$ rpki-client -vvf rpki.apnic.net/member_repository/A919DB2F/EF59CEC40ADA11EC95F5F678C4F9AE02/8A0874C0AA5211EEAFC18554C4F9AE02.roa File: 8A0874C0AA5211EEAFC18554C4F9AE02.roa (raw, json) Hash identifier: NlN5fs6YliLYR5HdT/sNLzjDC0HoiB4qtgUQ0EkZvxE= Subject key identifier: 63:72:86:AC:93:40:47:B5:C7:50:68:88:8D:AE:B0:82:29:75:F4:51 Certificate issuer: /CN=A919DB2F/serialNumber=F9C3638059F864E84AE3BF50DAAC079C68463EA7 Certificate serial: 04AE Authority key identifier: F9:C3:63:80:59:F8:64:E8:4A:E3:BF:50:DA:AC:07:9C:68:46:3E:A7 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-cNjgFn4ZOhK479Q2qwHnGhGPqc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A919DB2F/EF59CEC40ADA11EC95F5F678C4F9AE02/8A0874C0AA5211EEAFC18554C4F9AE02.roa Signing time: Fri 27 Sep 2024 00:23:52 +0000 ROA not before: Fri 27 Sep 2024 00:23:52 +0000 ROA not after: Mon 01 Dec 2025 00:00:00 +0000 asID: 146961 IP address blocks: 103.172.81.0/24 maxlen: 24 2001:df7:6680::/48 maxlen: 48 2400:8da0:ea00::/44 maxlen: 48 2400:8da0:eb00::/44 maxlen: 48 2400:8da0:ec00::/44 maxlen: 48 2400:8da0:ed00::/44 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A919DB2F/EF59CEC40ADA11EC95F5F678C4F9AE02/-cNjgFn4ZOhK479Q2qwHnGhGPqc.crl rsync://rpki.apnic.net/member_repository/A919DB2F/EF59CEC40ADA11EC95F5F678C4F9AE02/-cNjgFn4ZOhK479Q2qwHnGhGPqc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-cNjgFn4ZOhK479Q2qwHnGhGPqc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 Nov 2024 20:33:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1198 (0x4ae) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A919DB2F/serialNumber=F9C3638059F864E84AE3BF50DAAC079C68463EA7 Validity Not Before: Sep 27 00:23:52 2024 GMT Not After : Dec 1 00:00:00 2025 GMT Subject: CN=66f5fb18-4fc9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9e:74:45:69:e9:ec:cf:1d:7c:75:53:7b:eb:14: aa:68:90:90:db:4d:44:5e:92:8f:fb:10:35:bb:81: 87:3a:c0:b5:e1:0d:1b:e0:88:cb:af:5a:43:61:ed: 53:91:de:31:dc:dd:64:2d:f2:b1:1b:f1:39:91:83: 89:27:d6:87:66:b0:74:54:c8:22:42:59:85:d5:55: 59:88:cb:d9:12:89:46:ca:61:62:da:21:3c:4c:61: 77:3d:1f:17:6a:de:f1:d7:cf:47:bd:24:e7:c6:17: 00:78:47:70:a5:a6:52:47:f4:26:25:7a:4a:96:76: 46:7e:ea:60:e0:22:2f:99:a4:d1:e9:51:9c:c2:6e: 90:60:18:47:3e:b2:f1:82:5f:9f:5f:30:24:c9:bd: 71:0e:34:22:bc:29:c0:de:a8:cd:39:32:73:3e:cb: da:d8:de:45:ca:2c:00:26:1e:13:61:23:6f:48:5b: 9b:ec:20:7c:b1:53:4b:8e:ce:b9:62:5a:09:28:47: 46:8c:9e:f9:67:94:01:53:85:e5:8b:a2:19:35:59: 86:22:bf:f6:f1:f8:84:c4:fa:e5:a8:2e:ff:75:a7: 27:d8:dd:65:a5:8d:6d:fb:f7:94:db:0b:46:58:40: 28:be:a4:95:51:8c:1c:03:b9:47:61:66:d9:c8:05: c2:cd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 63:72:86:AC:93:40:47:B5:C7:50:68:88:8D:AE:B0:82:29:75:F4:51 X509v3 Authority Key Identifier: keyid:F9:C3:63:80:59:F8:64:E8:4A:E3:BF:50:DA:AC:07:9C:68:46:3E:A7 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A919DB2F/EF59CEC40ADA11EC95F5F678C4F9AE02/-cNjgFn4ZOhK479Q2qwHnGhGPqc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-cNjgFn4ZOhK479Q2qwHnGhGPqc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919DB2F/EF59CEC40ADA11EC95F5F678C4F9AE02/8A0874C0AA5211EEAFC18554C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.172.81.0/24 IPv6: 2001:df7:6680::/48 2400:8da0:ea00::/44 2400:8da0:eb00::/44 2400:8da0:ec00::/44 2400:8da0:ed00::/44 Signature Algorithm: sha256WithRSAEncryption c9:51:1e:d1:0a:a8:ab:67:41:a4:f1:8e:37:25:6e:31:06:11: 39:00:a2:8d:c1:9a:e9:f1:75:0c:61:73:00:ec:1f:2b:cd:8c: 84:06:ee:db:82:29:65:97:09:4b:31:55:9f:ee:82:cc:81:a5: a2:1a:dd:0f:a6:55:45:99:d5:4a:29:67:2b:89:2c:12:46:99: e3:36:42:29:fe:c1:6b:e0:b7:29:87:82:5c:af:45:fd:f0:58: fd:d1:15:d5:8e:ce:f2:5a:df:46:55:f9:d2:c3:74:12:15:56: d8:8d:c2:8e:6f:38:54:a6:29:ca:f7:08:b5:2b:eb:a8:f6:5a: 18:6d:4c:43:1d:cb:98:4e:48:4f:f4:3c:b5:36:df:c9:7f:ee: bc:3a:80:ae:3d:18:a4:8b:d6:39:3d:d2:f5:ff:f4:8f:de:0e: 20:98:32:27:ea:98:c1:1c:d1:e2:21:d5:70:9b:c6:c9:76:fc: 61:7c:17:18:bf:b9:5b:22:be:58:b7:f3:61:ce:93:36:79:16: e7:e1:47:65:8e:c8:7e:c6:5d:ca:92:22:01:fc:c2:e6:6c:f6: 38:52:47:38:78:d2:ca:df:07:a1:00:ff:75:4f:89:8e:83:74: fe:ce:ba:f8:82:7f:26:a9:7c:f3:7b:2c:78:b4:f2:9d:1e:ee: a7:52:b4:31 -----BEGIN CERTIFICATE----- MIIFpjCCBI6gAwIBAgICBK4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OURCMkYxMTAvBgNVBAUTKEY5QzM2MzgwNTlGODY0RTg0QUUzQkY1MERBQUMwNzlD Njg0NjNFQTcwHhcNMjQwOTI3MDAyMzUyWhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD VQQDEw02NmY1ZmIxOC00ZmM5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAnnRFaenszx18dVN76xSqaJCQ201EXpKP+xA1u4GHOsC14Q0b4IjLr1pDYe1T kd4x3N1kLfKxG/E5kYOJJ9aHZrB0VMgiQlmF1VVZiMvZEolGymFi2iE8TGF3PR8X at7x189HvSTnxhcAeEdwpaZSR/QmJXpKlnZGfupg4CIvmaTR6VGcwm6QYBhHPrLx gl+fXzAkyb1xDjQivCnA3qjNOTJzPsva2N5FyiwAJh4TYSNvSFub7CB8sVNLjs65 YloJKEdGjJ75Z5QBU4Xli6IZNVmGIr/28fiExPrlqC7/dacn2N1lpY1t+/eU2wtG WEAovqSVUYwcA7lHYWbZyAXCzQIDAQABo4ICyjCCAsYwHQYDVR0OBBYEFGNyhqyT QEe1x1BoiI2usIIpdfRRMB8GA1UdIwQYMBaAFPnDY4BZ+GToSuO/UNqsB5xoRj6n MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5REIyRi9FRjU5Q0VDNDBB REExMUVDOTVGNUY2NzhDNEY5QUUwMi8tY05qZ0ZuNFpPaEs0NzlRMnF3SG5HaEdQ cWMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLy1jTmpnRm40Wk9oSzQ3OVEycXdIbkdoR1BxYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx OURCMkYvRUY1OUNFQzQwQURBMTFFQzk1RjVGNjc4QzRGOUFFMDIvOEEwODc0QzBB QTUyMTFFRUFGQzE4NTU0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwVAYIKwYBBQUHAQcBAf8E RTBDMAwEAgABMAYDBABnrFEwMwQCAAIwLQMHACABDfdmgAMHBCQAjaDqAAMHBCQA jaDrAAMHBCQAjaDsAAMHBCQAjaDtADANBgkqhkiG9w0BAQsFAAOCAQEAyVEe0Qqo q2dBpPGONyVuMQYROQCijcGa6fF1DGFzAOwfK82MhAbu24IpZZcJSzFVn+6CzIGl ohrdD6ZVRZnVSilnK4ksEkaZ4zZCKf7Ba+C3KYeCXK9F/fBY/dEV1Y7O8lrfRlX5 0sN0EhVW2I3Cjm84VKYpyvcItSvrqPZaGG1MQx3LmE5IT/Q8tTbfyX/uvDqArj0Y pIvWOT3S9f/0j94OIJgyJ+qYwRzR4iHVcJvGyXb8YXwXGL+5WyK+WLfzYc6TNnkW 5+FHZY7IfsZdypIiAfzC5mz2OFJHOHjSyt8HoQD/dU+JjoN0/s66+IJ/Jql883ss eLTynR7up1K0MQ== -----END CERTIFICATE-----Generated at Thu Nov 21 00:21:23 2024 by rpki-client on console-fra.rpki-client.org