$ rpki-client -vvf rpki.apnic.net/member_repository/A9142127/20F4443A546D11EABDD3C117C4F9AE02/7B3737EE546E11EAAA4CF919C4F9AE02.roa File: 7B3737EE546E11EAAA4CF919C4F9AE02.roa (raw, json) Hash identifier: pxog/yIpMcbu5UbqvnZZnyTuZUYnwnZ5KNWF5EBqQNQ= Subject key identifier: 82:E5:09:39:24:6B:BD:51:7E:09:CC:1C:91:49:E1:3B:61:FD:D5:31 Certificate issuer: /CN=A9142127/serialNumber=415027D8C9298E97DA05C0C43DCD8BAF52174175 Certificate serial: 0A69 Authority key identifier: 41:50:27:D8:C9:29:8E:97:DA:05:C0:C4:3D:CD:8B:AF:52:17:41:75 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QVAn2MkpjpfaBcDEPc2Lr1IXQXU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9142127/20F4443A546D11EABDD3C117C4F9AE02/7B3737EE546E11EAAA4CF919C4F9AE02.roa Signing time: Thu 21 Nov 2024 07:24:58 +0000 ROA not before: Thu 21 Nov 2024 07:24:58 +0000 ROA not after: Wed 28 May 2025 00:00:00 +0000 asID: 4049 IP address blocks: 59.153.20.0/22 maxlen: 24 103.47.3.0/24 maxlen: 24 103.65.244.0/22 maxlen: 24 103.130.76.0/22 maxlen: 24 103.148.132.0/23 maxlen: 24 103.250.198.0/24 maxlen: 24 202.27.113.0/24 maxlen: 24 202.36.150.0/23 maxlen: 24 202.36.152.0/23 maxlen: 24 202.49.20.0/22 maxlen: 24 202.49.24.0/21 maxlen: 24 202.134.32.0/20 maxlen: 24 2406:2b00::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9142127/20F4443A546D11EABDD3C117C4F9AE02/QVAn2MkpjpfaBcDEPc2Lr1IXQXU.crl rsync://rpki.apnic.net/member_repository/A9142127/20F4443A546D11EABDD3C117C4F9AE02/QVAn2MkpjpfaBcDEPc2Lr1IXQXU.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QVAn2MkpjpfaBcDEPc2Lr1IXQXU.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Nov 2024 19:29:01 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2665 (0xa69) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9142127/serialNumber=415027D8C9298E97DA05C0C43DCD8BAF52174175 Validity Not Before: Nov 21 07:24:58 2024 GMT Not After : May 28 00:00:00 2025 GMT Subject: CN=673ee049-c794 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:fc:b0:0e:ec:fd:28:3a:8e:f5:0a:b8:b7:00: 10:79:d5:a9:a3:ed:54:e7:23:22:64:88:30:83:a9: f7:94:dc:f6:61:76:4e:4d:9a:07:46:c1:ea:15:c3: a7:c4:95:0f:df:e0:2a:6a:a5:25:1b:80:55:89:25: 2a:78:75:40:8d:5d:68:bc:ef:d4:09:fb:e5:35:82: f7:df:40:7e:45:28:67:15:aa:58:18:68:f2:14:5e: 3c:12:16:34:a9:50:e9:61:1e:c7:f0:7a:9d:52:c3: 0a:df:e1:69:b0:8e:6b:8b:c9:03:81:3d:79:84:01: b4:b2:29:60:34:59:3f:65:9e:92:59:62:50:eb:be: 42:f4:68:e7:51:8c:45:b7:24:93:d3:2b:c2:ce:20: c0:3a:65:aa:4e:55:8b:e2:cd:00:12:e7:c4:83:33: a1:7c:7f:1c:87:17:72:f2:a8:8a:1d:6f:36:a2:db: e8:46:41:0a:c5:5d:e2:7a:f8:38:48:41:9f:5d:86: 02:26:e1:d1:36:53:86:fe:b8:b2:3c:37:90:84:ac: 1d:24:98:39:16:97:2a:3a:9e:5e:9b:32:74:b3:79: 60:e8:41:c1:52:99:50:2a:67:14:a3:5d:ec:d3:c2: 96:b5:46:c9:21:ea:75:97:a4:e4:5d:83:a5:45:20: e9:ab Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 82:E5:09:39:24:6B:BD:51:7E:09:CC:1C:91:49:E1:3B:61:FD:D5:31 X509v3 Authority Key Identifier: keyid:41:50:27:D8:C9:29:8E:97:DA:05:C0:C4:3D:CD:8B:AF:52:17:41:75 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9142127/20F4443A546D11EABDD3C117C4F9AE02/QVAn2MkpjpfaBcDEPc2Lr1IXQXU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QVAn2MkpjpfaBcDEPc2Lr1IXQXU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9142127/20F4443A546D11EABDD3C117C4F9AE02/7B3737EE546E11EAAA4CF919C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 59.153.20.0/22 103.47.3.0/24 103.65.244.0/22 103.130.76.0/22 103.148.132.0/23 103.250.198.0/24 202.27.113.0/24 202.36.150.0-202.36.153.255 202.49.20.0-202.49.31.255 202.134.32.0/20 IPv6: 2406:2b00::/32 Signature Algorithm: sha256WithRSAEncryption 19:54:2a:01:d0:97:ac:a8:46:b7:72:6a:93:39:5f:fa:a3:5a: e8:0e:36:f1:42:29:98:7b:4d:61:1e:2d:89:81:d7:e3:96:1c: 3e:5a:7a:7f:01:26:75:67:1e:8e:c4:3a:13:3d:c8:d5:b1:af: 59:3d:47:89:c1:99:ac:c2:5a:95:93:15:2a:2a:99:c7:7c:7f: 8e:7f:2b:44:37:6e:0d:dc:de:bb:52:f7:04:b2:08:cb:e9:32: a5:7a:d7:69:e3:b1:bd:e0:fe:a3:fa:62:98:38:71:b3:68:fd: 98:96:97:b0:f4:13:7c:2e:1c:fd:2b:12:1c:10:63:77:22:ed: 76:68:35:3b:83:45:a3:65:d4:72:81:66:40:39:8d:19:f0:7f: 13:b4:d7:b6:03:bd:36:98:2c:97:b4:34:49:d7:a5:30:a5:e5: 65:eb:dd:e8:f6:40:52:e4:5c:45:6e:7d:c4:3e:0d:55:85:3f: 9c:3b:e8:c7:b7:9e:a9:9c:08:5d:4a:c3:a5:6e:04:dd:bd:70: c6:60:6c:3e:a3:e2:a4:48:91:f9:48:18:11:f0:5b:60:0e:3e: b6:03:65:19:3f:81:36:52:10:60:d0:67:c9:8a:7d:b4:d6:8e: d1:00:fc:57:af:f5:7e:fb:77:5c:3f:b2:8d:c9:4e:72:30:6c: 9d:04:aa:88 -----BEGIN CERTIFICATE----- MIIFxjCCBK6gAwIBAgICCmkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDIxMjcxMTAvBgNVBAUTKDQxNTAyN0Q4QzkyOThFOTdEQTA1QzBDNDNEQ0Q4QkFG NTIxNzQxNzUwHhcNMjQxMTIxMDcyNDU4WhcNMjUwNTI4MDAwMDAwWjAYMRYwFAYD VQQDEw02NzNlZTA0OS1jNzk0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAuPywDuz9KDqO9Qq4twAQedWpo+1U5yMiZIgwg6n3lNz2YXZOTZoHRsHqFcOn xJUP3+AqaqUlG4BViSUqeHVAjV1ovO/UCfvlNYL330B+RShnFapYGGjyFF48EhY0 qVDpYR7H8HqdUsMK3+FpsI5ri8kDgT15hAG0silgNFk/ZZ6SWWJQ675C9GjnUYxF tyST0yvCziDAOmWqTlWL4s0AEufEgzOhfH8chxdy8qiKHW82otvoRkEKxV3ievg4 SEGfXYYCJuHRNlOG/riyPDeQhKwdJJg5FpcqOp5emzJ0s3lg6EHBUplQKmcUo13s 08KWtUbJIep1l6TkXYOlRSDpqwIDAQABo4IC6jCCAuYwHQYDVR0OBBYEFILlCTkk a71RfgnMHJFJ4Tth/dUxMB8GA1UdIwQYMBaAFEFQJ9jJKY6X2gXAxD3Ni69SF0F1 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0MjEyNy8yMEY0NDQzQTU0 NkQxMUVBQkREM0MxMTdDNEY5QUUwMi9RVkFuMk1rcGpwZmFCY0RFUGMyTHIxSVhR WFUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1FWQW4yTWtwanBmYUJjREVQYzJMcjFJWFFYVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NDIxMjcvMjBGNDQ0M0E1NDZEMTFFQUJERDNDMTE3QzRGOUFFMDIvN0IzNzM3RUU1 NDZFMTFFQUFBNENGOTE5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwdAYIKwYBBQUHAQcBAf8E ZTBjMFIEAgABMEwDBAI7mRQDBABnLwMDBAJnQfQDBAJngkwDBAFnlIQDBABn+sYD BADKG3EwDAMEAcoklgMEAcokmDAMAwQCyjEUAwQFyjEAAwQEyoYgMA0EAgACMAcD BQAkBisAMA0GCSqGSIb3DQEBCwUAA4IBAQAZVCoB0JesqEa3cmqTOV/6o1roDjbx QimYe01hHi2Jgdfjlhw+Wnp/ASZ1Zx6OxDoTPcjVsa9ZPUeJwZmswlqVkxUqKpnH fH+OfytEN24N3N67UvcEsgjL6TKletdp47G94P6j+mKYOHGzaP2Ylpew9BN8Lhz9 KxIcEGN3Iu12aDU7g0WjZdRygWZAOY0Z8H8TtNe2A702mCyXtDRJ16UwpeVl693o 9kBS5FxFbn3EPg1VhT+cO+jHt56pnAhdSsOlbgTdvXDGYGw+o+KkSJH5SBgR8Ftg Dj62A2UZP4E2UhBg0GfJin201o7RAPxXr/V++3dcP7KNyU5yMGydBKqI -----END CERTIFICATE-----Generated at Fri Nov 22 22:14:25 2024 by rpki-client on console-ams.rpki-client.org