$ rpki-client -vvf rpki.apnic.net/member_repository/A918B0C4/F3A872DA7A0211EDBB36DB2EC4F9AE02/F59959807A0511EDA112EF32C4F9AE02.roa File: F59959807A0511EDA112EF32C4F9AE02.roa (raw, json) Hash identifier: ZvVWR24fiTgTKL1AgxjjU+8hvOzH690FD/ftf9Pub2A= Subject key identifier: EC:60:05:C5:F4:93:2B:39:23:82:53:3C:9E:DA:19:71:2F:1D:CF:C9 Certificate issuer: /CN=A918B0C4/serialNumber=15F0A40685E69A641DB70E82BF780A9ABFE3F159 Certificate serial: 0156 Authority key identifier: 15:F0:A4:06:85:E6:9A:64:1D:B7:0E:82:BF:78:0A:9A:BF:E3:F1:59 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FfCkBoXmmmQdtw6Cv3gKmr_j8Vk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918B0C4/F3A872DA7A0211EDBB36DB2EC4F9AE02/F59959807A0511EDA112EF32C4F9AE02.roa Signing time: Wed 25 Sep 2024 03:06:38 +0000 ROA not before: Wed 25 Sep 2024 03:06:38 +0000 ROA not after: Mon 01 Dec 2025 00:00:00 +0000 asID: 134524 IP address blocks: 43.246.168.0/22 maxlen: 22 103.35.144.0/22 maxlen: 22 103.35.144.0/24 maxlen: 24 103.35.145.0/24 maxlen: 24 103.35.146.0/24 maxlen: 24 103.35.147.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918B0C4/F3A872DA7A0211EDBB36DB2EC4F9AE02/FfCkBoXmmmQdtw6Cv3gKmr_j8Vk.crl rsync://rpki.apnic.net/member_repository/A918B0C4/F3A872DA7A0211EDBB36DB2EC4F9AE02/FfCkBoXmmmQdtw6Cv3gKmr_j8Vk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FfCkBoXmmmQdtw6Cv3gKmr_j8Vk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 30 Nov 2024 02:14:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 342 (0x156) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918B0C4/serialNumber=15F0A40685E69A641DB70E82BF780A9ABFE3F159 Validity Not Before: Sep 25 03:06:38 2024 GMT Not After : Dec 1 00:00:00 2025 GMT Subject: CN=66f37e3e-7e6a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:0f:20:33:36:03:1c:65:ea:24:ff:4f:d5:e5: dd:0b:8e:a3:1e:84:00:7d:71:1f:d2:ce:eb:c8:b3: 2a:d7:10:8c:04:bd:8d:00:df:ee:f3:4d:77:e4:29: de:a4:97:8b:92:72:c1:a7:07:f8:ea:b0:30:94:8c: 74:dc:21:0b:57:6d:9b:ab:7a:0f:b6:18:12:49:68: 7a:a3:5f:0e:d7:8c:12:ce:ad:81:b7:f6:a4:50:d6: 5d:f1:1d:bb:34:79:19:9b:6e:a8:ea:86:02:4f:0d: db:a0:5e:aa:8a:7a:4a:7d:38:aa:16:8d:88:ea:27: 1f:11:4c:49:c2:d3:4a:c4:ac:43:d1:51:29:1d:0c: d7:0d:c8:d4:73:c8:47:6b:64:cd:ba:bb:8e:ff:c5: e5:4c:35:f6:29:3b:fc:e1:eb:32:17:b5:69:70:ac: 00:14:a5:d3:e7:30:55:06:ae:73:d7:35:8b:28:bc: ff:b3:82:16:46:43:68:73:c6:e9:fd:a0:a0:9d:fc: 3e:ff:a1:20:b2:25:ae:72:45:5f:eb:dd:78:61:8e: 92:c2:26:c2:27:c8:1e:43:49:5a:75:83:c0:86:a1: b2:a4:0f:9e:41:9a:f2:47:47:da:d4:b0:e2:38:33: b2:f0:40:86:97:e3:43:ae:c5:5f:22:5d:83:48:47: 24:29 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EC:60:05:C5:F4:93:2B:39:23:82:53:3C:9E:DA:19:71:2F:1D:CF:C9 X509v3 Authority Key Identifier: keyid:15:F0:A4:06:85:E6:9A:64:1D:B7:0E:82:BF:78:0A:9A:BF:E3:F1:59 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918B0C4/F3A872DA7A0211EDBB36DB2EC4F9AE02/FfCkBoXmmmQdtw6Cv3gKmr_j8Vk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FfCkBoXmmmQdtw6Cv3gKmr_j8Vk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918B0C4/F3A872DA7A0211EDBB36DB2EC4F9AE02/F59959807A0511EDA112EF32C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.246.168.0/22 103.35.144.0/22 Signature Algorithm: sha256WithRSAEncryption b8:34:1f:e2:e6:f4:d1:7c:d6:20:cb:a6:60:7b:21:b3:13:28: b6:a4:83:63:5d:a2:58:4d:5b:b5:fd:aa:23:50:00:70:d5:e9: 04:f5:07:91:4c:75:c7:8c:eb:e6:f2:95:f3:fc:75:ba:6e:2f: f9:6a:15:10:25:b4:9d:41:20:e9:35:ed:ca:cd:ea:ff:9e:50: 7f:8c:c2:1f:8f:c0:79:b4:6e:eb:74:0b:be:e5:6f:32:60:11: 56:d6:37:da:27:c9:c3:6e:42:34:1e:2c:76:7b:dc:ca:0a:ce: d9:a4:bd:f9:ab:ec:e6:4a:9d:f2:20:98:ec:85:89:9e:00:03: 1d:9b:56:53:3f:dd:95:3f:67:ea:e8:d0:f7:f2:da:33:7e:e0: d0:81:0e:80:01:f6:c8:f6:52:36:fb:d6:0b:15:80:db:5d:03: 80:d5:8d:03:7e:1c:3b:02:f9:47:a2:78:49:8c:c4:8c:ee:a6: 36:45:4e:df:da:b4:81:16:52:23:5f:bd:e4:08:53:51:6b:1b: 16:01:0b:7c:90:8d:87:32:91:3d:96:7b:ce:a9:06:5f:6b:77: 43:03:f2:d6:4c:ea:a9:d0:aa:61:39:86:1d:6e:4d:80:15:98: d8:e0:53:2f:16:e5:9e:68:29:c9:c9:33:cb:6f:5f:e3:bc:96: 0b:8f:95:3a -----BEGIN CERTIFICATE----- MIIFdzCCBF+gAwIBAgICAVYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OEIwQzQxMTAvBgNVBAUTKDE1RjBBNDA2ODVFNjlBNjQxREI3MEU4MkJGNzgwQTlB QkZFM0YxNTkwHhcNMjQwOTI1MDMwNjM4WhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD VQQDEw02NmYzN2UzZS03ZTZhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAsg8gMzYDHGXqJP9P1eXdC46jHoQAfXEf0s7ryLMq1xCMBL2NAN/u80135Cne pJeLknLBpwf46rAwlIx03CELV22bq3oPthgSSWh6o18O14wSzq2Bt/akUNZd8R27 NHkZm26o6oYCTw3boF6qinpKfTiqFo2I6icfEUxJwtNKxKxD0VEpHQzXDcjUc8hH a2TNuruO/8XlTDX2KTv84esyF7VpcKwAFKXT5zBVBq5z1zWLKLz/s4IWRkNoc8bp /aCgnfw+/6EgsiWuckVf6914YY6SwibCJ8geQ0ladYPAhqGypA+eQZryR0fa1LDi ODOy8ECGl+NDrsVfIl2DSEckKQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFOxgBcX0 kys5I4JTPJ7aGXEvHc/JMB8GA1UdIwQYMBaAFBXwpAaF5ppkHbcOgr94Cpq/4/FZ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4QjBDNC9GM0E4NzJEQTdB MDIxMUVEQkIzNkRCMkVDNEY5QUUwMi9GZkNrQm9YbW1tUWR0dzZDdjNnS21yX2o4 VmsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0ZmQ2tCb1htbW1RZHR3NkN2M2dLbXJfajhWay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx OEIwQzQvRjNBODcyREE3QTAyMTFFREJCMzZEQjJFQzRGOUFFMDIvRjU5OTU5ODA3 QTA1MTFFREExMTJFRjMyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E FjAUMBIEAgABMAwDBAIr9qgDBAJnI5AwDQYJKoZIhvcNAQELBQADggEBALg0H+Lm 9NF81iDLpmB7IbMTKLakg2NdolhNW7X9qiNQAHDV6QT1B5FMdceM6+bylfP8dbpu L/lqFRAltJ1BIOk17crN6v+eUH+Mwh+PwHm0but0C77lbzJgEVbWN9onycNuQjQe LHZ73MoKztmkvfmr7OZKnfIgmOyFiZ4AAx2bVlM/3ZU/Z+ro0Pfy2jN+4NCBDoAB 9sj2Ujb71gsVgNtdA4DVjQN+HDsC+UeieEmMxIzupjZFTt/atIEWUiNfveQIU1Fr GxYBC3yQjYcykT2We86pBl9rd0MD8tZM6qnQqmE5hh1uTYAVmNjgUy8W5Z5oKcnJ M8tvX+O8lguPlTo= -----END CERTIFICATE-----Generated at Sat Nov 23 03:58:44 2024 by rpki-client on console-ams.rpki-client.org