$ rpki-client -vvf rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/B5154EE47A0511EFBB046B51C4F9AE02.roa File: B5154EE47A0511EFBB046B51C4F9AE02.roa (raw, json) Hash identifier: LHjvnmpgsdSUa0M4lGxgmePTUMZ/FKSE8xNvYAuYcd0= Subject key identifier: CB:41:B3:28:B2:A6:DE:BA:34:D9:2E:26:C2:78:64:F8:EA:EB:05:A9 Certificate issuer: /CN=A911B412/serialNumber=873D595AF5569C20239F53DD80EB1177D80B0934 Certificate serial: 06C1 Authority key identifier: 87:3D:59:5A:F5:56:9C:20:23:9F:53:DD:80:EB:11:77:D8:0B:09:34 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/B5154EE47A0511EFBB046B51C4F9AE02.roa Signing time: Thu 24 Oct 2024 23:43:14 +0000 ROA not before: Thu 24 Oct 2024 23:43:14 +0000 ROA not after: Tue 30 Dec 2025 00:00:00 +0000 asID: 64021 IP address blocks: 43.252.209.0/24 maxlen: 24 43.252.210.0/24 maxlen: 24 103.228.64.0/24 maxlen: 24 103.234.54.0/24 maxlen: 24 150.107.1.0/24 maxlen: 24 150.107.2.0/24 maxlen: 24 150.107.3.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.crl rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 Nov 2024 20:33:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1729 (0x6c1) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A911B412/serialNumber=873D595AF5569C20239F53DD80EB1177D80B0934 Validity Not Before: Oct 24 23:43:14 2024 GMT Not After : Dec 30 00:00:00 2025 GMT Subject: CN=671adb92-0e03 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e5:96:37:91:d6:ce:d8:ee:b9:07:90:6d:d3:15: 38:27:8e:4e:0e:b2:1d:c7:4f:a9:3e:f4:9b:bb:f3: 21:2f:39:91:45:78:34:92:d0:ec:2c:25:65:26:f0: 9d:f1:b0:54:42:8f:0e:f0:7d:a3:68:21:47:92:41: fb:ec:37:a1:ef:b3:91:63:44:db:6e:9a:45:2d:95: a5:f3:61:9d:e8:0f:41:66:ce:8b:ef:2e:65:6e:a5: 51:30:e0:07:9a:86:80:dc:2b:83:a9:38:ac:bc:b0: eb:ba:4a:3b:8c:de:e4:57:f9:a8:5f:99:60:f5:51: 5e:7b:28:5a:2f:fb:10:5c:a0:62:be:c6:e1:75:db: 04:43:0f:e7:73:1c:0c:39:73:52:aa:e6:51:5d:8d: 2a:7c:e0:6c:2b:c0:f1:b6:9e:13:31:73:d5:77:aa: 3b:bd:5b:06:da:9d:56:70:14:22:ea:e9:72:cd:3f: 3f:60:38:3c:b2:5c:3d:1a:40:c0:36:cf:02:1d:5d: 49:42:37:b6:ac:0c:45:5b:3f:f9:37:97:e9:8d:9a: 1e:f7:9e:61:f9:c0:9c:92:c7:e2:e1:b8:0b:2f:e7: d8:66:e3:53:dd:51:00:e8:7f:e7:a9:c2:49:a1:9f: 82:43:45:6c:8f:a0:33:2f:ab:99:4e:45:29:31:16: 0f:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CB:41:B3:28:B2:A6:DE:BA:34:D9:2E:26:C2:78:64:F8:EA:EB:05:A9 X509v3 Authority Key Identifier: keyid:87:3D:59:5A:F5:56:9C:20:23:9F:53:DD:80:EB:11:77:D8:0B:09:34 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/B5154EE47A0511EFBB046B51C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.252.209.0-43.252.210.255 103.228.64.0/24 103.234.54.0/24 150.107.1.0-150.107.3.255 Signature Algorithm: sha256WithRSAEncryption 40:a0:ac:cc:09:34:4b:8d:a2:32:d7:17:36:1c:30:89:b4:43: d5:68:6d:b4:fc:7e:0f:13:25:72:5e:4e:7e:d8:2a:a5:44:e6: 22:6a:05:58:85:ec:ac:08:5f:73:15:66:13:6f:56:23:98:fa: 2c:a8:7f:6d:ba:c5:d0:d1:dd:2f:36:49:2b:dd:26:66:f2:ac: 35:47:b2:e0:02:5f:57:cb:90:ee:84:61:12:17:30:09:e0:92: d1:49:4d:16:ae:df:c3:04:01:4a:5c:f9:69:e9:2c:ec:32:01: 01:2f:a5:d2:30:14:15:0f:a2:f1:d8:64:19:7c:6c:b7:e6:47: ad:95:e9:c0:c1:92:a8:dd:a3:bf:89:6e:39:85:e1:5f:ab:0e: 0b:99:5a:72:6f:c7:c0:c9:4e:0a:11:5b:1f:2d:9d:81:68:83: 1c:54:3e:4a:90:78:77:80:e4:91:70:90:20:60:69:a8:47:36: 9b:1e:ee:12:fe:36:89:6a:e7:48:22:77:84:d4:e7:79:75:8e: 45:6a:67:78:d1:20:47:31:58:77:42:f2:57:dd:6c:c3:c2:30: a7:25:90:2f:a6:3b:e5:a9:65:08:e9:a8:a7:fd:f8:bd:41:64: bc:9b:e3:b7:a5:ee:9a:0d:36:f1:d6:18:4d:6d:48:07:3d:2f: 16:b8:97:68 -----BEGIN CERTIFICATE----- MIIFkzCCBHugAwIBAgICBsEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MUI0MTIxMTAvBgNVBAUTKDg3M0Q1OTVBRjU1NjlDMjAyMzlGNTNERDgwRUIxMTc3 RDgwQjA5MzQwHhcNMjQxMDI0MjM0MzE0WhcNMjUxMjMwMDAwMDAwWjAYMRYwFAYD VQQDEw02NzFhZGI5Mi0wZTAzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA5ZY3kdbO2O65B5Bt0xU4J45ODrIdx0+pPvSbu/MhLzmRRXg0ktDsLCVlJvCd 8bBUQo8O8H2jaCFHkkH77Deh77ORY0TbbppFLZWl82Gd6A9BZs6L7y5lbqVRMOAH moaA3CuDqTisvLDruko7jN7kV/moX5lg9VFeeyhaL/sQXKBivsbhddsEQw/ncxwM OXNSquZRXY0qfOBsK8Dxtp4TMXPVd6o7vVsG2p1WcBQi6ulyzT8/YDg8slw9GkDA Ns8CHV1JQje2rAxFWz/5N5fpjZoe955h+cCcksfi4bgLL+fYZuNT3VEA6H/nqcJJ oZ+CQ0Vsj6AzL6uZTkUpMRYPawIDAQABo4ICtzCCArMwHQYDVR0OBBYEFMtBsyiy pt66NNkuJsJ4ZPjq6wWpMB8GA1UdIwQYMBaAFIc9WVr1VpwgI59T3YDrEXfYCwk0 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQjQxMi9DMUVBMDMzQ0Qy RUExMUVCQTIwNkIxNzhDNEY5QUUwMi9oejFaV3ZWV25DQWpuMVBkZ09zUmQ5Z0xD VFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2h6MVpXdlZXbkNBam4xUGRnT3NSZDlnTENUUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MUI0MTIvQzFFQTAzM0NEMkVBMTFFQkEyMDZCMTc4QzRGOUFFMDIvQjUxNTRFRTQ3 QTA1MTFFRkJCMDQ2QjUxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQQYIKwYBBQUHAQcBAf8E MjAwMC4EAgABMCgwDAMEACv80QMEACv80gMEAGfkQAMEAGfqNjAMAwQAlmsBAwQC lmsAMA0GCSqGSIb3DQEBCwUAA4IBAQBAoKzMCTRLjaIy1xc2HDCJtEPVaG20/H4P EyVyXk5+2CqlROYiagVYheysCF9zFWYTb1YjmPosqH9tusXQ0d0vNkkr3SZm8qw1 R7LgAl9Xy5DuhGESFzAJ4JLRSU0Wrt/DBAFKXPlp6SzsMgEBL6XSMBQVD6Lx2GQZ fGy35ketlenAwZKo3aO/iW45heFfqw4LmVpyb8fAyU4KEVsfLZ2BaIMcVD5KkHh3 gOSRcJAgYGmoRzabHu4S/jaJaudIIneE1Od5dY5Famd40SBHMVh3QvJX3WzDwjCn JZAvpjvlqWUI6ain/fi9QWS8m+O3pe6aDTbx1hhNbUgHPS8WuJdo -----END CERTIFICATE-----Generated at Thu Nov 21 00:21:18 2024 by rpki-client on console-fra.rpki-client.org