$ rpki-client -vvf rpki.apnic.net/member_repository/A9198847/DDFBB0B8D78111E9B423AC4BC4F9AE02/3971266E4A4A11EE9424B146C4F9AE02.roa File: 3971266E4A4A11EE9424B146C4F9AE02.roa (raw, json) Hash identifier: MlmgVIO/d4DiH2A4MDbsrJXD1BIjrXh5EpB8PgHUvGE= Subject key identifier: 45:C0:67:96:4B:2D:14:FC:DA:F2:50:D9:DD:DD:B3:93:33:74:54:73 Certificate issuer: /CN=A9198847/serialNumber=A6EF06B689581821C78C88291BBDF5C512A33F41 Certificate serial: 0CC3 Authority key identifier: A6:EF:06:B6:89:58:18:21:C7:8C:88:29:1B:BD:F5:C5:12:A3:3F:41 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pu8GtolYGCHHjIgpG731xRKjP0E.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9198847/DDFBB0B8D78111E9B423AC4BC4F9AE02/3971266E4A4A11EE9424B146C4F9AE02.roa Signing time: Tue 11 Jun 2024 06:38:38 +0000 ROA not before: Tue 11 Jun 2024 06:38:38 +0000 ROA not after: Wed 28 May 2025 00:00:00 +0000 asID: 138640 IP address blocks: 43.246.200.0/24 maxlen: 24 43.246.202.0/24 maxlen: 24 103.109.56.0/24 maxlen: 24 103.109.59.0/24 maxlen: 24 103.111.13.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9198847/DDFBB0B8D78111E9B423AC4BC4F9AE02/pu8GtolYGCHHjIgpG731xRKjP0E.crl rsync://rpki.apnic.net/member_repository/A9198847/DDFBB0B8D78111E9B423AC4BC4F9AE02/pu8GtolYGCHHjIgpG731xRKjP0E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pu8GtolYGCHHjIgpG731xRKjP0E.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Nov 2024 18:02:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3267 (0xcc3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9198847/serialNumber=A6EF06B689581821C78C88291BBDF5C512A33F41 Validity Not Before: Jun 11 06:38:38 2024 GMT Not After : May 28 00:00:00 2025 GMT Subject: CN=6667f0ee-d7f4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:f5:07:41:01:ba:da:04:20:1b:dc:1a:66:85: 9c:9d:bc:9a:33:97:8f:c0:0f:70:00:b5:e0:ff:40: cd:2f:b3:63:71:8c:75:b1:2b:47:bf:38:ed:eb:5e: 18:56:31:97:c3:c2:ca:1b:c5:d3:3a:89:f0:75:ce: a6:fc:2c:19:6f:2d:62:b4:4b:64:93:c3:e7:22:c1: 4b:c8:75:5a:11:79:2b:bd:e8:20:81:32:6a:e4:b1: 33:e8:c9:78:7e:82:65:71:60:84:06:b9:db:41:61: 9d:c2:2e:cb:f1:9e:4d:5d:79:b4:46:b4:72:4f:f4: 78:2a:c2:91:ea:4f:2f:23:ba:33:fb:a3:8f:2f:9b: 25:01:54:3d:87:d7:90:8a:bc:42:47:25:d8:2a:2c: 14:59:17:31:6b:8a:8c:39:4a:2a:6d:6c:ff:9c:fd: a2:28:2e:dc:e5:9f:5a:b0:87:af:66:7f:ba:31:77: 77:1c:14:82:73:64:ec:d7:91:a0:ba:62:67:a9:8c: 2a:0c:01:98:8d:46:63:86:5a:7f:2f:20:e9:33:19: 3d:2e:ef:45:41:42:29:55:51:d3:73:8b:49:0c:4b: b0:0e:2c:c6:09:c6:6d:2b:b3:18:21:dc:08:3d:fa: cc:f1:b7:8c:90:8f:29:d9:0d:31:51:06:a2:88:67: 48:b7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 45:C0:67:96:4B:2D:14:FC:DA:F2:50:D9:DD:DD:B3:93:33:74:54:73 X509v3 Authority Key Identifier: keyid:A6:EF:06:B6:89:58:18:21:C7:8C:88:29:1B:BD:F5:C5:12:A3:3F:41 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9198847/DDFBB0B8D78111E9B423AC4BC4F9AE02/pu8GtolYGCHHjIgpG731xRKjP0E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pu8GtolYGCHHjIgpG731xRKjP0E.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9198847/DDFBB0B8D78111E9B423AC4BC4F9AE02/3971266E4A4A11EE9424B146C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.246.200.0/24 43.246.202.0/24 103.109.56.0/24 103.109.59.0/24 103.111.13.0/24 Signature Algorithm: sha256WithRSAEncryption 7d:31:69:00:41:73:c8:88:3c:d0:95:08:4c:6d:cc:d6:0d:3f: f0:55:cc:49:75:e5:58:a8:7f:12:83:d2:10:36:0b:1c:89:38: 6d:87:24:b1:58:09:de:07:cd:4e:04:d5:35:d2:a8:95:98:c1: ef:33:a8:6c:0f:87:02:5a:ed:f4:14:99:6b:2e:9f:61:79:12: 7e:62:69:06:8f:4e:da:3e:17:84:df:c0:5a:c1:2f:bd:6d:1e: 45:4b:9c:1f:e1:05:ae:6e:75:cb:c2:0c:03:d4:6f:77:90:a4: 51:fb:a8:47:64:53:98:c4:7d:b8:42:01:b4:e8:05:b3:89:74: 6d:39:b4:71:f6:e9:91:ec:97:0e:28:23:81:47:cb:a5:d0:d9: 86:b5:bb:47:a8:51:2f:db:34:bc:3c:7d:cb:b1:73:23:51:ce: d7:73:7a:51:0a:10:f7:cb:cb:8c:2d:b1:00:cc:46:a0:d7:fd: 1c:13:16:d4:4c:a5:03:b9:c1:04:0c:9f:ba:6c:11:7d:18:35: d7:cf:90:34:c1:99:4e:a0:4d:f3:f9:8e:ca:39:a6:a1:7c:f2: f5:fb:89:17:eb:58:70:0d:63:fe:b5:5f:3e:c0:22:30:50:e5: f7:c4:56:3d:ef:b8:6f:e8:e0:42:f2:af:69:54:17:57:8d:25: 09:9f:6a:48 -----BEGIN CERTIFICATE----- MIIFiTCCBHGgAwIBAgICDMMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OTg4NDcxMTAvBgNVBAUTKEE2RUYwNkI2ODk1ODE4MjFDNzhDODgyOTFCQkRGNUM1 MTJBMzNGNDEwHhcNMjQwNjExMDYzODM4WhcNMjUwNTI4MDAwMDAwWjAYMRYwFAYD VQQDEw02NjY3ZjBlZS1kN2Y0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvPUHQQG62gQgG9waZoWcnbyaM5ePwA9wALXg/0DNL7NjcYx1sStHvzjt614Y VjGXw8LKG8XTOonwdc6m/CwZby1itEtkk8PnIsFLyHVaEXkrvegggTJq5LEz6Ml4 foJlcWCEBrnbQWGdwi7L8Z5NXXm0RrRyT/R4KsKR6k8vI7oz+6OPL5slAVQ9h9eQ irxCRyXYKiwUWRcxa4qMOUoqbWz/nP2iKC7c5Z9asIevZn+6MXd3HBSCc2Ts15Gg umJnqYwqDAGYjUZjhlp/LyDpMxk9Lu9FQUIpVVHTc4tJDEuwDizGCcZtK7MYIdwI PfrM8beMkI8p2Q0xUQaiiGdItwIDAQABo4ICrTCCAqkwHQYDVR0OBBYEFEXAZ5ZL LRT82vJQ2d3ds5MzdFRzMB8GA1UdIwQYMBaAFKbvBraJWBghx4yIKRu99cUSoz9B MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5ODg0Ny9EREZCQjBCOEQ3 ODExMUU5QjQyM0FDNEJDNEY5QUUwMi9wdThHdG9sWUdDSEhqSWdwRzczMXhSS2pQ MEUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3B1OEd0b2xZR0NISGpJZ3BHNzMxeFJLalAwRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx OTg4NDcvRERGQkIwQjhENzgxMTFFOUI0MjNBQzRCQzRGOUFFMDIvMzk3MTI2NkU0 QTRBMTFFRTk0MjRCMTQ2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNwYIKwYBBQUHAQcBAf8E KDAmMCQEAgABMB4DBAAr9sgDBAAr9soDBABnbTgDBABnbTsDBABnbw0wDQYJKoZI hvcNAQELBQADggEBAH0xaQBBc8iIPNCVCExtzNYNP/BVzEl15ViofxKD0hA2CxyJ OG2HJLFYCd4HzU4E1TXSqJWYwe8zqGwPhwJa7fQUmWsun2F5En5iaQaPTto+F4Tf wFrBL71tHkVLnB/hBa5udcvCDAPUb3eQpFH7qEdkU5jEfbhCAbToBbOJdG05tHH2 6ZHslw4oI4FHy6XQ2Ya1u0eoUS/bNLw8fcuxcyNRztdzelEKEPfLy4wtsQDMRqDX /RwTFtRMpQO5wQQMn7psEX0YNdfPkDTBmU6gTfP5jso5pqF88vX7iRfrWHANY/61 Xz7AIjBQ5ffEVj3vuG/o4ELyr2lUF1eNJQmfakg= -----END CERTIFICATE-----Generated at Fri Nov 22 19:45:01 2024 by rpki-client on console-fra.rpki-client.org