$ rpki-client -vvf rpki.apnic.net/member_repository/A911C676/CD38AB16DDD911E8AF451F0AC4F9AE02/EFA0015E593911EFA8EAD43CC4F9AE02.roa File: EFA0015E593911EFA8EAD43CC4F9AE02.roa (raw, json) Hash identifier: CV1olrwVOu2rPavDvmtRQ4rOYA7xZ/cCM53DbJ5ttg4= Subject key identifier: 5A:BB:B4:13:B1:12:6E:EE:74:73:CF:3F:7D:AE:AA:3E:D8:41:E4:E4 Certificate issuer: /CN=A911C676/serialNumber=A9E95A416BCCEEFD86EA2FA019C25E4D76B8E9D9 Certificate serial: 11F3 Authority key identifier: A9:E9:5A:41:6B:CC:EE:FD:86:EA:2F:A0:19:C2:5E:4D:76:B8:E9:D9 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qelaQWvM7v2G6i-gGcJeTXa46dk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A911C676/CD38AB16DDD911E8AF451F0AC4F9AE02/EFA0015E593911EFA8EAD43CC4F9AE02.roa Signing time: Fri 22 Nov 2024 17:35:23 +0000 ROA not before: Fri 22 Nov 2024 17:35:23 +0000 ROA not after: Sat 31 Jan 2026 00:00:00 +0000 asID: 134094 IP address blocks: 45.123.116.0/24 maxlen: 24 45.123.118.0/24 maxlen: 24 45.123.119.0/24 maxlen: 24 103.51.140.0/24 maxlen: 24 103.51.141.0/24 maxlen: 24 103.51.142.0/24 maxlen: 24 103.51.143.0/24 maxlen: 24 103.103.129.0/24 maxlen: 24 103.103.130.0/24 maxlen: 24 103.103.131.0/24 maxlen: 24 203.15.150.0/24 maxlen: 24 2401:f540::/48 maxlen: 48 2401:f540:1::/48 maxlen: 48 2401:f540:2::/48 maxlen: 48 2401:f540:3::/48 maxlen: 48 2401:f540:4::/48 maxlen: 48 2401:f540:5::/48 maxlen: 48 2401:f540:6::/48 maxlen: 48 2401:f540:7::/48 maxlen: 48 2401:f540:10::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A911C676/CD38AB16DDD911E8AF451F0AC4F9AE02/qelaQWvM7v2G6i-gGcJeTXa46dk.crl rsync://rpki.apnic.net/member_repository/A911C676/CD38AB16DDD911E8AF451F0AC4F9AE02/qelaQWvM7v2G6i-gGcJeTXa46dk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qelaQWvM7v2G6i-gGcJeTXa46dk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Nov 2024 17:35:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4595 (0x11f3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A911C676/serialNumber=A9E95A416BCCEEFD86EA2FA019C25E4D76B8E9D9 Validity Not Before: Nov 22 17:35:23 2024 GMT Not After : Jan 31 00:00:00 2026 GMT Subject: CN=6740c0db-e0f4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:e3:a0:ad:9b:84:f1:66:2b:67:12:28:9f:f7: 61:83:21:01:b4:4b:9f:8c:e8:23:0c:69:92:ab:61: e9:bb:ad:24:7b:49:71:58:4b:bd:9b:4b:02:c0:b8: 8d:db:52:82:dd:23:8a:db:0f:00:82:04:95:14:60: 2c:38:db:02:33:68:41:48:ff:e9:cf:14:5a:a8:85: 5d:6d:11:96:36:4e:e2:f4:57:31:2e:83:33:5e:da: 6e:63:d2:f0:d4:66:cc:4b:20:23:85:ad:d1:dd:0b: ad:47:93:1f:42:00:c5:99:41:a1:79:4c:cb:93:2f: 3c:ac:f7:23:a4:ee:e4:da:d0:d9:7f:4d:4d:1b:5a: b8:58:5c:ae:2f:89:02:bb:4d:95:2f:dd:d8:ce:b1: 3f:70:c2:d1:60:59:d0:42:d4:38:41:8d:8d:69:d8: 42:22:d7:d8:fd:18:39:4c:0e:11:82:03:2f:07:95: 2a:48:8d:d7:3b:b5:54:d3:80:4c:3a:96:a0:58:79: af:dc:6a:c6:18:ee:f7:19:08:f5:cb:97:54:a9:69: 6e:40:e4:1b:85:84:73:96:e6:6a:c9:77:49:ca:14: c0:f5:3b:af:cc:3b:0d:67:92:44:a2:1d:f0:15:1c: 54:25:48:e7:44:03:1b:be:75:e6:79:91:43:c2:68: 84:67 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5A:BB:B4:13:B1:12:6E:EE:74:73:CF:3F:7D:AE:AA:3E:D8:41:E4:E4 X509v3 Authority Key Identifier: keyid:A9:E9:5A:41:6B:CC:EE:FD:86:EA:2F:A0:19:C2:5E:4D:76:B8:E9:D9 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A911C676/CD38AB16DDD911E8AF451F0AC4F9AE02/qelaQWvM7v2G6i-gGcJeTXa46dk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qelaQWvM7v2G6i-gGcJeTXa46dk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911C676/CD38AB16DDD911E8AF451F0AC4F9AE02/EFA0015E593911EFA8EAD43CC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 45.123.116.0/24 45.123.118.0/23 103.51.140.0/22 103.103.129.0-103.103.131.255 203.15.150.0/24 IPv6: 2401:f540::/45 2401:f540:10::/48 Signature Algorithm: sha256WithRSAEncryption 3a:03:5d:46:54:56:74:1d:e3:8a:31:de:66:3a:43:b2:06:94: be:d0:ac:2b:72:39:15:3f:4c:67:b2:cb:23:b6:e5:71:ed:fb: 97:f0:c8:3f:b6:03:64:40:c1:00:be:ca:24:88:49:f1:15:b9: 6d:3e:c5:70:9b:fb:39:b5:09:13:8e:49:06:dd:51:62:3d:99: c5:3a:ae:c0:fd:cf:85:00:fe:a4:39:e3:59:60:c7:67:e4:03: 58:ea:c3:7b:df:4b:03:46:4f:4c:67:69:aa:9f:46:86:7d:6e: fb:59:ad:4e:75:06:96:82:b0:56:b6:c7:2c:ca:bc:9c:5a:d5: 39:0d:c9:ae:6b:f8:ac:bf:97:d8:cd:06:8d:c2:53:7f:0c:28: 7d:3e:1d:d8:b0:fd:e3:73:a0:75:e6:87:a2:48:35:ac:9c:a9: 2a:bd:b2:32:7b:4e:c3:56:6a:9a:e7:92:53:20:be:6c:e0:fe: 87:f3:43:b9:90:dd:5b:5a:3b:5f:70:a1:ee:26:58:84:34:e8: 2a:91:96:77:38:7d:99:86:70:04:6a:d9:78:c6:54:df:01:fe: d9:4e:cc:54:8f:f6:e5:91:0f:69:35:cc:a8:9b:0c:f1:bf:16: 74:8e:c0:0e:38:f9:9e:5d:58:37:0a:7d:db:9c:e3:32:7e:f6: d0:9e:0d:e3 -----BEGIN CERTIFICATE----- MIIFqzCCBJOgAwIBAgICEfMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MUM2NzYxMTAvBgNVBAUTKEE5RTk1QTQxNkJDQ0VFRkQ4NkVBMkZBMDE5QzI1RTRE NzZCOEU5RDkwHhcNMjQxMTIyMTczNTIzWhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NzQwYzBkYi1lMGY0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAs+OgrZuE8WYrZxIon/dhgyEBtEufjOgjDGmSq2Hpu60ke0lxWEu9m0sCwLiN 21KC3SOK2w8AggSVFGAsONsCM2hBSP/pzxRaqIVdbRGWNk7i9FcxLoMzXtpuY9Lw 1GbMSyAjha3R3QutR5MfQgDFmUGheUzLky88rPcjpO7k2tDZf01NG1q4WFyuL4kC u02VL93YzrE/cMLRYFnQQtQ4QY2NadhCItfY/Rg5TA4RggMvB5UqSI3XO7VU04BM OpagWHmv3GrGGO73GQj1y5dUqWluQOQbhYRzluZqyXdJyhTA9TuvzDsNZ5JEoh3w FRxUJUjnRAMbvnXmeZFDwmiEZwIDAQABo4ICzzCCAsswHQYDVR0OBBYEFFq7tBOx Em7udHPPP32uqj7YQeTkMB8GA1UdIwQYMBaAFKnpWkFrzO79huovoBnCXk12uOnZ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQzY3Ni9DRDM4QUIxNkRE RDkxMUU4QUY0NTFGMEFDNEY5QUUwMi9xZWxhUVd2TTd2Mkc2aS1nR2NKZVRYYTQ2 ZGsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3FlbGFRV3ZNN3YyRzZpLWdHY0plVFhhNDZkay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MUM2NzYvQ0QzOEFCMTZEREQ5MTFFOEFGNDUxRjBBQzRGOUFFMDIvRUZBMDAxNUU1 OTM5MTFFRkE4RUFENDNDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwWQYIKwYBBQUHAQcBAf8E SjBIMCwEAgABMCYDBAAte3QDBAEte3YDBAJnM4wwDAMEAGdngQMEAmdngAMEAMsP ljAYBAIAAjASAwcDJAH1QAAAAwcAJAH1QAAQMA0GCSqGSIb3DQEBCwUAA4IBAQA6 A11GVFZ0HeOKMd5mOkOyBpS+0KwrcjkVP0xnsssjtuVx7fuX8Mg/tgNkQMEAvsok iEnxFbltPsVwm/s5tQkTjkkG3VFiPZnFOq7A/c+FAP6kOeNZYMdn5ANY6sN730sD Rk9MZ2mqn0aGfW77Wa1OdQaWgrBWtscsyrycWtU5Dcmua/isv5fYzQaNwlN/DCh9 Ph3YsP3jc6B15oeiSDWsnKkqvbIye07DVmqa55JTIL5s4P6H80O5kN1bWjtfcKHu JliENOgqkZZ3OH2ZhnAEatl4xlTfAf7ZTsxUj/blkQ9pNcyomwzxvxZ0jsAOOPme XVg3Cn3bnOMyfvbQng3j -----END CERTIFICATE-----Generated at Fri Nov 22 19:44:56 2024 by rpki-client on console-fra.rpki-client.org