$ rpki-client -vvf rpki.apnic.net/member_repository/A916EF5E/F38DCF8A106B11E8B8CA020BC4F9AE02/258F8662BBDF11ED8CE89144C4F9AE02.roa File: 258F8662BBDF11ED8CE89144C4F9AE02.roa (raw, json) Hash identifier: UJVWIrAy9tzhRj51so3EbRL9W2JkKzXj0nfdgCDmHfQ= Subject key identifier: 06:18:AD:BC:19:8F:A5:3D:FE:36:69:AA:F2:E6:E4:94:3C:76:4D:86 Certificate issuer: /CN=A916EF5E/serialNumber=42182F5F71A58984CE8859AE60A4CACA73FE8361 Certificate serial: 0F5C Authority key identifier: 42:18:2F:5F:71:A5:89:84:CE:88:59:AE:60:A4:CA:CA:73:FE:83:61 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QhgvX3GliYTOiFmuYKTKynP-g2E.cer Subject info access: rsync://rpki.apnic.net/member_repository/A916EF5E/F38DCF8A106B11E8B8CA020BC4F9AE02/258F8662BBDF11ED8CE89144C4F9AE02.roa Signing time: Sat 02 Nov 2024 16:54:44 +0000 ROA not before: Sat 02 Nov 2024 16:54:44 +0000 ROA not after: Mon 01 Dec 2025 00:00:00 +0000 asID: 54415 IP address blocks: 103.99.168.0/24 maxlen: 24 2401:b140::/48 maxlen: 48 2401:b140:1::/48 maxlen: 48 2401:b140:2::/48 maxlen: 48 2401:b140:3::/48 maxlen: 48 2401:b140:4::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A916EF5E/F38DCF8A106B11E8B8CA020BC4F9AE02/QhgvX3GliYTOiFmuYKTKynP-g2E.crl rsync://rpki.apnic.net/member_repository/A916EF5E/F38DCF8A106B11E8B8CA020BC4F9AE02/QhgvX3GliYTOiFmuYKTKynP-g2E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QhgvX3GliYTOiFmuYKTKynP-g2E.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Nov 2024 16:30:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3932 (0xf5c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A916EF5E/serialNumber=42182F5F71A58984CE8859AE60A4CACA73FE8361 Validity Not Before: Nov 2 16:54:44 2024 GMT Not After : Dec 1 00:00:00 2025 GMT Subject: CN=67265953-6934 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:38:f5:27:7c:fc:92:ec:a4:dc:b6:47:6f:75: 56:a6:7e:95:0b:48:79:fa:a8:d3:dc:63:13:f2:54: c4:2b:de:b0:d9:09:75:ba:9c:89:0d:8c:89:91:47: c8:b0:c1:46:b9:72:ca:17:0d:7c:55:b7:30:73:98: 49:ff:8f:dc:71:18:30:43:10:62:49:cc:a3:9c:a7: 52:bb:f9:a9:60:f4:41:96:6f:8d:c5:89:f5:32:ec: 6b:84:9d:5d:f5:ba:70:6a:13:f7:5e:e7:01:10:b7: c2:7c:99:e2:3d:66:15:8e:30:79:50:c2:3e:73:cd: 2e:8e:ab:1f:62:76:b4:0a:3d:80:ee:df:b4:13:51: 33:0f:11:80:9d:fe:17:65:68:7c:33:45:f1:5d:22: 3e:4f:01:a7:db:ce:3e:99:2d:13:56:48:08:d9:c1: de:ce:c5:af:8c:87:48:e2:8a:06:bf:ea:e3:07:63: 47:4c:58:bb:0d:85:b6:23:f1:78:e0:c0:24:c0:ce: 31:a5:86:ec:a0:2a:44:18:0e:ea:a1:cf:b2:96:5f: 52:66:da:94:04:7f:6c:14:c8:1d:0f:3a:ef:a0:10: 70:c3:28:7a:17:be:82:9d:6d:ab:d5:6a:50:4e:a6: b1:1a:df:03:b6:da:d5:5f:bd:06:3a:1c:ed:1d:7b: 2d:43 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 06:18:AD:BC:19:8F:A5:3D:FE:36:69:AA:F2:E6:E4:94:3C:76:4D:86 X509v3 Authority Key Identifier: keyid:42:18:2F:5F:71:A5:89:84:CE:88:59:AE:60:A4:CA:CA:73:FE:83:61 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A916EF5E/F38DCF8A106B11E8B8CA020BC4F9AE02/QhgvX3GliYTOiFmuYKTKynP-g2E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QhgvX3GliYTOiFmuYKTKynP-g2E.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916EF5E/F38DCF8A106B11E8B8CA020BC4F9AE02/258F8662BBDF11ED8CE89144C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.99.168.0/24 IPv6: 2401:b140::-2401:b140:4:ffff:ffff:ffff:ffff:ffff Signature Algorithm: sha256WithRSAEncryption 91:50:e1:38:e4:75:49:b7:34:41:dc:55:37:4a:76:23:ba:05: 01:d8:69:4f:2d:95:c2:6e:1a:b7:6e:7c:73:5f:66:0b:24:db: e4:83:a8:93:e0:84:8e:5e:15:23:f1:fc:14:2d:8d:7a:a7:8f: 25:19:85:3f:db:2e:9e:f6:93:16:4e:80:84:0e:5e:15:2e:ba: 4a:d7:73:b5:f8:10:d8:e0:2d:ad:57:33:05:16:cf:0b:c8:1b: 66:d2:6f:b5:ae:53:64:3c:17:55:bd:dc:66:ee:e9:b1:bf:a8: da:0d:09:1f:8b:8d:1d:9b:9d:68:e7:3e:be:52:87:a8:e8:39: 7b:f3:82:0c:63:9d:63:fd:a8:ee:96:54:9b:bb:36:e1:18:e7: 7b:dc:a2:d6:b2:6d:25:1d:94:bb:a0:28:90:3f:88:3a:7c:20: d8:8e:0f:96:b3:fe:e3:12:a2:93:58:7c:27:b1:89:38:40:a0: b9:23:0c:48:bf:21:72:9d:f2:50:36:20:31:24:97:c1:dc:9c: df:7f:31:4a:12:c0:4b:a7:76:fb:f2:3a:04:d8:3d:3f:68:ae: 4d:a0:16:c0:2d:78:5d:f5:91:ac:c0:1e:f7:6b:d3:a0:6d:e5: 48:a0:1d:9e:cc:3c:dd:bd:79:36:0d:1a:c7:f6:a2:62:72:b3: 90:fd:33:4f -----BEGIN CERTIFICATE----- MIIFizCCBHOgAwIBAgICD1wwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NkVGNUUxMTAvBgNVBAUTKDQyMTgyRjVGNzFBNTg5ODRDRTg4NTlBRTYwQTRDQUNB NzNGRTgzNjEwHhcNMjQxMTAyMTY1NDQ0WhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD VQQDEw02NzI2NTk1My02OTM0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAszj1J3z8kuyk3LZHb3VWpn6VC0h5+qjT3GMT8lTEK96w2Ql1upyJDYyJkUfI sMFGuXLKFw18Vbcwc5hJ/4/ccRgwQxBiScyjnKdSu/mpYPRBlm+NxYn1MuxrhJ1d 9bpwahP3XucBELfCfJniPWYVjjB5UMI+c80ujqsfYna0Cj2A7t+0E1EzDxGAnf4X ZWh8M0XxXSI+TwGn284+mS0TVkgI2cHezsWvjIdI4ooGv+rjB2NHTFi7DYW2I/F4 4MAkwM4xpYbsoCpEGA7qoc+yll9SZtqUBH9sFMgdDzrvoBBwwyh6F76CnW2r1WpQ TqaxGt8DttrVX70GOhztHXstQwIDAQABo4ICrzCCAqswHQYDVR0OBBYEFAYYrbwZ j6U9/jZpqvLm5JQ8dk2GMB8GA1UdIwQYMBaAFEIYL19xpYmEzohZrmCkyspz/oNh MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2RUY1RS9GMzhEQ0Y4QTEw NkIxMUU4QjhDQTAyMEJDNEY5QUUwMi9RaGd2WDNHbGlZVE9pRm11WUtUS3luUC1n MkUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1FoZ3ZYM0dsaVlUT2lGbXVZS1RLeW5QLWcyRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NkVGNUUvRjM4RENGOEExMDZCMTFFOEI4Q0EwMjBCQzRGOUFFMDIvMjU4Rjg2NjJC QkRGMTFFRDhDRTg5MTQ0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOQYIKwYBBQUHAQcBAf8E KjAoMAwEAgABMAYDBABnY6gwGAQCAAIwEjAQAwUGJAGxQAMHACQBsUAABDANBgkq hkiG9w0BAQsFAAOCAQEAkVDhOOR1Sbc0QdxVN0p2I7oFAdhpTy2Vwm4at258c19m CyTb5IOok+CEjl4VI/H8FC2NeqePJRmFP9sunvaTFk6AhA5eFS66StdztfgQ2OAt rVczBRbPC8gbZtJvta5TZDwXVb3cZu7psb+o2g0JH4uNHZudaOc+vlKHqOg5e/OC DGOdY/2o7pZUm7s24Rjne9yi1rJtJR2Uu6AokD+IOnwg2I4PlrP+4xKik1h8J7GJ OECguSMMSL8hcp3yUDYgMSSXwdyc338xShLAS6d2+/I6BNg9P2iuTaAWwC14XfWR rMAe92vToG3lSKAdnsw83b15Ng0ax/aiYnKzkP0zTw== -----END CERTIFICATE-----Generated at Fri Nov 22 17:55:49 2024 by rpki-client on console-fra.rpki-client.org