$ rpki-client -vvf rpki.apnic.net/member_repository/A9145D25/67F2B0D80BD211ECBAA4806AC4F9AE02/24AE273C2D1111EE85C59810C4F9AE02.roa File: 24AE273C2D1111EE85C59810C4F9AE02.roa (raw, json) Hash identifier: YWeX1DfSGs4BQndSEpvjXp//SRdFsIHjRaQTZ+32G1w= Subject key identifier: FD:00:4D:AE:FC:AD:6E:EC:6F:69:9D:C5:F6:87:0D:3B:B4:2D:3A:47 Certificate issuer: /CN=A9145D25/serialNumber=C2F28E9D188439C4FE69F63A4CAA6DA42496291D Certificate serial: 04A1 Authority key identifier: C2:F2:8E:9D:18:84:39:C4:FE:69:F6:3A:4C:AA:6D:A4:24:96:29:1D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wvKOnRiEOcT-afY6TKptpCSWKR0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9145D25/67F2B0D80BD211ECBAA4806AC4F9AE02/24AE273C2D1111EE85C59810C4F9AE02.roa Signing time: Tue 03 Sep 2024 01:15:48 +0000 ROA not before: Tue 03 Sep 2024 01:15:48 +0000 ROA not after: Mon 01 Dec 2025 00:00:00 +0000 asID: 211392 IP address blocks: 103.172.110.0/23 maxlen: 23 103.172.110.0/24 maxlen: 24 103.172.111.0/24 maxlen: 24 103.204.13.0/24 maxlen: 24 2001:df7:6e80::/47 maxlen: 47 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9145D25/67F2B0D80BD211ECBAA4806AC4F9AE02/wvKOnRiEOcT-afY6TKptpCSWKR0.crl rsync://rpki.apnic.net/member_repository/A9145D25/67F2B0D80BD211ECBAA4806AC4F9AE02/wvKOnRiEOcT-afY6TKptpCSWKR0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wvKOnRiEOcT-afY6TKptpCSWKR0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 Nov 2024 20:33:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1185 (0x4a1) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9145D25/serialNumber=C2F28E9D188439C4FE69F63A4CAA6DA42496291D Validity Not Before: Sep 3 01:15:48 2024 GMT Not After : Dec 1 00:00:00 2025 GMT Subject: CN=66d66344-3ab0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:ab:6d:92:07:ca:b6:9f:34:67:ed:42:3b:94: e4:07:27:c7:fd:ff:41:3a:ad:be:aa:b3:0f:c6:07: c8:86:31:6c:4f:91:3a:42:ca:34:7b:63:00:c7:f7: e4:de:11:02:b0:a9:e5:f6:43:97:bb:fc:98:50:e9: 7b:90:8d:5b:76:c4:3c:d4:bb:f0:50:96:0a:bc:13: 26:77:f0:0a:c3:05:d8:19:55:83:03:4b:34:ba:ba: 79:36:db:e1:c5:aa:3f:49:07:ec:e6:2f:fe:1a:42: ef:66:b5:2b:69:c4:ee:9a:ba:3c:1a:45:2c:e2:6c: 1c:e9:70:8c:4c:e5:05:c7:d0:30:8b:55:4f:0f:34: 71:65:c5:96:60:8d:22:6a:db:7b:d7:6e:68:27:2b: b1:2a:cd:52:eb:d3:61:ba:d3:95:8d:ca:84:3c:2c: 2c:34:ab:70:04:18:22:af:bc:92:65:98:98:33:43: d1:33:a0:d9:a0:3b:10:cd:23:1e:26:91:39:c5:40: dc:2f:3c:0c:4d:71:fb:00:fe:84:0a:da:ac:cf:37: 5d:71:92:90:3c:c8:23:2c:99:78:95:e8:6b:4d:1b: fa:dc:1e:b3:e0:de:f8:b6:5d:d4:9f:12:3a:ef:58: 56:de:26:18:2d:b1:3a:4a:b3:0f:36:2a:8b:40:21: 62:b7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FD:00:4D:AE:FC:AD:6E:EC:6F:69:9D:C5:F6:87:0D:3B:B4:2D:3A:47 X509v3 Authority Key Identifier: keyid:C2:F2:8E:9D:18:84:39:C4:FE:69:F6:3A:4C:AA:6D:A4:24:96:29:1D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9145D25/67F2B0D80BD211ECBAA4806AC4F9AE02/wvKOnRiEOcT-afY6TKptpCSWKR0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wvKOnRiEOcT-afY6TKptpCSWKR0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9145D25/67F2B0D80BD211ECBAA4806AC4F9AE02/24AE273C2D1111EE85C59810C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.172.110.0/23 103.204.13.0/24 IPv6: 2001:df7:6e80::/47 Signature Algorithm: sha256WithRSAEncryption 9e:bd:3b:81:d3:3e:1c:eb:dc:f5:ba:41:f3:e6:d2:b1:85:6d: 9e:59:84:dc:6d:08:cf:ce:d5:46:90:16:d2:27:ef:60:88:da: 4e:43:d0:73:97:4a:88:08:52:10:f0:c5:bb:91:2b:2c:02:6d: c8:0e:70:43:b6:8e:22:9b:04:b9:96:8d:d6:ec:ef:2a:22:33: 7b:12:9f:8e:6a:b0:09:92:0f:11:e8:7f:77:ce:16:9a:6b:41: 85:c5:9a:ed:9e:f6:95:ba:57:c6:0d:57:61:07:ae:e4:70:a8: 97:a0:38:2f:c3:d5:ed:b4:5c:8a:80:5e:40:b9:74:de:b7:9e: c0:61:b1:d5:c9:a8:a7:f1:87:6d:5b:a7:f4:41:33:03:e2:e2: 78:6b:a4:d6:5e:6d:a4:60:5d:d0:21:22:6c:b6:2c:f6:d9:a5: 11:3a:90:36:40:68:90:5f:87:1a:e0:d5:70:53:d6:db:26:f7: e0:98:b7:2f:e8:48:fc:2c:2f:b3:6a:a3:6b:79:6b:05:94:26: 8e:29:5f:2a:75:bb:52:37:07:97:bc:f8:1b:13:a7:e4:9c:71: ed:ef:95:18:ff:86:70:12:90:53:a7:6b:36:9d:bb:b3:66:59: 80:3d:52:c1:99:f3:70:cd:c2:bb:4a:aa:9b:43:7c:69:ab:81: 58:06:45:e0 -----BEGIN CERTIFICATE----- MIIFiDCCBHCgAwIBAgICBKEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDVEMjUxMTAvBgNVBAUTKEMyRjI4RTlEMTg4NDM5QzRGRTY5RjYzQTRDQUE2REE0 MjQ5NjI5MUQwHhcNMjQwOTAzMDExNTQ4WhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD VQQDEw02NmQ2NjM0NC0zYWIwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwKttkgfKtp80Z+1CO5TkByfH/f9BOq2+qrMPxgfIhjFsT5E6Qso0e2MAx/fk 3hECsKnl9kOXu/yYUOl7kI1bdsQ81LvwUJYKvBMmd/AKwwXYGVWDA0s0urp5Ntvh xao/SQfs5i/+GkLvZrUracTumro8GkUs4mwc6XCMTOUFx9Awi1VPDzRxZcWWYI0i att7125oJyuxKs1S69NhutOVjcqEPCwsNKtwBBgir7ySZZiYM0PRM6DZoDsQzSMe JpE5xUDcLzwMTXH7AP6ECtqszzddcZKQPMgjLJl4lehrTRv63B6z4N74tl3UnxI6 71hW3iYYLbE6SrMPNiqLQCFitwIDAQABo4ICrDCCAqgwHQYDVR0OBBYEFP0ATa78 rW7sb2mdxfaHDTu0LTpHMB8GA1UdIwQYMBaAFMLyjp0YhDnE/mn2OkyqbaQklikd MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0NUQyNS82N0YyQjBEODBC RDIxMUVDQkFBNDgwNkFDNEY5QUUwMi93dktPblJpRU9jVC1hZlk2VEtwdHBDU1dL UjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3d2S09uUmlFT2NULWFmWTZUS3B0cENTV0tSMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NDVEMjUvNjdGMkIwRDgwQkQyMTFFQ0JBQTQ4MDZBQzRGOUFFMDIvMjRBRTI3M0My RDExMTFFRTg1QzU5ODEwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNgYIKwYBBQUHAQcBAf8E JzAlMBIEAgABMAwDBAFnrG4DBABnzA0wDwQCAAIwCQMHASABDfdugDANBgkqhkiG 9w0BAQsFAAOCAQEAnr07gdM+HOvc9bpB8+bSsYVtnlmE3G0Iz87VRpAW0ifvYIja TkPQc5dKiAhSEPDFu5ErLAJtyA5wQ7aOIpsEuZaN1uzvKiIzexKfjmqwCZIPEeh/ d84WmmtBhcWa7Z72lbpXxg1XYQeu5HCol6A4L8PV7bRcioBeQLl03reewGGx1cmo p/GHbVun9EEzA+LieGuk1l5tpGBd0CEibLYs9tmlETqQNkBokF+HGuDVcFPW2yb3 4Ji3L+hI/Cwvs2qja3lrBZQmjilfKnW7UjcHl7z4GxOn5Jxx7e+VGP+GcBKQU6dr Np27s2ZZgD1SwZnzcM3Cu0qqm0N8aauBWAZF4A== -----END CERTIFICATE-----Generated at Thu Nov 21 00:21:20 2024 by rpki-client on console-fra.rpki-client.org