$ rpki-client -vvf rpki.apnic.net/member_repository/A918AA78/68D33490FD6411E6A1095483C4F9AE02/6996CEB84E7011EFA4A32D5CC4F9AE02.roa File: 6996CEB84E7011EFA4A32D5CC4F9AE02.roa (raw, json) Hash identifier: 2XE3S5KbeNDqdCHX2GsEpBeeuPkzYL7gxFBZ/2xM48o= Subject key identifier: 13:3E:32:E7:1A:8A:A3:DA:D9:1E:44:AF:F5:41:A7:C1:B5:31:45:40 Certificate issuer: /CN=A918AA78/serialNumber=09CFFE467F3B09C3D06F24919CFAC7E003E4BB75 Certificate serial: 1B4F Authority key identifier: 09:CF:FE:46:7F:3B:09:C3:D0:6F:24:91:9C:FA:C7:E0:03:E4:BB:75 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Cc_-Rn87CcPQbySRnPrH4APku3U.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918AA78/68D33490FD6411E6A1095483C4F9AE02/6996CEB84E7011EFA4A32D5CC4F9AE02.roa Signing time: Tue 30 Jul 2024 12:36:59 +0000 ROA not before: Tue 30 Jul 2024 12:36:58 +0000 ROA not after: Thu 01 May 2025 00:00:00 +0000 asID: 7342 IP address blocks: 103.87.108.0/24 maxlen: 24 103.87.109.0/24 maxlen: 24 103.87.110.0/24 maxlen: 24 103.87.111.0/24 maxlen: 24 203.144.58.0/24 maxlen: 24 203.144.59.0/24 maxlen: 24 203.144.61.0/24 maxlen: 24 2402:79c0:3::/48 maxlen: 48 2402:79c0:100::/48 maxlen: 48 2402:79c0:100:101::7/128 maxlen: 128 2402:79c0:101::/48 maxlen: 48 2402:79c0:102::/48 maxlen: 48 2402:79c0:103::/48 maxlen: 48 2402:79c0:104::/48 maxlen: 48 2402:79c0:105::/48 maxlen: 48 2402:79c0:106::/48 maxlen: 48 2402:79c0:107::/48 maxlen: 48 2402:79c0:108::/48 maxlen: 48 2402:79c0:109::/48 maxlen: 48 2402:79c0:10a::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918AA78/68D33490FD6411E6A1095483C4F9AE02/Cc_-Rn87CcPQbySRnPrH4APku3U.crl rsync://rpki.apnic.net/member_repository/A918AA78/68D33490FD6411E6A1095483C4F9AE02/Cc_-Rn87CcPQbySRnPrH4APku3U.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Cc_-Rn87CcPQbySRnPrH4APku3U.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 21 Feb 2025 05:15:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6991 (0x1b4f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918AA78 Validity Not Before: Jul 30 12:36:58 2024 GMT Not After : May 1 00:00:00 2025 GMT Subject: CN=66a8de6a-3214 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:41:24:08:7c:4b:16:2e:48:b3:6d:7e:8f:4b: e6:70:75:12:3a:bd:83:79:4d:77:5c:f8:7f:96:7d: 41:ea:c2:36:51:d8:9b:e1:32:f6:73:ff:dc:e2:ea: 54:e0:2d:c7:36:fc:8b:3d:8c:12:a6:2b:38:75:79: 5b:e5:00:aa:f3:99:e5:6a:1d:0f:4e:8b:8b:77:dd: c4:2d:64:d2:77:34:27:96:d9:dc:1f:73:e2:68:53: 58:6b:0d:f6:2c:3a:07:f0:2a:81:31:93:8d:fe:54: 01:03:12:0d:fc:79:eb:8b:9e:4a:1a:9f:57:dc:56: 10:4f:dc:52:d2:2a:40:bc:10:b9:db:18:aa:91:b1: 35:4d:1b:fe:1b:a6:3b:fb:e4:24:cc:ce:f3:b9:4a: 09:17:43:7e:76:ae:3e:a6:93:66:91:3c:2e:70:cd: 8d:32:dd:fd:43:ae:eb:36:b3:9d:03:86:da:7a:68: 49:7c:d5:f9:65:65:c0:4d:76:ad:64:58:be:1c:89: f9:ca:be:68:c7:1e:e3:36:37:2a:ca:e9:4d:e4:8a: 48:cb:17:7d:f8:7f:7a:18:fb:be:fe:c4:72:6d:c8: 11:66:05:ef:7f:49:11:92:8d:53:7e:a0:65:2a:bb: 3b:d9:59:b9:00:a3:6b:23:08:f9:86:4e:bf:40:56: bf:83 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 13:3E:32:E7:1A:8A:A3:DA:D9:1E:44:AF:F5:41:A7:C1:B5:31:45:40 X509v3 Authority Key Identifier: keyid:09:CF:FE:46:7F:3B:09:C3:D0:6F:24:91:9C:FA:C7:E0:03:E4:BB:75 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918AA78/68D33490FD6411E6A1095483C4F9AE02/Cc_-Rn87CcPQbySRnPrH4APku3U.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Cc_-Rn87CcPQbySRnPrH4APku3U.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918AA78/68D33490FD6411E6A1095483C4F9AE02/6996CEB84E7011EFA4A32D5CC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.87.108.0/22 203.144.58.0/23 203.144.61.0/24 IPv6: 2402:79c0:3::/48 2402:79c0:100::-2402:79c0:10a:ffff:ffff:ffff:ffff:ffff Signature Algorithm: sha256WithRSAEncryption da:0c:5d:20:e8:07:2d:f6:b6:64:7f:09:89:df:05:05:c8:87: af:41:7e:f8:d5:dc:20:13:39:e6:d3:a3:2f:ab:c5:d5:5b:a3: 80:de:04:51:a8:85:36:36:b9:51:d5:21:74:69:da:f3:0f:93: c2:1c:e7:e9:01:09:5a:89:59:a8:af:7b:a2:d7:43:77:40:58: 82:89:41:6c:3b:07:0c:d7:0b:0b:e7:4e:82:50:29:a0:b5:d6: 42:2e:4b:48:db:0e:c2:df:9e:44:1a:24:a2:77:f7:64:d4:b6: 78:07:44:71:d7:1a:66:7c:91:9d:59:bf:06:8b:f8:9e:0f:6c: 6f:5c:89:86:d2:7f:95:61:12:07:0a:e8:38:81:cc:d2:64:be: c3:0d:32:9e:94:0e:21:79:58:bf:ee:2f:a2:fd:1f:9e:19:12: e9:7a:a3:c6:7f:8d:1f:48:46:3a:76:7f:ca:6c:53:18:c0:61: 7f:0f:c6:b7:12:71:37:9b:db:02:e8:47:44:8d:5a:73:fa:49: 71:56:c3:d9:1c:69:3c:c3:d0:59:39:00:4b:85:ff:2d:d5:cf: 28:c0:40:22:13:6a:3d:b4:1f:d4:1e:91:dd:da:6f:fa:1e:b3: 47:2f:14:84:57:19:7a:d5:e5:62:eb:89:3a:6b:9c:79:d6:9a: 90:a0:24:b1 -----BEGIN CERTIFICATE----- MIIFoTCCBImgAwIBAgICG08wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OEFBNzgxMTAvBgNVBAUTKDA5Q0ZGRTQ2N0YzQjA5QzNEMDZGMjQ5MTlDRkFDN0Uw MDNFNEJCNzUwHhcNMjQwNzMwMTIzNjU4WhcNMjUwNTAxMDAwMDAwWjAYMRYwFAYD VQQDEw02NmE4ZGU2YS0zMjE0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtUEkCHxLFi5Is21+j0vmcHUSOr2DeU13XPh/ln1B6sI2Udib4TL2c//c4upU 4C3HNvyLPYwSpis4dXlb5QCq85nlah0PTouLd93ELWTSdzQnltncH3PiaFNYaw32 LDoH8CqBMZON/lQBAxIN/Hnri55KGp9X3FYQT9xS0ipAvBC52xiqkbE1TRv+G6Y7 ++QkzM7zuUoJF0N+dq4+ppNmkTwucM2NMt39Q67rNrOdA4baemhJfNX5ZWXATXat ZFi+HIn5yr5oxx7jNjcqyulN5IpIyxd9+H96GPu+/sRybcgRZgXvf0kRko1TfqBl Krs72Vm5AKNrIwj5hk6/QFa/gwIDAQABo4ICxTCCAsEwHQYDVR0OBBYEFBM+Muca iqPa2R5Er/VBp8G1MUVAMB8GA1UdIwQYMBaAFAnP/kZ/OwnD0G8kkZz6x+AD5Lt1 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4QUE3OC82OEQzMzQ5MEZE NjQxMUU2QTEwOTU0ODNDNEY5QUUwMi9DY18tUm44N0NjUFFieVNSblBySDRBUGt1 M1UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0NjXy1Sbjg3Q2NQUWJ5U1JuUHJINEFQa3UzVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx OEFBNzgvNjhEMzM0OTBGRDY0MTFFNkExMDk1NDgzQzRGOUFFMDIvNjk5NkNFQjg0 RTcwMTFFRkE0QTMyRDVDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwTwYIKwYBBQUHAQcBAf8E QDA+MBgEAgABMBIDBAJnV2wDBAHLkDoDBADLkD0wIgQCAAIwHAMHACQCecAAAzAR AwYAJAJ5wAEDBwAkAnnAAQowDQYJKoZIhvcNAQELBQADggEBANoMXSDoBy32tmR/ CYnfBQXIh69BfvjV3CATOebToy+rxdVbo4DeBFGohTY2uVHVIXRp2vMPk8Ic5+kB CVqJWaive6LXQ3dAWIKJQWw7BwzXCwvnToJQKaC11kIuS0jbDsLfnkQaJKJ392TU tngHRHHXGmZ8kZ1ZvwaL+J4PbG9ciYbSf5VhEgcK6DiBzNJkvsMNMp6UDiF5WL/u L6L9H54ZEul6o8Z/jR9IRjp2f8psUxjAYX8PxrcScTeb2wLoR0SNWnP6SXFWw9kc aTzD0Fk5AEuF/y3VzyjAQCITaj20H9Qekd3ab/oes0cvFIRXGXrV5WLriTprnHnW mpCgJLE= -----END CERTIFICATE-----Generated at Sun Feb 16 20:34:09 2025 by rpki-client