$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/8F0C11A8347B11EF8B1BDC26C4F9AE02.roa File: 8F0C11A8347B11EF8B1BDC26C4F9AE02.roa (raw, json) Hash identifier: b8V5PkcIiOiSCuJDFSsymZhBKZ4Bc7B0bZbn9pi6PzM= Subject key identifier: A0:43:4C:3D:58:70:65:B7:39:5F:CC:0B:6B:DD:85:54:6B:95:F0:75 Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Certificate serial: 99E2 Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/8F0C11A8347B11EF8B1BDC26C4F9AE02.roa Signing time: Fri 20 Sep 2024 12:15:23 +0000 ROA not before: Fri 20 Sep 2024 12:15:23 +0000 ROA not after: Tue 01 Jul 2025 00:00:00 +0000 asID: 152538 IP address blocks: 103.89.60.0/22 maxlen: 24 103.187.74.0/23 maxlen: 24 2406:c940::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Nov 2024 06:14:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 39394 (0x99e2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Validity Not Before: Sep 20 12:15:23 2024 GMT Not After : Jul 1 00:00:00 2025 GMT Subject: CN=66ed675b-5b38 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:b5:8c:3e:88:4b:f7:cf:82:e3:c9:f7:ad:dc: 90:54:16:9a:86:4a:f3:37:a6:0c:ec:08:89:3b:6b: 24:10:1b:0d:53:2e:ab:2c:05:02:66:1d:3f:88:ae: 9d:2c:a4:a0:d3:a2:ab:24:f3:01:0a:90:4d:bc:a5: 43:96:24:ab:3e:e1:33:d9:80:cb:2c:ca:0e:e5:e7: 47:c1:03:34:6f:38:ed:50:38:bb:8f:c6:20:ed:b7: d4:b0:85:eb:8a:8a:27:32:bb:ed:20:b5:a8:84:51: d7:a0:7b:10:91:77:57:35:fc:42:a6:a0:61:b3:cd: a7:ec:b1:f4:cb:d8:31:53:a6:49:f2:e3:f0:7d:dc: e1:e0:43:a4:ba:ea:9b:46:8f:b0:95:e8:94:e3:34: 8e:e7:ee:2d:1f:59:79:6b:98:ae:4e:6a:68:7b:4e: e2:5f:2a:c5:b3:4f:32:a5:ca:66:6b:ee:6b:92:7b: 34:b4:85:52:10:6c:3d:95:53:6b:f3:59:f8:7c:2b: 46:83:fe:a7:28:b9:63:b2:62:28:12:cf:43:da:7d: 5f:12:2d:57:62:a1:68:32:08:e1:23:02:47:94:31: 31:d8:e8:87:a3:55:a1:be:85:65:ab:d7:42:6b:50: f5:1d:6e:a8:32:f9:12:6c:02:14:32:32:6f:5d:25: e0:ed Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A0:43:4C:3D:58:70:65:B7:39:5F:CC:0B:6B:DD:85:54:6B:95:F0:75 X509v3 Authority Key Identifier: keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/8F0C11A8347B11EF8B1BDC26C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.89.60.0/22 103.187.74.0/23 IPv6: 2406:c940::/32 Signature Algorithm: sha256WithRSAEncryption 00:ba:dc:21:f1:19:25:ac:5d:c3:2d:d8:7d:1b:2e:c4:f1:94: ba:56:3c:45:06:ae:a8:0d:fd:5e:dc:ff:cc:9e:07:84:a4:1d: 2a:ab:e3:f9:ac:ef:e9:94:72:b0:d6:b3:d2:24:65:a2:cd:ce: 86:ea:6e:e1:32:f2:3e:fe:00:d1:eb:2d:4c:b3:a7:a4:b5:8e: 6f:b9:c4:59:c9:4b:2c:be:b6:05:36:4b:d0:d2:b8:7f:23:0c: d7:a2:12:38:e7:d3:be:6d:3b:e1:8d:05:6e:69:39:74:e4:b1: 5f:52:b5:16:85:e4:5e:14:50:d6:3e:7a:53:29:7c:51:98:21: f6:e4:17:8a:0b:52:3d:ce:fd:e2:35:1d:99:e7:d5:4b:25:a9: 97:b9:3e:ba:b4:cd:51:e6:b6:21:26:a3:31:89:e0:e3:e7:5b: af:16:59:b9:e4:df:da:65:e8:73:df:c9:6e:08:e8:c4:29:75: 9e:5d:d0:a8:c3:cb:00:67:83:9d:f7:ec:ae:f6:6b:21:97:aa: f6:4d:83:00:e6:34:ee:9a:31:63:bd:32:77:08:8e:1b:dc:26: 36:25:3d:5e:c7:8b:d5:f9:91:85:25:fb:ed:6d:8a:fc:92:3a: 40:71:de:bf:6b:0a:67:88:33:97:9a:8c:50:47:13:ee:2c:55: c0:27:8c:26 -----BEGIN CERTIFICATE----- MIIFhzCCBG+gAwIBAgIDAJniMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5 MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4 M0UzQUJDODIzMB4XDTI0MDkyMDEyMTUyM1oXDTI1MDcwMTAwMDAwMFowGDEWMBQG A1UEAxMNNjZlZDY3NWItNWIzODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALa1jD6IS/fPguPJ963ckFQWmoZK8zemDOwIiTtrJBAbDVMuqywFAmYdP4iu nSykoNOiqyTzAQqQTbylQ5Ykqz7hM9mAyyzKDuXnR8EDNG847VA4u4/GIO231LCF 64qKJzK77SC1qIRR16B7EJF3VzX8QqagYbPNp+yx9MvYMVOmSfLj8H3c4eBDpLrq m0aPsJXolOM0jufuLR9ZeWuYrk5qaHtO4l8qxbNPMqXKZmvua5J7NLSFUhBsPZVT a/NZ+HwrRoP+pyi5Y7JiKBLPQ9p9XxItV2KhaDII4SMCR5QxMdjoh6NVob6FZavX QmtQ9R1uqDL5EmwCFDIyb10l4O0CAwEAAaOCAqowggKmMB0GA1UdDgQWBBSgQ0w9 WHBltzlfzAtr3YVUa5XwdTAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3 MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3 MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB /wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5 MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzhGMEMxMUE4 MzQ3QjExRUY4QjFCREMyNkM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6 Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMDQGCCsGAQUFBwEHAQH/ BCUwIzASBAIAATAMAwQCZ1k8AwQBZ7tKMA0EAgACMAcDBQAkBslAMA0GCSqGSIb3 DQEBCwUAA4IBAQAAutwh8RklrF3DLdh9Gy7E8ZS6VjxFBq6oDf1e3P/MngeEpB0q q+P5rO/plHKw1rPSJGWizc6G6m7hMvI+/gDR6y1Ms6ektY5vucRZyUssvrYFNkvQ 0rh/IwzXohI459O+bTvhjQVuaTl05LFfUrUWheReFFDWPnpTKXxRmCH25BeKC1I9 zv3iNR2Z59VLJamXuT66tM1R5rYhJqMxieDj51uvFlm55N/aZehz38luCOjEKXWe XdCow8sAZ4Od9+yu9mshl6r2TYMA5jTumjFjvTJ3CI4b3CY2JT1ex4vV+ZGFJfvt bYr8kjpAcd6/awpniDOXmoxQRxPuLFXAJ4wm -----END CERTIFICATE-----Generated at Fri Nov 22 11:47:54 2024 by rpki-client on console-ams.rpki-client.org