$ rpki-client -vvf rpki.apnic.net/member_repository/A9158028/8A4ADEE4A11F11EB9339D50AC4F9AE02/687D7178B85D11EBB2E17F26C4F9AE02.roa File: 687D7178B85D11EBB2E17F26C4F9AE02.roa (raw, json) Hash identifier: IMdjByBIYJm1pushgtHVRf7baWnF2aGGxcZRsZb6Kqw= Subject key identifier: 11:91:1A:29:67:C8:68:0D:A1:38:BE:3D:79:80:09:7E:26:F4:0F:F3 Certificate issuer: /CN=A9158028/serialNumber=809EFF1F7819B81751F177AB5AFED82BCC32A569 Certificate serial: 05A4 Authority key identifier: 80:9E:FF:1F:78:19:B8:17:51:F1:77:AB:5A:FE:D8:2B:CC:32:A5:69 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gJ7_H3gZuBdR8XerWv7YK8wypWk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9158028/8A4ADEE4A11F11EB9339D50AC4F9AE02/687D7178B85D11EBB2E17F26C4F9AE02.roa Signing time: Wed 16 Oct 2024 23:12:51 +0000 ROA not before: Wed 16 Oct 2024 23:12:51 +0000 ROA not after: Mon 01 Dec 2025 00:00:00 +0000 asID: 132296 IP address blocks: 103.72.72.0/22 maxlen: 22 103.72.72.0/24 maxlen: 24 103.72.73.0/24 maxlen: 24 103.72.74.0/24 maxlen: 24 103.72.75.0/24 maxlen: 24 103.233.140.0/23 maxlen: 23 103.233.140.0/24 maxlen: 24 103.233.141.0/24 maxlen: 24 103.248.202.0/23 maxlen: 24 2406:b580::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9158028/8A4ADEE4A11F11EB9339D50AC4F9AE02/gJ7_H3gZuBdR8XerWv7YK8wypWk.crl rsync://rpki.apnic.net/member_repository/A9158028/8A4ADEE4A11F11EB9339D50AC4F9AE02/gJ7_H3gZuBdR8XerWv7YK8wypWk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gJ7_H3gZuBdR8XerWv7YK8wypWk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Nov 2024 20:43:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1444 (0x5a4) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9158028/serialNumber=809EFF1F7819B81751F177AB5AFED82BCC32A569 Validity Not Before: Oct 16 23:12:51 2024 GMT Not After : Dec 1 00:00:00 2025 GMT Subject: CN=67104872-63c0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e8:f7:c5:89:7b:2c:bf:64:ec:76:f8:f9:3d:03: 0b:50:ac:ac:c7:a0:fe:58:11:1b:74:dd:8d:82:2f: fb:89:22:db:15:c3:fc:38:7e:e7:4b:0c:ed:be:11: c0:0d:47:74:08:4a:ff:1e:db:5d:52:e4:43:b6:61: 37:c7:a2:a1:ea:ea:50:37:3d:45:61:bf:e7:dc:00: c0:5f:9a:2c:bd:72:f2:43:f3:d5:62:44:3c:54:b1: f9:4b:d4:eb:86:ac:ae:77:63:4d:ae:8f:3c:0c:e9: ae:7d:cd:a8:e8:4c:fb:52:d4:36:06:5b:c8:b8:0c: 88:01:ed:d0:c2:51:fa:ca:69:2a:ff:eb:36:0e:66: b4:cf:a0:8c:fa:ac:fa:a7:0e:7c:44:c8:81:a5:64: 43:ff:23:79:44:00:74:cd:fc:ed:f6:16:02:0f:51: bd:4f:93:6c:cd:ed:50:b7:82:d2:3b:e9:44:6d:ef: 29:07:e4:c7:fe:d0:ae:ad:d3:4b:96:8d:dd:90:02: 98:a5:47:ba:0d:96:36:35:79:92:e5:15:a0:01:6f: e7:23:4f:83:46:28:bd:43:6f:8e:ed:49:26:34:b0: 70:c0:24:33:ab:f8:f4:dc:74:28:b8:ff:66:f0:9d: 7e:43:08:17:6b:72:32:9f:26:78:99:c9:aa:80:a2: e6:c1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 11:91:1A:29:67:C8:68:0D:A1:38:BE:3D:79:80:09:7E:26:F4:0F:F3 X509v3 Authority Key Identifier: keyid:80:9E:FF:1F:78:19:B8:17:51:F1:77:AB:5A:FE:D8:2B:CC:32:A5:69 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9158028/8A4ADEE4A11F11EB9339D50AC4F9AE02/gJ7_H3gZuBdR8XerWv7YK8wypWk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gJ7_H3gZuBdR8XerWv7YK8wypWk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9158028/8A4ADEE4A11F11EB9339D50AC4F9AE02/687D7178B85D11EBB2E17F26C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.72.72.0/22 103.233.140.0/23 103.248.202.0/23 IPv6: 2406:b580::/32 Signature Algorithm: sha256WithRSAEncryption 69:7b:a6:ea:99:e4:0c:18:e1:21:e1:c9:6e:99:af:98:93:45: 28:71:38:10:24:b9:ce:0d:8e:28:43:ea:de:29:76:35:00:84: 8d:15:fd:2b:4d:99:68:16:bc:44:4a:1e:b2:06:0a:51:6e:83: 9e:71:c9:24:3b:40:b6:30:26:9d:48:8a:13:39:73:99:9c:f1: 95:c5:b9:fe:22:35:68:6b:7b:28:ee:e4:95:bf:9e:29:ee:cf: 50:5c:62:61:bb:70:c2:35:e2:f9:32:5d:19:d3:46:98:3a:f5: 44:fd:85:49:ec:ea:66:9c:23:c1:e2:63:6f:39:59:d5:06:4a: 98:6a:f5:68:5f:c2:9a:d6:a5:48:81:cb:47:a3:45:91:b1:15: db:72:d7:10:30:a5:48:6c:65:a3:a9:e6:90:56:36:1d:6b:1e: 94:c8:15:80:6a:44:d9:8d:9b:89:95:42:01:88:ef:5a:a1:4c: c2:24:65:10:df:7f:bd:98:3c:ab:32:92:53:92:65:f3:a9:92: ca:d2:20:c8:27:61:02:86:2d:21:a7:30:ad:5b:7a:3c:75:4b: 87:78:31:0c:44:84:02:84:f0:2b:11:87:1a:f1:11:bc:66:1e: ba:4c:86:70:ee:98:11:5d:08:d2:f9:45:39:68:a3:90:61:35: af:2a:29:40 -----BEGIN CERTIFICATE----- MIIFjDCCBHSgAwIBAgICBaQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTgwMjgxMTAvBgNVBAUTKDgwOUVGRjFGNzgxOUI4MTc1MUYxNzdBQjVBRkVEODJC Q0MzMkE1NjkwHhcNMjQxMDE2MjMxMjUxWhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD VQQDEw02NzEwNDg3Mi02M2MwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA6PfFiXssv2Tsdvj5PQMLUKysx6D+WBEbdN2Ngi/7iSLbFcP8OH7nSwztvhHA DUd0CEr/HttdUuRDtmE3x6Kh6upQNz1FYb/n3ADAX5osvXLyQ/PVYkQ8VLH5S9Tr hqyud2NNro88DOmufc2o6Ez7UtQ2BlvIuAyIAe3QwlH6ymkq/+s2Dma0z6CM+qz6 pw58RMiBpWRD/yN5RAB0zfzt9hYCD1G9T5Nsze1Qt4LSO+lEbe8pB+TH/tCurdNL lo3dkAKYpUe6DZY2NXmS5RWgAW/nI0+DRii9Q2+O7UkmNLBwwCQzq/j03HQouP9m 8J1+QwgXa3IynyZ4mcmqgKLmwQIDAQABo4ICsDCCAqwwHQYDVR0OBBYEFBGRGiln yGgNoTi+PXmACX4m9A/zMB8GA1UdIwQYMBaAFICe/x94GbgXUfF3q1r+2CvMMqVp MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1ODAyOC84QTRBREVFNEEx MUYxMUVCOTMzOUQ1MEFDNEY5QUUwMi9nSjdfSDNnWnVCZFI4WGVyV3Y3WUs4d3lw V2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2dKN19IM2dadUJkUjhYZXJXdjdZSzh3eXBXay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NTgwMjgvOEE0QURFRTRBMTFGMTFFQjkzMzlENTBBQzRGOUFFMDIvNjg3RDcxNzhC ODVEMTFFQkIyRTE3RjI2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOgYIKwYBBQUHAQcBAf8E KzApMBgEAgABMBIDBAJnSEgDBAFn6YwDBAFn+MowDQQCAAIwBwMFACQGtYAwDQYJ KoZIhvcNAQELBQADggEBAGl7puqZ5AwY4SHhyW6Zr5iTRShxOBAkuc4NjihD6t4p djUAhI0V/StNmWgWvERKHrIGClFug55xySQ7QLYwJp1IihM5c5mc8ZXFuf4iNWhr eyju5JW/ninuz1BcYmG7cMI14vkyXRnTRpg69UT9hUns6macI8HiY285WdUGSphq 9WhfwprWpUiBy0ejRZGxFdty1xAwpUhsZaOp5pBWNh1rHpTIFYBqRNmNm4mVQgGI 71qhTMIkZRDff72YPKsyklOSZfOpksrSIMgnYQKGLSGnMK1bejx1S4d4MQxEhAKE 8CsRhxrxEbxmHrpMhnDumBFdCNL5RTloo5BhNa8qKUA= -----END CERTIFICATE-----Generated at Sat Nov 23 00:08:40 2024 by rpki-client on console-ams.rpki-client.org