$ rpki-client -vvf rpki.apnic.net/member_repository/A9158D75/7434940EF25E11E99130B181C4F9AE02/B4B32D509EDD11EC85676D09C4F9AE02.roa File: B4B32D509EDD11EC85676D09C4F9AE02.roa (raw, json) Hash identifier: pjMkyMYT5Kd5Onu44Wh/MhrOgUl1AW4Ni8kXARqOIXE= Subject key identifier: 81:20:DA:FB:2F:96:E6:F7:F9:60:A0:F0:94:9C:3F:56:27:4F:D3:72 Certificate issuer: /CN=A9158D75/serialNumber=F4345C314D6EBEDEB45FE0755F8FFEACF363CB8A Certificate serial: 0BD9 Authority key identifier: F4:34:5C:31:4D:6E:BE:DE:B4:5F:E0:75:5F:8F:FE:AC:F3:63:CB:8A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9DRcMU1uvt60X-B1X4_-rPNjy4o.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9158D75/7434940EF25E11E99130B181C4F9AE02/B4B32D509EDD11EC85676D09C4F9AE02.roa Signing time: Wed 20 Mar 2024 18:57:19 +0000 ROA not before: Wed 20 Mar 2024 18:57:19 +0000 ROA not after: Wed 28 May 2025 00:00:00 +0000 asID: 38031 IP address blocks: 43.254.96.0/22 maxlen: 24 61.247.176.0/20 maxlen: 24 103.245.96.0/22 maxlen: 22 103.245.98.0/23 maxlen: 24 111.221.0.0/21 maxlen: 24 114.134.88.0/21 maxlen: 24 203.112.72.0/21 maxlen: 24 2401:d380::/32 maxlen: 36 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9158D75/7434940EF25E11E99130B181C4F9AE02/9DRcMU1uvt60X-B1X4_-rPNjy4o.crl rsync://rpki.apnic.net/member_repository/A9158D75/7434940EF25E11E99130B181C4F9AE02/9DRcMU1uvt60X-B1X4_-rPNjy4o.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9DRcMU1uvt60X-B1X4_-rPNjy4o.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 07 Jun 2024 19:34:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3033 (0xbd9) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9158D75/serialNumber=F4345C314D6EBEDEB45FE0755F8FFEACF363CB8A Validity Not Before: Mar 20 18:57:19 2024 GMT Not After : May 28 00:00:00 2025 GMT Subject: CN=65fb318e-6174 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d9:3e:6d:97:67:72:51:0c:cb:3c:08:63:3a:33: d2:5e:d2:87:fc:fa:32:6b:e2:0f:65:a1:f9:8a:73: dd:17:d3:23:06:7b:f1:fa:23:26:48:f6:ff:a3:c5: aa:b5:c2:36:77:13:f0:cb:99:ee:d4:60:95:bf:c4: 88:f5:ac:a3:40:1b:9b:f7:0d:8f:62:b3:bf:22:16: 33:b8:8f:fb:8a:ed:9d:37:13:2a:2a:eb:7f:d7:69: c0:f4:f0:62:ad:42:3b:e3:d8:95:3a:81:5d:3c:54: 9b:d0:f6:aa:d6:8a:a8:d3:17:fb:81:15:23:0a:e4: 4b:65:82:be:9e:68:37:68:6e:d8:2b:4b:59:6c:78: 2d:6c:de:86:d0:ae:f8:f9:68:47:1b:5c:81:5a:d5: c9:13:9b:dc:67:76:30:01:e7:a5:93:86:66:9f:a8: ad:c7:a6:5c:ca:8e:d6:98:1d:5a:5b:e1:ca:91:94: dc:f5:0c:46:55:9e:a3:40:fa:55:95:36:a3:9d:4a: 4f:26:9d:a0:c9:f0:e5:23:68:4f:09:1c:b6:83:9a: a5:71:7d:36:4b:4d:2a:d1:89:3f:2b:4f:1f:da:b5: 98:20:4c:87:f7:b1:c4:bc:05:0f:2e:a1:4e:6b:5f: 0b:e8:68:04:2b:41:dd:48:9c:33:13:32:26:64:b2: 86:c9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 81:20:DA:FB:2F:96:E6:F7:F9:60:A0:F0:94:9C:3F:56:27:4F:D3:72 X509v3 Authority Key Identifier: keyid:F4:34:5C:31:4D:6E:BE:DE:B4:5F:E0:75:5F:8F:FE:AC:F3:63:CB:8A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9158D75/7434940EF25E11E99130B181C4F9AE02/9DRcMU1uvt60X-B1X4_-rPNjy4o.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9DRcMU1uvt60X-B1X4_-rPNjy4o.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9158D75/7434940EF25E11E99130B181C4F9AE02/B4B32D509EDD11EC85676D09C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.254.96.0/22 61.247.176.0/20 103.245.96.0/22 111.221.0.0/21 114.134.88.0/21 203.112.72.0/21 IPv6: 2401:d380::/32 Signature Algorithm: sha256WithRSAEncryption 7f:a3:d8:f1:ba:55:1d:4c:02:32:62:0c:e0:88:94:87:3f:75: 8d:ca:b3:d2:74:35:cd:3e:d1:a8:37:22:b4:41:8d:4d:ef:c7: ca:c1:46:c4:6d:9d:0f:8e:0b:c1:79:e7:bc:76:87:61:f3:ad: d0:ac:04:46:f3:ca:63:d4:4e:73:a8:13:58:58:32:de:4c:e4: ae:e3:45:3d:34:5f:7b:3f:c2:6d:58:95:41:1d:6f:4a:c9:3c: dc:8e:1a:b0:ab:75:13:66:e8:eb:39:5a:fb:5e:ab:e9:61:a2: 72:e6:de:ea:6e:7d:a9:7b:bf:55:32:ac:63:c0:64:cd:1c:5d: 1e:c1:2c:ab:44:f4:51:1d:eb:b6:1f:3c:41:c4:b3:9f:df:85: 7b:87:7d:cb:61:c8:28:0c:1f:07:94:9b:44:50:47:37:f4:83: ad:0d:53:7d:60:e2:e5:0e:38:e4:26:ad:09:cd:90:b2:0b:88: ad:47:4e:fb:78:80:36:0d:87:b1:5e:5a:9b:ed:8a:24:a7:44: 5a:da:40:16:63:b6:24:d9:dd:d1:de:20:36:2e:c4:9c:8d:43: c6:7e:ac:d2:17:99:34:dd:4b:d0:3f:96:e3:a5:91:f3:28:06: 04:35:1f:55:6c:fc:a7:f0:d8:8e:30:59:09:cc:5d:92:19:8f: 43:ed:2c:4d -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgICC9kwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NThENzUxMTAvBgNVBAUTKEY0MzQ1QzMxNEQ2RUJFREVCNDVGRTA3NTVGOEZGRUFD RjM2M0NCOEEwHhcNMjQwMzIwMTg1NzE5WhcNMjUwNTI4MDAwMDAwWjAYMRYwFAYD VQQDEw02NWZiMzE4ZS02MTc0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA2T5tl2dyUQzLPAhjOjPSXtKH/Poya+IPZaH5inPdF9MjBnvx+iMmSPb/o8Wq tcI2dxPwy5nu1GCVv8SI9ayjQBub9w2PYrO/IhYzuI/7iu2dNxMqKut/12nA9PBi rUI749iVOoFdPFSb0Paq1oqo0xf7gRUjCuRLZYK+nmg3aG7YK0tZbHgtbN6G0K74 +WhHG1yBWtXJE5vcZ3YwAeelk4Zmn6itx6Zcyo7WmB1aW+HKkZTc9QxGVZ6jQPpV lTajnUpPJp2gyfDlI2hPCRy2g5qlcX02S00q0Yk/K08f2rWYIEyH97HEvAUPLqFO a18L6GgEK0HdSJwzEzImZLKGyQIDAQABo4ICwjCCAr4wHQYDVR0OBBYEFIEg2vsv lub3+WCg8JScP1YnT9NyMB8GA1UdIwQYMBaAFPQ0XDFNbr7etF/gdV+P/qzzY8uK MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1OEQ3NS83NDM0OTQwRUYy NUUxMUU5OTEzMEIxODFDNEY5QUUwMi85RFJjTVUxdXZ0NjBYLUIxWDRfLXJQTmp5 NG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzlEUmNNVTF1dnQ2MFgtQjFYNF8tclBOank0by5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NThENzUvNzQzNDk0MEVGMjVFMTFFOTkxMzBCMTgxQzRGOUFFMDIvQjRCMzJENTA5 RUREMTFFQzg1Njc2RDA5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwTAYIKwYBBQUHAQcBAf8E PTA7MCoEAgABMCQDBAIr/mADBAQ997ADBAJn9WADBANv3QADBANyhlgDBAPLcEgw DQQCAAIwBwMFACQB04AwDQYJKoZIhvcNAQELBQADggEBAH+j2PG6VR1MAjJiDOCI lIc/dY3Ks9J0Nc0+0ag3IrRBjU3vx8rBRsRtnQ+OC8F557x2h2HzrdCsBEbzymPU TnOoE1hYMt5M5K7jRT00X3s/wm1YlUEdb0rJPNyOGrCrdRNm6Os5Wvteq+lhonLm 3upufal7v1UyrGPAZM0cXR7BLKtE9FEd67YfPEHEs5/fhXuHfcthyCgMHweUm0RQ Rzf0g60NU31g4uUOOOQmrQnNkLILiK1HTvt4gDYNh7FeWpvtiiSnRFraQBZjtiTZ 3dHeIDYuxJyNQ8Z+rNIXmTTdS9A/luOlkfMoBgQ1H1Vs/Kfw2I4wWQnMXZIZj0Pt LE0= -----END CERTIFICATE-----Generated at Fri May 31 22:13:04 2024 by rpki-client on console-fra.rpki-client.org