$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/C39A69386FA711EC85A56781C4F9AE02.roa File: C39A69386FA711EC85A56781C4F9AE02.roa (raw, json) Hash identifier: kxUXcjz/RSzzQDU2KElrFmpfLXo2u3T+Hcy+ZXDLQuU= Subject key identifier: 7D:EF:1E:F3:CE:04:E9:43:04:9F:AC:6E:9C:09:2B:CB:81:B8:75:CB Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Certificate serial: 9F02 Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/C39A69386FA711EC85A56781C4F9AE02.roa Signing time: Fri 13 Dec 2024 08:18:01 +0000 ROA not before: Fri 13 Dec 2024 08:18:01 +0000 ROA not after: Tue 01 Jul 2025 00:00:00 +0000 asID: 149214 IP address blocks: 103.148.65.0/24 maxlen: 24 103.166.109.0/24 maxlen: 24 103.178.253.0/24 maxlen: 24 103.187.123.0/24 maxlen: 24 2001:df0:44c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 21 Feb 2025 05:15:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 40706 (0x9f02) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918EDB2 Validity Not Before: Dec 13 08:18:01 2024 GMT Not After : Jul 1 00:00:00 2025 GMT Subject: CN=675bedb8-2524 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:48:8e:9e:26:84:29:e1:27:a1:34:90:d5:db: 21:bf:b2:f0:7e:23:df:7b:72:15:1c:9b:21:23:70: 47:ae:55:39:a1:f4:f6:54:8b:6e:0a:b5:01:e0:64: 4b:aa:ec:a1:8d:c1:3c:6b:81:8d:47:ee:0c:10:c2: a8:d9:6e:80:89:47:07:74:18:10:5f:f7:6c:ea:73: f2:4f:f0:9c:a0:8b:87:9e:57:9f:d5:ee:ee:ce:dc: 15:db:2d:60:a4:e5:df:41:9c:95:9d:39:a6:47:24: 3c:b6:f7:d9:ab:67:a9:b1:35:29:c8:93:d8:98:61: 14:73:a4:25:16:70:eb:9b:88:cf:88:83:ab:31:0f: 3b:47:e9:68:e5:cb:f4:54:10:e5:e8:ff:f8:8e:90: 4b:92:bf:8e:26:bc:63:a6:43:e3:aa:e5:50:bb:53: 82:62:ae:6c:76:f2:ca:7f:50:bb:22:99:ff:20:9a: 4f:f1:3b:89:88:78:85:18:70:55:12:3b:24:b4:61: 20:39:77:a5:c7:d0:1e:09:41:85:b0:2f:04:5e:9f: 40:d7:d1:fd:51:f4:a3:48:40:7f:05:ea:e9:80:df: 5a:66:ea:68:63:77:9d:9e:a5:26:fa:1e:8f:f8:d9: d1:8f:43:08:88:97:21:48:24:c7:ff:b0:6d:e4:ea: 08:1b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7D:EF:1E:F3:CE:04:E9:43:04:9F:AC:6E:9C:09:2B:CB:81:B8:75:CB X509v3 Authority Key Identifier: keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/C39A69386FA711EC85A56781C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.148.65.0/24 103.166.109.0/24 103.178.253.0/24 103.187.123.0/24 IPv6: 2001:df0:44c0::/48 Signature Algorithm: sha256WithRSAEncryption 66:dd:e7:6d:b7:00:ec:7d:ff:43:9a:ed:ac:f4:a4:eb:a1:44: c8:d5:43:11:40:f8:f1:5a:84:37:c7:fa:44:e9:87:e8:c2:7c: 2a:e8:6a:5e:29:18:ab:68:aa:ec:1a:f2:ba:37:5c:78:bc:e2: ca:d5:6c:44:24:f9:f5:dd:1d:b8:d5:8d:5d:ce:4f:bd:16:72: fe:70:f3:14:01:89:6a:ce:a8:39:ee:32:01:89:f2:81:da:27: aa:08:4e:e3:56:cc:f6:98:e7:1e:78:b0:74:ab:a9:08:9e:11: 8f:fb:de:c8:67:63:1f:36:03:ab:28:d4:a8:9a:6f:fd:7c:b0: 98:ee:2d:f8:fb:4c:83:8b:2c:5f:e4:4f:63:b2:af:4b:64:83: 7f:c6:73:36:e7:ad:45:e2:50:92:3d:e9:f3:4d:5b:0d:80:af: ac:ec:28:71:ad:0f:91:b3:72:3c:c4:cd:59:d5:67:3f:cd:9e: d4:8b:09:88:17:b6:70:b5:a2:2f:81:d6:db:7a:56:f4:fd:11: 4d:86:1b:27:47:26:1b:17:31:46:2c:8d:7e:61:22:fa:26:15: 7f:46:bf:16:15:52:e4:32:43:52:ae:0e:54:c4:76:00:67:60: a5:90:9b:b5:57:c4:b0:7a:7f:30:7c:7a:14:7b:65:44:b5:6f: c8:2a:c2:32 -----BEGIN CERTIFICATE----- MIIFlTCCBH2gAwIBAgIDAJ8CMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5 MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4 M0UzQUJDODIzMB4XDTI0MTIxMzA4MTgwMVoXDTI1MDcwMTAwMDAwMFowGDEWMBQG A1UEAxMNNjc1YmVkYjgtMjUyNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKJIjp4mhCnhJ6E0kNXbIb+y8H4j33tyFRybISNwR65VOaH09lSLbgq1AeBk S6rsoY3BPGuBjUfuDBDCqNlugIlHB3QYEF/3bOpz8k/wnKCLh55Xn9Xu7s7cFdst YKTl30GclZ05pkckPLb32atnqbE1KciT2JhhFHOkJRZw65uIz4iDqzEPO0fpaOXL 9FQQ5ej/+I6QS5K/jia8Y6ZD46rlULtTgmKubHbyyn9QuyKZ/yCaT/E7iYh4hRhw VRI7JLRhIDl3pcfQHglBhbAvBF6fQNfR/VH0o0hAfwXq6YDfWmbqaGN3nZ6lJvoe j/jZ0Y9DCIiXIUgkx/+wbeTqCBsCAwEAAaOCArgwggK0MB0GA1UdDgQWBBR97x7z zgTpQwSfrG6cCSvLgbh1yzAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3 MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3 MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB /wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5 MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwL0MzOUE2OTM4 NkZBNzExRUM4NUE1Njc4MUM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6 Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMEIGCCsGAQUFBwEHAQH/ BDMwMTAeBAIAATAYAwQAZ5RBAwQAZ6ZtAwQAZ7L9AwQAZ7t7MA8EAgACMAkDBwAg AQ3wRMAwDQYJKoZIhvcNAQELBQADggEBAGbd5223AOx9/0Oa7az0pOuhRMjVQxFA +PFahDfH+kTph+jCfCroal4pGKtoquwa8ro3XHi84srVbEQk+fXdHbjVjV3OT70W cv5w8xQBiWrOqDnuMgGJ8oHaJ6oITuNWzPaY5x54sHSrqQieEY/73shnYx82A6so 1Kiab/18sJjuLfj7TIOLLF/kT2Oyr0tkg3/GczbnrUXiUJI96fNNWw2Ar6zsKHGt D5GzcjzEzVnVZz/NntSLCYgXtnC1oi+B1tt6VvT9EU2GGydHJhsXMUYsjX5hIvom FX9GvxYVUuQyQ1KuDlTEdgBnYKWQm7VXxLB6fzB8ehR7ZUS1b8gqwjI= -----END CERTIFICATE-----Generated at Sun Feb 16 20:22:58 2025 by rpki-client