$ rpki-client -vvf rpki.apnic.net/member_repository/A9180484/6925BD8ED2C111E9A925CD29C4F9AE02/D2588FA2D2C111E9B5D20B2AC4F9AE02.roa File: D2588FA2D2C111E9B5D20B2AC4F9AE02.roa (raw, json) Hash identifier: 3lfdylanDHmeBtco3xOY3EFynIvyeVsjRU7spFbzglc= Subject key identifier: BA:DE:0B:21:43:CF:39:CC:3A:7E:1D:42:C2:F8:05:E0:55:32:75:CD Certificate issuer: /CN=A9180484/serialNumber=435BDF930304194A0869ADEE87A0B556C588F6F4 Certificate serial: 0CD2 Authority key identifier: 43:5B:DF:93:03:04:19:4A:08:69:AD:EE:87:A0:B5:56:C5:88:F6:F4 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Q1vfkwMEGUoIaa3uh6C1VsWI9vQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9180484/6925BD8ED2C111E9A925CD29C4F9AE02/D2588FA2D2C111E9B5D20B2AC4F9AE02.roa Signing time: Wed 02 Oct 2024 18:26:44 +0000 ROA not before: Wed 02 Oct 2024 18:26:44 +0000 ROA not after: Tue 30 Dec 2025 00:00:00 +0000 asID: 138204 IP address blocks: 103.122.45.0/24 maxlen: 24 103.141.232.0/24 maxlen: 24 2001:df6:8b00::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9180484/6925BD8ED2C111E9A925CD29C4F9AE02/Q1vfkwMEGUoIaa3uh6C1VsWI9vQ.crl rsync://rpki.apnic.net/member_repository/A9180484/6925BD8ED2C111E9A925CD29C4F9AE02/Q1vfkwMEGUoIaa3uh6C1VsWI9vQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Q1vfkwMEGUoIaa3uh6C1VsWI9vQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 Nov 2024 17:13:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3282 (0xcd2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9180484/serialNumber=435BDF930304194A0869ADEE87A0B556C588F6F4 Validity Not Before: Oct 2 18:26:44 2024 GMT Not After : Dec 30 00:00:00 2025 GMT Subject: CN=66fd9064-a4f0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:42:29:b0:40:f6:21:92:76:c9:dd:45:a7:a6: 49:ab:c4:49:c5:d4:aa:cd:39:af:c2:b5:c3:12:b6: bf:63:42:dd:a7:dc:8f:a3:d5:a5:30:3a:e5:02:bb: 8a:4a:50:e2:e4:01:2a:ca:4d:47:4d:0f:9e:b2:26: 1e:3a:8d:97:cc:1c:77:dc:ac:8c:fd:4f:14:c3:80: f0:47:bd:75:98:67:17:14:96:31:ac:f7:d1:ed:27: 80:59:46:0b:5e:8c:93:b0:95:84:23:ae:88:ce:90: 41:44:d1:ec:c3:6f:24:ad:9c:14:f2:e2:a6:5d:7f: 97:b8:b4:46:b2:db:d8:f9:2e:c2:e1:68:99:0a:82: a1:96:d0:8e:42:fc:5d:a2:d7:14:01:c4:59:ac:8b: 18:71:e1:e9:7a:5b:ef:00:50:64:fc:7a:96:3b:b1: 58:3a:6a:44:c8:a2:f7:29:69:a7:f0:b4:fe:c1:c4: 5c:d2:9c:97:63:42:25:62:a0:ac:71:24:39:77:fd: 49:29:ea:47:68:3d:3a:12:05:66:a0:ae:31:98:ca: c1:c2:4f:e7:e8:27:3d:cf:e0:f3:b1:ad:dc:cb:21: 53:9a:7f:23:b3:47:f7:6c:e2:90:cc:ba:22:7b:0d: 37:d4:26:d1:06:93:fe:da:3b:e7:bd:76:c9:0e:03: 0c:7d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BA:DE:0B:21:43:CF:39:CC:3A:7E:1D:42:C2:F8:05:E0:55:32:75:CD X509v3 Authority Key Identifier: keyid:43:5B:DF:93:03:04:19:4A:08:69:AD:EE:87:A0:B5:56:C5:88:F6:F4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9180484/6925BD8ED2C111E9A925CD29C4F9AE02/Q1vfkwMEGUoIaa3uh6C1VsWI9vQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Q1vfkwMEGUoIaa3uh6C1VsWI9vQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9180484/6925BD8ED2C111E9A925CD29C4F9AE02/D2588FA2D2C111E9B5D20B2AC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.122.45.0/24 103.141.232.0/24 IPv6: 2001:df6:8b00::/48 Signature Algorithm: sha256WithRSAEncryption 41:54:8e:db:75:9c:c0:7a:c3:7b:54:cd:bf:92:50:56:2d:cc: 8e:0b:27:30:61:33:00:c9:5c:e0:4b:2f:86:27:80:3e:62:35: 88:83:6e:00:6f:af:c5:a6:41:1e:b5:dd:92:34:3b:5f:80:d3: c2:f3:c7:52:45:78:08:47:fd:4c:0b:75:6f:6c:d1:42:5f:d0: 26:3a:e5:35:34:4c:b6:92:4f:8a:7b:01:9e:cc:19:3a:0d:d5: 62:d4:b0:2b:86:91:79:36:52:cb:ca:8d:a9:22:b1:4f:1c:6d: 79:75:06:96:86:66:a5:89:56:25:73:1e:75:71:a6:55:e6:ee: 21:a0:44:30:27:1c:6d:ec:88:9e:d9:6c:79:c3:5c:89:47:82: 26:af:38:f0:65:97:23:ed:64:b0:73:37:b8:a2:a5:f8:ce:32: 7c:07:f3:e8:16:95:fc:10:46:a8:88:08:43:9a:4f:b3:5f:73: 1e:15:61:1a:b7:d5:8b:4d:6d:00:08:95:c2:e6:22:56:4d:f4: 57:1c:06:47:df:9c:54:8c:57:59:50:46:3e:6a:01:ee:64:1c: dd:a3:9c:6d:06:1a:bf:11:7a:8d:64:1d:f9:3b:76:7e:77:67: 2e:72:99:71:d9:87:d4:60:8b:6e:13:d5:96:99:2c:af:23:23: 9e:79:f0:79 -----BEGIN CERTIFICATE----- MIIFiDCCBHCgAwIBAgICDNIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx ODA0ODQxMTAvBgNVBAUTKDQzNUJERjkzMDMwNDE5NEEwODY5QURFRTg3QTBCNTU2 QzU4OEY2RjQwHhcNMjQxMDAyMTgyNjQ0WhcNMjUxMjMwMDAwMDAwWjAYMRYwFAYD VQQDEw02NmZkOTA2NC1hNGYwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvkIpsED2IZJ2yd1Fp6ZJq8RJxdSqzTmvwrXDEra/Y0Ldp9yPo9WlMDrlAruK SlDi5AEqyk1HTQ+esiYeOo2XzBx33KyM/U8Uw4DwR711mGcXFJYxrPfR7SeAWUYL XoyTsJWEI66IzpBBRNHsw28krZwU8uKmXX+XuLRGstvY+S7C4WiZCoKhltCOQvxd otcUAcRZrIsYceHpelvvAFBk/HqWO7FYOmpEyKL3KWmn8LT+wcRc0pyXY0IlYqCs cSQ5d/1JKepHaD06EgVmoK4xmMrBwk/n6Cc9z+Dzsa3cyyFTmn8js0f3bOKQzLoi ew031CbRBpP+2jvnvXbJDgMMfQIDAQABo4ICrDCCAqgwHQYDVR0OBBYEFLreCyFD zznMOn4dQsL4BeBVMnXNMB8GA1UdIwQYMBaAFENb35MDBBlKCGmt7oegtVbFiPb0 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4MDQ4NC82OTI1QkQ4RUQy QzExMUU5QTkyNUNEMjlDNEY5QUUwMi9RMXZma3dNRUdVb0lhYTN1aDZDMVZzV0k5 dlEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1ExdmZrd01FR1VvSWFhM3VoNkMxVnNXSTl2US5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx ODA0ODQvNjkyNUJEOEVEMkMxMTFFOUE5MjVDRDI5QzRGOUFFMDIvRDI1ODhGQTJE MkMxMTFFOUI1RDIwQjJBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNgYIKwYBBQUHAQcBAf8E JzAlMBIEAgABMAwDBABnei0DBABnjegwDwQCAAIwCQMHACABDfaLADANBgkqhkiG 9w0BAQsFAAOCAQEAQVSO23WcwHrDe1TNv5JQVi3MjgsnMGEzAMlc4EsvhieAPmI1 iINuAG+vxaZBHrXdkjQ7X4DTwvPHUkV4CEf9TAt1b2zRQl/QJjrlNTRMtpJPinsB nswZOg3VYtSwK4aReTZSy8qNqSKxTxxteXUGloZmpYlWJXMedXGmVebuIaBEMCcc beyIntlsecNciUeCJq848GWXI+1ksHM3uKKl+M4yfAfz6BaV/BBGqIgIQ5pPs19z HhVhGrfVi01tAAiVwuYiVk30VxwGR9+cVIxXWVBGPmoB7mQc3aOcbQYavxF6jWQd +Tt2fndnLnKZcdmH1GCLbhPVlpksryMjnnnweQ== -----END CERTIFICATE-----Generated at Wed Nov 20 19:05:22 2024 by rpki-client on console-ams.rpki-client.org