$ rpki-client -vvf rpki.apnic.net/member_repository/A912296A/C59659B0936B11EE9E4C3885C4F9AE02/4A426668936C11EEBE0C2786C4F9AE02.roa File: 4A426668936C11EEBE0C2786C4F9AE02.roa (raw, json) Hash identifier: 51Cgnd7L929YsdYeHMQakHz8pXfhQg7XBbfSBPJ2XYM= Subject key identifier: 99:FD:F7:40:0F:81:F8:08:D7:5A:EC:57:B0:F8:3C:92:F4:AD:E8:73 Certificate issuer: /CN=A912296A/serialNumber=F193604695146EBE1DBF73FDE0EB6621FD9FB8F9 Certificate serial: AD Authority key identifier: F1:93:60:46:95:14:6E:BE:1D:BF:73:FD:E0:EB:66:21:FD:9F:B8:F9 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8ZNgRpUUbr4dv3P94OtmIf2fuPk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A912296A/C59659B0936B11EE9E4C3885C4F9AE02/4A426668936C11EEBE0C2786C4F9AE02.roa Signing time: Tue 29 Oct 2024 05:01:24 +0000 ROA not before: Tue 29 Oct 2024 05:01:24 +0000 ROA not after: Tue 30 Dec 2025 00:00:00 +0000 asID: 62856 IP address blocks: 103.158.122.0/23 maxlen: 23 103.158.122.0/24 maxlen: 24 103.158.123.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A912296A/C59659B0936B11EE9E4C3885C4F9AE02/8ZNgRpUUbr4dv3P94OtmIf2fuPk.crl rsync://rpki.apnic.net/member_repository/A912296A/C59659B0936B11EE9E4C3885C4F9AE02/8ZNgRpUUbr4dv3P94OtmIf2fuPk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8ZNgRpUUbr4dv3P94OtmIf2fuPk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 28 Nov 2024 04:11:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 173 (0xad) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A912296A/serialNumber=F193604695146EBE1DBF73FDE0EB6621FD9FB8F9 Validity Not Before: Oct 29 05:01:24 2024 GMT Not After : Dec 30 00:00:00 2025 GMT Subject: CN=67206c23-abc8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e3:4e:d4:48:2b:dd:e0:c7:7f:4b:42:c8:9e:10: 65:31:5f:9e:45:85:3f:18:e2:78:09:f5:83:87:5a: be:5a:41:c6:50:33:4e:0e:97:2f:0b:c1:48:96:f2: 3c:6c:7a:d9:45:61:02:d0:7a:da:d9:d8:f3:d9:cc: 03:64:19:91:16:0c:6a:d5:31:b8:90:a9:2f:4b:77: d8:55:6b:08:32:fe:58:16:04:fe:06:17:97:12:4a: 28:0c:8e:9c:a3:e0:12:f9:d4:bc:a1:1f:df:2c:11: 5e:14:c2:ca:66:c7:9a:cd:47:fb:bb:a7:c1:fa:41: a9:ab:3f:9c:37:7b:f7:3f:58:d9:cf:40:1a:34:fe: ca:a6:92:7d:b5:e9:91:e9:d7:49:01:12:61:08:61: a6:2a:47:e7:9c:1d:0a:94:fb:26:6f:8f:5f:15:ff: 16:5d:45:a3:d3:01:5a:30:a3:c9:da:28:66:ba:73: 88:53:93:b2:8d:c4:82:b9:32:0b:7f:f7:b6:fb:b0: 23:89:d5:b8:76:3e:38:ba:a6:94:d4:01:7e:b4:f0: 22:63:49:da:d4:30:5f:f4:08:fb:5d:b8:a9:e9:7e: 1a:00:18:a4:f0:47:25:fb:b6:55:d7:73:5a:c7:a6: 80:cd:ac:42:76:e0:4c:da:60:d3:a5:fa:54:05:c2: 6d:47 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 99:FD:F7:40:0F:81:F8:08:D7:5A:EC:57:B0:F8:3C:92:F4:AD:E8:73 X509v3 Authority Key Identifier: keyid:F1:93:60:46:95:14:6E:BE:1D:BF:73:FD:E0:EB:66:21:FD:9F:B8:F9 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A912296A/C59659B0936B11EE9E4C3885C4F9AE02/8ZNgRpUUbr4dv3P94OtmIf2fuPk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8ZNgRpUUbr4dv3P94OtmIf2fuPk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912296A/C59659B0936B11EE9E4C3885C4F9AE02/4A426668936C11EEBE0C2786C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.158.122.0/23 Signature Algorithm: sha256WithRSAEncryption 58:67:86:c9:70:91:a8:bf:25:a5:4d:88:59:13:84:52:81:96: 5b:ed:31:90:49:d4:d0:76:88:f2:4b:16:31:41:4c:36:19:ae: 74:d2:9d:70:91:00:ec:7a:cc:b3:4f:fc:00:67:d6:b1:5c:5b: e9:69:d4:cf:c8:e4:0e:9d:70:f7:4c:d2:9a:de:2f:41:b5:8b: 8d:ea:b5:81:99:e0:c0:32:5b:f9:7b:f6:a7:97:7b:87:94:c9: 97:4c:94:04:97:9c:4c:e4:f9:54:93:1f:8f:3e:13:3e:bc:7b: d4:bf:bc:74:9f:98:8d:cc:e8:0f:94:34:7b:94:7a:dd:80:15: 9d:ca:5a:57:3a:00:61:8f:0a:cb:96:52:59:66:49:8e:48:15: 31:2b:fa:4f:a9:93:72:e5:da:70:0a:9f:e7:36:d8:52:38:6f: e7:97:3e:64:06:a2:12:6c:fe:ff:7d:60:9f:37:99:d1:63:92: a1:9b:26:b2:8c:40:e5:38:fd:0c:03:77:50:9e:ae:f4:4e:c7: 82:bc:9c:07:dc:da:42:66:be:68:03:c6:42:56:8c:55:59:88: f3:5f:4d:8c:6d:41:81:06:2c:d6:90:93:7f:da:df:53:81:69: a5:d8:ee:f7:d8:00:1a:dd:9e:a3:d2:82:9b:26:a6:a0:c1:49: df:c6:84:37 -----BEGIN CERTIFICATE----- MIIFcTCCBFmgAwIBAgICAK0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MjI5NkExMTAvBgNVBAUTKEYxOTM2MDQ2OTUxNDZFQkUxREJGNzNGREUwRUI2NjIx RkQ5RkI4RjkwHhcNMjQxMDI5MDUwMTI0WhcNMjUxMjMwMDAwMDAwWjAYMRYwFAYD VQQDEw02NzIwNmMyMy1hYmM4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA407USCvd4Md/S0LInhBlMV+eRYU/GOJ4CfWDh1q+WkHGUDNODpcvC8FIlvI8 bHrZRWEC0Hra2djz2cwDZBmRFgxq1TG4kKkvS3fYVWsIMv5YFgT+BheXEkooDI6c o+AS+dS8oR/fLBFeFMLKZseazUf7u6fB+kGpqz+cN3v3P1jZz0AaNP7KppJ9temR 6ddJARJhCGGmKkfnnB0KlPsmb49fFf8WXUWj0wFaMKPJ2ihmunOIU5OyjcSCuTIL f/e2+7AjidW4dj44uqaU1AF+tPAiY0na1DBf9Aj7Xbip6X4aABik8Ecl+7ZV13Na x6aAzaxCduBM2mDTpfpUBcJtRwIDAQABo4IClTCCApEwHQYDVR0OBBYEFJn990AP gfgI11rsV7D4PJL0rehzMB8GA1UdIwQYMBaAFPGTYEaVFG6+Hb9z/eDrZiH9n7j5 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyMjk2QS9DNTk2NTlCMDkz NkIxMUVFOUU0QzM4ODVDNEY5QUUwMi84Wk5nUnBVVWJyNGR2M1A5NE90bUlmMmZ1 UGsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzhaTmdScFVVYnI0ZHYzUDk0T3RtSWYyZnVQay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MjI5NkEvQzU5NjU5QjA5MzZCMTFFRTlFNEMzODg1QzRGOUFFMDIvNEE0MjY2Njg5 MzZDMTFFRUJFMEMyNzg2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E EDAOMAwEAgABMAYDBAFnnnowDQYJKoZIhvcNAQELBQADggEBAFhnhslwkai/JaVN iFkThFKBllvtMZBJ1NB2iPJLFjFBTDYZrnTSnXCRAOx6zLNP/ABn1rFcW+lp1M/I 5A6dcPdM0preL0G1i43qtYGZ4MAyW/l79qeXe4eUyZdMlASXnEzk+VSTH48+Ez68 e9S/vHSfmI3M6A+UNHuUet2AFZ3KWlc6AGGPCsuWUllmSY5IFTEr+k+pk3Ll2nAK n+c22FI4b+eXPmQGohJs/v99YJ83mdFjkqGbJrKMQOU4/QwDd1CervROx4K8nAfc 2kJmvmgDxkJWjFVZiPNfTYxtQYEGLNaQk3/a31OBaaXY7vfYABrdnqPSgpsmpqDB Sd/GhDc= -----END CERTIFICATE-----Generated at Thu Nov 21 05:37:01 2024 by rpki-client on console-ams.rpki-client.org