$ rpki-client -vvf rpki.apnic.net/member_repository/A917315B/D735A3B4ED4B11ECA9553778C4F9AE02/CA1FFF4A8E6511EFB7E3F85FC4F9AE02.roa File: CA1FFF4A8E6511EFB7E3F85FC4F9AE02.roa (raw, json) Hash identifier: SR9KQobrAZpiVBq6tO3MXH4mW4d5vpb6U3K8utPodrY= Subject key identifier: 84:A2:D3:6D:D5:21:0E:6D:64:F8:B5:0F:C1:43:A8:CE:C9:99:F5:CB Certificate issuer: /CN=A917315B/serialNumber=196F92773293E4954B4D97A5D37AC820A745C2E0 Certificate serial: 0287 Authority key identifier: 19:6F:92:77:32:93:E4:95:4B:4D:97:A5:D3:7A:C8:20:A7:45:C2:E0 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GW-SdzKT5JVLTZel03rIIKdFwuA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917315B/D735A3B4ED4B11ECA9553778C4F9AE02/CA1FFF4A8E6511EFB7E3F85FC4F9AE02.roa Signing time: Mon 18 Nov 2024 21:19:25 +0000 ROA not before: Mon 18 Nov 2024 21:19:25 +0000 ROA not after: Tue 30 Sep 2025 00:00:00 +0000 asID: 208171 IP address blocks: 103.189.191.0/24 maxlen: 24 2001:df0:d840::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917315B/D735A3B4ED4B11ECA9553778C4F9AE02/GW-SdzKT5JVLTZel03rIIKdFwuA.crl rsync://rpki.apnic.net/member_repository/A917315B/D735A3B4ED4B11ECA9553778C4F9AE02/GW-SdzKT5JVLTZel03rIIKdFwuA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GW-SdzKT5JVLTZel03rIIKdFwuA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 Nov 2024 20:33:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 647 (0x287) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917315B/serialNumber=196F92773293E4954B4D97A5D37AC820A745C2E0 Validity Not Before: Nov 18 21:19:25 2024 GMT Not After : Sep 30 00:00:00 2025 GMT Subject: CN=673baf5d-1e2b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:df:56:18:91:1a:75:fc:b8:2c:6b:8c:88:95:4d: 02:2e:61:75:20:fe:af:e3:ff:4b:92:8a:f4:23:8d: 7c:d0:e0:94:e8:b7:e3:1b:cb:6d:64:8f:95:15:c8: 24:d2:73:3a:2d:e4:c6:44:bb:a4:22:ca:b2:ed:36: 79:6f:a9:4c:da:af:ac:05:64:3b:20:b8:9f:7d:47: f8:52:68:69:f8:31:84:b0:bc:1c:6d:c8:e8:ba:6f: 45:81:2b:8f:33:be:5c:bc:a6:c5:6c:36:70:0f:5a: 90:25:06:61:b9:bb:73:22:ac:ac:13:8e:36:d9:df: 09:fa:fe:fb:9e:ed:6d:0c:20:88:58:b3:09:b0:43: a8:be:97:6e:3d:45:b9:04:bf:ae:75:bb:62:23:7d: 58:19:a8:af:e6:8b:67:a1:59:14:9f:3a:02:e1:95: a9:f8:07:9a:99:eb:e2:95:85:8d:d4:67:28:87:d7: 59:1a:d1:8d:ed:c4:ee:e9:81:8f:f3:4a:02:c9:0a: a6:e5:62:80:9a:f9:35:92:2d:e4:03:83:c8:d0:71: 84:ae:f0:67:51:53:c3:80:3c:f7:f5:c3:00:54:7f: ca:bc:c9:87:a2:3d:a4:97:03:16:e2:b1:ce:39:4a: c3:e0:81:6d:17:c6:0d:df:7a:72:76:96:cd:1e:dd: 3b:f5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 84:A2:D3:6D:D5:21:0E:6D:64:F8:B5:0F:C1:43:A8:CE:C9:99:F5:CB X509v3 Authority Key Identifier: keyid:19:6F:92:77:32:93:E4:95:4B:4D:97:A5:D3:7A:C8:20:A7:45:C2:E0 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917315B/D735A3B4ED4B11ECA9553778C4F9AE02/GW-SdzKT5JVLTZel03rIIKdFwuA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GW-SdzKT5JVLTZel03rIIKdFwuA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917315B/D735A3B4ED4B11ECA9553778C4F9AE02/CA1FFF4A8E6511EFB7E3F85FC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.189.191.0/24 IPv6: 2001:df0:d840::/48 Signature Algorithm: sha256WithRSAEncryption 71:0d:9f:a0:8d:3c:48:c7:0f:21:86:6e:4b:fa:17:96:7c:24: 20:30:7a:f1:a5:3d:bd:50:e4:0c:50:1b:6e:5a:a1:a7:17:a7: 38:6f:16:39:21:7f:79:a2:fe:46:29:58:96:95:5a:c4:cf:4e: 48:70:f5:ef:f8:fe:0a:e2:4b:89:65:af:e3:68:f7:16:3d:a1: 5d:a7:2e:49:64:ee:a1:81:e2:b8:0f:58:4a:55:30:bf:40:2b: 47:4c:47:33:f9:af:a4:9d:1c:a7:26:a9:0e:9d:4b:d1:f5:51: b0:5c:4a:69:60:79:35:c1:b3:84:4c:51:02:92:05:90:30:89: 54:3b:d4:c6:f0:02:e0:07:4e:52:86:a1:1e:67:1d:e9:29:ef: 66:c4:f6:e5:29:7c:a4:a7:0c:f4:8c:38:fd:ad:e4:1d:9b:5d: ef:f0:3b:bb:1f:23:01:86:ec:76:9f:55:2b:d9:f0:53:d2:02: 59:3b:f7:04:f9:6b:0e:67:6c:d6:c5:91:83:a5:b5:1b:42:cc: 5d:39:ac:82:98:ec:c6:90:9b:18:aa:f7:f3:64:ed:3d:9d:64: 2c:0d:a7:89:ec:9b:25:b9:e8:b6:68:f3:fe:74:49:e6:31:72: 8c:18:d2:8d:7d:1c:ed:48:34:47:cc:e8:b9:d1:58:db:1d:50: 90:8a:ea:06 -----BEGIN CERTIFICATE----- MIIFgjCCBGqgAwIBAgICAocwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NzMxNUIxMTAvBgNVBAUTKDE5NkY5Mjc3MzI5M0U0OTU0QjREOTdBNUQzN0FDODIw QTc0NUMyRTAwHhcNMjQxMTE4MjExOTI1WhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD VQQDEw02NzNiYWY1ZC0xZTJiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA31YYkRp1/Lgsa4yIlU0CLmF1IP6v4/9Lkor0I4180OCU6LfjG8ttZI+VFcgk 0nM6LeTGRLukIsqy7TZ5b6lM2q+sBWQ7ILiffUf4Umhp+DGEsLwcbcjoum9FgSuP M75cvKbFbDZwD1qQJQZhubtzIqysE4422d8J+v77nu1tDCCIWLMJsEOovpduPUW5 BL+udbtiI31YGaiv5otnoVkUnzoC4ZWp+AeamevilYWN1Gcoh9dZGtGN7cTu6YGP 80oCyQqm5WKAmvk1ki3kA4PI0HGErvBnUVPDgDz39cMAVH/KvMmHoj2klwMW4rHO OUrD4IFtF8YN33pydpbNHt079QIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFISi023V IQ5tZPi1D8FDqM7JmfXLMB8GA1UdIwQYMBaAFBlvkncyk+SVS02XpdN6yCCnRcLg MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3MzE1Qi9ENzM1QTNCNEVE NEIxMUVDQTk1NTM3NzhDNEY5QUUwMi9HVy1TZHpLVDVKVkxUWmVsMDNySUlLZEZ3 dUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0dXLVNkektUNUpWTFRaZWwwM3JJSUtkRnd1QS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NzMxNUIvRDczNUEzQjRFRDRCMTFFQ0E5NTUzNzc4QzRGOUFFMDIvQ0ExRkZGNEE4 RTY1MTFFRkI3RTNGODVGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E ITAfMAwEAgABMAYDBABnvb8wDwQCAAIwCQMHACABDfDYQDANBgkqhkiG9w0BAQsF AAOCAQEAcQ2foI08SMcPIYZuS/oXlnwkIDB68aU9vVDkDFAbblqhpxenOG8WOSF/ eaL+RilYlpVaxM9OSHD17/j+CuJLiWWv42j3Fj2hXacuSWTuoYHiuA9YSlUwv0Ar R0xHM/mvpJ0cpyapDp1L0fVRsFxKaWB5NcGzhExRApIFkDCJVDvUxvAC4AdOUoah Hmcd6SnvZsT25Sl8pKcM9Iw4/a3kHZtd7/A7ux8jAYbsdp9VK9nwU9ICWTv3BPlr Dmds1sWRg6W1G0LMXTmsgpjsxpCbGKr382TtPZ1kLA2nieybJbnotmjz/nRJ5jFy jBjSjX0c7Ug0R8zoudFY2x1QkIrqBg== -----END CERTIFICATE-----Generated at Thu Nov 21 03:11:58 2024 by rpki-client on console-fra.rpki-client.org