$ rpki-client -vvf rpki.apnic.net/member_repository/A9117DD2/101EDAEAD1C811EDACC81B7CC4F9AE02/2871DB9ED1CB11EDBE2F0D7EC4F9AE02.roa File: 2871DB9ED1CB11EDBE2F0D7EC4F9AE02.roa (raw, json) Hash identifier: qsnpQrMFH1PY3Ac5AGcGsg4fbvmr0wt6eeqt7tZf76E= Subject key identifier: 2F:13:7B:9E:2D:B7:F7:5D:6A:55:80:1A:9A:12:70:70:7C:E9:15:CF Certificate issuer: /CN=A9117DD2/serialNumber=1FB7F3AF6F9D6B97E3720EC54ACBF5893AC69368 Certificate serial: 0112 Authority key identifier: 1F:B7:F3:AF:6F:9D:6B:97:E3:72:0E:C5:4A:CB:F5:89:3A:C6:93:68 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/H7fzr2-da5fjcg7FSsv1iTrGk2g.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9117DD2/101EDAEAD1C811EDACC81B7CC4F9AE02/2871DB9ED1CB11EDBE2F0D7EC4F9AE02.roa Signing time: Wed 11 Sep 2024 06:37:38 +0000 ROA not before: Wed 11 Sep 2024 06:37:38 +0000 ROA not after: Mon 01 Dec 2025 00:00:00 +0000 asID: 139609 IP address blocks: 103.142.98.0/24 maxlen: 24 103.142.99.0/24 maxlen: 24 2001:df1:3b80::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9117DD2/101EDAEAD1C811EDACC81B7CC4F9AE02/H7fzr2-da5fjcg7FSsv1iTrGk2g.crl rsync://rpki.apnic.net/member_repository/A9117DD2/101EDAEAD1C811EDACC81B7CC4F9AE02/H7fzr2-da5fjcg7FSsv1iTrGk2g.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/H7fzr2-da5fjcg7FSsv1iTrGk2g.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 30 Nov 2024 02:45:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 274 (0x112) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9117DD2/serialNumber=1FB7F3AF6F9D6B97E3720EC54ACBF5893AC69368 Validity Not Before: Sep 11 06:37:38 2024 GMT Not After : Dec 1 00:00:00 2025 GMT Subject: CN=66e13ab2-5cc7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9e:8b:1d:1d:4f:45:45:0d:23:e5:6e:84:6c:06: d4:98:bc:1c:87:ec:c4:c5:40:fe:04:20:1a:fc:27: 69:88:22:11:49:44:5c:b7:b1:5e:56:93:28:82:2b: 94:e5:2e:93:b5:34:fe:2b:fb:99:65:55:6b:f1:96: 83:b3:ec:d9:31:0c:2a:ad:d0:d6:0b:90:45:b9:4a: 64:04:4c:59:db:93:85:64:18:cd:20:6b:58:ef:ea: 7e:45:ce:4d:08:11:4b:62:18:ec:b5:67:82:c4:f5: fc:ba:c4:3d:dd:28:a6:4b:67:ce:77:8c:40:5c:43: 8a:a4:d7:35:4b:cf:46:fe:5e:21:61:68:39:3f:2e: e6:45:15:27:46:f8:8e:c4:9d:ed:87:f2:d5:be:65: 2d:79:3f:0d:0f:74:a8:97:89:11:b6:80:37:3c:49: e3:22:2e:06:45:8a:cc:3e:95:86:25:ab:14:61:34: 5d:68:60:ca:98:0e:f6:8b:73:fa:ab:ed:1b:7e:e5: 47:d1:58:f4:78:ed:49:96:b4:b4:a6:d7:b3:44:cf: a5:27:a5:24:52:f8:3b:55:83:e9:cc:4a:5c:5c:d4: 7f:7b:f2:11:a3:97:5c:03:e2:71:4c:d2:32:76:fb: 7b:e9:02:2b:f3:ef:33:39:e5:75:67:fc:8c:2c:ef: b8:7f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2F:13:7B:9E:2D:B7:F7:5D:6A:55:80:1A:9A:12:70:70:7C:E9:15:CF X509v3 Authority Key Identifier: keyid:1F:B7:F3:AF:6F:9D:6B:97:E3:72:0E:C5:4A:CB:F5:89:3A:C6:93:68 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9117DD2/101EDAEAD1C811EDACC81B7CC4F9AE02/H7fzr2-da5fjcg7FSsv1iTrGk2g.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/H7fzr2-da5fjcg7FSsv1iTrGk2g.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9117DD2/101EDAEAD1C811EDACC81B7CC4F9AE02/2871DB9ED1CB11EDBE2F0D7EC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.142.98.0/23 IPv6: 2001:df1:3b80::/48 Signature Algorithm: sha256WithRSAEncryption d5:c0:54:67:41:75:7d:f9:f6:07:46:20:48:54:af:ad:18:bb: b3:e2:76:3d:a0:54:3b:74:65:21:f4:09:de:b4:37:55:e8:3f: 00:3d:f9:eb:67:27:fc:d8:4f:86:66:b9:7f:e3:96:51:c4:4a: c8:3c:e9:3a:95:b4:3b:c7:0f:bc:59:14:15:4c:88:e0:04:fc: ce:0d:0c:31:4d:85:2a:e9:52:ef:b9:db:40:67:0b:b6:b9:8e: a5:6e:94:94:3a:7e:fe:b3:50:b2:25:16:38:3a:67:f5:be:92: 6d:fa:4f:45:eb:5d:5e:d7:e5:dc:fd:73:5c:1e:a0:9d:0f:f9: 6f:ca:f7:3e:bc:93:9a:a3:b1:e6:9f:ab:48:17:65:00:b6:e1: ea:b7:d9:cc:e1:22:90:ea:a6:0c:e0:9c:49:46:b7:6b:70:40: 42:d7:14:11:a1:b8:f7:24:b5:5d:78:f5:6c:c6:96:c0:d3:81: 03:09:e1:f0:bd:b5:c0:ed:8e:5e:0d:af:9c:36:66:69:53:4b: 80:ff:1b:9f:ae:1c:cf:a3:6d:dc:fe:bd:c4:ed:9a:3d:0b:ee: 75:e3:ee:a5:de:15:2e:5c:ff:17:c6:93:2d:7a:48:ff:9b:b0: 8e:37:99:99:7f:58:7e:ec:c8:10:3e:da:36:a2:11:fc:96:c6: f8:c4:82:d3 -----BEGIN CERTIFICATE----- MIIFgjCCBGqgAwIBAgICARIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MTdERDIxMTAvBgNVBAUTKDFGQjdGM0FGNkY5RDZCOTdFMzcyMEVDNTRBQ0JGNTg5 M0FDNjkzNjgwHhcNMjQwOTExMDYzNzM4WhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD VQQDEw02NmUxM2FiMi01Y2M3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAnosdHU9FRQ0j5W6EbAbUmLwch+zExUD+BCAa/CdpiCIRSURct7FeVpMogiuU 5S6TtTT+K/uZZVVr8ZaDs+zZMQwqrdDWC5BFuUpkBExZ25OFZBjNIGtY7+p+Rc5N CBFLYhjstWeCxPX8usQ93SimS2fOd4xAXEOKpNc1S89G/l4hYWg5Py7mRRUnRviO xJ3th/LVvmUteT8ND3Sol4kRtoA3PEnjIi4GRYrMPpWGJasUYTRdaGDKmA72i3P6 q+0bfuVH0Vj0eO1JlrS0ptezRM+lJ6UkUvg7VYPpzEpcXNR/e/IRo5dcA+JxTNIy dvt76QIr8+8zOeV1Z/yMLO+4fwIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFC8Te54t t/ddalWAGpoScHB86RXPMB8GA1UdIwQYMBaAFB+3869vnWuX43IOxUrL9Yk6xpNo MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExN0REMi8xMDFFREFFQUQx QzgxMUVEQUNDODFCN0NDNEY5QUUwMi9IN2Z6cjItZGE1ZmpjZzdGU3N2MWlUckdr MmcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0g3ZnpyMi1kYTVmamNnN0ZTc3YxaVRyR2syZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MTdERDIvMTAxRURBRUFEMUM4MTFFREFDQzgxQjdDQzRGOUFFMDIvMjg3MURCOUVE MUNCMTFFREJFMkYwRDdFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E ITAfMAwEAgABMAYDBAFnjmIwDwQCAAIwCQMHACABDfE7gDANBgkqhkiG9w0BAQsF AAOCAQEA1cBUZ0F1ffn2B0YgSFSvrRi7s+J2PaBUO3RlIfQJ3rQ3Veg/AD3562cn /NhPhma5f+OWUcRKyDzpOpW0O8cPvFkUFUyI4AT8zg0MMU2FKulS77nbQGcLtrmO pW6UlDp+/rNQsiUWODpn9b6SbfpPRetdXtfl3P1zXB6gnQ/5b8r3PryTmqOx5p+r SBdlALbh6rfZzOEikOqmDOCcSUa3a3BAQtcUEaG49yS1XXj1bMaWwNOBAwnh8L21 wO2OXg2vnDZmaVNLgP8bn64cz6Nt3P69xO2aPQvudePupd4VLlz/F8aTLXpI/5uw jjeZmX9YfuzIED7aNqIR/JbG+MSC0w== -----END CERTIFICATE-----Generated at Sat Nov 23 03:58:32 2024 by rpki-client on console-ams.rpki-client.org