$ rpki-client -vvf rpki.apnic.net/member_repository/A9178EF3/9281034A4AAD11EB90637E57C4F9AE02/4BC1EE9A4AAF11EBBF031959C4F9AE02.roa File: 4BC1EE9A4AAF11EBBF031959C4F9AE02.roa (raw, json) Hash identifier: 4qprzCtOPiEKiJUADvZac/O9HxoUboy/SOBdDpVaewg= Subject key identifier: C4:91:E4:DD:BA:96:85:73:E1:87:E6:04:FF:F5:C5:F2:67:49:D2:FE Certificate issuer: /CN=A9178EF3/serialNumber=BE33F6D54819B989322F52A3ECB5F33FDF0E1596 Certificate serial: 0690 Authority key identifier: BE:33:F6:D5:48:19:B9:89:32:2F:52:A3:EC:B5:F3:3F:DF:0E:15:96 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vjP21UgZuYkyL1Kj7LXzP98OFZY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9178EF3/9281034A4AAD11EB90637E57C4F9AE02/4BC1EE9A4AAF11EBBF031959C4F9AE02.roa Signing time: Thu 07 Nov 2024 05:06:54 +0000 ROA not before: Thu 07 Nov 2024 05:06:54 +0000 ROA not after: Mon 31 Mar 2025 00:00:00 +0000 asID: 134480 IP address blocks: 103.141.209.0/24 maxlen: 24 103.161.2.0/24 maxlen: 24 2001:df6:8f80::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9178EF3/9281034A4AAD11EB90637E57C4F9AE02/vjP21UgZuYkyL1Kj7LXzP98OFZY.crl rsync://rpki.apnic.net/member_repository/A9178EF3/9281034A4AAD11EB90637E57C4F9AE02/vjP21UgZuYkyL1Kj7LXzP98OFZY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vjP21UgZuYkyL1Kj7LXzP98OFZY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Nov 2024 20:43:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1680 (0x690) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9178EF3/serialNumber=BE33F6D54819B989322F52A3ECB5F33FDF0E1596 Validity Not Before: Nov 7 05:06:54 2024 GMT Not After : Mar 31 00:00:00 2025 GMT Subject: CN=672c4aed-b06b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:e5:6d:af:04:94:10:1e:2a:d5:f0:07:3a:c1: 50:cb:28:a8:8a:ce:07:a5:28:e1:91:8b:3f:96:f3: d6:0d:1a:5c:20:10:36:94:12:bf:c8:67:6a:f9:84: 1e:fa:17:cd:64:fd:22:ac:6e:55:38:b3:41:ec:31: 9b:bb:e9:85:b0:7d:6c:69:f4:18:b4:08:5a:28:c3: 66:5a:61:ed:0a:00:e6:89:e5:3e:30:7c:a0:f2:d4: 6b:09:f9:22:a1:fc:46:af:db:16:f3:b1:f4:0d:4c: 4a:a0:70:a7:af:25:02:66:6c:3e:be:ea:f3:11:72: b8:7f:5f:26:3c:05:69:be:c6:97:52:7d:18:6a:2a: 45:fa:4c:ed:ec:49:c3:9f:9a:ec:45:eb:96:94:2a: 6a:e4:86:62:c9:fa:bd:a2:55:e0:4f:19:fa:cb:5c: ea:63:fb:ec:52:56:92:d5:67:6b:e4:c3:f8:c8:e3: 1b:70:3f:22:7f:e1:af:0c:c4:ca:d3:7f:00:4a:f8: 9d:40:79:a9:3d:82:27:9a:ea:cc:e5:d6:12:30:d3: 2c:6d:6e:72:42:09:e1:48:67:3a:24:28:ff:ed:54: e1:4e:ec:65:46:be:a4:04:05:05:9a:89:ad:f3:19: 46:a5:36:f6:1b:59:7f:36:5c:d8:9c:37:90:4d:97: d7:9d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C4:91:E4:DD:BA:96:85:73:E1:87:E6:04:FF:F5:C5:F2:67:49:D2:FE X509v3 Authority Key Identifier: keyid:BE:33:F6:D5:48:19:B9:89:32:2F:52:A3:EC:B5:F3:3F:DF:0E:15:96 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9178EF3/9281034A4AAD11EB90637E57C4F9AE02/vjP21UgZuYkyL1Kj7LXzP98OFZY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vjP21UgZuYkyL1Kj7LXzP98OFZY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9178EF3/9281034A4AAD11EB90637E57C4F9AE02/4BC1EE9A4AAF11EBBF031959C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.141.209.0/24 103.161.2.0/24 IPv6: 2001:df6:8f80::/48 Signature Algorithm: sha256WithRSAEncryption 8a:1b:dc:5a:f7:a9:c7:ca:1a:80:eb:c0:a0:0e:5c:b6:30:77: eb:eb:e7:d2:0c:a5:e3:52:6b:54:df:d0:07:cd:1e:ac:96:f3: 82:fa:f9:28:43:06:c5:ce:de:52:53:b9:bd:7a:2f:9a:64:ca: ef:9b:17:3f:c2:cb:70:b7:80:35:07:cd:e6:df:34:f7:6f:39: c6:0a:0f:79:58:6e:76:de:71:ef:e1:c3:9f:5b:f8:1d:6a:52: 82:04:e0:a2:98:d7:a1:e7:24:92:04:b5:56:de:dc:29:19:b8: 79:01:fa:04:41:5c:2a:74:78:e4:6e:25:fb:fd:41:b5:e6:00: 11:21:96:a7:2d:51:2d:b3:55:72:5e:f3:d7:20:8c:8f:21:e5: da:1a:25:66:ee:4b:1d:31:42:a3:bd:99:b0:01:85:65:ff:98: 32:dc:69:57:52:2c:df:2d:fa:f4:78:26:bf:7b:79:b5:16:14: 2e:58:8a:03:73:83:64:9d:6c:87:c0:2a:52:0a:bb:8c:bb:2f: c5:cf:ed:94:b8:85:a7:99:d9:1f:dc:f3:3b:73:b4:42:86:ed: 80:00:f8:9d:5f:8e:b5:15:89:b9:4a:1a:bf:71:09:76:fb:a1: ff:64:e5:3c:c2:9f:b1:41:15:d6:5a:21:f2:4a:5f:c4:bd:70: 42:fc:08:4b -----BEGIN CERTIFICATE----- MIIFiDCCBHCgAwIBAgICBpAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NzhFRjMxMTAvBgNVBAUTKEJFMzNGNkQ1NDgxOUI5ODkzMjJGNTJBM0VDQjVGMzNG REYwRTE1OTYwHhcNMjQxMTA3MDUwNjU0WhcNMjUwMzMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NzJjNGFlZC1iMDZiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAo+VtrwSUEB4q1fAHOsFQyyiois4HpSjhkYs/lvPWDRpcIBA2lBK/yGdq+YQe +hfNZP0irG5VOLNB7DGbu+mFsH1safQYtAhaKMNmWmHtCgDmieU+MHyg8tRrCfki ofxGr9sW87H0DUxKoHCnryUCZmw+vurzEXK4f18mPAVpvsaXUn0YaipF+kzt7EnD n5rsReuWlCpq5IZiyfq9olXgTxn6y1zqY/vsUlaS1Wdr5MP4yOMbcD8if+GvDMTK 038ASvidQHmpPYInmurM5dYSMNMsbW5yQgnhSGc6JCj/7VThTuxlRr6kBAUFmomt 8xlGpTb2G1l/NlzYnDeQTZfXnQIDAQABo4ICrDCCAqgwHQYDVR0OBBYEFMSR5N26 loVz4YfmBP/1xfJnSdL+MB8GA1UdIwQYMBaAFL4z9tVIGbmJMi9So+y18z/fDhWW MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3OEVGMy85MjgxMDM0QTRB QUQxMUVCOTA2MzdFNTdDNEY5QUUwMi92alAyMVVnWnVZa3lMMUtqN0xYelA5OE9G WlkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3ZqUDIxVWdadVlreUwxS2o3TFh6UDk4T0ZaWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NzhFRjMvOTI4MTAzNEE0QUFEMTFFQjkwNjM3RTU3QzRGOUFFMDIvNEJDMUVFOUE0 QUFGMTFFQkJGMDMxOTU5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNgYIKwYBBQUHAQcBAf8E JzAlMBIEAgABMAwDBABnjdEDBABnoQIwDwQCAAIwCQMHACABDfaPgDANBgkqhkiG 9w0BAQsFAAOCAQEAihvcWvepx8oagOvAoA5ctjB36+vn0gyl41JrVN/QB80erJbz gvr5KEMGxc7eUlO5vXovmmTK75sXP8LLcLeANQfN5t809285xgoPeVhudt5x7+HD n1v4HWpSggTgopjXoeckkgS1Vt7cKRm4eQH6BEFcKnR45G4l+/1BteYAESGWpy1R LbNVcl7z1yCMjyHl2holZu5LHTFCo72ZsAGFZf+YMtxpV1Is3y369Hgmv3t5tRYU LliKA3ODZJ1sh8AqUgq7jLsvxc/tlLiFp5nZH9zzO3O0QobtgAD4nV+OtRWJuUoa v3EJdvuh/2TlPMKfsUEV1loh8kpfxL1wQvwISw== -----END CERTIFICATE-----Generated at Fri Nov 22 23:39:29 2024 by rpki-client on console-fra.rpki-client.org