$ rpki-client -vvf rpki.apnic.net/member_repository/A911FAC3/7B868C089DF511E8957AB416C4F9AE02/4338FC5CFB5611EBB7032080C4F9AE02.roa File: 4338FC5CFB5611EBB7032080C4F9AE02.roa (raw, json) Hash identifier: jXq2yfYI+6Vq13ZwndDj/+d34MA8vN7mKixhRF47lwg= Subject key identifier: A9:66:7F:D5:23:71:81:29:F0:CA:1B:33:10:37:9E:A7:A8:F3:C2:44 Certificate issuer: /CN=A911FAC3/serialNumber=7762AA8277020D0BB5C75997DE5F7D8A5142DF14 Certificate serial: 1321 Authority key identifier: 77:62:AA:82:77:02:0D:0B:B5:C7:59:97:DE:5F:7D:8A:51:42:DF:14 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/d2KqgncCDQu1x1mX3l99ilFC3xQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A911FAC3/7B868C089DF511E8957AB416C4F9AE02/4338FC5CFB5611EBB7032080C4F9AE02.roa Signing time: Fri 18 Oct 2024 17:25:19 +0000 ROA not before: Fri 18 Oct 2024 17:25:19 +0000 ROA not after: Sat 31 Jan 2026 00:00:00 +0000 asID: 63932 IP address blocks: 43.229.12.0/22 maxlen: 22 43.229.12.0/24 maxlen: 24 43.229.13.0/24 maxlen: 24 43.229.15.0/24 maxlen: 24 103.48.16.0/22 maxlen: 22 114.130.240.0/21 maxlen: 21 114.130.252.0/22 maxlen: 22 2401:ed80::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A911FAC3/7B868C089DF511E8957AB416C4F9AE02/d2KqgncCDQu1x1mX3l99ilFC3xQ.crl rsync://rpki.apnic.net/member_repository/A911FAC3/7B868C089DF511E8957AB416C4F9AE02/d2KqgncCDQu1x1mX3l99ilFC3xQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/d2KqgncCDQu1x1mX3l99ilFC3xQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Nov 2024 16:30:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4897 (0x1321) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A911FAC3/serialNumber=7762AA8277020D0BB5C75997DE5F7D8A5142DF14 Validity Not Before: Oct 18 17:25:19 2024 GMT Not After : Jan 31 00:00:00 2026 GMT Subject: CN=671299ff-2a47 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:97:15:dc:66:ad:4a:a0:01:f3:ce:43:f5:7b: 49:d8:a7:15:26:b9:7b:7c:10:19:7f:25:20:64:18: ef:5e:38:2a:35:ac:50:40:94:ce:65:8a:92:55:a9: 86:56:89:b3:50:a8:c0:d4:84:7f:8a:ae:06:ed:6c: 73:7b:24:b9:da:0f:62:4e:69:01:58:cd:b1:a3:c7: ff:9d:4e:dd:cb:7b:67:6c:cd:d9:b0:ed:73:ef:76: 4d:42:c3:fc:73:ec:5e:ae:77:d0:3d:ec:a7:2f:94: af:9c:2c:48:28:00:21:c3:58:8b:31:e2:26:fd:2f: d1:b8:21:8b:08:56:3d:1d:3c:5d:f1:98:f4:64:73: 3e:c4:c1:83:48:5d:98:c3:2b:ec:8a:51:29:1f:7f: aa:f3:1a:ed:06:43:51:d7:86:87:6b:29:d7:5e:a6: 28:2b:c6:e8:15:d5:53:a1:ad:19:1c:fe:26:22:7c: 4b:49:67:bf:6f:7b:fe:8d:ca:f3:61:1d:67:0d:ec: 7a:ac:70:33:02:7b:14:03:11:c4:b9:71:88:63:59: ee:c9:1b:e7:db:40:17:a6:38:d2:a8:c3:2d:26:c5: 36:c8:a8:b7:2c:70:85:e7:d5:b3:10:c7:ff:c2:7c: 02:a0:22:19:f1:68:05:bc:d1:29:1a:b4:20:b7:cd: b4:b7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A9:66:7F:D5:23:71:81:29:F0:CA:1B:33:10:37:9E:A7:A8:F3:C2:44 X509v3 Authority Key Identifier: keyid:77:62:AA:82:77:02:0D:0B:B5:C7:59:97:DE:5F:7D:8A:51:42:DF:14 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A911FAC3/7B868C089DF511E8957AB416C4F9AE02/d2KqgncCDQu1x1mX3l99ilFC3xQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/d2KqgncCDQu1x1mX3l99ilFC3xQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911FAC3/7B868C089DF511E8957AB416C4F9AE02/4338FC5CFB5611EBB7032080C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.229.12.0/22 103.48.16.0/22 114.130.240.0/21 114.130.252.0/22 IPv6: 2401:ed80::/32 Signature Algorithm: sha256WithRSAEncryption 98:77:ac:79:3d:4c:5a:e0:5a:dc:ef:99:0a:bf:20:2b:4b:8c: fd:f5:a8:ff:30:0d:fe:b6:71:53:78:81:27:0f:fc:c8:c0:9a: 18:ba:10:79:1e:9c:b1:be:41:ed:21:cc:9b:07:a6:d9:54:16: c9:c8:2d:f1:b8:d4:4e:b4:50:22:60:ef:45:90:b3:25:02:8f: 58:33:df:40:f0:4e:bb:d1:a1:15:78:ce:f4:6d:30:a7:3b:1e: f8:02:da:43:00:a6:8f:0d:a1:2c:a2:2a:71:7b:6f:28:91:77: f4:0f:fa:7e:8d:db:fb:8b:9f:4f:37:48:3b:a9:26:4a:62:a7: b3:b6:bb:c0:98:f3:0b:a4:71:ec:f3:4f:b5:84:a9:35:31:e0: 08:2d:0d:cb:31:ae:2f:c0:c9:e1:85:35:11:3d:6f:2d:e0:82: 99:ce:65:dd:b3:47:8a:6b:4f:7c:7c:27:eb:39:7b:00:de:5e: 89:62:80:6d:91:7e:72:10:b9:7b:1c:5c:4f:d7:53:4b:fc:35: c2:19:51:aa:b7:ba:8f:72:22:61:5a:98:18:ea:32:3a:75:82: c2:5d:23:30:0f:44:8e:be:d8:be:32:54:a4:b2:3e:09:53:2e: bb:ee:b9:12:4a:78:53:1b:5e:d0:08:fa:3a:e3:a5:00:20:61: aa:38:06:09 -----BEGIN CERTIFICATE----- MIIFkjCCBHqgAwIBAgICEyEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MUZBQzMxMTAvBgNVBAUTKDc3NjJBQTgyNzcwMjBEMEJCNUM3NTk5N0RFNUY3RDhB NTE0MkRGMTQwHhcNMjQxMDE4MTcyNTE5WhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NzEyOTlmZi0yYTQ3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxZcV3GatSqAB885D9XtJ2KcVJrl7fBAZfyUgZBjvXjgqNaxQQJTOZYqSVamG VomzUKjA1IR/iq4G7WxzeyS52g9iTmkBWM2xo8f/nU7dy3tnbM3ZsO1z73ZNQsP8 c+xernfQPeynL5SvnCxIKAAhw1iLMeIm/S/RuCGLCFY9HTxd8Zj0ZHM+xMGDSF2Y wyvsilEpH3+q8xrtBkNR14aHaynXXqYoK8boFdVToa0ZHP4mInxLSWe/b3v+jcrz YR1nDex6rHAzAnsUAxHEuXGIY1nuyRvn20AXpjjSqMMtJsU2yKi3LHCF59WzEMf/ wnwCoCIZ8WgFvNEpGrQgt820twIDAQABo4ICtjCCArIwHQYDVR0OBBYEFKlmf9Uj cYEp8MobMxA3nqeo88JEMB8GA1UdIwQYMBaAFHdiqoJ3Ag0LtcdZl95ffYpRQt8U MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExRkFDMy83Qjg2OEMwODlE RjUxMUU4OTU3QUI0MTZDNEY5QUUwMi9kMktxZ25jQ0RRdTF4MW1YM2w5OWlsRkMz eFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2QyS3FnbmNDRFF1MXgxbVgzbDk5aWxGQzN4US5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MUZBQzMvN0I4NjhDMDg5REY1MTFFODk1N0FCNDE2QzRGOUFFMDIvNDMzOEZDNUNG QjU2MTFFQkI3MDMyMDgwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQAYIKwYBBQUHAQcBAf8E MTAvMB4EAgABMBgDBAIr5QwDBAJnMBADBANygvADBAJygvwwDQQCAAIwBwMFACQB 7YAwDQYJKoZIhvcNAQELBQADggEBAJh3rHk9TFrgWtzvmQq/ICtLjP31qP8wDf62 cVN4gScP/MjAmhi6EHkenLG+Qe0hzJsHptlUFsnILfG41E60UCJg70WQsyUCj1gz 30DwTrvRoRV4zvRtMKc7HvgC2kMApo8NoSyiKnF7byiRd/QP+n6N2/uLn083SDup Jkpip7O2u8CY8wukcezzT7WEqTUx4AgtDcsxri/AyeGFNRE9by3ggpnOZd2zR4pr T3x8J+s5ewDeXoligG2RfnIQuXscXE/XU0v8NcIZUaq3uo9yImFamBjqMjp1gsJd IzAPRI6+2L4yVKSyPglTLrvuuRJKeFMbXtAI+jrjpQAgYao4Bgk= -----END CERTIFICATE-----Generated at Fri Nov 22 17:55:38 2024 by rpki-client on console-fra.rpki-client.org