$ rpki-client -vvf rpki.apnic.net/member_repository/A91EA7B2/3EE3235AAE9911E9AC50E17BC4F9AE02/C145485EAE9A11E9B17AC77EC4F9AE02.roa File: C145485EAE9A11E9B17AC77EC4F9AE02.roa (raw, json) Hash identifier: agk9fTE0Dhy5dYc90EBQeapRa6cEZ8A1rQ5/CvNJ7LU= Subject key identifier: E9:BE:59:AB:A4:D4:F3:FB:B4:3E:4A:1D:E9:8B:A7:0C:C5:A1:62:9A Certificate issuer: /CN=A91EA7B2/serialNumber=1156205EC7380A00F10F3410114D040357F00FF1 Certificate serial: 0D66 Authority key identifier: 11:56:20:5E:C7:38:0A:00:F1:0F:34:10:11:4D:04:03:57:F0:0F:F1 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/EVYgXsc4CgDxDzQQEU0EA1fwD_E.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EA7B2/3EE3235AAE9911E9AC50E17BC4F9AE02/C145485EAE9A11E9B17AC77EC4F9AE02.roa Signing time: Fri 12 Jul 2024 18:56:26 +0000 ROA not before: Fri 12 Jul 2024 18:56:26 +0000 ROA not after: Tue 30 Sep 2025 00:00:00 +0000 asID: 137932 IP address blocks: 103.117.128.0/24 maxlen: 24 103.117.129.0/24 maxlen: 24 103.117.130.0/24 maxlen: 24 103.117.131.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EA7B2/3EE3235AAE9911E9AC50E17BC4F9AE02/EVYgXsc4CgDxDzQQEU0EA1fwD_E.crl rsync://rpki.apnic.net/member_repository/A91EA7B2/3EE3235AAE9911E9AC50E17BC4F9AE02/EVYgXsc4CgDxDzQQEU0EA1fwD_E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/EVYgXsc4CgDxDzQQEU0EA1fwD_E.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Nov 2024 17:52:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3430 (0xd66) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EA7B2/serialNumber=1156205EC7380A00F10F3410114D040357F00FF1 Validity Not Before: Jul 12 18:56:26 2024 GMT Not After : Sep 30 00:00:00 2025 GMT Subject: CN=66917c5a-47ac Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9b:c1:d3:fb:53:1d:b1:76:8e:01:55:7e:24:f4: 78:43:8d:d5:d4:b2:6b:1b:7f:2e:c7:41:78:76:21: 95:d2:36:14:41:f1:53:1c:0f:55:f1:98:f6:39:c5: d5:06:33:3e:d8:d8:a9:ed:20:d9:56:27:9f:d0:5a: 76:65:7c:1b:41:90:a2:07:81:33:62:cf:11:ba:c0: f2:c8:5e:da:f5:e1:f0:30:70:b8:b0:18:fe:fc:a6: d5:2f:39:f1:6c:34:bf:e5:93:60:d5:dd:b7:5e:5c: fb:f2:f2:79:23:6b:af:c2:d4:d6:79:5d:08:da:8f: a1:f7:23:e6:50:d7:3a:b2:0c:a0:4c:62:00:e7:9b: 20:26:03:32:35:08:9d:56:29:77:e9:72:df:4b:4d: 84:20:1e:57:c0:5b:2c:df:d1:73:17:a6:3d:4f:96: 4b:64:a5:99:c1:6d:92:28:3c:3d:94:2f:7e:55:22: cc:b4:9a:f7:e3:44:ee:c5:90:d8:6f:07:75:ed:32: 08:b6:53:b0:69:26:32:86:e5:4e:73:e6:3f:ee:83: 3f:21:6c:e0:22:9a:9b:62:d1:01:3c:c5:42:ff:24: 64:fb:c8:32:18:e9:85:37:28:21:54:8f:55:4c:40: 04:c3:b6:6a:60:25:c6:af:52:42:3a:7a:12:39:8a: 70:a5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E9:BE:59:AB:A4:D4:F3:FB:B4:3E:4A:1D:E9:8B:A7:0C:C5:A1:62:9A X509v3 Authority Key Identifier: keyid:11:56:20:5E:C7:38:0A:00:F1:0F:34:10:11:4D:04:03:57:F0:0F:F1 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EA7B2/3EE3235AAE9911E9AC50E17BC4F9AE02/EVYgXsc4CgDxDzQQEU0EA1fwD_E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/EVYgXsc4CgDxDzQQEU0EA1fwD_E.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EA7B2/3EE3235AAE9911E9AC50E17BC4F9AE02/C145485EAE9A11E9B17AC77EC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.117.128.0/22 Signature Algorithm: sha256WithRSAEncryption 84:b7:27:c2:2c:af:b4:29:32:0d:13:75:dd:7b:1c:e8:dd:c0: 9e:ca:a6:ef:fc:c8:29:a6:6f:32:ba:82:88:08:21:e4:37:6b: 86:2e:c0:4e:bb:5b:92:1a:57:95:86:c4:76:d4:35:c3:54:57: 6e:2e:55:49:1c:3d:2d:08:c5:a1:8d:35:dd:d4:cc:e4:5d:45: 8b:72:58:65:e0:a4:7b:99:f9:47:b5:c9:c6:d8:0e:fe:04:4f: 20:8d:8b:00:74:4a:0c:b7:27:c6:d3:51:4b:b5:74:f5:6c:db: a6:a7:46:44:42:60:4d:8f:6e:5e:ff:09:e2:ca:ef:6d:6c:51: ef:8a:2d:79:64:47:d2:b6:45:b8:eb:34:f9:a8:1d:3f:75:6b: 0b:52:de:e9:f0:c4:0d:bf:2d:a8:c2:cc:f2:1f:f8:c7:4a:6a: 54:7e:e9:89:72:4f:21:8b:25:88:83:a5:88:9e:46:53:48:2f: f7:77:e1:e9:35:c6:a2:44:5b:c5:6a:bf:a7:6f:cf:2a:0f:b5: 65:a1:3a:69:4d:65:96:f6:09:65:ba:49:f1:ad:d9:7c:c1:b2: e3:06:2b:93:3f:87:26:4f:84:38:9a:be:3c:fa:a3:1b:f2:53: 38:17:a9:12:5a:aa:cd:8f:df:e2:a5:06:dd:aa:62:8d:a9:58: ed:17:0a:e9 -----BEGIN CERTIFICATE----- MIIFcTCCBFmgAwIBAgICDWYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RUE3QjIxMTAvBgNVBAUTKDExNTYyMDVFQzczODBBMDBGMTBGMzQxMDExNEQwNDAz NTdGMDBGRjEwHhcNMjQwNzEyMTg1NjI2WhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD VQQDEw02NjkxN2M1YS00N2FjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAm8HT+1MdsXaOAVV+JPR4Q43V1LJrG38ux0F4diGV0jYUQfFTHA9V8Zj2OcXV BjM+2Nip7SDZVief0Fp2ZXwbQZCiB4EzYs8RusDyyF7a9eHwMHC4sBj+/KbVLznx bDS/5ZNg1d23Xlz78vJ5I2uvwtTWeV0I2o+h9yPmUNc6sgygTGIA55sgJgMyNQid Vil36XLfS02EIB5XwFss39FzF6Y9T5ZLZKWZwW2SKDw9lC9+VSLMtJr340TuxZDY bwd17TIItlOwaSYyhuVOc+Y/7oM/IWzgIpqbYtEBPMVC/yRk+8gyGOmFNyghVI9V TEAEw7ZqYCXGr1JCOnoSOYpwpQIDAQABo4IClTCCApEwHQYDVR0OBBYEFOm+Wauk 1PP7tD5KHemLpwzFoWKaMB8GA1UdIwQYMBaAFBFWIF7HOAoA8Q80EBFNBANX8A/x MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQTdCMi8zRUUzMjM1QUFF OTkxMUU5QUM1MEUxN0JDNEY5QUUwMi9FVllnWHNjNENnRHhEelFRRVUwRUExZndE X0UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0VWWWdYc2M0Q2dEeER6UVFFVTBFQTFmd0RfRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RUE3QjIvM0VFMzIzNUFBRTk5MTFFOUFDNTBFMTdCQzRGOUFFMDIvQzE0NTQ4NUVB RTlBMTFFOUIxN0FDNzdFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E EDAOMAwEAgABMAYDBAJndYAwDQYJKoZIhvcNAQELBQADggEBAIS3J8Isr7QpMg0T dd17HOjdwJ7Kpu/8yCmmbzK6gogIIeQ3a4YuwE67W5IaV5WGxHbUNcNUV24uVUkc PS0IxaGNNd3UzORdRYtyWGXgpHuZ+Ue1ycbYDv4ETyCNiwB0Sgy3J8bTUUu1dPVs 26anRkRCYE2Pbl7/CeLK721sUe+KLXlkR9K2RbjrNPmoHT91awtS3unwxA2/LajC zPIf+MdKalR+6YlyTyGLJYiDpYieRlNIL/d34ek1xqJEW8Vqv6dvzyoPtWWhOmlN ZZb2CWW6SfGt2XzBsuMGK5M/hyZPhDiavjz6oxvyUzgXqRJaqs2P3+KlBt2qYo2p WO0XCuk= -----END CERTIFICATE-----Generated at Fri Nov 22 19:45:04 2024 by rpki-client on console-fra.rpki-client.org