$ rpki-client -vvf rpki.apnic.net/member_repository/A9171A1B/DC58CC5A5C4111EB81D7C60BC4F9AE02/9F00C9325C6111EB9FAD600FC4F9AE02.roa File: 9F00C9325C6111EB9FAD600FC4F9AE02.roa (raw, json) Hash identifier: yIVzk4uXvD0YPL4yuXzlhtAAemUdmmIw9l3qjodWsVI= Subject key identifier: 3A:BD:01:62:30:4E:4E:A0:C9:FF:B5:10:E3:E1:10:5E:5E:A9:9B:EA Certificate issuer: /CN=A9171A1B/serialNumber=4C349C51CA598907D5C07CB1F24851FC048DAD1A Certificate serial: 0685 Authority key identifier: 4C:34:9C:51:CA:59:89:07:D5:C0:7C:B1:F2:48:51:FC:04:8D:AD:1A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TDScUcpZiQfVwHyx8khR_ASNrRo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9171A1B/DC58CC5A5C4111EB81D7C60BC4F9AE02/9F00C9325C6111EB9FAD600FC4F9AE02.roa Signing time: Mon 02 Dec 2024 22:31:37 +0000 ROA not before: Mon 02 Dec 2024 22:31:37 +0000 ROA not after: Sat 31 Jan 2026 00:00:00 +0000 asID: 16509 IP address blocks: 103.124.134.0/24 maxlen: 24 103.124.135.0/24 maxlen: 24 2403:e040:8000::/34 maxlen: 34 2403:e040:c000::/34 maxlen: 34 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9171A1B/DC58CC5A5C4111EB81D7C60BC4F9AE02/TDScUcpZiQfVwHyx8khR_ASNrRo.crl rsync://rpki.apnic.net/member_repository/A9171A1B/DC58CC5A5C4111EB81D7C60BC4F9AE02/TDScUcpZiQfVwHyx8khR_ASNrRo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TDScUcpZiQfVwHyx8khR_ASNrRo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 21 Feb 2025 05:15:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1669 (0x685) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9171A1B Validity Not Before: Dec 2 22:31:37 2024 GMT Not After : Jan 31 00:00:00 2026 GMT Subject: CN=674e3549-6a87 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ec:06:92:3c:49:fe:60:18:9c:40:37:46:0e:53: 90:f4:41:d5:7e:26:bd:04:bc:0d:f3:d7:49:87:6f: 46:21:1b:0e:1c:63:70:b3:fe:a4:21:bd:1f:fd:ff: db:3e:fd:36:c4:02:19:c3:73:9c:d0:28:b6:a8:b5: ee:25:a8:e4:52:fc:07:84:bb:6a:30:63:42:0d:4b: 83:b6:f0:b9:d7:eb:f5:49:48:29:bd:4b:c5:85:1f: 81:d4:ed:7d:71:4e:be:f0:37:ab:96:93:40:0e:40: da:6f:4c:2d:72:05:04:22:95:9f:4f:ac:64:cd:06: 9f:65:6c:be:fa:b1:2f:33:b1:6d:b2:72:e2:3c:30: 4c:a1:9a:d6:21:8f:f2:e1:59:bb:16:64:99:b8:aa: 46:0f:35:dc:dd:1a:1b:df:68:5c:96:27:b8:04:69: 0b:3e:e7:74:1c:b6:3a:5d:35:0e:2a:9a:9c:fd:e4: c1:61:62:7d:bb:62:5f:de:9a:c6:ff:9b:c3:41:03: 72:58:1c:87:92:1f:d2:9d:b6:ea:45:af:d7:8a:88: cf:ab:96:b2:58:6f:72:c1:db:77:44:1c:56:1f:1d: e5:ec:bd:69:7f:5f:0f:a9:9c:d5:c5:49:85:63:67: 18:b5:25:22:d9:c0:16:18:9a:d0:6b:a6:c8:7a:7b: 52:fb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3A:BD:01:62:30:4E:4E:A0:C9:FF:B5:10:E3:E1:10:5E:5E:A9:9B:EA X509v3 Authority Key Identifier: keyid:4C:34:9C:51:CA:59:89:07:D5:C0:7C:B1:F2:48:51:FC:04:8D:AD:1A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9171A1B/DC58CC5A5C4111EB81D7C60BC4F9AE02/TDScUcpZiQfVwHyx8khR_ASNrRo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TDScUcpZiQfVwHyx8khR_ASNrRo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9171A1B/DC58CC5A5C4111EB81D7C60BC4F9AE02/9F00C9325C6111EB9FAD600FC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.124.134.0/23 IPv6: 2403:e040:8000::/33 Signature Algorithm: sha256WithRSAEncryption 05:64:ef:7d:b7:2c:20:8a:0f:b5:ec:41:9a:10:52:3d:44:56: 39:55:ca:e6:a0:91:b8:39:d4:ad:fc:16:e0:e0:68:2f:cc:1b: 83:12:3a:2a:4a:de:72:8b:24:b2:ba:04:42:88:93:9b:16:d5: 84:5d:16:a8:79:21:67:ea:6b:a1:6f:6d:da:09:37:b9:ef:8a: 04:e6:0c:4d:00:8b:a7:70:ae:35:a5:3e:21:f5:d7:1c:d2:ab: 00:2a:8b:7f:71:4f:97:bd:69:2b:2c:7f:7b:49:41:bc:e9:56: ed:8a:eb:65:e1:bd:75:d6:7c:fa:30:4c:a7:bb:69:63:52:ac: ee:f3:81:c0:df:91:09:46:81:44:b4:e8:80:6d:30:6a:a3:ae: 52:98:ca:da:a5:51:fb:4c:bf:9c:b0:64:ba:75:6d:4a:73:f5: 96:a9:bf:ca:72:01:02:b2:60:b4:69:38:ac:c7:17:d4:99:c1: f2:e4:b6:c7:ad:03:9d:f9:a4:e5:e0:d5:bf:aa:27:6d:92:92: cf:2d:a0:cd:ce:7e:e8:cc:2d:9a:88:b9:0e:1c:87:96:b5:72: ce:09:11:47:68:de:f3:e0:15:ec:14:71:9b:7b:b2:f9:a2:91: 89:85:3b:15:aa:34:2c:ce:4e:98:78:2f:4e:70:69:b1:b0:1f: 90:fe:37:a6 -----BEGIN CERTIFICATE----- MIIFgTCCBGmgAwIBAgICBoUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NzFBMUIxMTAvBgNVBAUTKDRDMzQ5QzUxQ0E1OTg5MDdENUMwN0NCMUYyNDg1MUZD MDQ4REFEMUEwHhcNMjQxMjAyMjIzMTM3WhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NzRlMzU0OS02YTg3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA7AaSPEn+YBicQDdGDlOQ9EHVfia9BLwN89dJh29GIRsOHGNws/6kIb0f/f/b Pv02xAIZw3Oc0Ci2qLXuJajkUvwHhLtqMGNCDUuDtvC51+v1SUgpvUvFhR+B1O19 cU6+8DerlpNADkDab0wtcgUEIpWfT6xkzQafZWy++rEvM7FtsnLiPDBMoZrWIY/y 4Vm7FmSZuKpGDzXc3Rob32hclie4BGkLPud0HLY6XTUOKpqc/eTBYWJ9u2Jf3prG /5vDQQNyWByHkh/SnbbqRa/XiojPq5ayWG9ywdt3RBxWHx3l7L1pf18PqZzVxUmF Y2cYtSUi2cAWGJrQa6bIentS+wIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFDq9AWIw Tk6gyf+1EOPhEF5eqZvqMB8GA1UdIwQYMBaAFEw0nFHKWYkH1cB8sfJIUfwEja0a MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3MUExQi9EQzU4Q0M1QTVD NDExMUVCODFEN0M2MEJDNEY5QUUwMi9URFNjVWNwWmlRZlZ3SHl4OGtoUl9BU05y Um8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1REU2NVY3BaaVFmVndIeXg4a2hSX0FTTnJSby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NzFBMUIvREM1OENDNUE1QzQxMTFFQjgxRDdDNjBCQzRGOUFFMDIvOUYwMEM5MzI1 QzYxMTFFQjlGQUQ2MDBGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLwYIKwYBBQUHAQcBAf8E IDAeMAwEAgABMAYDBAFnfIYwDgQCAAIwCAMGByQD4ECAMA0GCSqGSIb3DQEBCwUA A4IBAQAFZO99tywgig+17EGaEFI9RFY5VcrmoJG4OdSt/Bbg4GgvzBuDEjoqSt5y iySyugRCiJObFtWEXRaoeSFn6muhb23aCTe574oE5gxNAIuncK41pT4h9dcc0qsA Kot/cU+XvWkrLH97SUG86Vbtiutl4b111nz6MEynu2ljUqzu84HA35EJRoFEtOiA bTBqo65SmMrapVH7TL+csGS6dW1Kc/WWqb/KcgECsmC0aTisxxfUmcHy5LbHrQOd +aTl4NW/qidtkpLPLaDNzn7ozC2aiLkOHIeWtXLOCRFHaN7z4BXsFHGbe7L5opGJ hTsVqjQszk6YeC9OcGmxsB+Q/jem -----END CERTIFICATE-----Generated at Sun Feb 16 15:49:36 2025 by rpki-client