$ rpki-client -vvf rpki.apnic.net/member_repository/A9144160/DD6571A64F9211E9AD10AA13C4F9AE02/378459525C6511E989D03610C4F9AE02.roa File: 378459525C6511E989D03610C4F9AE02.roa (raw, json) Hash identifier: SpnN7c6eHl0EYy2wtohXpO+pAN3jiA1sdoHCwMdNrVo= Subject key identifier: 93:3F:47:32:66:15:83:D8:40:FF:99:E1:6D:03:1A:88:E8:5E:36:24 Certificate issuer: /CN=A9144160/serialNumber=FD7450B118150A9B214F1A0BEEDF3E3B26FED04B Certificate serial: 0EB8 Authority key identifier: FD:74:50:B1:18:15:0A:9B:21:4F:1A:0B:EE:DF:3E:3B:26:FE:D0:4B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_XRQsRgVCpshTxoL7t8-Oyb-0Es.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9144160/DD6571A64F9211E9AD10AA13C4F9AE02/378459525C6511E989D03610C4F9AE02.roa Signing time: Sun 22 Oct 2023 18:06:03 +0000 ROA not before: Sun 22 Oct 2023 18:06:03 +0000 ROA not after: Fri 31 Jan 2025 00:00:00 +0000 asID: 138431 IP address blocks: 103.125.96.0/22 maxlen: 22 103.125.96.0/24 maxlen: 24 103.125.97.0/24 maxlen: 24 103.125.98.0/24 maxlen: 24 103.125.99.0/24 maxlen: 24 2403:f0c0::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9144160/DD6571A64F9211E9AD10AA13C4F9AE02/_XRQsRgVCpshTxoL7t8-Oyb-0Es.crl rsync://rpki.apnic.net/member_repository/A9144160/DD6571A64F9211E9AD10AA13C4F9AE02/_XRQsRgVCpshTxoL7t8-Oyb-0Es.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_XRQsRgVCpshTxoL7t8-Oyb-0Es.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 04 Jun 2024 18:10:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3768 (0xeb8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9144160/serialNumber=FD7450B118150A9B214F1A0BEEDF3E3B26FED04B Validity Not Before: Oct 22 18:06:03 2023 GMT Not After : Jan 31 00:00:00 2025 GMT Subject: CN=6535648a-2756 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ea:b4:5f:89:f9:bc:0b:a1:77:9b:59:5b:76:69: e0:43:e2:91:80:44:50:07:9b:89:95:5c:ed:cd:c1: 9d:1d:eb:de:66:bc:2b:7f:f4:07:4c:76:15:5f:52: 67:f4:c8:95:1e:05:f9:72:15:c9:3d:2a:2e:9c:1f: e7:c5:f0:68:a8:69:b8:13:8e:5e:32:cf:e5:6a:e6: 83:6f:66:c9:55:1c:f1:c5:0f:4f:f0:47:b1:73:dd: 17:8f:ec:21:a4:a5:4f:56:fd:fd:77:7a:fb:7c:39: 98:be:5b:ef:b9:9f:58:2b:00:89:7f:89:6b:d7:a7: 97:05:14:22:91:9f:40:b2:de:48:ad:9d:91:2d:4e: 9d:50:c8:2a:3d:8e:96:c3:c1:3f:ba:33:ab:5f:75: 73:fb:68:2a:6d:82:72:d4:bd:b9:c1:a5:8a:d6:8d: 82:5b:5e:63:8b:29:98:61:0d:24:5a:2d:50:a6:f9: 95:a0:e5:d5:53:18:6b:a0:1b:45:6d:23:bc:2c:46: 73:dd:cb:4a:52:3e:6a:79:4f:8e:ef:d3:d9:fa:1e: 78:4f:1b:d9:c9:9c:bc:e7:d0:9c:2e:fd:e0:1b:5b: 09:96:75:39:0c:3a:80:c8:82:40:80:dc:da:59:18: 4f:76:6f:b8:cf:e0:67:cd:b6:11:37:8e:47:0d:e5: 10:3d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 93:3F:47:32:66:15:83:D8:40:FF:99:E1:6D:03:1A:88:E8:5E:36:24 X509v3 Authority Key Identifier: keyid:FD:74:50:B1:18:15:0A:9B:21:4F:1A:0B:EE:DF:3E:3B:26:FE:D0:4B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9144160/DD6571A64F9211E9AD10AA13C4F9AE02/_XRQsRgVCpshTxoL7t8-Oyb-0Es.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_XRQsRgVCpshTxoL7t8-Oyb-0Es.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9144160/DD6571A64F9211E9AD10AA13C4F9AE02/378459525C6511E989D03610C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.125.96.0/22 IPv6: 2403:f0c0::/32 Signature Algorithm: sha256WithRSAEncryption 25:e5:47:94:95:bd:64:7e:79:cd:49:2c:9f:70:4c:04:1e:22: 7c:96:f9:8d:ad:89:8f:cb:74:c1:48:88:8e:f1:e4:d8:a4:eb: ea:b9:fd:b1:bb:61:10:57:93:10:38:e0:7e:9f:3c:11:21:b4: bf:e9:72:f5:18:51:2e:ac:01:53:86:67:48:14:12:8f:af:b8: c9:4a:39:f9:12:dd:95:fc:3a:9f:4b:ad:86:7a:19:d6:ca:c6: c5:53:0d:b2:c4:60:9f:eb:18:55:a9:7d:85:0e:4a:38:cf:ca: 0e:0e:e0:e3:2d:6a:5e:46:42:ca:b1:86:a4:82:74:76:d5:0a: a7:fa:dc:50:3f:42:8f:92:fc:89:42:75:77:f0:91:9c:96:70: e7:f4:96:9d:f1:fc:07:b5:57:e6:bf:5e:10:a4:48:3d:a3:18: 9d:56:dc:bf:ab:9a:09:6a:c2:15:74:4d:e9:18:64:74:5d:ce: e4:0d:eb:16:93:f7:db:ae:6b:8f:74:c7:22:99:d9:88:00:9c: e9:15:56:c6:6b:a0:d7:c2:dc:fb:26:dd:d1:e0:b5:bb:7d:2b: 21:31:25:dd:c3:9a:c1:00:77:49:2e:78:d0:da:67:e4:59:c7: a7:9e:5f:a7:44:8d:52:74:67:42:ba:7b:da:9a:82:e1:eb:41: a7:cc:c3:40 -----BEGIN CERTIFICATE----- MIIFgDCCBGigAwIBAgICDrgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDQxNjAxMTAvBgNVBAUTKEZENzQ1MEIxMTgxNTBBOUIyMTRGMUEwQkVFREYzRTNC MjZGRUQwNEIwHhcNMjMxMDIyMTgwNjAzWhcNMjUwMTMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NTM1NjQ4YS0yNzU2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA6rRfifm8C6F3m1lbdmngQ+KRgERQB5uJlVztzcGdHeveZrwrf/QHTHYVX1Jn 9MiVHgX5chXJPSounB/nxfBoqGm4E45eMs/lauaDb2bJVRzxxQ9P8Eexc90Xj+wh pKVPVv39d3r7fDmYvlvvuZ9YKwCJf4lr16eXBRQikZ9Ast5IrZ2RLU6dUMgqPY6W w8E/ujOrX3Vz+2gqbYJy1L25waWK1o2CW15jiymYYQ0kWi1QpvmVoOXVUxhroBtF bSO8LEZz3ctKUj5qeU+O79PZ+h54TxvZyZy859CcLv3gG1sJlnU5DDqAyIJAgNza WRhPdm+4z+BnzbYRN45HDeUQPQIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFJM/RzJm FYPYQP+Z4W0DGojoXjYkMB8GA1UdIwQYMBaAFP10ULEYFQqbIU8aC+7fPjsm/tBL MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0NDE2MC9ERDY1NzFBNjRG OTIxMUU5QUQxMEFBMTNDNEY5QUUwMi9fWFJRc1JnVkNwc2hUeG9MN3Q4LU95Yi0w RXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL19YUlFzUmdWQ3BzaFR4b0w3dDgtT3liLTBFcy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NDQxNjAvREQ2NTcxQTY0RjkyMTFFOUFEMTBBQTEzQzRGOUFFMDIvMzc4NDU5NTI1 QzY1MTFFOTg5RDAzNjEwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E HzAdMAwEAgABMAYDBAJnfWAwDQQCAAIwBwMFACQD8MAwDQYJKoZIhvcNAQELBQAD ggEBACXlR5SVvWR+ec1JLJ9wTAQeInyW+Y2tiY/LdMFIiI7x5Nik6+q5/bG7YRBX kxA44H6fPBEhtL/pcvUYUS6sAVOGZ0gUEo+vuMlKOfkS3ZX8Op9LrYZ6GdbKxsVT DbLEYJ/rGFWpfYUOSjjPyg4O4OMtal5GQsqxhqSCdHbVCqf63FA/Qo+S/IlCdXfw kZyWcOf0lp3x/Ae1V+a/XhCkSD2jGJ1W3L+rmglqwhV0TekYZHRdzuQN6xaT99uu a490xyKZ2YgAnOkVVsZroNfC3Psm3dHgtbt9KyExJd3DmsEAd0kueNDaZ+RZx6ee X6dEjVJ0Z0K6e9qaguHrQafMw0A= -----END CERTIFICATE-----Generated at Tue May 28 19:32:21 2024 by rpki-client on console-ams.rpki-client.org