$ rpki-client -vvf rpki.apnic.net/member_repository/A917A66F/8FCC9D28C6F911EE97E6FB1DC4F9AE02/4C7C5ECCE1B211EE84F03918C4F9AE02.roa File: 4C7C5ECCE1B211EE84F03918C4F9AE02.roa (raw, json) Hash identifier: LTeECQk5/azIOJTf8rGaT2gWz1Gmd2inlmhftO85Egc= Subject key identifier: 11:A5:A4:77:00:D0:16:0F:58:BF:6C:38:00:3F:8E:3E:86:DA:08:73 Certificate issuer: /CN=A917A66F/serialNumber=B22C3D0ABCD3919486A3E61E8D788923922BF6A5 Certificate serial: 7A Authority key identifier: B2:2C:3D:0A:BC:D3:91:94:86:A3:E6:1E:8D:78:89:23:92:2B:F6:A5 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/siw9CrzTkZSGo-YejXiJI5Ir9qU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917A66F/8FCC9D28C6F911EE97E6FB1DC4F9AE02/4C7C5ECCE1B211EE84F03918C4F9AE02.roa Signing time: Sun 11 Aug 2024 06:17:23 +0000 ROA not before: Sun 11 Aug 2024 06:17:23 +0000 ROA not after: Fri 31 Oct 2025 00:00:00 +0000 asID: 7586 IP address blocks: 103.118.40.0/22 maxlen: 22 103.118.40.0/24 maxlen: 24 103.118.41.0/24 maxlen: 24 103.118.42.0/24 maxlen: 24 103.118.43.0/24 maxlen: 24 2403:27c0:1000::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917A66F/8FCC9D28C6F911EE97E6FB1DC4F9AE02/siw9CrzTkZSGo-YejXiJI5Ir9qU.crl rsync://rpki.apnic.net/member_repository/A917A66F/8FCC9D28C6F911EE97E6FB1DC4F9AE02/siw9CrzTkZSGo-YejXiJI5Ir9qU.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/siw9CrzTkZSGo-YejXiJI5Ir9qU.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 21 Feb 2025 05:15:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 122 (0x7a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917A66F Validity Not Before: Aug 11 06:17:23 2024 GMT Not After : Oct 31 00:00:00 2025 GMT Subject: CN=66b85773-5281 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9f:38:2a:aa:44:9b:35:25:36:11:a3:85:84:00: 1d:fe:7e:eb:ee:a4:0f:ef:46:2b:f5:c0:62:85:77: 1f:47:cb:42:09:3b:ff:1f:75:73:26:05:d1:26:6e: 29:4d:9a:36:a1:e7:f2:84:b8:f1:15:9d:09:6f:6b: 0c:03:8c:21:23:e8:64:85:2c:e5:af:56:bc:52:98: 59:1a:82:29:69:53:1c:83:45:74:1c:79:30:2f:29: 91:4d:40:69:71:90:0b:3a:f9:fa:bf:95:90:95:0f: 00:7e:0d:86:41:65:e1:ba:3f:a6:01:38:14:05:75: ea:48:d9:86:94:1e:93:80:59:f0:c4:8f:e9:5d:ae: b7:ea:2a:61:79:f8:09:c2:83:a5:f0:52:f2:b9:d6: 0f:89:33:2e:af:57:c8:55:85:bf:ab:97:62:4f:96: 78:08:69:1f:90:7e:54:08:28:7c:c9:65:de:91:c8: d4:17:1e:54:ab:fc:46:d3:c2:a2:09:64:6c:fb:ed: e6:dd:de:3b:fc:df:cb:87:92:bb:87:0b:3c:30:db: b2:e1:f8:21:5e:83:67:9e:46:44:b2:c7:57:34:d0: b2:3b:3a:4b:97:58:af:22:85:aa:3e:f7:0c:77:2b: d0:cb:d9:a6:b1:68:07:31:2d:f8:93:97:b5:6c:6b: b9:a9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 11:A5:A4:77:00:D0:16:0F:58:BF:6C:38:00:3F:8E:3E:86:DA:08:73 X509v3 Authority Key Identifier: keyid:B2:2C:3D:0A:BC:D3:91:94:86:A3:E6:1E:8D:78:89:23:92:2B:F6:A5 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917A66F/8FCC9D28C6F911EE97E6FB1DC4F9AE02/siw9CrzTkZSGo-YejXiJI5Ir9qU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/siw9CrzTkZSGo-YejXiJI5Ir9qU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917A66F/8FCC9D28C6F911EE97E6FB1DC4F9AE02/4C7C5ECCE1B211EE84F03918C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.118.40.0/22 IPv6: 2403:27c0:1000::/48 Signature Algorithm: sha256WithRSAEncryption 7a:cd:61:cf:96:19:7d:49:2c:ec:10:c8:6d:4e:e8:93:82:f6: 56:cd:64:53:f2:83:0c:37:b3:fe:a8:fc:cd:1f:e9:98:8f:05: 00:b5:91:25:06:a6:a4:ee:01:66:16:a8:81:09:3c:77:86:77: ba:de:67:3f:61:53:15:ae:c3:fd:7d:18:6c:49:2d:c1:8b:07: 71:91:7b:03:8f:6e:72:15:ac:b7:b0:85:02:46:1a:c4:be:67: 0b:18:f3:4b:e3:4f:9b:89:53:46:95:84:d8:10:9f:5f:d9:04: 2a:e1:fc:8a:0b:46:75:ca:af:8e:1a:07:03:05:27:3a:13:c1: b3:82:4b:6c:b1:52:f6:53:76:47:6f:2b:d0:42:12:e1:85:de: dd:7c:bc:8c:f0:b5:ac:b0:a4:b2:da:b7:3b:13:a4:cf:84:d4: c4:38:18:11:23:3c:46:7f:3d:4d:93:f9:75:0d:b4:2f:34:98: 6f:03:83:51:30:b6:bf:56:a3:bc:ea:1c:a1:a4:27:65:27:04: f6:1b:96:fb:30:0f:62:cc:f6:9e:65:5a:6d:79:ac:35:f0:76: 8b:9a:d2:33:55:1f:09:db:18:2b:a9:69:c6:1e:bc:b3:4c:1f: 01:9d:5b:31:b7:91:5b:97:65:06:d0:45:e6:8b:83:0c:37:60: 6a:0b:3c:c3 -----BEGIN CERTIFICATE----- MIIFgTCCBGmgAwIBAgIBejANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE3 QTY2RjExMC8GA1UEBRMoQjIyQzNEMEFCQ0QzOTE5NDg2QTNFNjFFOEQ3ODg5MjM5 MjJCRjZBNTAeFw0yNDA4MTEwNjE3MjNaFw0yNTEwMzEwMDAwMDBaMBgxFjAUBgNV BAMTDTY2Yjg1NzczLTUyODEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCfOCqqRJs1JTYRo4WEAB3+fuvupA/vRiv1wGKFdx9Hy0IJO/8fdXMmBdEmbilN mjah5/KEuPEVnQlvawwDjCEj6GSFLOWvVrxSmFkagilpUxyDRXQceTAvKZFNQGlx kAs6+fq/lZCVDwB+DYZBZeG6P6YBOBQFdepI2YaUHpOAWfDEj+ldrrfqKmF5+AnC g6XwUvK51g+JMy6vV8hVhb+rl2JPlngIaR+QflQIKHzJZd6RyNQXHlSr/EbTwqIJ ZGz77ebd3jv838uHkruHCzww27Lh+CFeg2eeRkSyx1c00LI7OkuXWK8ihao+9wx3 K9DL2aaxaAcxLfiTl7Vsa7mpAgMBAAGjggKmMIICojAdBgNVHQ4EFgQUEaWkdwDQ Fg9Yv2w4AD+OPobaCHMwHwYDVR0jBBgwFoAUsiw9CrzTkZSGo+YejXiJI5Ir9qUw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTdBNjZGLzhGQ0M5RDI4QzZG OTExRUU5N0U2RkIxREM0RjlBRTAyL3NpdzlDcnpUa1pTR28tWWVqWGlKSTVJcjlx VS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvc2l3OUNyelRrWlNHby1ZZWpYaUpJNUlyOXFVLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 QTY2Ri84RkNDOUQyOEM2RjkxMUVFOTdFNkZCMURDNEY5QUUwMi80QzdDNUVDQ0Ux QjIxMUVFODRGMDM5MThDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAwBggrBgEFBQcBBwEB/wQh MB8wDAQCAAEwBgMEAmd2KDAPBAIAAjAJAwcAJAMnwBAAMA0GCSqGSIb3DQEBCwUA A4IBAQB6zWHPlhl9SSzsEMhtTuiTgvZWzWRT8oMMN7P+qPzNH+mYjwUAtZElBqak 7gFmFqiBCTx3hne63mc/YVMVrsP9fRhsSS3BiwdxkXsDj25yFay3sIUCRhrEvmcL GPNL40+biVNGlYTYEJ9f2QQq4fyKC0Z1yq+OGgcDBSc6E8GzgktssVL2U3ZHbyvQ QhLhhd7dfLyM8LWssKSy2rc7E6TPhNTEOBgRIzxGfz1Nk/l1DbQvNJhvA4NRMLa/ VqO86hyhpCdlJwT2G5b7MA9izPaeZVpteaw18HaLmtIzVR8J2xgrqWnGHryzTB8B nVsxt5Fbl2UG0EXmi4MMN2BqCzzD -----END CERTIFICATE-----Generated at Sun Feb 16 20:13:23 2025 by rpki-client