$ rpki-client -vvf rpki.apnic.net/member_repository/A918F20B/19E4DBF6960F11EC890A446DC4F9AE02/D9AD698C961211ECB515C474C4F9AE02.roa File: D9AD698C961211ECB515C474C4F9AE02.roa (raw, json) Hash identifier: qw+A+BnLOmGwGidGoi7dHOK2xbb/S+TCMScy/km8BDQ= Subject key identifier: 74:8A:38:AE:D8:2D:E9:4F:76:E5:A2:99:D5:FC:19:21:AC:6D:56:73 Certificate issuer: /CN=A918F20B/serialNumber=7703A6D56C718021BD9C89EB3C4BED817ED56AE5 Certificate serial: 0320 Authority key identifier: 77:03:A6:D5:6C:71:80:21:BD:9C:89:EB:3C:4B:ED:81:7E:D5:6A:E5 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dwOm1WxxgCG9nInrPEvtgX7VauU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918F20B/19E4DBF6960F11EC890A446DC4F9AE02/D9AD698C961211ECB515C474C4F9AE02.roa Signing time: Wed 07 Aug 2024 02:23:56 +0000 ROA not before: Wed 07 Aug 2024 02:23:56 +0000 ROA not after: Fri 31 Oct 2025 00:00:00 +0000 asID: 133199 IP address blocks: 43.242.128.0/24 maxlen: 24 43.242.129.0/24 maxlen: 24 43.242.130.0/24 maxlen: 24 43.242.131.0/24 maxlen: 24 103.251.88.0/24 maxlen: 24 103.251.89.0/24 maxlen: 24 103.251.90.0/24 maxlen: 24 103.251.91.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918F20B/19E4DBF6960F11EC890A446DC4F9AE02/dwOm1WxxgCG9nInrPEvtgX7VauU.crl rsync://rpki.apnic.net/member_repository/A918F20B/19E4DBF6960F11EC890A446DC4F9AE02/dwOm1WxxgCG9nInrPEvtgX7VauU.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dwOm1WxxgCG9nInrPEvtgX7VauU.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 01 Dec 2024 23:39:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 800 (0x320) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918F20B/serialNumber=7703A6D56C718021BD9C89EB3C4BED817ED56AE5 Validity Not Before: Aug 7 02:23:56 2024 GMT Not After : Oct 31 00:00:00 2025 GMT Subject: CN=66b2dabc-6928 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:2f:9f:79:89:58:3a:4d:10:bf:27:57:5d:b4: 5a:d4:a1:2a:13:46:e6:26:9e:18:1b:61:43:1f:f5: 05:87:4d:f6:43:e7:3f:61:18:76:67:f6:73:28:58: 1c:f4:f1:b4:22:1d:ec:cf:9d:ab:e3:e7:50:77:ed: a9:fe:61:bd:b5:86:86:42:f6:be:d0:a2:6a:a6:20: e2:ac:05:04:9d:a7:e4:7d:0a:94:b3:ee:9f:d4:11: f8:e8:07:8c:20:6a:83:fe:03:9b:90:cc:5d:4b:15: e5:42:de:ca:f5:53:4f:b7:4e:dc:f3:7e:a0:a8:ce: 42:a5:60:79:14:f4:41:0d:b0:1d:5c:5b:7f:7b:1d: 8c:e6:16:44:fb:c1:af:ed:3b:ab:1e:8c:09:ea:48: 9e:6d:1f:4c:ea:d0:4c:68:85:3e:a1:7e:6c:b0:e0: f6:46:5c:4f:ec:0b:51:7b:6f:6d:c7:50:a0:0e:20: 0a:67:df:c1:54:c5:5f:f2:2f:48:f4:44:30:a4:1c: 03:34:a1:63:e0:e0:98:de:db:59:d4:32:ec:13:a3: 93:4d:b4:cb:51:9a:2a:36:b5:63:2a:22:25:cf:3f: 1d:f7:a1:73:60:bd:13:9f:2c:7b:af:3d:e7:9c:b8: 93:ea:62:d1:07:9f:6e:bf:c4:16:aa:83:a0:82:5b: c1:79 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 74:8A:38:AE:D8:2D:E9:4F:76:E5:A2:99:D5:FC:19:21:AC:6D:56:73 X509v3 Authority Key Identifier: keyid:77:03:A6:D5:6C:71:80:21:BD:9C:89:EB:3C:4B:ED:81:7E:D5:6A:E5 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918F20B/19E4DBF6960F11EC890A446DC4F9AE02/dwOm1WxxgCG9nInrPEvtgX7VauU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dwOm1WxxgCG9nInrPEvtgX7VauU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918F20B/19E4DBF6960F11EC890A446DC4F9AE02/D9AD698C961211ECB515C474C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.242.128.0/22 103.251.88.0/22 Signature Algorithm: sha256WithRSAEncryption 82:5a:23:0c:d8:7b:7f:c3:b5:ee:82:2f:58:88:5b:0b:a4:3c: 5e:4e:d0:6e:89:48:0e:1e:41:7e:91:bb:97:3e:e0:c9:81:4c: f1:dc:b5:4f:b8:57:0a:0c:70:a8:cb:d7:56:fa:b9:09:a2:80: 63:7b:70:0e:be:1b:e5:74:bf:a0:0d:bb:e1:c8:a6:68:27:1f: a3:f4:eb:dc:5d:f9:3f:c6:78:b6:ee:79:1b:7d:10:36:38:d5: 6b:e6:18:85:f8:d9:65:3e:97:37:fa:af:50:6c:47:01:45:d7: 6e:76:e8:48:d4:cb:22:24:e0:9d:18:68:05:4b:6f:ee:e3:74: 5e:02:f7:15:ac:f2:09:1d:2f:2f:65:3c:15:c9:e9:40:17:4c: e3:ea:3b:a2:0c:be:cf:f8:e2:ab:74:7d:d9:b9:bd:15:3d:d8: 15:98:c9:94:55:ae:84:84:3c:99:9b:f3:f9:27:c0:b0:68:0a: 64:d3:38:08:0c:c5:3f:7f:03:e8:af:51:a8:41:9a:51:d0:4c: 88:56:0f:7f:c2:bf:e2:6a:38:96:3a:36:a5:ae:eb:f0:ea:f4: d4:1d:f1:5c:33:e0:cb:31:ea:b2:05:7f:b3:3b:1d:f5:11:90: 05:05:bc:ab:11:c1:e9:c9:52:d1:04:35:63:31:e0:7e:49:ca: d4:ad:47:74 -----BEGIN CERTIFICATE----- MIIFdzCCBF+gAwIBAgICAyAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OEYyMEIxMTAvBgNVBAUTKDc3MDNBNkQ1NkM3MTgwMjFCRDlDODlFQjNDNEJFRDgx N0VENTZBRTUwHhcNMjQwODA3MDIyMzU2WhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NmIyZGFiYy02OTI4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA2C+feYlYOk0QvydXXbRa1KEqE0bmJp4YG2FDH/UFh032Q+c/YRh2Z/ZzKFgc 9PG0Ih3sz52r4+dQd+2p/mG9tYaGQva+0KJqpiDirAUEnafkfQqUs+6f1BH46AeM IGqD/gObkMxdSxXlQt7K9VNPt07c836gqM5CpWB5FPRBDbAdXFt/ex2M5hZE+8Gv 7TurHowJ6kiebR9M6tBMaIU+oX5ssOD2RlxP7AtRe29tx1CgDiAKZ9/BVMVf8i9I 9EQwpBwDNKFj4OCY3ttZ1DLsE6OTTbTLUZoqNrVjKiIlzz8d96FzYL0Tnyx7rz3n nLiT6mLRB59uv8QWqoOgglvBeQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFHSKOK7Y LelPduWimdX8GSGsbVZzMB8GA1UdIwQYMBaAFHcDptVscYAhvZyJ6zxL7YF+1Wrl MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RjIwQi8xOUU0REJGNjk2 MEYxMUVDODkwQTQ0NkRDNEY5QUUwMi9kd09tMVd4eGdDRzluSW5yUEV2dGdYN1Zh dVUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2R3T20xV3h4Z0NHOW5JbnJQRXZ0Z1g3VmF1VS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx OEYyMEIvMTlFNERCRjY5NjBGMTFFQzg5MEE0NDZEQzRGOUFFMDIvRDlBRDY5OEM5 NjEyMTFFQ0I1MTVDNDc0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E FjAUMBIEAgABMAwDBAIr8oADBAJn+1gwDQYJKoZIhvcNAQELBQADggEBAIJaIwzY e3/Dte6CL1iIWwukPF5O0G6JSA4eQX6Ru5c+4MmBTPHctU+4VwoMcKjL11b6uQmi gGN7cA6+G+V0v6ANu+HIpmgnH6P069xd+T/GeLbueRt9EDY41WvmGIX42WU+lzf6 r1BsRwFF12526EjUyyIk4J0YaAVLb+7jdF4C9xWs8gkdLy9lPBXJ6UAXTOPqO6IM vs/44qt0fdm5vRU92BWYyZRVroSEPJmb8/knwLBoCmTTOAgMxT9/A+ivUahBmlHQ TIhWD3/Cv+JqOJY6NqWu6/Dq9NQd8Vwz4Msx6rIFf7M7HfURkAUFvKsRwenJUtEE NWMx4H5JytStR3Q= -----END CERTIFICATE-----Generated at Mon Nov 25 01:15:30 2024 by rpki-client on console-fra.rpki-client.org