$ rpki-client -vvf rpki.apnic.net/member_repository/A9111926/7C6A0E4421FF11EAA7232A3DC4F9AE02/4D5E29F6BEA111EB9D19D662C4F9AE02.roa File: 4D5E29F6BEA111EB9D19D662C4F9AE02.roa (raw, json) Hash identifier: GVfQCeuu2VSfdrg7kmYbyTvj2S+30bCEUg6ohI3D9VA= Subject key identifier: 5A:E9:3A:A9:28:B3:89:25:6E:10:1B:9A:24:9B:1E:A3:FE:D0:49:9C Certificate issuer: /CN=A9111926/serialNumber=6F23BB4BE82F34B0E7461279520C73977AB1D23C Certificate serial: 0AD6 Authority key identifier: 6F:23:BB:4B:E8:2F:34:B0:E7:46:12:79:52:0C:73:97:7A:B1:D2:3C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/byO7S-gvNLDnRhJ5Ugxzl3qx0jw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9111926/7C6A0E4421FF11EAA7232A3DC4F9AE02/4D5E29F6BEA111EB9D19D662C4F9AE02.roa Signing time: Wed 28 Feb 2024 19:58:05 +0000 ROA not before: Wed 28 Feb 2024 19:58:05 +0000 ROA not after: Thu 01 May 2025 00:00:00 +0000 asID: 38442 IP address blocks: 27.123.128.0/18 maxlen: 24 103.244.228.0/22 maxlen: 24 183.81.128.0/20 maxlen: 24 2401:5100::/32 maxlen: 40 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9111926/7C6A0E4421FF11EAA7232A3DC4F9AE02/byO7S-gvNLDnRhJ5Ugxzl3qx0jw.crl rsync://rpki.apnic.net/member_repository/A9111926/7C6A0E4421FF11EAA7232A3DC4F9AE02/byO7S-gvNLDnRhJ5Ugxzl3qx0jw.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/byO7S-gvNLDnRhJ5Ugxzl3qx0jw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 07 Jun 2024 20:39:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2774 (0xad6) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9111926/serialNumber=6F23BB4BE82F34B0E7461279520C73977AB1D23C Validity Not Before: Feb 28 19:58:05 2024 GMT Not After : May 1 00:00:00 2025 GMT Subject: CN=65df904c-97dd Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:5d:83:bb:10:3a:67:ba:50:7f:cb:72:64:07: 98:85:41:8f:46:d9:76:e7:87:f7:85:95:a8:69:c1: f4:ae:8b:47:bc:f5:67:1e:df:78:0c:b1:51:72:cf: 95:4d:57:f2:d7:33:19:03:3a:ee:50:58:e7:94:03: c3:7a:74:a1:4c:d0:12:58:b8:80:7a:96:f6:48:48: 2e:99:5f:d4:e7:be:1c:d9:02:24:3f:01:ff:0e:fa: cf:39:18:40:0c:e4:e0:12:cb:7f:7a:31:1b:51:e7: ca:ea:e0:df:ec:d5:df:1c:a4:2c:cf:40:cc:13:ad: fd:f1:c7:4a:02:05:ac:03:2f:2c:19:02:63:92:b1: eb:e4:40:bb:5f:a7:14:11:a4:c1:38:6d:dd:53:a6: dc:27:05:ac:cb:1d:56:dd:60:61:20:62:67:e7:93: 40:58:92:6e:12:58:03:5f:4d:ed:6a:10:82:62:ef: 33:d6:47:99:03:9a:82:f5:24:82:3e:78:00:72:98: df:c0:c7:5a:8d:a4:2f:86:a9:b2:07:60:47:a5:c4: b7:2d:91:f0:26:13:c6:1e:6f:ea:de:5b:a7:c2:44: a4:93:e5:8c:27:a9:4e:34:a4:99:1e:60:cc:1b:4c: 4f:7b:bc:ab:9d:37:a7:41:3e:b0:14:7d:4f:45:1a: 98:95 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5A:E9:3A:A9:28:B3:89:25:6E:10:1B:9A:24:9B:1E:A3:FE:D0:49:9C X509v3 Authority Key Identifier: keyid:6F:23:BB:4B:E8:2F:34:B0:E7:46:12:79:52:0C:73:97:7A:B1:D2:3C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9111926/7C6A0E4421FF11EAA7232A3DC4F9AE02/byO7S-gvNLDnRhJ5Ugxzl3qx0jw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/byO7S-gvNLDnRhJ5Ugxzl3qx0jw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9111926/7C6A0E4421FF11EAA7232A3DC4F9AE02/4D5E29F6BEA111EB9D19D662C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 27.123.128.0/18 103.244.228.0/22 183.81.128.0/20 IPv6: 2401:5100::/32 Signature Algorithm: sha256WithRSAEncryption 2e:e5:44:7f:96:7b:ed:c8:48:79:9f:1e:71:5b:c9:4b:bf:28: 19:86:92:af:09:c5:02:6d:23:3c:ae:73:03:d4:b9:36:65:a9: 48:ea:6b:28:59:09:d1:8d:5b:d8:1f:fe:a1:03:36:da:cf:eb: e9:69:17:78:a5:bc:58:9d:30:ee:07:f1:0a:15:d9:37:89:48: 01:3a:85:46:96:68:91:2d:9e:6c:6e:cb:5a:f4:d0:f4:80:99: 06:14:62:8c:3a:30:14:5e:59:ed:d6:dc:56:17:cc:e9:9a:51: cf:99:f8:94:0f:63:67:97:60:9b:11:67:be:dd:2e:94:2e:27: 68:59:f9:f3:df:0e:92:4c:2d:87:ad:cb:cf:e7:1e:29:09:0f: ce:2b:71:75:be:47:e9:53:d4:e6:1f:a2:5b:96:03:62:13:dc: 2b:03:2d:25:5b:d6:58:49:f9:3e:62:8b:1e:b5:b3:db:74:e3: e3:f6:53:a5:82:c7:3c:c0:80:d0:de:65:1b:d3:64:f5:ea:34: 35:02:fe:ae:67:5d:04:27:3a:80:3d:f4:28:11:94:7e:c7:e8: e8:c9:71:c2:af:54:4b:74:15:1a:41:4c:64:eb:e2:25:68:12: d1:10:05:9c:fc:b9:24:28:b6:a3:a2:a5:64:a5:b4:f4:8c:b8: c3:a1:3b:77 -----BEGIN CERTIFICATE----- MIIFjDCCBHSgAwIBAgICCtYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MTE5MjYxMTAvBgNVBAUTKDZGMjNCQjRCRTgyRjM0QjBFNzQ2MTI3OTUyMEM3Mzk3 N0FCMUQyM0MwHhcNMjQwMjI4MTk1ODA1WhcNMjUwNTAxMDAwMDAwWjAYMRYwFAYD VQQDEw02NWRmOTA0Yy05N2RkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAsF2DuxA6Z7pQf8tyZAeYhUGPRtl254f3hZWoacH0rotHvPVnHt94DLFRcs+V TVfy1zMZAzruUFjnlAPDenShTNASWLiAepb2SEgumV/U574c2QIkPwH/DvrPORhA DOTgEst/ejEbUefK6uDf7NXfHKQsz0DME6398cdKAgWsAy8sGQJjkrHr5EC7X6cU EaTBOG3dU6bcJwWsyx1W3WBhIGJn55NAWJJuElgDX03tahCCYu8z1keZA5qC9SSC PngAcpjfwMdajaQvhqmyB2BHpcS3LZHwJhPGHm/q3lunwkSkk+WMJ6lONKSZHmDM G0xPe7yrnTenQT6wFH1PRRqYlQIDAQABo4ICsDCCAqwwHQYDVR0OBBYEFFrpOqko s4klbhAbmiSbHqP+0EmcMB8GA1UdIwQYMBaAFG8ju0voLzSw50YSeVIMc5d6sdI8 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExMTkyNi83QzZBMEU0NDIx RkYxMUVBQTcyMzJBM0RDNEY5QUUwMi9ieU83Uy1ndk5MRG5SaEo1VWd4emwzcXgw ancuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2J5TzdTLWd2TkxEblJoSjVVZ3h6bDNxeDBqdy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MTE5MjYvN0M2QTBFNDQyMUZGMTFFQUE3MjMyQTNEQzRGOUFFMDIvNEQ1RTI5RjZC RUExMTFFQjlEMTlENjYyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOgYIKwYBBQUHAQcBAf8E KzApMBgEAgABMBIDBAYbe4ADBAJn9OQDBAS3UYAwDQQCAAIwBwMFACQBUQAwDQYJ KoZIhvcNAQELBQADggEBAC7lRH+We+3ISHmfHnFbyUu/KBmGkq8JxQJtIzyucwPU uTZlqUjqayhZCdGNW9gf/qEDNtrP6+lpF3ilvFidMO4H8QoV2TeJSAE6hUaWaJEt nmxuy1r00PSAmQYUYow6MBReWe3W3FYXzOmaUc+Z+JQPY2eXYJsRZ77dLpQuJ2hZ +fPfDpJMLYety8/nHikJD84rcXW+R+lT1OYfoluWA2IT3CsDLSVb1lhJ+T5iix61 s9t04+P2U6WCxzzAgNDeZRvTZPXqNDUC/q5nXQQnOoA99CgRlH7H6OjJccKvVEt0 FRpBTGTr4iVoEtEQBZz8uSQotqOipWSltPSMuMOhO3c= -----END CERTIFICATE-----Generated at Sat Jun 1 00:13:08 2024 by rpki-client on console-ams.rpki-client.org