$ rpki-client -vvf rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/9CDF55D87D6A11EEA59E8C3FC4F9AE02.roa File: 9CDF55D87D6A11EEA59E8C3FC4F9AE02.roa (raw, json) Hash identifier: mDnMAOX1D7nrgDR/qLwtv3995W8fLU9iXorAjw/Tyy8= Subject key identifier: E0:17:64:BA:55:35:3A:D8:9D:52:A7:AA:31:8E:BF:BF:DE:AC:37:45 Certificate issuer: /CN=A911B412/serialNumber=873D595AF5569C20239F53DD80EB1177D80B0934 Certificate serial: 06BD Authority key identifier: 87:3D:59:5A:F5:56:9C:20:23:9F:53:DD:80:EB:11:77:D8:0B:09:34 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/9CDF55D87D6A11EEA59E8C3FC4F9AE02.roa Signing time: Thu 24 Oct 2024 23:43:10 +0000 ROA not before: Thu 24 Oct 2024 23:43:10 +0000 ROA not after: Tue 30 Dec 2025 00:00:00 +0000 asID: 41717 IP address blocks: 103.209.233.0/24 maxlen: 24 103.209.234.0/24 maxlen: 24 163.53.17.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.crl rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 Nov 2024 20:33:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1725 (0x6bd) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A911B412/serialNumber=873D595AF5569C20239F53DD80EB1177D80B0934 Validity Not Before: Oct 24 23:43:10 2024 GMT Not After : Dec 30 00:00:00 2025 GMT Subject: CN=671adb8e-d88a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:98:64:8c:9d:c2:52:7f:a4:11:69:bf:db:03: 68:53:1a:6f:1d:f1:fd:84:f3:f4:c7:bd:f8:b9:ad: 34:7e:d0:64:cc:6b:67:9c:3a:f4:f0:63:db:6b:3e: de:a2:c0:16:7e:ce:25:f6:54:a5:7e:f4:63:03:f2: 5c:af:e5:18:bf:c0:54:5c:9e:79:41:1d:e6:03:4d: 6d:97:bb:4f:4c:f2:da:26:3b:a3:2e:b7:8f:6a:7f: f2:36:f8:1c:d3:89:ce:84:52:b9:56:26:e1:74:fc: c4:11:13:6e:09:f6:9d:36:7f:18:92:8e:cc:bf:49: 6f:12:b9:c0:21:18:24:7a:73:9b:31:a4:5b:81:a3: e2:36:34:36:63:2d:3f:a0:31:8f:68:8f:a5:cc:6f: 03:32:75:72:da:d7:6d:4c:53:7d:60:42:b5:2f:4e: 23:67:29:00:c3:01:99:03:50:cb:5e:c3:cd:e3:59: 7d:8e:d9:96:ee:33:55:ca:85:39:09:d0:5b:0f:9c: 84:42:20:5e:fe:5d:bf:97:e6:1c:33:59:dd:dc:48: f8:3f:29:95:63:96:51:bf:6a:4f:17:1f:a6:97:e2: 8e:54:56:d9:96:dd:e1:fb:fe:3c:21:21:bd:aa:a2: 0e:bd:16:94:be:36:a4:58:6e:a5:f2:ca:d6:5b:61: d0:d7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E0:17:64:BA:55:35:3A:D8:9D:52:A7:AA:31:8E:BF:BF:DE:AC:37:45 X509v3 Authority Key Identifier: keyid:87:3D:59:5A:F5:56:9C:20:23:9F:53:DD:80:EB:11:77:D8:0B:09:34 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/9CDF55D87D6A11EEA59E8C3FC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.209.233.0-103.209.234.255 163.53.17.0/24 Signature Algorithm: sha256WithRSAEncryption 8e:bf:02:75:78:aa:2d:85:d3:27:4a:49:87:82:51:3d:d1:f5: 10:61:ad:a8:70:2c:82:5d:52:a0:cf:e0:1e:d1:47:c5:89:8b: be:52:eb:cd:0e:8e:93:13:ef:85:50:e4:d1:d2:6f:48:ce:6c: 43:02:3c:2e:a8:e7:30:ad:d5:8e:b2:cc:e8:2b:57:16:89:66: 5f:fa:eb:64:84:d7:2b:5f:1b:94:60:3e:19:e5:fe:8c:ca:71: 61:b9:0c:85:8d:d7:48:34:08:e1:98:2e:88:b8:77:4f:1d:02: 27:71:72:95:ee:e7:81:18:f9:61:c4:2e:f9:16:ee:46:f9:3b: 51:af:af:c9:88:35:2c:c9:34:5c:50:d4:84:e7:81:55:5f:6d: 99:a4:75:1d:dc:7e:fc:69:6e:f9:ac:94:ff:d8:9a:6b:56:14: 7a:96:04:b2:88:93:41:59:8e:2d:41:08:71:9c:d6:98:67:e3: 5a:17:03:27:e1:6a:b1:b8:7d:66:f3:34:d3:18:41:19:34:96: d7:95:5a:2f:ca:4f:e4:60:a5:b4:58:0d:01:aa:32:3e:79:29: 8c:ba:ac:29:7a:aa:bc:fb:73:a7:c5:63:e0:5b:a4:38:66:bb: 1f:2a:f3:de:b2:cf:9e:ba:22:eb:6d:c4:08:67:99:ea:10:88: 83:5f:db:de -----BEGIN CERTIFICATE----- MIIFfzCCBGegAwIBAgICBr0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MUI0MTIxMTAvBgNVBAUTKDg3M0Q1OTVBRjU1NjlDMjAyMzlGNTNERDgwRUIxMTc3 RDgwQjA5MzQwHhcNMjQxMDI0MjM0MzEwWhcNMjUxMjMwMDAwMDAwWjAYMRYwFAYD VQQDEw02NzFhZGI4ZS1kODhhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtJhkjJ3CUn+kEWm/2wNoUxpvHfH9hPP0x734ua00ftBkzGtnnDr08GPbaz7e osAWfs4l9lSlfvRjA/Jcr+UYv8BUXJ55QR3mA01tl7tPTPLaJjujLrePan/yNvgc 04nOhFK5VibhdPzEERNuCfadNn8Yko7Mv0lvErnAIRgkenObMaRbgaPiNjQ2Yy0/ oDGPaI+lzG8DMnVy2tdtTFN9YEK1L04jZykAwwGZA1DLXsPN41l9jtmW7jNVyoU5 CdBbD5yEQiBe/l2/l+YcM1nd3Ej4PymVY5ZRv2pPFx+ml+KOVFbZlt3h+/48ISG9 qqIOvRaUvjakWG6l8srWW2HQ1wIDAQABo4ICozCCAp8wHQYDVR0OBBYEFOAXZLpV NTrYnVKnqjGOv7/erDdFMB8GA1UdIwQYMBaAFIc9WVr1VpwgI59T3YDrEXfYCwk0 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQjQxMi9DMUVBMDMzQ0Qy RUExMUVCQTIwNkIxNzhDNEY5QUUwMi9oejFaV3ZWV25DQWpuMVBkZ09zUmQ5Z0xD VFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2h6MVpXdlZXbkNBam4xUGRnT3NSZDlnTENUUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MUI0MTIvQzFFQTAzM0NEMkVBMTFFQkEyMDZCMTc4QzRGOUFFMDIvOUNERjU1RDg3 RDZBMTFFRUE1OUU4QzNGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLQYIKwYBBQUHAQcBAf8E HjAcMBoEAgABMBQwDAMEAGfR6QMEAGfR6gMEAKM1ETANBgkqhkiG9w0BAQsFAAOC AQEAjr8CdXiqLYXTJ0pJh4JRPdH1EGGtqHAsgl1SoM/gHtFHxYmLvlLrzQ6OkxPv hVDk0dJvSM5sQwI8LqjnMK3VjrLM6CtXFolmX/rrZITXK18blGA+GeX+jMpxYbkM hY3XSDQI4ZguiLh3Tx0CJ3Fyle7ngRj5YcQu+RbuRvk7Ua+vyYg1LMk0XFDUhOeB VV9tmaR1Hdx+/Glu+ayU/9iaa1YUepYEsoiTQVmOLUEIcZzWmGfjWhcDJ+Fqsbh9 ZvM00xhBGTSW15VaL8pP5GCltFgNAaoyPnkpjLqsKXqqvPtzp8Vj4FukOGa7Hyrz 3rLPnroi623ECGeZ6hCIg1/b3g== -----END CERTIFICATE-----Generated at Thu Nov 21 00:21:18 2024 by rpki-client on console-fra.rpki-client.org