$ rpki-client -vvf rpki.apnic.net/member_repository/A9172A52/3E76D7EE981911EFB0D0DD34C4F9AE02/0226B7F8990611EFB1F1DE6BC4F9AE02.roa File: 0226B7F8990611EFB1F1DE6BC4F9AE02.roa (raw, json) Hash identifier: HFpOF7I3GV6WE8r7JPp1yYRngdlcU7JSkIeWPz4ePTE= Subject key identifier: B9:FB:53:54:8F:67:F9:46:17:B4:1C:4D:4D:9E:53:4A:D2:66:07:CE Certificate issuer: /CN=A9172A52/serialNumber=674AC57C099876A06657180B34E24E6EEE884411 Certificate serial: 2B Authority key identifier: 67:4A:C5:7C:09:98:76:A0:66:57:18:0B:34:E2:4E:6E:EE:88:44:11 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Z0rFfAmYdqBmVxgLNOJObu6IRBE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9172A52/3E76D7EE981911EFB0D0DD34C4F9AE02/0226B7F8990611EFB1F1DE6BC4F9AE02.roa Signing time: Mon 04 Nov 2024 06:55:06 +0000 ROA not before: Mon 04 Nov 2024 06:55:06 +0000 ROA not after: Tue 30 Dec 2025 00:00:00 +0000 asID: 133858 IP address blocks: 103.40.164.0/23 maxlen: 23 103.40.164.0/24 maxlen: 24 103.40.165.0/24 maxlen: 24 103.78.222.0/23 maxlen: 23 103.78.222.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9172A52/3E76D7EE981911EFB0D0DD34C4F9AE02/Z0rFfAmYdqBmVxgLNOJObu6IRBE.crl rsync://rpki.apnic.net/member_repository/A9172A52/3E76D7EE981911EFB0D0DD34C4F9AE02/Z0rFfAmYdqBmVxgLNOJObu6IRBE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Z0rFfAmYdqBmVxgLNOJObu6IRBE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 30 Nov 2024 02:50:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 43 (0x2b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9172A52/serialNumber=674AC57C099876A06657180B34E24E6EEE884411 Validity Not Before: Nov 4 06:55:06 2024 GMT Not After : Dec 30 00:00:00 2025 GMT Subject: CN=67286fca-602c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:3d:0c:0a:49:df:85:ed:ef:bb:f1:d6:a2:ed: 96:3c:27:78:6a:07:1b:11:be:25:1b:13:4f:42:7f: d1:8e:0c:ad:a7:f1:b2:35:c1:84:7e:c3:ff:c6:2a: 1c:a0:4e:d3:7f:63:8f:dd:d9:17:17:3f:cd:85:93: 7d:69:02:61:94:8d:4f:0d:c5:65:77:39:18:23:7f: a1:24:88:81:54:b9:8e:e6:9a:16:be:36:07:0d:ba: 0d:88:01:bd:66:a5:26:31:19:04:69:31:4d:11:63: e9:99:6e:48:9d:58:84:ac:bb:33:96:77:70:ff:df: 6e:b1:32:66:98:8b:2e:a7:d4:d7:9f:7b:f6:45:f9: 98:40:d0:9a:cc:b6:fa:dc:dc:0c:c1:01:0d:4c:78: a4:34:01:c4:36:f3:f1:45:80:fd:0e:22:40:4a:95: 54:2c:8f:3d:31:98:70:d9:e4:79:33:50:b7:11:f0: 04:62:cc:8a:cb:9d:f2:db:4d:ec:8e:2c:f5:91:8d: 48:e4:81:3f:b4:50:8d:0e:26:e1:21:84:c8:b8:60: 24:bd:e3:3a:49:47:b0:d8:95:31:f1:45:64:7e:2b: d0:83:2b:ca:5c:16:1b:28:e9:fc:b1:63:0d:cb:46: a7:d5:53:ee:88:aa:db:f0:62:88:f0:52:cd:5a:4e: 43:e3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B9:FB:53:54:8F:67:F9:46:17:B4:1C:4D:4D:9E:53:4A:D2:66:07:CE X509v3 Authority Key Identifier: keyid:67:4A:C5:7C:09:98:76:A0:66:57:18:0B:34:E2:4E:6E:EE:88:44:11 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9172A52/3E76D7EE981911EFB0D0DD34C4F9AE02/Z0rFfAmYdqBmVxgLNOJObu6IRBE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Z0rFfAmYdqBmVxgLNOJObu6IRBE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9172A52/3E76D7EE981911EFB0D0DD34C4F9AE02/0226B7F8990611EFB1F1DE6BC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.40.164.0/23 103.78.222.0/23 Signature Algorithm: sha256WithRSAEncryption 35:6c:58:e0:db:f5:ca:d6:00:ef:1a:8f:75:ad:bf:31:e2:5d: 76:3f:6c:41:a0:8a:47:ae:dc:33:04:53:e0:95:9d:47:0f:a7: 6d:61:9b:80:6c:43:f3:56:f1:51:ae:a3:56:b0:d0:66:a2:9e: 87:2c:65:24:70:88:83:f8:b7:7b:69:e8:f1:8c:e3:61:b3:e9: f3:92:a2:1e:ba:cc:85:e2:87:6a:86:9d:73:07:bc:bc:d5:17: 55:43:51:a4:4e:f7:7f:b7:33:e9:aa:67:58:a4:42:a1:4c:95: eb:e3:99:31:5f:be:b6:dc:62:d6:eb:b6:fb:77:08:8c:1e:36: ca:ad:04:47:d5:44:6e:d7:75:cb:f4:21:a3:fd:59:3d:d8:54: 40:ef:b3:c1:b7:08:f8:51:98:7f:04:a0:67:01:35:a6:98:3c: da:d1:59:87:2c:b0:6e:1d:d7:74:61:67:2b:d3:8f:b1:51:0c: 53:bc:2f:2d:07:1b:c9:2c:de:44:03:79:04:a7:62:6e:ad:64: 30:0a:3b:9b:f0:c6:5e:a5:4e:37:4a:30:c8:1d:d3:83:9e:23: 49:43:49:9a:5e:27:77:e3:d3:98:28:ef:3b:62:af:5c:31:82: 0d:fe:42:18:2c:40:3d:d1:3b:dc:0f:b3:8c:7d:1a:c7:39:fc: b6:0e:4d:02 -----BEGIN CERTIFICATE----- MIIFdjCCBF6gAwIBAgIBKzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE3 MkE1MjExMC8GA1UEBRMoNjc0QUM1N0MwOTk4NzZBMDY2NTcxODBCMzRFMjRFNkVF RTg4NDQxMTAeFw0yNDExMDQwNjU1MDZaFw0yNTEyMzAwMDAwMDBaMBgxFjAUBgNV BAMTDTY3Mjg2ZmNhLTYwMmMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCzPQwKSd+F7e+78dai7ZY8J3hqBxsRviUbE09Cf9GODK2n8bI1wYR+w//GKhyg TtN/Y4/d2RcXP82Fk31pAmGUjU8NxWV3ORgjf6EkiIFUuY7mmha+NgcNug2IAb1m pSYxGQRpMU0RY+mZbkidWISsuzOWd3D/326xMmaYiy6n1Nefe/ZF+ZhA0JrMtvrc 3AzBAQ1MeKQ0AcQ28/FFgP0OIkBKlVQsjz0xmHDZ5HkzULcR8ARizIrLnfLbTeyO LPWRjUjkgT+0UI0OJuEhhMi4YCS94zpJR7DYlTHxRWR+K9CDK8pcFhso6fyxYw3L RqfVU+6IqtvwYojwUs1aTkPjAgMBAAGjggKbMIIClzAdBgNVHQ4EFgQUuftTVI9n +UYXtBxNTZ5TStJmB84wHwYDVR0jBBgwFoAUZ0rFfAmYdqBmVxgLNOJObu6IRBEw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTcyQTUyLzNFNzZEN0VFOTgx OTExRUZCMEQwREQzNEM0RjlBRTAyL1owckZmQW1ZZHFCbVZ4Z0xOT0pPYnU2SVJC RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvWjByRmZBbVlkcUJtVnhnTE5PSk9idTZJUkJFLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 MkE1Mi8zRTc2RDdFRTk4MTkxMUVGQjBEMEREMzRDNEY5QUUwMi8wMjI2QjdGODk5 MDYxMUVGQjFGMURFNkJDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAlBggrBgEFBQcBBwEB/wQW MBQwEgQCAAEwDAMEAWcopAMEAWdO3jANBgkqhkiG9w0BAQsFAAOCAQEANWxY4Nv1 ytYA7xqPda2/MeJddj9sQaCKR67cMwRT4JWdRw+nbWGbgGxD81bxUa6jVrDQZqKe hyxlJHCIg/i3e2no8YzjYbPp85KiHrrMheKHaoadcwe8vNUXVUNRpE73f7cz6apn WKRCoUyV6+OZMV++ttxi1uu2+3cIjB42yq0ER9VEbtd1y/Qho/1ZPdhUQO+zwbcI +FGYfwSgZwE1ppg82tFZhyywbh3XdGFnK9OPsVEMU7wvLQcbySzeRAN5BKdibq1k MAo7m/DGXqVON0owyB3Tg54jSUNJml4nd+PTmCjvO2KvXDGCDf5CGCxAPdE73A+z jH0axzn8tg5NAg== -----END CERTIFICATE-----Generated at Sat Nov 23 07:45:03 2024 by rpki-client on console-ams.rpki-client.org