$ rpki-client -vvf rpki.apnic.net/member_repository/A9188F6D/9A5B1A9EF66A11E9BF50697AC4F9AE02/C22B92AA081011EDBC3C4374C4F9AE02.roa File: C22B92AA081011EDBC3C4374C4F9AE02.roa (raw, json) Hash identifier: g2YYefDebt1ggBsxS/Az3CT7y0MM/TrYsNn5mU9ndnE= Subject key identifier: 20:EE:A2:23:5F:04:9E:BF:42:C5:DD:DE:79:7F:5C:94:F0:08:5E:03 Certificate issuer: /CN=A9188F6D/serialNumber=FD06B1508557F65F68CCBA3C203ECAAD075DD19B Certificate serial: 0C3A Authority key identifier: FD:06:B1:50:85:57:F6:5F:68:CC:BA:3C:20:3E:CA:AD:07:5D:D1:9B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_QaxUIVX9l9ozLo8ID7KrQdd0Zs.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9188F6D/9A5B1A9EF66A11E9BF50697AC4F9AE02/C22B92AA081011EDBC3C4374C4F9AE02.roa Signing time: Thu 14 Mar 2024 19:07:37 +0000 ROA not before: Thu 14 Mar 2024 19:07:37 +0000 ROA not after: Thu 01 May 2025 00:00:00 +0000 asID: 135341 IP address blocks: 103.109.92.0/24 maxlen: 24 103.109.93.0/24 maxlen: 24 103.109.95.0/24 maxlen: 24 103.214.200.0/24 maxlen: 24 103.214.201.0/24 maxlen: 24 103.214.202.0/24 maxlen: 24 103.214.203.0/24 maxlen: 24 144.48.150.0/24 maxlen: 24 144.48.151.0/24 maxlen: 24 2001:df4:3100::/48 maxlen: 48 2404:4c0:10a::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9188F6D/9A5B1A9EF66A11E9BF50697AC4F9AE02/_QaxUIVX9l9ozLo8ID7KrQdd0Zs.crl rsync://rpki.apnic.net/member_repository/A9188F6D/9A5B1A9EF66A11E9BF50697AC4F9AE02/_QaxUIVX9l9ozLo8ID7KrQdd0Zs.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_QaxUIVX9l9ozLo8ID7KrQdd0Zs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Nov 2024 18:13:47 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3130 (0xc3a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9188F6D/serialNumber=FD06B1508557F65F68CCBA3C203ECAAD075DD19B Validity Not Before: Mar 14 19:07:37 2024 GMT Not After : May 1 00:00:00 2025 GMT Subject: CN=65f34af9-74df Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:f0:0c:93:58:fd:73:97:ec:a3:53:17:1f:91: 03:8c:bf:84:7d:67:f2:e4:32:3b:c3:b3:64:67:06: 20:c3:fd:57:57:50:cc:21:b2:1f:8b:fb:de:c3:36: f6:86:76:c5:d8:93:26:6e:86:89:a7:04:45:18:fe: 27:05:be:35:8c:ab:88:73:b0:fc:ef:d8:c4:a8:78: 97:4a:e5:5f:ee:f3:32:db:cd:76:59:26:37:d8:0e: 3c:15:09:93:1c:ff:b3:9f:00:b6:1b:89:6e:d7:3e: f8:20:e6:84:f2:bd:97:93:d7:f7:0a:dd:44:73:48: 29:38:f7:9d:4c:de:bc:37:3f:d2:5f:46:66:7e:8d: 0e:32:49:e7:db:b1:f3:57:36:66:0b:cd:69:d5:d5: ef:cb:f1:a8:5a:01:d5:ed:25:fd:07:5b:6c:68:69: fd:4f:2e:f8:96:b5:13:99:44:bb:89:f8:5d:ef:48: 52:b7:4e:75:b2:ba:eb:c8:72:54:80:b8:f6:58:33: 89:17:5a:4c:2e:7a:de:45:99:68:6f:1b:fb:3f:98: 27:20:1c:59:9a:01:bd:5a:0b:c6:49:ea:71:ed:e8: 12:81:48:26:92:ec:30:2a:9c:cf:0d:2f:73:46:b6: 69:4d:d4:9a:70:4a:54:b0:4a:7c:d1:6e:f9:da:ea: 12:f9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 20:EE:A2:23:5F:04:9E:BF:42:C5:DD:DE:79:7F:5C:94:F0:08:5E:03 X509v3 Authority Key Identifier: keyid:FD:06:B1:50:85:57:F6:5F:68:CC:BA:3C:20:3E:CA:AD:07:5D:D1:9B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9188F6D/9A5B1A9EF66A11E9BF50697AC4F9AE02/_QaxUIVX9l9ozLo8ID7KrQdd0Zs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_QaxUIVX9l9ozLo8ID7KrQdd0Zs.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9188F6D/9A5B1A9EF66A11E9BF50697AC4F9AE02/C22B92AA081011EDBC3C4374C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.109.92.0/23 103.109.95.0/24 103.214.200.0/22 144.48.150.0/23 IPv6: 2001:df4:3100::/48 2404:4c0:10a::/48 Signature Algorithm: sha256WithRSAEncryption ae:a4:c1:3e:ae:e7:ef:ca:05:22:ba:aa:56:cb:fd:a8:6d:76: 53:b0:66:c0:6f:93:7f:31:7b:93:a3:17:24:36:ad:f8:11:d9: 80:19:60:e7:23:b2:f5:00:2b:cd:66:60:39:42:fb:87:9f:73: 96:33:6d:1e:c6:ba:d1:0e:f6:48:e7:35:0b:ab:55:67:b3:d7: f8:f9:7a:46:c9:e2:1c:ba:5e:39:05:95:e8:99:b2:de:fe:33: 0f:ad:9b:8a:8a:8d:c3:ed:d0:1c:52:a5:6f:e8:2c:9f:51:bd: 3a:32:f0:a3:4b:10:17:dd:63:75:92:1c:bd:71:bc:59:80:71: 1a:8b:f4:2d:55:05:72:7a:94:b3:11:48:72:56:e2:87:c6:d6: 90:a8:9f:85:ba:49:81:ec:a2:0b:de:1b:d0:8c:cb:a9:12:04: 25:a3:45:72:c9:b3:d7:60:e1:05:0f:08:74:1f:f7:ae:92:64: d4:68:98:17:92:a1:ea:71:6e:f7:a3:ea:63:d3:56:24:82:16: a5:88:23:e6:fc:5a:1e:03:cf:2f:05:1d:81:99:04:f1:de:0d: a1:b1:d2:d4:bb:85:fc:fd:f1:a6:84:50:a0:d4:a0:fc:e1:75: e5:69:1d:cd:01:83:24:a0:e4:fb:e6:6d:3a:63:32:66:18:09: e9:5a:5e:b6 -----BEGIN CERTIFICATE----- MIIFnTCCBIWgAwIBAgICDDowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx ODhGNkQxMTAvBgNVBAUTKEZEMDZCMTUwODU1N0Y2NUY2OENDQkEzQzIwM0VDQUFE MDc1REQxOUIwHhcNMjQwMzE0MTkwNzM3WhcNMjUwNTAxMDAwMDAwWjAYMRYwFAYD VQQDEw02NWYzNGFmOS03NGRmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvfAMk1j9c5fso1MXH5EDjL+EfWfy5DI7w7NkZwYgw/1XV1DMIbIfi/vewzb2 hnbF2JMmboaJpwRFGP4nBb41jKuIc7D879jEqHiXSuVf7vMy2812WSY32A48FQmT HP+znwC2G4lu1z74IOaE8r2Xk9f3Ct1Ec0gpOPedTN68Nz/SX0Zmfo0OMknn27Hz VzZmC81p1dXvy/GoWgHV7SX9B1tsaGn9Ty74lrUTmUS7ifhd70hSt051srrryHJU gLj2WDOJF1pMLnreRZlobxv7P5gnIBxZmgG9WgvGSepx7egSgUgmkuwwKpzPDS9z RrZpTdSacEpUsEp80W752uoS+QIDAQABo4ICwTCCAr0wHQYDVR0OBBYEFCDuoiNf BJ6/QsXd3nl/XJTwCF4DMB8GA1UdIwQYMBaAFP0GsVCFV/ZfaMy6PCA+yq0HXdGb MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4OEY2RC85QTVCMUE5RUY2 NkExMUU5QkY1MDY5N0FDNEY5QUUwMi9fUWF4VUlWWDlsOW96TG84SUQ3S3JRZGQw WnMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL19RYXhVSVZYOWw5b3pMbzhJRDdLclFkZDBacy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx ODhGNkQvOUE1QjFBOUVGNjZBMTFFOUJGNTA2OTdBQzRGOUFFMDIvQzIyQjkyQUEw ODEwMTFFREJDM0M0Mzc0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwSwYIKwYBBQUHAQcBAf8E PDA6MB4EAgABMBgDBAFnbVwDBABnbV8DBAJn1sgDBAGQMJYwGAQCAAIwEgMHACAB DfQxAAMHACQEBMABCjANBgkqhkiG9w0BAQsFAAOCAQEArqTBPq7n78oFIrqqVsv9 qG12U7BmwG+TfzF7k6MXJDat+BHZgBlg5yOy9QArzWZgOUL7h59zljNtHsa60Q72 SOc1C6tVZ7PX+Pl6RsniHLpeOQWV6Jmy3v4zD62bioqNw+3QHFKlb+gsn1G9OjLw o0sQF91jdZIcvXG8WYBxGov0LVUFcnqUsxFIclbih8bWkKifhbpJgeyiC94b0IzL qRIEJaNFcsmz12DhBQ8IdB/3rpJk1GiYF5Kh6nFu96PqY9NWJIIWpYgj5vxaHgPP LwUdgZkE8d4NobHS1LuF/P3xpoRQoNSg/OF15WkdzQGDJKDk++ZtOmMyZhgJ6Vpe tg== -----END CERTIFICATE-----Generated at Fri Nov 22 19:50:07 2024 by rpki-client on console-ams.rpki-client.org