$ rpki-client -vvf rpki.apnic.net/member_repository/A918F20B/19E4DBF6960F11EC890A446DC4F9AE02/FC5AFF000BE011ED9E3AA135C4F9AE02.roa File: FC5AFF000BE011ED9E3AA135C4F9AE02.roa (raw, json) Hash identifier: u6+Gbtl2iv9JRXTumN5Ye5SMQrPpCaTXinSOYRqNVkQ= Subject key identifier: 50:E4:77:B0:50:F5:52:E2:9C:38:9F:5C:56:BA:F5:49:35:39:EF:BD Certificate issuer: /CN=A918F20B/serialNumber=7703A6D56C718021BD9C89EB3C4BED817ED56AE5 Certificate serial: 0321 Authority key identifier: 77:03:A6:D5:6C:71:80:21:BD:9C:89:EB:3C:4B:ED:81:7E:D5:6A:E5 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dwOm1WxxgCG9nInrPEvtgX7VauU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918F20B/19E4DBF6960F11EC890A446DC4F9AE02/FC5AFF000BE011ED9E3AA135C4F9AE02.roa Signing time: Wed 07 Aug 2024 02:23:57 +0000 ROA not before: Wed 07 Aug 2024 02:23:57 +0000 ROA not after: Fri 31 Oct 2025 00:00:00 +0000 asID: 133861 IP address blocks: 43.242.128.0/24 maxlen: 24 43.242.129.0/24 maxlen: 24 43.242.130.0/24 maxlen: 24 43.242.131.0/24 maxlen: 24 103.251.88.0/24 maxlen: 24 103.251.89.0/24 maxlen: 24 103.251.90.0/24 maxlen: 24 103.251.91.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918F20B/19E4DBF6960F11EC890A446DC4F9AE02/dwOm1WxxgCG9nInrPEvtgX7VauU.crl rsync://rpki.apnic.net/member_repository/A918F20B/19E4DBF6960F11EC890A446DC4F9AE02/dwOm1WxxgCG9nInrPEvtgX7VauU.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dwOm1WxxgCG9nInrPEvtgX7VauU.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 Nov 2024 20:33:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 801 (0x321) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918F20B/serialNumber=7703A6D56C718021BD9C89EB3C4BED817ED56AE5 Validity Not Before: Aug 7 02:23:57 2024 GMT Not After : Oct 31 00:00:00 2025 GMT Subject: CN=66b2dabc-e380 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:68:00:de:eb:94:6a:42:c4:e8:13:b4:ce:d7: f8:bd:dc:cb:be:49:8c:3e:24:36:ed:cb:f6:1c:c8: cd:36:a0:ff:60:fb:90:f8:ca:b0:5b:40:86:b5:3a: c3:ee:46:2e:6d:53:18:d8:ed:ec:fc:18:4c:21:18: af:21:62:3d:e2:c7:d9:e6:50:dd:38:c3:16:3e:58: 56:6c:1a:1c:0a:6f:83:b6:1c:43:b6:22:8a:ff:72: 99:10:2e:8b:a1:ea:4f:7f:98:c3:05:fb:c0:b0:51: fd:0a:11:36:ab:d4:40:2d:78:5c:78:2e:53:4c:4a: 72:0d:31:43:fb:5d:96:f1:b3:80:d0:b2:0b:2c:27: e2:74:ff:49:03:68:9d:b7:9f:b7:bd:f3:22:41:7f: ea:b1:25:b2:8e:a9:42:85:8e:0e:74:cc:55:5b:26: 20:8c:da:51:7f:62:21:63:f5:c0:6c:8b:8c:e9:25: 5f:8b:1c:0f:50:01:d1:fc:ed:46:f9:f2:11:12:ce: ea:64:9b:38:8e:ef:b5:ff:e9:4d:e9:40:fd:85:8e: 4d:92:3a:1e:c0:58:83:58:0a:87:bc:fe:4f:0a:ad: 6e:7e:f1:95:92:b5:ba:bd:ec:db:d5:4a:a1:88:b4: cc:bc:71:ae:72:25:83:78:f4:f7:e6:52:f1:a2:d3: f0:39 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 50:E4:77:B0:50:F5:52:E2:9C:38:9F:5C:56:BA:F5:49:35:39:EF:BD X509v3 Authority Key Identifier: keyid:77:03:A6:D5:6C:71:80:21:BD:9C:89:EB:3C:4B:ED:81:7E:D5:6A:E5 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918F20B/19E4DBF6960F11EC890A446DC4F9AE02/dwOm1WxxgCG9nInrPEvtgX7VauU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dwOm1WxxgCG9nInrPEvtgX7VauU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918F20B/19E4DBF6960F11EC890A446DC4F9AE02/FC5AFF000BE011ED9E3AA135C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.242.128.0/22 103.251.88.0/22 Signature Algorithm: sha256WithRSAEncryption 36:3e:45:7e:b6:f7:ff:15:91:5e:da:6f:c5:b5:e2:c7:f1:8d: ac:07:ba:41:d8:7d:6f:e3:ed:99:b0:04:c0:92:7e:b8:7c:94: 62:de:5c:03:d9:f8:1e:9d:ce:8b:2f:a3:c1:6b:ac:5f:2d:0d: 65:6f:16:cf:a4:93:54:f4:48:70:ad:08:52:fd:28:61:2c:10: bc:29:02:e6:ff:c8:4c:0d:51:44:a9:21:c0:74:fd:d1:f0:dc: 98:14:19:e4:a2:5e:dc:0f:5d:ba:1d:38:d0:8c:c4:0a:ac:a7: 7c:c1:e8:cd:7b:6c:7a:fc:48:9d:4c:75:1a:cb:c6:46:87:9a: 1b:d9:8b:4e:4b:73:b4:50:67:2f:94:3e:87:92:82:08:80:02: 57:a3:9e:1c:bf:cd:27:6c:f7:a6:47:2c:26:de:27:d6:c7:be: 4e:78:89:b4:48:b0:5c:c9:f4:41:5b:c0:c7:ce:e6:5c:9a:11: 29:93:0f:16:a1:4c:23:1c:b4:16:86:d4:46:91:64:a7:5e:c3: e4:b0:5b:e4:58:60:3b:74:1f:97:12:4d:ad:0b:34:73:e2:ad: dd:70:fe:6a:00:a2:58:12:01:ff:f1:89:77:43:73:85:5c:24: e1:43:84:f6:01:b5:2b:fd:27:4b:65:e0:56:9d:49:20:3c:be: 93:92:d7:cd -----BEGIN CERTIFICATE----- MIIFdzCCBF+gAwIBAgICAyEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OEYyMEIxMTAvBgNVBAUTKDc3MDNBNkQ1NkM3MTgwMjFCRDlDODlFQjNDNEJFRDgx N0VENTZBRTUwHhcNMjQwODA3MDIyMzU3WhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NmIyZGFiYy1lMzgwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAt2gA3uuUakLE6BO0ztf4vdzLvkmMPiQ27cv2HMjNNqD/YPuQ+MqwW0CGtTrD 7kYubVMY2O3s/BhMIRivIWI94sfZ5lDdOMMWPlhWbBocCm+DthxDtiKK/3KZEC6L oepPf5jDBfvAsFH9ChE2q9RALXhceC5TTEpyDTFD+12W8bOA0LILLCfidP9JA2id t5+3vfMiQX/qsSWyjqlChY4OdMxVWyYgjNpRf2IhY/XAbIuM6SVfixwPUAHR/O1G +fIREs7qZJs4ju+1/+lN6UD9hY5NkjoewFiDWAqHvP5PCq1ufvGVkrW6vezb1Uqh iLTMvHGuciWDePT35lLxotPwOQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFFDkd7BQ 9VLinDifXFa69Uk1Oe+9MB8GA1UdIwQYMBaAFHcDptVscYAhvZyJ6zxL7YF+1Wrl MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RjIwQi8xOUU0REJGNjk2 MEYxMUVDODkwQTQ0NkRDNEY5QUUwMi9kd09tMVd4eGdDRzluSW5yUEV2dGdYN1Zh dVUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2R3T20xV3h4Z0NHOW5JbnJQRXZ0Z1g3VmF1VS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx OEYyMEIvMTlFNERCRjY5NjBGMTFFQzg5MEE0NDZEQzRGOUFFMDIvRkM1QUZGMDAw QkUwMTFFRDlFM0FBMTM1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E FjAUMBIEAgABMAwDBAIr8oADBAJn+1gwDQYJKoZIhvcNAQELBQADggEBADY+RX62 9/8VkV7ab8W14sfxjawHukHYfW/j7ZmwBMCSfrh8lGLeXAPZ+B6dzosvo8FrrF8t DWVvFs+kk1T0SHCtCFL9KGEsELwpAub/yEwNUUSpIcB0/dHw3JgUGeSiXtwPXbod ONCMxAqsp3zB6M17bHr8SJ1MdRrLxkaHmhvZi05Lc7RQZy+UPoeSggiAAlejnhy/ zSds96ZHLCbeJ9bHvk54ibRIsFzJ9EFbwMfO5lyaESmTDxahTCMctBaG1EaRZKde w+SwW+RYYDt0H5cSTa0LNHPird1w/moAolgSAf/xiXdDc4VcJOFDhPYBtSv9J0tl 4FadSSA8vpOS180= -----END CERTIFICATE-----Generated at Thu Nov 21 01:26:02 2024 by rpki-client on console-ams.rpki-client.org