$ rpki-client -vvf rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/B374FD147A0511EFBB046B51C4F9AE02.roa File: B374FD147A0511EFBB046B51C4F9AE02.roa (raw, json) Hash identifier: KB+zdTdnRAyRFWbM3xFWWbaAHAdDfRggWEokS4XCB+0= Subject key identifier: 7A:2A:56:E6:24:0E:35:B6:36:13:D1:E4:23:FB:E1:DC:10:D6:43:11 Certificate issuer: /CN=A911B412/serialNumber=873D595AF5569C20239F53DD80EB1177D80B0934 Certificate serial: 06AA Authority key identifier: 87:3D:59:5A:F5:56:9C:20:23:9F:53:DD:80:EB:11:77:D8:0B:09:34 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/B374FD147A0511EFBB046B51C4F9AE02.roa Signing time: Thu 24 Oct 2024 23:42:52 +0000 ROA not before: Thu 24 Oct 2024 23:42:52 +0000 ROA not after: Tue 30 Dec 2025 00:00:00 +0000 asID: 132422 IP address blocks: 43.252.209.0/24 maxlen: 24 43.252.210.0/24 maxlen: 24 103.228.64.0/24 maxlen: 24 103.234.54.0/24 maxlen: 24 150.107.1.0/24 maxlen: 24 150.107.2.0/24 maxlen: 24 150.107.3.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.crl rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 Nov 2024 20:33:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1706 (0x6aa) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A911B412/serialNumber=873D595AF5569C20239F53DD80EB1177D80B0934 Validity Not Before: Oct 24 23:42:52 2024 GMT Not After : Dec 30 00:00:00 2025 GMT Subject: CN=671adb7b-a927 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:5e:d9:65:c8:78:89:cb:30:36:88:ed:a4:4e: 99:70:cd:37:91:08:fd:bb:97:7d:b8:c1:21:b4:49: 43:39:0c:82:b0:c7:7e:38:46:6d:c4:98:a3:fe:d4: a8:f1:30:fa:6b:71:f6:6b:fc:8e:10:8c:1e:9c:59: 36:92:69:aa:c0:5f:c2:f5:d6:09:13:fa:2b:83:3c: ef:71:eb:1f:54:fc:36:df:6d:20:44:ef:2e:27:b7: 66:b9:a1:b0:88:2c:3d:31:2e:4a:12:3c:aa:23:f3: 2b:bd:bf:a1:61:e5:a8:ae:2e:5a:23:d5:8f:ec:bd: a0:08:fc:f9:45:06:42:a0:9b:4b:3d:68:af:0b:63: a8:cb:ba:36:d1:00:31:65:c3:9c:53:d6:ed:c1:0c: fa:90:89:71:65:dd:8a:a6:77:25:82:2f:ef:d7:92: 6e:36:29:ee:a3:7b:a4:06:2c:3b:95:cf:30:49:31: 7b:1e:dc:35:14:16:5a:bf:96:13:d7:8c:95:54:f2: b6:2e:e9:76:74:17:6b:8a:9f:ca:67:dd:b0:42:b9: f0:27:28:db:dd:32:3c:f6:89:9e:df:b9:51:50:cc: c2:13:bf:bb:f0:0c:63:5e:e1:67:53:b9:6f:b1:52: 3c:91:f3:6c:aa:2a:47:8f:48:5e:bf:8f:1b:62:99: 3d:c5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7A:2A:56:E6:24:0E:35:B6:36:13:D1:E4:23:FB:E1:DC:10:D6:43:11 X509v3 Authority Key Identifier: keyid:87:3D:59:5A:F5:56:9C:20:23:9F:53:DD:80:EB:11:77:D8:0B:09:34 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/B374FD147A0511EFBB046B51C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.252.209.0-43.252.210.255 103.228.64.0/24 103.234.54.0/24 150.107.1.0-150.107.3.255 Signature Algorithm: sha256WithRSAEncryption 3e:3a:dd:1b:a0:b1:88:66:3c:f3:c5:0e:ad:fb:43:64:d5:90: 5b:4e:2a:ef:c5:23:9d:07:83:af:13:5e:ec:9d:95:e1:d9:b7: 04:ca:83:e4:9a:d2:d9:07:da:c0:ab:3f:31:21:54:85:ed:6b: 51:16:a7:23:c1:11:df:60:59:26:2e:73:19:be:c2:db:9b:62: 6a:3f:90:62:04:b0:ba:97:be:3b:65:18:d6:11:d5:70:ff:0d: d7:d6:d3:b5:63:18:27:a6:b4:d5:67:a9:bc:f8:13:14:ca:86: 1d:82:93:c5:f3:86:d8:96:bc:92:e7:14:3a:17:45:94:0d:0a: 6c:65:a6:64:1b:13:33:18:17:98:0d:9e:0b:78:21:74:6b:a6: fa:fc:78:d5:0d:82:1e:6d:82:fe:ec:66:bd:02:0f:82:fc:42: 60:6e:b3:2a:fb:d8:0e:58:f1:fb:b6:fa:1c:70:60:37:f8:5f: 76:a3:e3:df:0a:e9:db:85:25:ab:e7:7d:a1:4f:90:ae:70:15: 39:b0:7e:18:ab:b1:61:fd:cb:b2:ed:cc:c1:db:30:a0:71:71: 18:1d:af:10:09:e9:54:5a:2f:ad:76:d2:7d:0a:1f:06:17:e7: fd:24:d9:88:48:3b:ad:47:87:61:cb:c9:3f:f4:7a:2f:0d:be: 5a:26:7d:f2 -----BEGIN CERTIFICATE----- MIIFkzCCBHugAwIBAgICBqowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MUI0MTIxMTAvBgNVBAUTKDg3M0Q1OTVBRjU1NjlDMjAyMzlGNTNERDgwRUIxMTc3 RDgwQjA5MzQwHhcNMjQxMDI0MjM0MjUyWhcNMjUxMjMwMDAwMDAwWjAYMRYwFAYD VQQDEw02NzFhZGI3Yi1hOTI3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA1F7ZZch4icswNojtpE6ZcM03kQj9u5d9uMEhtElDOQyCsMd+OEZtxJij/tSo 8TD6a3H2a/yOEIwenFk2kmmqwF/C9dYJE/orgzzvcesfVPw2320gRO8uJ7dmuaGw iCw9MS5KEjyqI/Mrvb+hYeWori5aI9WP7L2gCPz5RQZCoJtLPWivC2Ooy7o20QAx ZcOcU9btwQz6kIlxZd2Kpnclgi/v15JuNinuo3ukBiw7lc8wSTF7Htw1FBZav5YT 14yVVPK2Lul2dBdrip/KZ92wQrnwJyjb3TI89ome37lRUMzCE7+78AxjXuFnU7lv sVI8kfNsqipHj0hev48bYpk9xQIDAQABo4ICtzCCArMwHQYDVR0OBBYEFHoqVuYk DjW2NhPR5CP74dwQ1kMRMB8GA1UdIwQYMBaAFIc9WVr1VpwgI59T3YDrEXfYCwk0 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQjQxMi9DMUVBMDMzQ0Qy RUExMUVCQTIwNkIxNzhDNEY5QUUwMi9oejFaV3ZWV25DQWpuMVBkZ09zUmQ5Z0xD VFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2h6MVpXdlZXbkNBam4xUGRnT3NSZDlnTENUUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MUI0MTIvQzFFQTAzM0NEMkVBMTFFQkEyMDZCMTc4QzRGOUFFMDIvQjM3NEZEMTQ3 QTA1MTFFRkJCMDQ2QjUxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQQYIKwYBBQUHAQcBAf8E MjAwMC4EAgABMCgwDAMEACv80QMEACv80gMEAGfkQAMEAGfqNjAMAwQAlmsBAwQC lmsAMA0GCSqGSIb3DQEBCwUAA4IBAQA+Ot0boLGIZjzzxQ6t+0Nk1ZBbTirvxSOd B4OvE17snZXh2bcEyoPkmtLZB9rAqz8xIVSF7WtRFqcjwRHfYFkmLnMZvsLbm2Jq P5BiBLC6l747ZRjWEdVw/w3X1tO1YxgnprTVZ6m8+BMUyoYdgpPF84bYlryS5xQ6 F0WUDQpsZaZkGxMzGBeYDZ4LeCF0a6b6/HjVDYIebYL+7Ga9Ag+C/EJgbrMq+9gO WPH7tvoccGA3+F92o+PfCunbhSWr532hT5CucBU5sH4Yq7Fh/cuy7czB2zCgcXEY Ha8QCelUWi+tdtJ9Ch8GF+f9JNmISDutR4dhy8k/9HovDb5aJn3y -----END CERTIFICATE-----Generated at Wed Nov 20 23:55:36 2024 by rpki-client on console-ams.rpki-client.org