$ rpki-client -vvf rpki.apnic.net/member_repository/A9144FDD/28FB2484BC3011EABBE0EC55C4F9AE02/E89C37B0BC3011EA840E2A56C4F9AE02.roa File: E89C37B0BC3011EA840E2A56C4F9AE02.roa (raw, json) Hash identifier: NzvTs3zIe73PasojqMTCLNGA0IFkzqeVPfgkS5AtV4E= Subject key identifier: CF:B6:4A:75:47:D0:8A:47:55:47:F5:9D:56:D6:12:E8:BE:33:D7:2B Certificate issuer: /CN=A9144FDD/serialNumber=F16E080AEF193F5D59EA2A19ED5A6D75282A0C84 Certificate serial: 07A8 Authority key identifier: F1:6E:08:0A:EF:19:3F:5D:59:EA:2A:19:ED:5A:6D:75:28:2A:0C:84 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8W4ICu8ZP11Z6ioZ7VptdSgqDIQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9144FDD/28FB2484BC3011EABBE0EC55C4F9AE02/E89C37B0BC3011EA840E2A56C4F9AE02.roa Signing time: Fri 02 Feb 2024 21:59:43 +0000 ROA not before: Fri 02 Feb 2024 21:59:43 +0000 ROA not after: Thu 01 May 2025 00:00:00 +0000 asID: 9919 IP address blocks: 103.224.57.0/24 maxlen: 24 103.224.58.0/24 maxlen: 24 202.58.28.0/24 maxlen: 24 202.58.29.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9144FDD/28FB2484BC3011EABBE0EC55C4F9AE02/8W4ICu8ZP11Z6ioZ7VptdSgqDIQ.crl rsync://rpki.apnic.net/member_repository/A9144FDD/28FB2484BC3011EABBE0EC55C4F9AE02/8W4ICu8ZP11Z6ioZ7VptdSgqDIQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8W4ICu8ZP11Z6ioZ7VptdSgqDIQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 01 Dec 2024 17:11:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1960 (0x7a8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9144FDD/serialNumber=F16E080AEF193F5D59EA2A19ED5A6D75282A0C84 Validity Not Before: Feb 2 21:59:43 2024 GMT Not After : May 1 00:00:00 2025 GMT Subject: CN=65bd65cf-fef8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:01:e8:5b:cc:51:82:c1:41:09:a7:86:48:22: bc:1c:0b:49:13:0c:13:f6:db:57:b7:f1:99:7b:ea: 26:dc:09:18:23:d2:d1:39:61:30:3d:1e:b8:74:0f: 5a:97:a4:f6:95:a2:2b:45:6d:ce:fa:aa:4f:93:41: b1:08:c9:b9:57:93:c7:0d:6f:08:02:03:7f:f4:b1: 0c:d5:1e:be:93:ca:43:0d:49:95:20:fa:06:9f:9d: 2f:45:0b:48:d0:21:da:ea:18:8f:8e:24:68:0c:f2: c7:c7:35:fc:87:db:74:7c:54:c5:ec:13:96:f1:46: 8d:15:a1:76:33:a7:28:37:7b:95:49:07:44:f9:96: e0:e4:06:b8:c3:9f:45:7f:52:ef:00:2a:b0:83:d3: 6e:13:b7:05:0f:61:41:55:09:37:d3:a4:90:21:dd: 04:f4:f5:35:6d:20:c1:05:b8:a7:df:ad:95:a8:56: 64:8a:84:61:28:8c:05:75:98:3e:03:41:f2:47:bb: e4:46:79:96:c2:bf:09:7f:ef:e1:c2:01:99:cb:fd: 30:8e:42:10:67:f9:1c:97:aa:ca:ad:56:6a:43:c3: 28:4c:fe:6a:51:1f:02:bf:99:56:6a:49:31:4e:f3: 11:7d:80:52:c2:aa:2b:67:b8:78:96:a0:1b:53:ef: a1:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CF:B6:4A:75:47:D0:8A:47:55:47:F5:9D:56:D6:12:E8:BE:33:D7:2B X509v3 Authority Key Identifier: keyid:F1:6E:08:0A:EF:19:3F:5D:59:EA:2A:19:ED:5A:6D:75:28:2A:0C:84 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9144FDD/28FB2484BC3011EABBE0EC55C4F9AE02/8W4ICu8ZP11Z6ioZ7VptdSgqDIQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8W4ICu8ZP11Z6ioZ7VptdSgqDIQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9144FDD/28FB2484BC3011EABBE0EC55C4F9AE02/E89C37B0BC3011EA840E2A56C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.224.57.0-103.224.58.255 202.58.28.0/23 Signature Algorithm: sha256WithRSAEncryption b6:d2:61:dd:40:9f:f1:dc:24:7c:6a:25:68:f1:13:d7:d7:e4: 90:3b:11:b7:e2:12:02:87:c1:69:6d:4e:e8:0a:7b:02:e5:fa: 4a:d8:07:2f:78:1a:cc:2c:ea:14:8d:33:0b:1c:3a:99:48:fa: 48:a9:76:0c:0c:99:45:5d:e0:b2:96:58:08:2f:b5:93:5b:3f: 64:b1:34:54:79:40:ef:c2:23:d8:cb:2e:ef:eb:35:85:49:07: af:fc:a3:eb:ab:2f:fb:48:a2:ef:0c:e4:28:e7:28:7b:92:05: f5:f4:7b:32:f0:af:ab:56:b9:f5:3f:c5:fa:f4:24:f9:e4:92: 4d:9e:2f:07:7d:d7:c0:f7:b5:c5:30:fa:97:42:43:75:15:fc: 74:57:89:05:6b:49:47:dd:cf:1f:52:be:6c:9d:53:b2:4b:4c: 66:7e:7d:d3:8f:94:e6:35:7d:2d:9b:1c:96:2b:fb:03:b9:cc: 0e:46:88:f9:7c:f6:d0:02:dc:7e:af:86:b5:fd:37:ff:1e:f9: 8f:16:23:ad:44:7f:1d:14:5b:19:d7:93:38:68:d6:6b:b6:2b: 45:c2:a0:f7:99:48:3b:6f:68:a4:9c:5b:f1:4f:25:b9:6e:b9: aa:7d:c6:7b:cd:d8:e2:34:8f:83:6b:43:de:0a:18:36:6c:72: 55:d7:b3:b7 -----BEGIN CERTIFICATE----- MIIFfzCCBGegAwIBAgICB6gwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDRGREQxMTAvBgNVBAUTKEYxNkUwODBBRUYxOTNGNUQ1OUVBMkExOUVENUE2RDc1 MjgyQTBDODQwHhcNMjQwMjAyMjE1OTQzWhcNMjUwNTAxMDAwMDAwWjAYMRYwFAYD VQQDEw02NWJkNjVjZi1mZWY4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEArAHoW8xRgsFBCaeGSCK8HAtJEwwT9ttXt/GZe+om3AkYI9LROWEwPR64dA9a l6T2laIrRW3O+qpPk0GxCMm5V5PHDW8IAgN/9LEM1R6+k8pDDUmVIPoGn50vRQtI 0CHa6hiPjiRoDPLHxzX8h9t0fFTF7BOW8UaNFaF2M6coN3uVSQdE+Zbg5Aa4w59F f1LvACqwg9NuE7cFD2FBVQk306SQId0E9PU1bSDBBbin362VqFZkioRhKIwFdZg+ A0HyR7vkRnmWwr8Jf+/hwgGZy/0wjkIQZ/kcl6rKrVZqQ8MoTP5qUR8Cv5lWakkx TvMRfYBSwqorZ7h4lqAbU++hZQIDAQABo4ICozCCAp8wHQYDVR0OBBYEFM+2SnVH 0IpHVUf1nVbWEui+M9crMB8GA1UdIwQYMBaAFPFuCArvGT9dWeoqGe1abXUoKgyE MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0NEZERC8yOEZCMjQ4NEJD MzAxMUVBQkJFMEVDNTVDNEY5QUUwMi84VzRJQ3U4WlAxMVo2aW9aN1ZwdGRTZ3FE SVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzhXNElDdThaUDExWjZpb1o3VnB0ZFNncURJUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NDRGREQvMjhGQjI0ODRCQzMwMTFFQUJCRTBFQzU1QzRGOUFFMDIvRTg5QzM3QjBC QzMwMTFFQTg0MEUyQTU2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLQYIKwYBBQUHAQcBAf8E HjAcMBoEAgABMBQwDAMEAGfgOQMEAGfgOgMEAco6HDANBgkqhkiG9w0BAQsFAAOC AQEAttJh3UCf8dwkfGolaPET19fkkDsRt+ISAofBaW1O6Ap7AuX6StgHL3gazCzq FI0zCxw6mUj6SKl2DAyZRV3gspZYCC+1k1s/ZLE0VHlA78Ij2Msu7+s1hUkHr/yj 66sv+0ii7wzkKOcoe5IF9fR7MvCvq1a59T/F+vQk+eSSTZ4vB33XwPe1xTD6l0JD dRX8dFeJBWtJR93PH1K+bJ1TsktMZn5904+U5jV9LZscliv7A7nMDkaI+Xz20ALc fq+Gtf03/x75jxYjrUR/HRRbGdeTOGjWa7YrRcKg95lIO29opJxb8U8luW65qn3G e83Y4jSPg2tD3goYNmxyVdeztw== -----END CERTIFICATE-----Generated at Sun Nov 24 21:45:01 2024 by rpki-client on console-ams.rpki-client.org