$ rpki-client -vvf rpki.apnic.net/member_repository/A9175299/26890EDA42C511EAB26CFD1BC4F9AE02/89340B10B5E011EE91DD4D53C4F9AE02.roa File: 89340B10B5E011EE91DD4D53C4F9AE02.roa (raw, json) Hash identifier: NIZMmo0NuHhn6nD3NdRcv7nYc0S58OkPUhvDUedEdrM= Subject key identifier: 3D:10:72:FC:20:A3:E9:A2:06:DE:C1:86:93:8C:17:82:B4:D8:5E:3B Certificate issuer: /CN=A9175299/serialNumber=81A7151B177592F86823B69F437624E9C002DE41 Certificate serial: 0A1A Authority key identifier: 81:A7:15:1B:17:75:92:F8:68:23:B6:9F:43:76:24:E9:C0:02:DE:41 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gacVGxd1kvhoI7afQ3Yk6cAC3kE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9175299/26890EDA42C511EAB26CFD1BC4F9AE02/89340B10B5E011EE91DD4D53C4F9AE02.roa Signing time: Thu 18 Jan 2024 09:07:24 +0000 ROA not before: Thu 18 Jan 2024 09:07:24 +0000 ROA not after: Fri 31 Jan 2025 00:00:00 +0000 asID: 138385 IP address blocks: 103.124.52.0/22 maxlen: 23 103.124.52.0/24 maxlen: 24 103.124.54.0/24 maxlen: 24 103.124.55.0/24 maxlen: 24 2403:da40::/32 maxlen: 32 2403:da40::/33 maxlen: 33 2403:da40:100::/40 maxlen: 40 2403:da40:102::/48 maxlen: 48 2403:da40:103::/48 maxlen: 48 2403:da40:8000::/33 maxlen: 33 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9175299/26890EDA42C511EAB26CFD1BC4F9AE02/gacVGxd1kvhoI7afQ3Yk6cAC3kE.crl rsync://rpki.apnic.net/member_repository/A9175299/26890EDA42C511EAB26CFD1BC4F9AE02/gacVGxd1kvhoI7afQ3Yk6cAC3kE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gacVGxd1kvhoI7afQ3Yk6cAC3kE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 13 May 2024 20:34:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2586 (0xa1a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9175299/serialNumber=81A7151B177592F86823B69F437624E9C002DE41 Validity Not Before: Jan 18 09:07:24 2024 GMT Not After : Jan 31 00:00:00 2025 GMT Subject: CN=65a8ea4b-af9d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:8d:bb:61:5b:23:3c:08:8c:3f:b2:6a:8c:0e: 58:72:94:2d:f4:5f:85:29:fc:74:ea:7a:39:b0:84: 80:11:f6:5d:d7:ee:aa:64:76:23:af:5e:6b:ef:14: 4e:ce:6e:b5:f5:2c:bb:7c:90:2a:c2:69:c8:7f:74: 08:f1:f9:ea:ed:d0:4a:2f:0f:63:e3:a0:dc:af:e4: a3:d5:fc:5d:3c:db:32:f5:7c:d9:71:cd:fe:6a:61: 78:51:05:50:fd:ca:19:9c:2e:08:6f:98:b9:d0:20: 87:5b:23:f2:8a:87:61:03:5c:29:4b:a5:b4:bb:f7: a7:55:27:64:6a:5f:f4:1b:32:1c:46:fa:e5:b4:b2: 5f:7e:1c:ab:39:81:45:96:b1:ff:b0:f3:11:86:c9: 68:e1:fc:93:66:ea:ee:9a:65:7b:8b:e8:af:be:d3: 4d:17:24:c7:e6:14:e4:14:a0:cb:c9:a9:5f:37:94: 38:ef:e4:5f:5a:fe:bc:c9:6f:d6:52:d7:33:6a:75: a6:4c:9f:0c:47:f4:a5:2c:10:18:c8:53:66:0c:cb: 46:5b:26:c9:96:2f:a8:a1:c1:d7:3c:d3:95:fa:b5: 08:77:ea:5f:91:a7:c7:e7:a6:3a:72:05:94:60:ad: c3:8e:04:7e:05:e3:c7:f8:33:f8:e7:31:4f:e1:41: cb:4b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3D:10:72:FC:20:A3:E9:A2:06:DE:C1:86:93:8C:17:82:B4:D8:5E:3B X509v3 Authority Key Identifier: keyid:81:A7:15:1B:17:75:92:F8:68:23:B6:9F:43:76:24:E9:C0:02:DE:41 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9175299/26890EDA42C511EAB26CFD1BC4F9AE02/gacVGxd1kvhoI7afQ3Yk6cAC3kE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gacVGxd1kvhoI7afQ3Yk6cAC3kE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9175299/26890EDA42C511EAB26CFD1BC4F9AE02/89340B10B5E011EE91DD4D53C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.124.52.0/22 IPv6: 2403:da40::/32 Signature Algorithm: sha256WithRSAEncryption 2b:99:2d:91:32:0b:3b:f7:53:34:d3:91:bb:d3:42:df:0f:b2: 80:02:16:1b:69:b2:d6:6b:6e:12:7e:ff:e7:ab:42:c3:b9:a7: 4d:2f:d1:62:38:6f:d8:7b:19:62:6a:0b:4c:82:9b:c2:df:64: 70:1c:91:db:72:c3:84:b1:e3:5c:df:8a:cc:29:e8:0b:4c:18: aa:26:95:ac:58:89:59:7f:14:69:85:17:f0:3d:ec:20:ea:fd: b6:83:4d:bc:8f:cd:65:10:81:91:52:9f:26:e4:12:40:b4:17: 44:25:1f:4f:06:d9:29:08:9c:7d:dc:a1:eb:a2:27:9d:86:e8: cd:6c:8f:0b:61:36:41:db:e3:6c:ae:6a:38:c9:b4:c8:ff:67: f1:36:2a:29:b9:58:a9:cc:88:09:14:51:2b:02:0d:e6:a6:d0: da:4f:34:66:3e:8c:90:a5:2c:84:5e:fa:c2:31:80:b1:49:92: 1d:88:26:2c:cf:66:37:20:a9:97:f6:2a:10:48:c9:1f:2e:ba: 96:d9:ea:c2:20:41:9d:d0:51:18:56:13:2e:a0:71:86:fd:20: 26:c8:42:13:16:16:0f:b5:a4:28:1c:3b:5b:91:26:94:3f:cc: ba:0d:9f:5e:ff:2a:cd:16:12:4b:f1:f6:28:ab:5b:ae:13:68: 85:aa:9b:f9 -----BEGIN CERTIFICATE----- MIIFgDCCBGigAwIBAgICChowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NzUyOTkxMTAvBgNVBAUTKDgxQTcxNTFCMTc3NTkyRjg2ODIzQjY5RjQzNzYyNEU5 QzAwMkRFNDEwHhcNMjQwMTE4MDkwNzI0WhcNMjUwMTMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NWE4ZWE0Yi1hZjlkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAzo27YVsjPAiMP7JqjA5YcpQt9F+FKfx06no5sISAEfZd1+6qZHYjr15r7xRO zm619Sy7fJAqwmnIf3QI8fnq7dBKLw9j46Dcr+Sj1fxdPNsy9XzZcc3+amF4UQVQ /coZnC4Ib5i50CCHWyPyiodhA1wpS6W0u/enVSdkal/0GzIcRvrltLJffhyrOYFF lrH/sPMRhslo4fyTZurummV7i+ivvtNNFyTH5hTkFKDLyalfN5Q47+RfWv68yW/W UtczanWmTJ8MR/SlLBAYyFNmDMtGWybJli+oocHXPNOV+rUId+pfkafH56Y6cgWU YK3DjgR+BePH+DP45zFP4UHLSwIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFD0Qcvwg o+miBt7BhpOMF4K02F47MB8GA1UdIwQYMBaAFIGnFRsXdZL4aCO2n0N2JOnAAt5B MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3NTI5OS8yNjg5MEVEQTQy QzUxMUVBQjI2Q0ZEMUJDNEY5QUUwMi9nYWNWR3hkMWt2aG9JN2FmUTNZazZjQUMz a0UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2dhY1ZHeGQxa3Zob0k3YWZRM1lrNmNBQzNrRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NzUyOTkvMjY4OTBFREE0MkM1MTFFQUIyNkNGRDFCQzRGOUFFMDIvODkzNDBCMTBC NUUwMTFFRTkxREQ0RDUzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E HzAdMAwEAgABMAYDBAJnfDQwDQQCAAIwBwMFACQD2kAwDQYJKoZIhvcNAQELBQAD ggEBACuZLZEyCzv3UzTTkbvTQt8PsoACFhtpstZrbhJ+/+erQsO5p00v0WI4b9h7 GWJqC0yCm8LfZHAckdtyw4Sx41zfiswp6AtMGKomlaxYiVl/FGmFF/A97CDq/baD TbyPzWUQgZFSnybkEkC0F0QlH08G2SkInH3coeuiJ52G6M1sjwthNkHb42yuajjJ tMj/Z/E2Kim5WKnMiAkUUSsCDeam0NpPNGY+jJClLIRe+sIxgLFJkh2IJizPZjcg qZf2KhBIyR8uupbZ6sIgQZ3QURhWEy6gcYb9ICbIQhMWFg+1pCgcO1uRJpQ/zLoN n17/Ks0WEkvx9iirW64TaIWqm/k= -----END CERTIFICATE-----Generated at Mon May 6 22:40:56 2024 by rpki-client on console-ams.rpki-client.org