$ rpki-client -vvf rpki.apnic.net/member_repository/A914A139/EBB9EC6024CA11EAAC2AE586C4F9AE02/10CF1D82C0E311EE81F3E987C4F9AE02.roa File: 10CF1D82C0E311EE81F3E987C4F9AE02.roa (raw, json) Hash identifier: 78NzvvcCG2D0+YLHvm0WI7AAwqsj2ir6ZRecAq/XKO4= Subject key identifier: 9E:D5:2A:AC:66:10:11:AF:B6:18:2D:57:3D:84:BC:F3:E3:30:F3:E8 Certificate issuer: /CN=A914A139/serialNumber=A25ED8A1427AE93B24D30DCCDFA832538B5008AD Certificate serial: 0B42 Authority key identifier: A2:5E:D8:A1:42:7A:E9:3B:24:D3:0D:CC:DF:A8:32:53:8B:50:08:AD Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ol7YoUJ66Tsk0w3M36gyU4tQCK0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A914A139/EBB9EC6024CA11EAAC2AE586C4F9AE02/10CF1D82C0E311EE81F3E987C4F9AE02.roa Signing time: Wed 18 Sep 2024 19:08:40 +0000 ROA not before: Wed 18 Sep 2024 19:08:40 +0000 ROA not after: Fri 31 Oct 2025 00:00:00 +0000 asID: 139325 IP address blocks: 103.141.64.0/23 maxlen: 24 2001:df0:f280::/48 maxlen: 48 2401:79e0:4000::/34 maxlen: 38 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A914A139/EBB9EC6024CA11EAAC2AE586C4F9AE02/ol7YoUJ66Tsk0w3M36gyU4tQCK0.crl rsync://rpki.apnic.net/member_repository/A914A139/EBB9EC6024CA11EAAC2AE586C4F9AE02/ol7YoUJ66Tsk0w3M36gyU4tQCK0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ol7YoUJ66Tsk0w3M36gyU4tQCK0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Nov 2024 18:50:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2882 (0xb42) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A914A139/serialNumber=A25ED8A1427AE93B24D30DCCDFA832538B5008AD Validity Not Before: Sep 18 19:08:40 2024 GMT Not After : Oct 31 00:00:00 2025 GMT Subject: CN=66eb2538-e020 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:26:ec:68:7a:77:1d:65:be:b1:ac:c2:da:13: 31:d3:ac:c6:bd:ae:54:76:b4:d7:2c:b5:7b:63:93: 6c:53:22:75:28:4f:0f:f9:e2:13:c3:d9:ba:c8:f6: 6f:42:f9:a2:85:f5:39:be:d4:bf:33:91:07:9d:e4: ba:3c:59:fd:68:13:e8:fb:8a:7c:71:f5:32:e0:85: ec:eb:b9:f6:9d:d3:f7:cf:bf:9f:f9:6d:53:ac:a0: 8c:f3:5e:d8:01:c4:1d:d5:71:41:54:0b:ae:da:42: 56:4c:21:fc:85:53:89:6c:b9:2d:0d:11:5c:18:de: 17:3f:8b:6a:a3:72:6a:31:f4:73:c7:88:6b:d1:b1: 5c:86:a5:16:d3:d1:c2:04:7f:02:fa:b9:12:23:89: 65:87:0d:5c:60:15:4f:33:7d:21:69:b2:18:cf:50: 9d:58:97:05:c8:df:78:d9:c5:e7:52:dd:37:b6:ad: b0:48:6a:bb:6d:12:7a:e7:c8:54:74:7c:09:3e:98: e8:25:a1:41:6e:2c:25:a4:54:eb:5f:9e:87:99:94: 20:02:ce:84:de:d4:05:98:89:d0:8d:cd:b9:dd:eb: ca:68:83:42:87:01:36:7c:e8:3d:7f:3f:7c:55:84: 9e:65:8d:7b:9b:5f:40:5b:cf:1e:64:72:53:04:a7: 41:97 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9E:D5:2A:AC:66:10:11:AF:B6:18:2D:57:3D:84:BC:F3:E3:30:F3:E8 X509v3 Authority Key Identifier: keyid:A2:5E:D8:A1:42:7A:E9:3B:24:D3:0D:CC:DF:A8:32:53:8B:50:08:AD X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A914A139/EBB9EC6024CA11EAAC2AE586C4F9AE02/ol7YoUJ66Tsk0w3M36gyU4tQCK0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ol7YoUJ66Tsk0w3M36gyU4tQCK0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914A139/EBB9EC6024CA11EAAC2AE586C4F9AE02/10CF1D82C0E311EE81F3E987C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.141.64.0/23 IPv6: 2001:df0:f280::/48 2401:79e0:4000::/34 Signature Algorithm: sha256WithRSAEncryption 74:49:b6:c0:3e:17:b2:4a:5c:40:5f:95:88:87:56:17:e5:79: bb:07:fd:b2:e1:e4:15:fc:e5:36:cf:3a:48:71:09:34:a4:43: 2b:ac:0c:ba:06:cb:95:dd:f9:dc:e8:9a:b7:ed:1e:34:fe:6d: 08:ee:b2:d0:5d:b3:49:18:f0:70:6b:0e:33:7c:46:1a:cc:11: 2d:7d:da:4b:32:81:5d:0a:aa:fc:15:e8:e3:15:41:82:0b:49: b2:54:01:b3:3e:e9:be:73:3f:05:03:74:57:ae:40:bb:a2:cc: 5e:c0:02:55:88:fa:3a:b9:b3:af:db:23:fc:ce:ee:15:95:0d: fc:7e:dc:5b:ea:34:ba:d6:d7:4e:79:de:44:57:7f:67:ce:b2: 70:1c:42:f8:65:c6:79:65:66:6d:21:12:ac:bd:58:e1:62:7b: 53:a8:3f:d1:1a:e2:5f:ef:ad:be:d5:9d:ad:30:41:e1:66:d6: 7b:13:03:41:21:01:ff:c8:bd:60:4a:25:15:4a:ed:69:d6:68: 0e:4e:56:fd:b4:3a:a2:d1:f7:77:a2:cb:67:38:6f:c3:cd:e7: 05:7c:63:9f:c2:e8:62:3e:19:9b:af:f6:5c:d2:a7:85:f8:78: a6:2c:55:83:4d:12:9c:7e:29:90:2f:77:f7:aa:1f:bf:7f:d3: 0e:98:2d:80 -----BEGIN CERTIFICATE----- MIIFijCCBHKgAwIBAgICC0IwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NEExMzkxMTAvBgNVBAUTKEEyNUVEOEExNDI3QUU5M0IyNEQzMERDQ0RGQTgzMjUz OEI1MDA4QUQwHhcNMjQwOTE4MTkwODQwWhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NmViMjUzOC1lMDIwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEApSbsaHp3HWW+sazC2hMx06zGva5UdrTXLLV7Y5NsUyJ1KE8P+eITw9m6yPZv QvmihfU5vtS/M5EHneS6PFn9aBPo+4p8cfUy4IXs67n2ndP3z7+f+W1TrKCM817Y AcQd1XFBVAuu2kJWTCH8hVOJbLktDRFcGN4XP4tqo3JqMfRzx4hr0bFchqUW09HC BH8C+rkSI4llhw1cYBVPM30habIYz1CdWJcFyN942cXnUt03tq2wSGq7bRJ658hU dHwJPpjoJaFBbiwlpFTrX56HmZQgAs6E3tQFmInQjc253evKaINChwE2fOg9fz98 VYSeZY17m19AW88eZHJTBKdBlwIDAQABo4ICrjCCAqowHQYDVR0OBBYEFJ7VKqxm EBGvthgtVz2EvPPjMPPoMB8GA1UdIwQYMBaAFKJe2KFCeuk7JNMNzN+oMlOLUAit MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0QTEzOS9FQkI5RUM2MDI0 Q0ExMUVBQUMyQUU1ODZDNEY5QUUwMi9vbDdZb1VKNjZUc2swdzNNMzZneVU0dFFD SzAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL29sN1lvVUo2NlRzazB3M00zNmd5VTR0UUNLMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NEExMzkvRUJCOUVDNjAyNENBMTFFQUFDMkFFNTg2QzRGOUFFMDIvMTBDRjFEODJD MEUzMTFFRTgxRjNFOTg3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOAYIKwYBBQUHAQcBAf8E KTAnMAwEAgABMAYDBAFnjUAwFwQCAAIwEQMHACABDfDygAMGBiQBeeBAMA0GCSqG SIb3DQEBCwUAA4IBAQB0SbbAPheySlxAX5WIh1YX5Xm7B/2y4eQV/OU2zzpIcQk0 pEMrrAy6BsuV3fnc6Jq37R40/m0I7rLQXbNJGPBwaw4zfEYazBEtfdpLMoFdCqr8 FejjFUGCC0myVAGzPum+cz8FA3RXrkC7osxewAJViPo6ubOv2yP8zu4VlQ38ftxb 6jS61tdOed5EV39nzrJwHEL4ZcZ5ZWZtIRKsvVjhYntTqD/RGuJf762+1Z2tMEHh ZtZ7EwNBIQH/yL1gSiUVSu1p1mgOTlb9tDqi0fd3ostnOG/DzecFfGOfwuhiPhmb r/Zc0qeF+HimLFWDTRKcfimQL3f3qh+/f9MOmC2A -----END CERTIFICATE-----Generated at Fri Nov 22 19:44:57 2024 by rpki-client on console-fra.rpki-client.org