPX3NcaimkZ/ AIpSxpGdihntUimT8ybRoV92enZOJCuVeUznMX8zXwfebCRDQnG9jZ5XrgIxS2OX uQEJYjk16ddc6+Egxz3r8WfBcwIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFG9725Xw eKn8vH/lrG6bfKwnylxVMB8GA1UdIwQYMBaAFJf5uQYoR2UwjsJohV1WPauRhjBb MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RTRFNi8yQjNCMkZDRUZD NkQxMUU5OEZDMkM5MUNDNEY5QUUwMi9sX201QmloSFpUQ093bWlGWFZZOXE1R0dN RnMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2xfbTVCaWhIWlRDT3dtaUZYVlk5cTVHR01Gcy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx OEU0RTYvMkIzQjJGQ0VGQzZEMTFFOThGQzJDOTFDQzRGOUFFMDIvOUM5NjYwRDRG QzZFMTFFOUJDNkQ0ODIyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E ITAfMAwEAgABMAYDBAFnjyIwDwQCAAIwCQMHACABDfFqgDANBgkqhkiG9w0BAQsF AAOCAQEAd6V5mJqZWEm61fXnhhqIQCBCkeyqWc+gITuTrZx/FkziiUXM1nTEEyXy e6Qs4cGbQ83Pu0grPMBHWY3isLzXDycRs/Jh5NExZuqH82GLkkQEkcEyecfhNyoG syxUEu/lUsW8IQK5IrEpArnCe0OjpKrQZ5KxgjjWg20MKJgkm3GkZVK4qXSdmctk JwlCgTN17nNiZrNbY35SUe3wXaYPePYkmOeN7vsrRyoU6MkeV7Pz9XAiXN71365k Cnn5SXHbORqJbsEUHHp0oNyfIq36CUiWt+xeMC5IbtzdR+kBGtlCssCQdScOi8Qh XtdQTcAiWTGIdVk6CW/iHggVbX8TCQ== -----END CERTIFICATE-----Generated at Fri Nov 22 19:45:00 2024 by rpki-client on console-fra.rpki-client.org