$ rpki-client -vvf rpki.apnic.net/member_repository/A9132B4D/C199E006B20511EBAEAE9F10C4F9AE02/B3E4DCF8BE4C11EEB1327A54C4F9AE02.roa File: B3E4DCF8BE4C11EEB1327A54C4F9AE02.roa (raw, json) Hash identifier: /zbyHciIwndBXlxJhKITEkhA9vsFIRYPFElbWadsiXw= Subject key identifier: E7:D3:3A:08:A8:1F:B9:89:4E:DC:CF:91:BE:1D:B3:14:99:18:DF:EC Certificate issuer: /CN=A9132B4D/serialNumber=23F5D93A82E7D7840679B1C64DA37C37CFFE77EF Certificate serial: 05A1 Authority key identifier: 23:F5:D9:3A:82:E7:D7:84:06:79:B1:C6:4D:A3:7C:37:CF:FE:77:EF Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/I_XZOoLn14QGebHGTaN8N8_-d-8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9132B4D/C199E006B20511EBAEAE9F10C4F9AE02/B3E4DCF8BE4C11EEB1327A54C4F9AE02.roa Signing time: Fri 31 May 2024 01:46:20 +0000 ROA not before: Fri 31 May 2024 01:46:20 +0000 ROA not after: Wed 30 Jul 2025 00:00:00 +0000 asID: 137872 IP address blocks: 43.252.52.0/22 maxlen: 24 58.82.192.0/19 maxlen: 24 58.82.224.0/19 maxlen: 24 103.15.84.0/22 maxlen: 24 123.136.0.0/20 maxlen: 24 161.81.0.0/16 maxlen: 24 182.239.64.0/21 maxlen: 24 182.239.96.0/21 maxlen: 24 203.142.96.0/24 maxlen: 24 203.142.100.0/22 maxlen: 24 203.142.104.0/21 maxlen: 24 203.142.112.0/21 maxlen: 24 203.142.120.0/22 maxlen: 24 203.142.124.0/23 maxlen: 24 203.142.126.0/24 maxlen: 24 223.122.0.0/18 maxlen: 24 223.122.64.0/18 maxlen: 24 223.122.128.0/17 maxlen: 24 2401:3000:a000::/36 maxlen: 40 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9132B4D/C199E006B20511EBAEAE9F10C4F9AE02/I_XZOoLn14QGebHGTaN8N8_-d-8.crl rsync://rpki.apnic.net/member_repository/A9132B4D/C199E006B20511EBAEAE9F10C4F9AE02/I_XZOoLn14QGebHGTaN8N8_-d-8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/I_XZOoLn14QGebHGTaN8N8_-d-8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 11 Apr 2025 23:08:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1441 (0x5a1) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9132B4D Validity Not Before: May 31 01:46:20 2024 GMT Not After : Jul 30 00:00:00 2025 GMT Subject: CN=66592bec-abfe Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9c:2b:06:37:03:04:a6:11:32:2f:62:d8:f5:12: 8e:50:35:56:d0:94:09:b9:90:43:94:c4:e8:c6:32: 2e:d9:64:a8:51:ac:42:f8:72:eb:fe:ef:85:71:e1: 6d:24:d9:0b:f1:3a:30:36:99:f0:7b:8b:b6:bf:c1: 0d:ea:00:d0:0a:6e:9d:40:57:f0:c1:06:e4:10:6e: 02:be:fd:e4:57:4e:cb:6f:5c:47:fc:9c:34:61:13: 6e:ad:3f:21:cb:26:13:69:b8:b0:f3:77:64:2f:03: c3:a8:8f:42:f9:14:75:ec:1b:41:17:b2:79:c9:cd: eb:99:00:95:b5:1f:53:69:83:6d:1d:bd:4f:3f:6f: e1:7f:3f:28:ec:65:68:36:4a:3b:ab:7e:5c:ff:91: 93:89:d8:db:86:94:4c:8e:51:7d:aa:c8:a5:a0:d0: b7:d2:8a:df:bc:aa:51:24:2d:9c:95:4b:c1:af:c2: c5:7f:7a:6b:7a:fb:ba:91:dc:04:95:b3:ec:8b:80: 19:61:1f:fc:2c:05:37:09:c6:16:2f:0d:58:b3:55: e9:db:f2:f2:63:c0:1e:89:a6:40:35:ed:2b:a3:29: 05:6f:1f:6e:04:52:a7:19:96:ee:f1:c1:4e:19:04: 14:5f:2d:c8:0b:c8:91:b7:c1:f1:12:8e:f1:28:be: 70:8d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E7:D3:3A:08:A8:1F:B9:89:4E:DC:CF:91:BE:1D:B3:14:99:18:DF:EC X509v3 Authority Key Identifier: keyid:23:F5:D9:3A:82:E7:D7:84:06:79:B1:C6:4D:A3:7C:37:CF:FE:77:EF X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9132B4D/C199E006B20511EBAEAE9F10C4F9AE02/I_XZOoLn14QGebHGTaN8N8_-d-8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/I_XZOoLn14QGebHGTaN8N8_-d-8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9132B4D/C199E006B20511EBAEAE9F10C4F9AE02/B3E4DCF8BE4C11EEB1327A54C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.252.52.0/22 58.82.192.0/18 103.15.84.0/22 123.136.0.0/20 161.81.0.0/16 182.239.64.0/21 182.239.96.0/21 203.142.96.0/24 203.142.100.0-203.142.126.255 223.122.0.0/16 IPv6: 2401:3000:a000::/36 Signature Algorithm: sha256WithRSAEncryption 32:86:f9:9b:6e:31:57:ad:17:e0:57:53:6e:0b:97:04:75:35: fc:05:af:7d:64:c3:af:cb:3f:ac:14:0b:cc:78:2c:1a:66:28: 96:55:01:1b:b9:b9:93:18:19:5e:ca:f5:f9:eb:2c:ad:d8:eb: 03:28:fb:80:8f:d5:9d:22:89:74:be:65:2f:ac:1a:d4:8f:26: 99:2d:e4:47:ed:f0:70:1a:e6:cc:23:90:35:03:f9:fe:2a:6c: da:3d:df:38:dd:5e:02:b6:16:6c:94:18:fb:b7:8e:b8:0a:e3: 16:73:c8:e1:11:d0:b2:05:51:91:2c:63:87:f7:76:6f:46:62: 50:0f:40:9c:53:cd:4e:b0:6e:88:46:44:0a:2b:19:c7:05:69: 70:39:00:0c:0f:46:3e:7d:9e:96:1f:34:8e:aa:1b:b0:6a:54: b3:7a:22:88:c1:64:1f:49:e4:3f:1d:dd:ee:20:72:5f:ef:bf: bc:80:51:56:fd:12:60:2c:dd:8b:a8:c0:04:38:d3:1b:6d:65: 29:68:5b:91:73:ba:d2:5d:e6:9c:99:ff:2b:2c:08:d4:5c:86: 88:cb:59:3a:9c:d9:7e:e6:5c:d8:4c:b2:68:72:6c:7a:4a:ba: f6:6a:05:2e:4b:ae:00:dd:c3:17:db:c8:50:0a:de:bb:25:31: 01:a7:c7:49 -----BEGIN CERTIFICATE----- MIIFvTCCBKWgAwIBAgICBaEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MzJCNEQxMTAvBgNVBAUTKDIzRjVEOTNBODJFN0Q3ODQwNjc5QjFDNjREQTM3QzM3 Q0ZGRTc3RUYwHhcNMjQwNTMxMDE0NjIwWhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD VQQDEw02NjU5MmJlYy1hYmZlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAnCsGNwMEphEyL2LY9RKOUDVW0JQJuZBDlMToxjIu2WSoUaxC+HLr/u+FceFt JNkL8TowNpnwe4u2v8EN6gDQCm6dQFfwwQbkEG4Cvv3kV07Lb1xH/Jw0YRNurT8h yyYTabiw83dkLwPDqI9C+RR17BtBF7J5yc3rmQCVtR9TaYNtHb1PP2/hfz8o7GVo Nko7q35c/5GTidjbhpRMjlF9qsiloNC30orfvKpRJC2clUvBr8LFf3prevu6kdwE lbPsi4AZYR/8LAU3CcYWLw1Ys1Xp2/LyY8AeiaZANe0roykFbx9uBFKnGZbu8cFO GQQUXy3IC8iRt8HxEo7xKL5wjQIDAQABo4IC4TCCAt0wHQYDVR0OBBYEFOfTOgio H7mJTtzPkb4dsxSZGN/sMB8GA1UdIwQYMBaAFCP12TqC59eEBnmxxk2jfDfP/nfv MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzMkI0RC9DMTk5RTAwNkIy MDUxMUVCQUVBRTlGMTBDNEY5QUUwMi9JX1haT29MbjE0UUdlYkhHVGFOOE44Xy1k LTguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0lfWFpPb0xuMTRRR2ViSEdUYU44TjhfLWQtOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MzJCNEQvQzE5OUUwMDZCMjA1MTFFQkFFQUU5RjEwQzRGOUFFMDIvQjNFNERDRjhC RTRDMTFFRUIxMzI3QTU0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwawYIKwYBBQUHAQcBAf8E XDBaMEgEAgABMEIDBAIr/DQDBAY6UsADBAJnD1QDBAR7iAADAwChUQMEA7bvQAME A7bvYAMEAMuOYDAMAwQCy45kAwQAy45+AwMA33owDgQCAAIwCAMGBCQBMACgMA0G CSqGSIb3DQEBCwUAA4IBAQAyhvmbbjFXrRfgV1NuC5cEdTX8Ba99ZMOvyz+sFAvM eCwaZiiWVQEbubmTGBleyvX56yyt2OsDKPuAj9WdIol0vmUvrBrUjyaZLeRH7fBw GubMI5A1A/n+KmzaPd843V4CthZslBj7t464CuMWc8jhEdCyBVGRLGOH93ZvRmJQ D0CcU81OsG6IRkQKKxnHBWlwOQAMD0Y+fZ6WHzSOqhuwalSzeiKIwWQfSeQ/Hd3u IHJf77+8gFFW/RJgLN2LqMAEONMbbWUpaFuRc7rSXeacmf8rLAjUXIaIy1k6nNl+ 5lzYTLJocmx6Srr2agUuS64A3cMX28hQCt67JTEBp8dJ -----END CERTIFICATE-----Generated at Sat Apr 5 03:57:23 2025 by rpki-client