$ rpki-client -vvf rpki.apnic.net/member_repository/A9169DB2/A9CC49B6B9BB11EABDD0FD84C4F9AE02/CDBA3F66B9BD11EAAE22B109C4F9AE02.roa File: CDBA3F66B9BD11EAAE22B109C4F9AE02.roa (raw, json) Hash identifier: TS24Pjw+v6UdpS9dyJX3ZRfYWC+R7C8gFtsdpCM/hpQ= Subject key identifier: 96:1A:61:B7:26:7E:CE:E6:02:F9:12:1D:EC:B3:68:4C:4B:A0:3A:68 Certificate issuer: /CN=A9169DB2/serialNumber=9B8259F7B3C1DEDD4719BC0ADC587B3DB89E7BDB Certificate serial: 07B6 Authority key identifier: 9B:82:59:F7:B3:C1:DE:DD:47:19:BC:0A:DC:58:7B:3D:B8:9E:7B:DB Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/m4JZ97PB3t1HGbwK3Fh7Pbiee9s.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9169DB2/A9CC49B6B9BB11EABDD0FD84C4F9AE02/CDBA3F66B9BD11EAAE22B109C4F9AE02.roa Signing time: Fri 02 Feb 2024 21:59:30 +0000 ROA not before: Fri 02 Feb 2024 21:59:30 +0000 ROA not after: Mon 31 Mar 2025 00:00:00 +0000 asID: 56301 IP address blocks: 103.17.108.0/23 maxlen: 23 103.48.116.0/24 maxlen: 24 103.87.69.0/24 maxlen: 24 203.26.188.0/24 maxlen: 24 203.26.189.0/24 maxlen: 24 218.100.84.0/24 maxlen: 24 2401:fd40::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9169DB2/A9CC49B6B9BB11EABDD0FD84C4F9AE02/m4JZ97PB3t1HGbwK3Fh7Pbiee9s.crl rsync://rpki.apnic.net/member_repository/A9169DB2/A9CC49B6B9BB11EABDD0FD84C4F9AE02/m4JZ97PB3t1HGbwK3Fh7Pbiee9s.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/m4JZ97PB3t1HGbwK3Fh7Pbiee9s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 31 May 2024 22:04:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1974 (0x7b6) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9169DB2/serialNumber=9B8259F7B3C1DEDD4719BC0ADC587B3DB89E7BDB Validity Not Before: Feb 2 21:59:30 2024 GMT Not After : Mar 31 00:00:00 2025 GMT Subject: CN=65bd65c1-0152 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:b6:44:3d:c4:c7:de:98:44:ca:19:b5:98:6c: 76:e4:b7:4a:15:87:7b:63:98:62:49:7a:63:69:a4: 05:c3:12:11:4e:e6:25:23:00:d6:0f:d5:48:41:5f: c6:4b:ca:10:6a:bf:56:c4:0b:77:b5:6f:7d:0b:f5: 28:3f:e7:aa:e4:dc:a6:af:df:b5:57:34:f2:ec:ff: 55:47:bf:77:2a:2b:09:d0:6c:d8:34:e2:0c:9a:05: 17:60:81:96:43:ae:4a:4e:19:39:5c:36:af:7f:56: 54:1f:f2:1c:be:46:ba:69:23:56:da:54:4b:71:af: 4f:32:60:97:27:58:34:dd:54:eb:6f:d7:ed:92:83: 76:e6:2c:70:1b:5b:0a:4b:7c:93:b0:46:7d:00:ba: 92:81:93:e4:f0:50:50:b2:eb:62:a2:55:22:1b:a0: b1:6c:9e:88:bf:7f:7b:12:83:b2:17:b8:64:51:e1: c7:de:e6:74:2e:f4:fa:8a:a0:f2:c2:1d:dd:bb:19: da:11:17:db:24:3e:3e:d0:bf:22:fa:3d:bc:a2:01: 6f:f3:cf:f9:82:80:29:55:62:0b:a6:02:d0:57:f7: af:84:aa:25:a8:b4:62:60:b5:4b:e0:56:5c:40:7a: 32:a0:df:51:fa:4f:12:80:19:9a:69:99:85:de:f8: 2c:41 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 96:1A:61:B7:26:7E:CE:E6:02:F9:12:1D:EC:B3:68:4C:4B:A0:3A:68 X509v3 Authority Key Identifier: keyid:9B:82:59:F7:B3:C1:DE:DD:47:19:BC:0A:DC:58:7B:3D:B8:9E:7B:DB X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9169DB2/A9CC49B6B9BB11EABDD0FD84C4F9AE02/m4JZ97PB3t1HGbwK3Fh7Pbiee9s.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/m4JZ97PB3t1HGbwK3Fh7Pbiee9s.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9169DB2/A9CC49B6B9BB11EABDD0FD84C4F9AE02/CDBA3F66B9BD11EAAE22B109C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.17.108.0/23 103.48.116.0/24 103.87.69.0/24 203.26.188.0/23 218.100.84.0/24 IPv6: 2401:fd40::/32 Signature Algorithm: sha256WithRSAEncryption 33:3b:af:1b:db:f5:41:d7:f4:ee:fa:8e:b0:f1:db:f1:7f:01: 0e:08:70:b4:31:82:cf:7e:ef:ea:bd:5f:e4:40:62:af:6f:fe: 45:b2:a5:69:f1:a2:b0:99:bd:92:2c:75:f5:14:c2:ae:3c:08: e1:a0:95:ff:7f:ff:97:2c:c2:97:86:3a:30:81:b4:6b:0f:5e: dd:11:ed:c9:ef:4e:6d:18:b7:d0:e9:bd:ac:6e:ad:5d:c5:b6: d4:39:cd:83:8b:8f:90:d3:cc:f2:c3:b1:15:9f:7e:61:75:89: 85:fe:68:e5:86:4d:6a:33:c8:3d:44:46:5d:e0:ba:50:c2:bf: ea:90:94:a4:53:12:28:e8:52:59:07:d7:8d:e0:ac:60:61:08: a6:bb:b0:32:14:09:c9:97:3f:54:10:ff:5e:44:80:05:c8:b1: 66:77:f7:e8:29:66:64:4f:60:ee:29:78:36:e9:3d:1f:36:e2: 8d:9a:5e:ac:03:89:dd:b4:b5:cd:4a:cc:b9:58:93:3f:fa:d3: dc:e7:e7:47:b1:7f:21:6e:61:b6:5e:31:e5:73:93:85:bf:5d: 03:fe:8b:96:1b:45:17:9c:ec:07:88:35:9e:66:ef:fb:59:ef: f5:31:c2:f4:ce:b3:2c:6f:ef:ab:9e:8b:2b:c7:7d:b5:26:af: 2f:85:64:e6 -----BEGIN CERTIFICATE----- MIIFmDCCBICgAwIBAgICB7YwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NjlEQjIxMTAvBgNVBAUTKDlCODI1OUY3QjNDMURFREQ0NzE5QkMwQURDNTg3QjNE Qjg5RTdCREIwHhcNMjQwMjAyMjE1OTMwWhcNMjUwMzMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NWJkNjVjMS0wMTUyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAqLZEPcTH3phEyhm1mGx25LdKFYd7Y5hiSXpjaaQFwxIRTuYlIwDWD9VIQV/G S8oQar9WxAt3tW99C/UoP+eq5Nymr9+1VzTy7P9VR793KisJ0GzYNOIMmgUXYIGW Q65KThk5XDavf1ZUH/Icvka6aSNW2lRLca9PMmCXJ1g03VTrb9ftkoN25ixwG1sK S3yTsEZ9ALqSgZPk8FBQsutiolUiG6CxbJ6Iv397EoOyF7hkUeHH3uZ0LvT6iqDy wh3duxnaERfbJD4+0L8i+j28ogFv88/5goApVWILpgLQV/evhKolqLRiYLVL4FZc QHoyoN9R+k8SgBmaaZmF3vgsQQIDAQABo4ICvDCCArgwHQYDVR0OBBYEFJYaYbcm fs7mAvkSHeyzaExLoDpoMB8GA1UdIwQYMBaAFJuCWfezwd7dRxm8CtxYez24nnvb MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2OURCMi9BOUNDNDlCNkI5 QkIxMUVBQkREMEZEODRDNEY5QUUwMi9tNEpaOTdQQjN0MUhHYndLM0ZoN1BiaWVl OXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL200Slo5N1BCM3QxSEdid0szRmg3UGJpZWU5cy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NjlEQjIvQTlDQzQ5QjZCOUJCMTFFQUJERDBGRDg0QzRGOUFFMDIvQ0RCQTNGNjZC OUJEMTFFQUFFMjJCMTA5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwRgYIKwYBBQUHAQcBAf8E NzA1MCQEAgABMB4DBAFnEWwDBABnMHQDBABnV0UDBAHLGrwDBADaZFQwDQQCAAIw BwMFACQB/UAwDQYJKoZIhvcNAQELBQADggEBADM7rxvb9UHX9O76jrDx2/F/AQ4I cLQxgs9+7+q9X+RAYq9v/kWypWnxorCZvZIsdfUUwq48COGglf9//5cswpeGOjCB tGsPXt0R7cnvTm0Yt9DpvaxurV3FttQ5zYOLj5DTzPLDsRWffmF1iYX+aOWGTWoz yD1ERl3gulDCv+qQlKRTEijoUlkH143grGBhCKa7sDIUCcmXP1QQ/15EgAXIsWZ3 9+gpZmRPYO4peDbpPR824o2aXqwDid20tc1KzLlYkz/609zn50exfyFuYbZeMeVz k4W/XQP+i5YbRRec7AeINZ5m7/tZ7/UxwvTOsyxv76ueiyvHfbUmry+FZOY= -----END CERTIFICATE-----Generated at Sat May 25 00:59:56 2024 by rpki-client on console-ams.rpki-client.org