$ rpki-client -vvf rpki.apnic.net/member_repository/A91FF5E4/ED079DFEE38411EBA8593B65C4F9AE02/7AFCC818E38611EB8BC17765C4F9AE02.roa File: 7AFCC818E38611EB8BC17765C4F9AE02.roa (raw, json) Hash identifier: cYehtuypxx/DqVciqwtyme0u/Ljft0WiF3QhRefDaVc= Subject key identifier: 7C:C8:6B:08:01:3D:F6:68:67:45:D4:DA:D9:03:0D:00:5C:25:F7:4B Certificate issuer: /CN=A91FF5E4/serialNumber=85EE9038FFC3541ABDFB7DD9ED33F2AAE372E78C Certificate serial: 047B Authority key identifier: 85:EE:90:38:FF:C3:54:1A:BD:FB:7D:D9:ED:33:F2:AA:E3:72:E7:8C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/he6QOP_DVBq9-33Z7TPyquNy54w.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91FF5E4/ED079DFEE38411EBA8593B65C4F9AE02/7AFCC818E38611EB8BC17765C4F9AE02.roa Signing time: Wed 07 Feb 2024 01:13:50 +0000 ROA not before: Wed 07 Feb 2024 01:13:50 +0000 ROA not after: Mon 31 Mar 2025 00:00:00 +0000 asID: 7551 IP address blocks: 103.82.108.0/24 maxlen: 24 103.82.109.0/24 maxlen: 24 111.125.177.0/24 maxlen: 24 111.125.178.0/24 maxlen: 24 111.125.181.0/24 maxlen: 24 111.125.184.0/24 maxlen: 24 111.125.185.0/24 maxlen: 24 119.63.209.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91FF5E4/ED079DFEE38411EBA8593B65C4F9AE02/he6QOP_DVBq9-33Z7TPyquNy54w.crl rsync://rpki.apnic.net/member_repository/A91FF5E4/ED079DFEE38411EBA8593B65C4F9AE02/he6QOP_DVBq9-33Z7TPyquNy54w.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/he6QOP_DVBq9-33Z7TPyquNy54w.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Nov 2024 20:43:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1147 (0x47b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FF5E4/serialNumber=85EE9038FFC3541ABDFB7DD9ED33F2AAE372E78C Validity Not Before: Feb 7 01:13:50 2024 GMT Not After : Mar 31 00:00:00 2025 GMT Subject: CN=65c2d94e-5818 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:28:b1:f5:3c:a4:8c:fd:5e:36:57:44:f9:35: a2:2c:ed:16:3e:75:35:64:64:bf:47:6f:e7:5b:9d: 42:27:ff:fa:f2:df:9e:11:72:88:0e:7d:c1:0b:d5: 10:f9:14:98:6c:82:33:1a:22:5d:0f:10:b6:86:ca: ca:b5:89:ef:42:34:bc:c7:53:41:49:98:67:11:ce: 01:ce:7a:b8:7c:46:f4:61:e9:a9:5b:e2:aa:95:8d: 43:88:65:6c:24:9b:bb:8b:71:a3:53:d1:da:11:df: 8a:03:2f:83:d7:51:15:46:e0:83:4d:c8:80:d7:ef: f1:08:d5:81:26:40:54:25:84:ef:8f:a8:23:64:42: e4:a1:fd:37:43:9b:aa:44:55:af:71:31:c7:74:9a: 40:05:55:03:a9:33:c2:54:27:13:f9:3c:d7:f4:7f: cd:50:fa:06:ae:4b:0d:3e:50:cf:2a:35:39:4b:6f: 1c:7e:35:7f:b8:bb:e7:0e:ee:57:68:40:d5:9a:0f: 21:16:c4:eb:16:d4:3c:ef:8c:f3:c2:94:cf:ef:87: c1:6e:f5:2f:06:84:26:5f:b1:79:fc:07:8c:d1:62: a2:3d:c4:e9:f1:ec:ca:ca:f7:88:f4:49:95:f7:da: a3:e8:e9:b6:55:78:0a:d4:31:eb:f6:e5:a2:6b:e4: bb:85 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7C:C8:6B:08:01:3D:F6:68:67:45:D4:DA:D9:03:0D:00:5C:25:F7:4B X509v3 Authority Key Identifier: keyid:85:EE:90:38:FF:C3:54:1A:BD:FB:7D:D9:ED:33:F2:AA:E3:72:E7:8C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91FF5E4/ED079DFEE38411EBA8593B65C4F9AE02/he6QOP_DVBq9-33Z7TPyquNy54w.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/he6QOP_DVBq9-33Z7TPyquNy54w.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FF5E4/ED079DFEE38411EBA8593B65C4F9AE02/7AFCC818E38611EB8BC17765C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.82.108.0/23 111.125.177.0-111.125.178.255 111.125.181.0/24 111.125.184.0/23 119.63.209.0/24 Signature Algorithm: sha256WithRSAEncryption 56:e2:82:c2:9c:26:4f:6b:20:73:7e:24:7c:86:0d:ec:d8:af: 4c:48:ea:47:c4:19:39:68:28:77:1f:4d:74:46:9f:6b:81:30: 44:21:f9:0b:3d:4e:f2:31:71:1c:7b:a2:be:5e:7f:99:19:fc: a4:7f:8d:91:17:9e:fc:fc:88:3e:f2:78:13:15:83:99:7e:d2: d4:57:9d:6c:2f:90:c2:ed:5b:2b:ff:54:14:50:61:c7:a0:83: 42:15:0f:11:85:9c:d8:2d:da:bc:ae:ac:0a:5f:37:fb:27:f5: b0:ca:05:76:32:0c:de:92:4d:84:d8:cf:5d:62:91:a0:04:5a: b8:17:a6:01:ed:d1:f1:4a:92:cd:11:45:13:20:bf:75:ff:a9: 0d:f5:18:4a:33:cf:62:d3:cf:ec:b9:39:0b:db:72:cc:75:2b: c0:c4:71:9f:24:9e:b5:7f:dc:12:ac:dc:a5:59:d4:8d:0f:be: a1:f2:8c:70:5a:98:f1:7d:59:ca:3e:30:12:7c:c8:6a:f7:0f: ed:e5:46:24:f0:ad:50:b1:cc:db:c7:15:b6:d7:67:e4:81:b6: 92:e1:3c:f2:1e:09:59:50:bb:05:6e:5d:7f:38:2c:93:3a:73: 82:83:0e:36:dc:a6:cd:61:d0:f5:a2:ea:41:ae:c8:ea:04:b9: 84:b9:05:bd -----BEGIN CERTIFICATE----- MIIFkTCCBHmgAwIBAgICBHswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RkY1RTQxMTAvBgNVBAUTKDg1RUU5MDM4RkZDMzU0MUFCREZCN0REOUVEMzNGMkFB RTM3MkU3OEMwHhcNMjQwMjA3MDExMzUwWhcNMjUwMzMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NWMyZDk0ZS01ODE4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAuiix9TykjP1eNldE+TWiLO0WPnU1ZGS/R2/nW51CJ//68t+eEXKIDn3BC9UQ +RSYbIIzGiJdDxC2hsrKtYnvQjS8x1NBSZhnEc4Bznq4fEb0YempW+KqlY1DiGVs JJu7i3GjU9HaEd+KAy+D11EVRuCDTciA1+/xCNWBJkBUJYTvj6gjZELkof03Q5uq RFWvcTHHdJpABVUDqTPCVCcT+TzX9H/NUPoGrksNPlDPKjU5S28cfjV/uLvnDu5X aEDVmg8hFsTrFtQ874zzwpTP74fBbvUvBoQmX7F5/AeM0WKiPcTp8ezKyveI9EmV 99qj6Om2VXgK1DHr9uWia+S7hQIDAQABo4ICtTCCArEwHQYDVR0OBBYEFHzIawgB PfZoZ0XU2tkDDQBcJfdLMB8GA1UdIwQYMBaAFIXukDj/w1Qavft92e0z8qrjcueM MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGRjVFNC9FRDA3OURGRUUz ODQxMUVCQTg1OTNCNjVDNEY5QUUwMi9oZTZRT1BfRFZCcTktMzNaN1RQeXF1Tnk1 NHcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2hlNlFPUF9EVkJxOS0zM1o3VFB5cXVOeTU0dy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RkY1RTQvRUQwNzlERkVFMzg0MTFFQkE4NTkzQjY1QzRGOUFFMDIvN0FGQ0M4MThF Mzg2MTFFQjhCQzE3NzY1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwPwYIKwYBBQUHAQcBAf8E MDAuMCwEAgABMCYDBAFnUmwwDAMEAG99sQMEAG99sgMEAG99tQMEAW99uAMEAHc/ 0TANBgkqhkiG9w0BAQsFAAOCAQEAVuKCwpwmT2sgc34kfIYN7NivTEjqR8QZOWgo dx9NdEafa4EwRCH5Cz1O8jFxHHuivl5/mRn8pH+NkRee/PyIPvJ4ExWDmX7S1Fed bC+Qwu1bK/9UFFBhx6CDQhUPEYWc2C3avK6sCl83+yf1sMoFdjIM3pJNhNjPXWKR oARauBemAe3R8UqSzRFFEyC/df+pDfUYSjPPYtPP7Lk5C9tyzHUrwMRxnySetX/c EqzcpVnUjQ++ofKMcFqY8X1Zyj4wEnzIavcP7eVGJPCtULHM28cVttdn5IG2kuE8 8h4JWVC7BW5dfzgskzpzgoMONtymzWHQ9aLqQa7I6gS5hLkFvQ== -----END CERTIFICATE-----Generated at Sat Nov 23 00:49:39 2024 by rpki-client on console-fra.rpki-client.org