$ rpki-client -vvf rpki.apnic.net/member_repository/A9148B6A/0875F4964C7411E997900F55C4F9AE02/07FF4ABC5A1011EAA8B1B456C4F9AE02.roa File: 07FF4ABC5A1011EAA8B1B456C4F9AE02.roa (raw, json) Hash identifier: /71nbSiWt0RVe5ogZCQfFYyxEZ4Mr3Z7iCfhqhLbM+k= Subject key identifier: 63:60:2E:34:DB:4B:C5:DD:A8:21:FA:07:19:F1:96:5F:C5:E4:E9:24 Certificate issuer: /CN=A9148B6A/serialNumber=A9712CCB7EEE024AEB88767B762E1093B140FF6E Certificate serial: 0F6A Authority key identifier: A9:71:2C:CB:7E:EE:02:4A:EB:88:76:7B:76:2E:10:93:B1:40:FF:6E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qXEsy37uAkrriHZ7di4Qk7FA_24.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9148B6A/0875F4964C7411E997900F55C4F9AE02/07FF4ABC5A1011EAA8B1B456C4F9AE02.roa Signing time: Fri 26 Jul 2024 18:05:57 +0000 ROA not before: Fri 26 Jul 2024 18:05:57 +0000 ROA not after: Sun 31 Aug 2025 00:00:00 +0000 asID: 132298 IP address blocks: 103.237.36.0/22 maxlen: 24 160.202.144.0/22 maxlen: 24 2401:e7c0::/32 maxlen: 36 2401:e7c0::/48 maxlen: 48 2401:e7c0:3::/48 maxlen: 48 2401:e7c0:4::/48 maxlen: 48 2401:e7c0:f00::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9148B6A/0875F4964C7411E997900F55C4F9AE02/qXEsy37uAkrriHZ7di4Qk7FA_24.crl rsync://rpki.apnic.net/member_repository/A9148B6A/0875F4964C7411E997900F55C4F9AE02/qXEsy37uAkrriHZ7di4Qk7FA_24.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qXEsy37uAkrriHZ7di4Qk7FA_24.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Nov 2024 17:30:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3946 (0xf6a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9148B6A/serialNumber=A9712CCB7EEE024AEB88767B762E1093B140FF6E Validity Not Before: Jul 26 18:05:57 2024 GMT Not After : Aug 31 00:00:00 2025 GMT Subject: CN=66a3e585-ee39 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e6:c1:c8:95:6e:9a:8f:31:86:1a:ad:be:e3:c4: df:6c:9a:42:77:47:e4:00:20:0b:bd:09:dd:27:8d: 72:3c:e3:95:dc:2c:bc:9f:11:1a:ac:0b:3f:88:07: 82:0b:12:07:c2:69:7a:f6:49:aa:d1:a0:b8:ac:71: d5:8f:f3:fe:89:60:79:c7:4c:1d:5f:83:a1:2c:7e: 1b:a1:fd:ac:b5:c8:b5:75:d6:89:77:05:11:b0:a5: 12:d6:f3:53:30:f1:bd:18:c9:5c:0d:da:2a:88:eb: bd:02:c3:63:2d:9e:6a:0e:08:62:6f:b6:6c:db:b0: f1:1f:df:28:ea:ad:e6:37:74:71:ff:43:30:3e:0c: ea:30:b0:8c:17:c4:ed:ae:db:7b:ff:e9:a1:02:eb: fa:b7:24:8b:09:21:b8:4a:1d:23:53:6e:72:c7:6d: 48:d3:69:01:db:7e:a4:75:bf:0a:83:6c:67:1d:99: 83:ac:05:24:84:44:c1:81:7a:ae:d3:48:8e:e5:50: 8d:b3:4a:5f:99:bf:4d:2e:6e:ff:06:10:85:b6:97: fe:e8:bd:b9:89:f8:03:2a:71:08:33:fc:d4:02:2d: 1c:a1:7e:a2:de:29:18:4a:59:6c:a8:72:c4:23:2e: fb:25:64:2f:7d:4e:e1:b5:42:19:b7:6a:db:c0:03: a4:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 63:60:2E:34:DB:4B:C5:DD:A8:21:FA:07:19:F1:96:5F:C5:E4:E9:24 X509v3 Authority Key Identifier: keyid:A9:71:2C:CB:7E:EE:02:4A:EB:88:76:7B:76:2E:10:93:B1:40:FF:6E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9148B6A/0875F4964C7411E997900F55C4F9AE02/qXEsy37uAkrriHZ7di4Qk7FA_24.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qXEsy37uAkrriHZ7di4Qk7FA_24.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9148B6A/0875F4964C7411E997900F55C4F9AE02/07FF4ABC5A1011EAA8B1B456C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.237.36.0/22 160.202.144.0/22 IPv6: 2401:e7c0::/32 Signature Algorithm: sha256WithRSAEncryption 37:de:38:02:4b:fb:2a:76:66:6f:a5:ae:b4:a6:ec:f3:a7:b6: 53:d9:85:da:d6:13:b6:8b:c8:ca:33:ae:03:c5:ac:10:83:fc: 70:7a:c7:6c:a1:f3:b7:7d:67:0a:5b:62:57:a1:14:03:17:bd: 11:3d:11:93:ae:3d:02:57:3f:e0:69:48:fa:a5:23:49:61:7f: 9f:9f:8f:b3:3c:b2:53:97:a0:ed:96:0b:92:74:11:33:5b:90: 0e:d2:73:11:3e:22:4f:0c:e5:bb:01:8e:12:66:3a:79:d1:54: 81:ea:c0:34:35:20:f1:a7:2c:9c:e9:a1:6e:99:22:bd:52:09: 30:f3:c1:61:71:47:76:4e:73:a0:10:ed:67:ac:a9:5c:c2:d2: 89:ce:99:97:01:b5:76:44:b1:bc:a5:0d:b3:34:56:5a:68:74: ea:f9:1c:e5:20:59:12:e4:73:84:5f:4a:3e:36:91:87:ff:01: 77:50:d7:bf:b4:44:c9:37:26:8c:eb:eb:95:ac:54:4a:29:40: 0c:04:25:ed:0f:49:2e:6f:1b:2a:47:11:5c:de:9e:46:01:bb: 1f:ce:3c:d5:58:3e:12:36:32:b4:64:9a:58:5b:88:52:ae:c6: fc:40:ca:25:9d:37:d0:5f:3d:6b:e9:ca:35:e9:4c:f9:c6:6a: 3d:61:d7:32 -----BEGIN CERTIFICATE----- MIIFhjCCBG6gAwIBAgICD2owDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDhCNkExMTAvBgNVBAUTKEE5NzEyQ0NCN0VFRTAyNEFFQjg4NzY3Qjc2MkUxMDkz QjE0MEZGNkUwHhcNMjQwNzI2MTgwNTU3WhcNMjUwODMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NmEzZTU4NS1lZTM5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA5sHIlW6ajzGGGq2+48TfbJpCd0fkACALvQndJ41yPOOV3Cy8nxEarAs/iAeC CxIHwml69kmq0aC4rHHVj/P+iWB5x0wdX4OhLH4bof2stci1ddaJdwURsKUS1vNT MPG9GMlcDdoqiOu9AsNjLZ5qDghib7Zs27DxH98o6q3mN3Rx/0MwPgzqMLCMF8Tt rtt7/+mhAuv6tySLCSG4Sh0jU25yx21I02kB236kdb8Kg2xnHZmDrAUkhETBgXqu 00iO5VCNs0pfmb9NLm7/BhCFtpf+6L25ifgDKnEIM/zUAi0coX6i3ikYSllsqHLE Iy77JWQvfU7htUIZt2rbwAOknwIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFGNgLjTb S8XdqCH6Bxnxll/F5OkkMB8GA1UdIwQYMBaAFKlxLMt+7gJK64h2e3YuEJOxQP9u MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0OEI2QS8wODc1RjQ5NjRD NzQxMUU5OTc5MDBGNTVDNEY5QUUwMi9xWEVzeTM3dUFrcnJpSFo3ZGk0UWs3RkFf MjQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3FYRXN5Mzd1QWtycmlIWjdkaTRRazdGQV8yNC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NDhCNkEvMDg3NUY0OTY0Qzc0MTFFOTk3OTAwRjU1QzRGOUFFMDIvMDdGRjRBQkM1 QTEwMTFFQUE4QjFCNDU2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E JTAjMBIEAgABMAwDBAJn7SQDBAKgypAwDQQCAAIwBwMFACQB58AwDQYJKoZIhvcN AQELBQADggEBADfeOAJL+yp2Zm+lrrSm7POntlPZhdrWE7aLyMozrgPFrBCD/HB6 x2yh87d9ZwpbYlehFAMXvRE9EZOuPQJXP+BpSPqlI0lhf5+fj7M8slOXoO2WC5J0 ETNbkA7ScxE+Ik8M5bsBjhJmOnnRVIHqwDQ1IPGnLJzpoW6ZIr1SCTDzwWFxR3ZO c6AQ7WesqVzC0onOmZcBtXZEsbylDbM0VlpodOr5HOUgWRLkc4RfSj42kYf/AXdQ 17+0RMk3Jozr65WsVEopQAwEJe0PSS5vGypHEVzenkYBux/OPNVYPhI2MrRkmlhb iFKuxvxAyiWdN9BfPWvpyjXpTPnGaj1h1zI= -----END CERTIFICATE-----Generated at Fri Nov 22 19:50:01 2024 by rpki-client on console-ams.rpki-client.org