$ rpki-client -vvf rpki.apnic.net/member_repository/A912512F/4B8BFFECB46911EAABA71C75C4F9AE02/9FCAD654781E11EB808A544BC4F9AE02.roa File: 9FCAD654781E11EB808A544BC4F9AE02.roa (raw, json) Hash identifier: jI9GJ3mUj7/g+UDfOOrVVqKbgOohmwcRp94iSUpENxA= Subject key identifier: 5D:56:8B:D8:DB:96:B2:43:2A:61:8C:D8:88:BE:D9:EE:38:7A:B2:B1 Certificate issuer: /CN=A912512F/serialNumber=E237D2CD3BA1F1B927545F244992872AD0AFC305 Certificate serial: 0862 Authority key identifier: E2:37:D2:CD:3B:A1:F1:B9:27:54:5F:24:49:92:87:2A:D0:AF:C3:05 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4jfSzTuh8bknVF8kSZKHKtCvwwU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A912512F/4B8BFFECB46911EAABA71C75C4F9AE02/9FCAD654781E11EB808A544BC4F9AE02.roa Signing time: Wed 04 Sep 2024 21:29:23 +0000 ROA not before: Wed 04 Sep 2024 21:29:23 +0000 ROA not after: Mon 01 Dec 2025 00:00:00 +0000 asID: 141742 IP address blocks: 43.246.216.0/22 maxlen: 22 43.246.216.0/24 maxlen: 24 43.246.217.0/24 maxlen: 24 43.246.218.0/24 maxlen: 24 43.246.219.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A912512F/4B8BFFECB46911EAABA71C75C4F9AE02/4jfSzTuh8bknVF8kSZKHKtCvwwU.crl rsync://rpki.apnic.net/member_repository/A912512F/4B8BFFECB46911EAABA71C75C4F9AE02/4jfSzTuh8bknVF8kSZKHKtCvwwU.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4jfSzTuh8bknVF8kSZKHKtCvwwU.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Nov 2024 19:56:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2146 (0x862) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A912512F/serialNumber=E237D2CD3BA1F1B927545F244992872AD0AFC305 Validity Not Before: Sep 4 21:29:23 2024 GMT Not After : Dec 1 00:00:00 2025 GMT Subject: CN=66d8d133-5e06 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:17:00:f5:9f:fc:81:41:49:8b:7c:7f:74:c2: 68:df:fe:d4:ce:2f:ee:4a:49:f9:97:24:42:51:c4: 3d:f1:18:e0:e5:e9:b6:63:e4:21:60:6f:7e:3d:42: 38:46:b6:d1:87:03:24:6e:09:2d:b7:e8:ae:2e:a1: 07:d5:da:11:11:82:e0:b1:5c:a4:14:e7:14:34:31: 03:8c:34:9b:78:13:35:67:1e:1b:a4:aa:04:da:52: 94:e0:34:f6:86:24:5a:ec:d7:a2:07:51:5e:57:62: ff:ad:01:f9:12:f9:78:96:55:df:36:0d:90:56:53: 4b:84:24:bb:e9:9c:10:12:af:11:e2:83:48:4a:99: 76:3f:35:60:fd:e8:6c:67:08:85:3c:75:67:a6:1a: 30:27:6b:d9:54:6f:8b:52:8e:7d:42:1e:f2:06:f7: fc:ff:eb:6a:4c:cc:0c:71:24:f7:df:40:8d:53:b1: 1d:02:f6:fb:94:af:1e:fa:2f:b6:9f:1e:bd:68:da: ff:74:32:26:91:c0:0e:94:b4:fd:24:7d:2a:38:7f: 9e:c6:c6:c5:3f:fe:08:59:c8:63:3d:9d:fc:3a:65: 77:9e:11:d8:74:73:a1:ac:1e:1b:a3:a4:85:3b:f3: c0:54:18:52:1a:96:f4:7a:16:73:1f:d8:a8:87:bc: 99:17 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5D:56:8B:D8:DB:96:B2:43:2A:61:8C:D8:88:BE:D9:EE:38:7A:B2:B1 X509v3 Authority Key Identifier: keyid:E2:37:D2:CD:3B:A1:F1:B9:27:54:5F:24:49:92:87:2A:D0:AF:C3:05 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A912512F/4B8BFFECB46911EAABA71C75C4F9AE02/4jfSzTuh8bknVF8kSZKHKtCvwwU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4jfSzTuh8bknVF8kSZKHKtCvwwU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912512F/4B8BFFECB46911EAABA71C75C4F9AE02/9FCAD654781E11EB808A544BC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.246.216.0/22 Signature Algorithm: sha256WithRSAEncryption 33:82:5e:98:20:af:aa:ff:13:98:a1:43:97:51:01:e5:a7:85: 3a:e7:4f:e2:0f:15:a4:97:2a:67:eb:ad:00:a1:91:eb:77:8f: 8f:41:12:2c:bd:be:1e:37:cd:0b:4a:08:87:be:6e:91:14:fb: 7c:27:f8:37:9a:7c:a4:03:be:af:4a:34:54:3d:13:8c:b8:6f: 08:8d:7f:11:39:28:e5:8f:69:dd:5c:bf:16:75:78:a7:15:7f: 5b:04:15:56:60:aa:1a:7e:e6:f3:9c:16:72:d1:3d:c4:61:df: 72:45:80:d6:d2:42:ed:13:ba:70:53:36:22:01:89:42:74:be: b3:1f:64:8a:31:c1:22:76:47:01:3b:e8:fd:7e:97:b3:83:e8: 8e:1b:3e:43:a2:99:e1:22:64:e3:6e:34:a0:5d:88:82:f1:fa: 7e:11:98:c5:66:c1:76:d1:10:d2:f6:fd:85:8a:3a:68:fd:b3: 8e:ab:19:72:fc:6f:ae:56:b7:9d:64:bc:ae:fe:1f:28:d3:88: 06:ff:ec:bc:4b:20:37:93:04:5c:17:4b:8b:26:4b:95:7f:38: 5a:ee:24:da:ae:13:78:3d:0f:24:58:6c:9c:54:c2:13:d8:d9: bb:e6:a3:73:09:a0:0f:c3:33:70:f7:00:91:85:9c:4e:8f:87: ed:7c:e6:da -----BEGIN CERTIFICATE----- MIIFcTCCBFmgAwIBAgICCGIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MjUxMkYxMTAvBgNVBAUTKEUyMzdEMkNEM0JBMUYxQjkyNzU0NUYyNDQ5OTI4NzJB RDBBRkMzMDUwHhcNMjQwOTA0MjEyOTIzWhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD VQQDEw02NmQ4ZDEzMy01ZTA2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAsxcA9Z/8gUFJi3x/dMJo3/7Uzi/uSkn5lyRCUcQ98Rjg5em2Y+QhYG9+PUI4 RrbRhwMkbgktt+iuLqEH1doREYLgsVykFOcUNDEDjDSbeBM1Zx4bpKoE2lKU4DT2 hiRa7NeiB1FeV2L/rQH5Evl4llXfNg2QVlNLhCS76ZwQEq8R4oNISpl2PzVg/ehs ZwiFPHVnphowJ2vZVG+LUo59Qh7yBvf8/+tqTMwMcST330CNU7EdAvb7lK8e+i+2 nx69aNr/dDImkcAOlLT9JH0qOH+exsbFP/4IWchjPZ38OmV3nhHYdHOhrB4bo6SF O/PAVBhSGpb0ehZzH9ioh7yZFwIDAQABo4IClTCCApEwHQYDVR0OBBYEFF1Wi9jb lrJDKmGM2Ii+2e44erKxMB8GA1UdIwQYMBaAFOI30s07ofG5J1RfJEmShyrQr8MF MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyNTEyRi80QjhCRkZFQ0I0 NjkxMUVBQUJBNzFDNzVDNEY5QUUwMi80amZTelR1aDhia25WRjhrU1pLSEt0Q3Z3 d1UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzRqZlN6VHVoOGJrblZGOGtTWktIS3RDdnd3VS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MjUxMkYvNEI4QkZGRUNCNDY5MTFFQUFCQTcxQzc1QzRGOUFFMDIvOUZDQUQ2NTQ3 ODFFMTFFQjgwOEE1NDRCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E EDAOMAwEAgABMAYDBAIr9tgwDQYJKoZIhvcNAQELBQADggEBADOCXpggr6r/E5ih Q5dRAeWnhTrnT+IPFaSXKmfrrQChket3j49BEiy9vh43zQtKCIe+bpEU+3wn+Dea fKQDvq9KNFQ9E4y4bwiNfxE5KOWPad1cvxZ1eKcVf1sEFVZgqhp+5vOcFnLRPcRh 33JFgNbSQu0TunBTNiIBiUJ0vrMfZIoxwSJ2RwE76P1+l7OD6I4bPkOimeEiZONu NKBdiILx+n4RmMVmwXbRENL2/YWKOmj9s46rGXL8b65Wt51kvK7+HyjTiAb/7LxL IDeTBFwXS4smS5V/OFruJNquE3g9DyRYbJxUwhPY2bvmo3MJoA/DM3D3AJGFnE6P h+185to= -----END CERTIFICATE-----Generated at Fri Nov 22 21:05:26 2024 by rpki-client on console-fra.rpki-client.org