$ rpki-client -vvf rpki.apnic.net/member_repository/A9145519/AD08AF26E45C11E68CEDFA3EC4F9AE02/78D1DAC8E45E11E681F82341C4F9AE02.roa File: 78D1DAC8E45E11E681F82341C4F9AE02.roa (raw, json) Hash identifier: jEW0rvFWrshrI6nnbch+pPJSlwmUj1jfiBu+KwKgm1k= Subject key identifier: F2:12:81:BE:93:76:71:65:91:02:47:46:01:BD:E3:0C:B3:F4:0B:97 Certificate issuer: /CN=A9145519/serialNumber=7D6A330F0D01249427C7FC9DDDDCF4A828760B06 Certificate serial: 1BCE Authority key identifier: 7D:6A:33:0F:0D:01:24:94:27:C7:FC:9D:DD:DC:F4:A8:28:76:0B:06 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fWozDw0BJJQnx_yd3dz0qCh2CwY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9145519/AD08AF26E45C11E68CEDFA3EC4F9AE02/78D1DAC8E45E11E681F82341C4F9AE02.roa Signing time: Sat 12 Oct 2024 16:24:23 +0000 ROA not before: Sat 12 Oct 2024 16:24:23 +0000 ROA not after: Tue 30 Dec 2025 00:00:00 +0000 asID: 132167 IP address blocks: 43.224.84.0/22 maxlen: 22 43.224.84.0/24 maxlen: 24 43.224.85.0/24 maxlen: 24 43.224.86.0/24 maxlen: 24 103.242.96.0/22 maxlen: 22 103.242.97.0/24 maxlen: 24 103.242.98.0/24 maxlen: 24 103.242.99.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9145519/AD08AF26E45C11E68CEDFA3EC4F9AE02/fWozDw0BJJQnx_yd3dz0qCh2CwY.crl rsync://rpki.apnic.net/member_repository/A9145519/AD08AF26E45C11E68CEDFA3EC4F9AE02/fWozDw0BJJQnx_yd3dz0qCh2CwY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fWozDw0BJJQnx_yd3dz0qCh2CwY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Nov 2024 16:13:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7118 (0x1bce) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9145519/serialNumber=7D6A330F0D01249427C7FC9DDDDCF4A828760B06 Validity Not Before: Oct 12 16:24:23 2024 GMT Not After : Dec 30 00:00:00 2025 GMT Subject: CN=670aa2b7-5fdc Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:4a:57:31:a8:70:da:b1:da:79:9f:1d:b8:c1: 18:c8:1b:97:89:52:b1:5a:69:15:ab:f0:99:91:70: 16:e6:eb:9a:fa:0c:a2:50:bf:f2:13:f1:6e:b6:68: 5d:72:b8:dd:b8:0d:89:a8:31:7b:1b:85:e2:72:66: 62:08:59:f8:01:3d:bb:0e:9e:a0:fd:3e:f7:64:7a: 5d:58:33:22:59:e9:a9:e8:35:07:03:81:fa:4e:f2: 89:06:74:c5:fc:6b:82:ac:e5:1b:a7:d4:3c:d4:6b: e6:0c:0d:57:7e:92:5b:58:02:69:0d:1d:d9:55:59: 6b:39:35:bd:08:1f:b5:e6:c9:97:59:55:7e:aa:1a: 8f:25:ae:60:4e:37:80:7d:d3:7e:6a:73:e5:ee:08: 31:15:39:61:4e:bb:00:7b:52:0f:35:39:de:7e:aa: 9a:54:04:01:1a:82:4c:4d:2d:5f:7e:c0:cd:f8:d3: ed:89:61:b3:00:4e:89:6a:5a:3c:f7:d9:3d:e7:ed: 46:dd:31:8e:6a:ba:04:36:73:bf:5b:e1:19:f0:94: 33:2c:48:fc:ad:07:db:d5:5c:dc:d7:5e:a8:7c:cc: c9:d4:88:11:01:c8:a9:75:38:3b:c4:a4:c8:54:0d: 3e:3f:f5:6d:87:4f:77:a8:c6:56:02:ad:4a:9e:70: 73:c5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F2:12:81:BE:93:76:71:65:91:02:47:46:01:BD:E3:0C:B3:F4:0B:97 X509v3 Authority Key Identifier: keyid:7D:6A:33:0F:0D:01:24:94:27:C7:FC:9D:DD:DC:F4:A8:28:76:0B:06 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9145519/AD08AF26E45C11E68CEDFA3EC4F9AE02/fWozDw0BJJQnx_yd3dz0qCh2CwY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fWozDw0BJJQnx_yd3dz0qCh2CwY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9145519/AD08AF26E45C11E68CEDFA3EC4F9AE02/78D1DAC8E45E11E681F82341C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.224.84.0/22 103.242.96.0/22 Signature Algorithm: sha256WithRSAEncryption 59:92:8e:7a:83:86:e1:2b:c2:7e:7b:28:15:f8:ce:a1:de:63: 33:7a:74:b7:2c:f8:23:5f:3f:ce:2b:0a:24:c9:c4:82:b1:fe: f2:18:98:ff:f9:6e:6b:82:a9:03:00:59:fb:5d:31:ed:fc:4c: dd:f3:ff:b4:75:a6:72:cd:99:e8:e2:f3:fb:47:43:8d:0d:8f: 53:27:4e:9c:bd:fa:0b:df:66:0a:08:78:4e:fc:40:62:26:01: 40:99:1d:c3:26:0e:73:89:a7:16:da:cc:f0:92:63:0d:b2:78: dd:98:23:c7:43:9f:d2:5b:1e:45:68:a5:5b:74:5d:94:c2:1b: 2d:af:63:58:90:6b:ba:89:67:fc:c4:cc:fd:e0:93:dc:a4:c6: 9c:a7:39:e2:3e:46:d3:e6:c5:4a:1c:a6:15:f4:53:83:5f:63: 76:94:ab:59:94:95:da:f0:58:a4:6d:61:dd:f8:d8:c8:13:b5: b9:3b:e9:b2:4e:58:92:9a:0d:b1:45:d8:88:70:6c:07:50:5b: 3f:0e:b3:46:14:b8:19:cd:9d:99:54:cd:2c:22:de:03:82:0e: 45:08:5b:45:01:37:06:07:2b:c7:8b:c7:59:98:a2:e7:ed:a0: c9:0b:43:05:fe:3a:c0:44:bf:da:63:12:10:39:12:04:0b:55: f1:cf:46:49 -----BEGIN CERTIFICATE----- MIIFdzCCBF+gAwIBAgICG84wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDU1MTkxMTAvBgNVBAUTKDdENkEzMzBGMEQwMTI0OTQyN0M3RkM5RERERENGNEE4 Mjg3NjBCMDYwHhcNMjQxMDEyMTYyNDIzWhcNMjUxMjMwMDAwMDAwWjAYMRYwFAYD VQQDEw02NzBhYTJiNy01ZmRjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAzEpXMahw2rHaeZ8duMEYyBuXiVKxWmkVq/CZkXAW5uua+gyiUL/yE/Futmhd crjduA2JqDF7G4XicmZiCFn4AT27Dp6g/T73ZHpdWDMiWemp6DUHA4H6TvKJBnTF /GuCrOUbp9Q81GvmDA1XfpJbWAJpDR3ZVVlrOTW9CB+15smXWVV+qhqPJa5gTjeA fdN+anPl7ggxFTlhTrsAe1IPNTnefqqaVAQBGoJMTS1ffsDN+NPtiWGzAE6Jalo8 99k95+1G3TGOaroENnO/W+EZ8JQzLEj8rQfb1Vzc116ofMzJ1IgRAcipdTg7xKTI VA0+P/Vth093qMZWAq1KnnBzxQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFPISgb6T dnFlkQJHRgG94wyz9AuXMB8GA1UdIwQYMBaAFH1qMw8NASSUJ8f8nd3c9KgodgsG MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0NTUxOS9BRDA4QUYyNkU0 NUMxMUU2OENFREZBM0VDNEY5QUUwMi9mV296RHcwQkpKUW54X3lkM2R6MHFDaDJD d1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2ZXb3pEdzBCSkpRbnhfeWQzZHowcUNoMkN3WS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NDU1MTkvQUQwOEFGMjZFNDVDMTFFNjhDRURGQTNFQzRGOUFFMDIvNzhEMURBQzhF NDVFMTFFNjgxRjgyMzQxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E FjAUMBIEAgABMAwDBAIr4FQDBAJn8mAwDQYJKoZIhvcNAQELBQADggEBAFmSjnqD huErwn57KBX4zqHeYzN6dLcs+CNfP84rCiTJxIKx/vIYmP/5bmuCqQMAWftdMe38 TN3z/7R1pnLNmeji8/tHQ40Nj1MnTpy9+gvfZgoIeE78QGImAUCZHcMmDnOJpxba zPCSYw2yeN2YI8dDn9JbHkVopVt0XZTCGy2vY1iQa7qJZ/zEzP3gk9ykxpynOeI+ RtPmxUocphX0U4NfY3aUq1mUldrwWKRtYd342MgTtbk76bJOWJKaDbFF2IhwbAdQ Wz8Os0YUuBnNnZlUzSwi3gOCDkUIW0UBNwYHK8eLx1mYouftoMkLQwX+OsBEv9pj EhA5EgQLVfHPRkk= -----END CERTIFICATE-----Generated at Fri Nov 22 17:55:42 2024 by rpki-client on console-fra.rpki-client.org