$ rpki-client -vvf rpki.apnic.net/member_repository/A916F8DB/6C8BB86254BC11EEB8DB114AC4F9AE02/65A459FE54BD11EE8C958973C4F9AE02.roa File: 65A459FE54BD11EE8C958973C4F9AE02.roa (raw, json) Hash identifier: rhwc/Od/B1m9sjtqX6Ckqk0wZ+xoSrzn3/LiPuCYOPs= Subject key identifier: 14:25:DD:0F:FD:E2:7F:AE:69:EE:D5:A0:96:58:CB:73:1F:87:76:6D Certificate issuer: /CN=A916F8DB/serialNumber=0DE2B6A62E54A0A61BCF314B6E2EFB8F3A1E3A7A Certificate serial: 2A Authority key identifier: 0D:E2:B6:A6:2E:54:A0:A6:1B:CF:31:4B:6E:2E:FB:8F:3A:1E:3A:7A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DeK2pi5UoKYbzzFLbi77jzoeOno.cer Subject info access: rsync://rpki.apnic.net/member_repository/A916F8DB/6C8BB86254BC11EEB8DB114AC4F9AE02/65A459FE54BD11EE8C958973C4F9AE02.roa Signing time: Fri 01 Dec 2023 07:17:57 +0000 ROA not before: Fri 01 Dec 2023 07:17:57 +0000 ROA not after: Fri 31 Jan 2025 00:00:00 +0000 asID: 59217 IP address blocks: 43.248.248.0/22 maxlen: 24 103.243.164.0/22 maxlen: 24 2402:c940::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A916F8DB/6C8BB86254BC11EEB8DB114AC4F9AE02/DeK2pi5UoKYbzzFLbi77jzoeOno.crl rsync://rpki.apnic.net/member_repository/A916F8DB/6C8BB86254BC11EEB8DB114AC4F9AE02/DeK2pi5UoKYbzzFLbi77jzoeOno.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DeK2pi5UoKYbzzFLbi77jzoeOno.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 08 Jun 2024 07:43:47 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 42 (0x2a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A916F8DB/serialNumber=0DE2B6A62E54A0A61BCF314B6E2EFB8F3A1E3A7A Validity Not Before: Dec 1 07:17:57 2023 GMT Not After : Jan 31 00:00:00 2025 GMT Subject: CN=656988a4-5617 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d9:cf:a8:c3:c8:c7:d3:ff:78:40:94:da:1c:9d: fd:ee:62:59:4f:77:59:9d:bf:19:ee:b1:37:9f:27: da:39:b2:e9:fa:00:7a:8f:a3:cd:df:95:35:91:35: ea:f7:ce:60:16:82:65:8d:53:4d:53:ff:f4:e4:82: ca:aa:62:e0:e6:1b:cf:5e:7c:c2:bd:4d:0b:e4:e3: 86:35:4d:5c:da:5e:99:4b:43:c4:1b:93:f8:71:fe: 86:6c:29:a4:14:46:52:77:74:d2:2f:b3:22:70:a0: a9:4e:ac:03:19:ed:7a:d1:9f:71:66:ab:2b:f5:fa: d9:0c:80:e9:11:2c:ee:a6:fb:c1:5d:fd:28:1b:5f: 4d:57:47:16:5d:6c:fb:4d:18:13:8b:3a:e0:1b:17: 6a:7e:89:15:b7:d8:a4:14:d0:b9:61:37:2a:57:89: 16:b8:79:fa:8e:61:bb:ac:17:08:79:bb:fd:6e:e9: cd:65:73:1b:c0:b9:bf:1d:9f:a9:8a:1d:c8:8d:3b: c3:19:68:54:88:66:18:c4:ed:ba:81:0a:34:8b:51: c6:0a:52:93:17:0e:c6:71:11:e2:a0:e7:f2:02:d7: c9:76:7e:56:5b:a9:a3:d5:f5:cd:89:b0:b4:d5:fe: 65:c0:18:ac:3a:f7:83:24:7c:34:69:7a:9c:75:5a: 1c:d1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 14:25:DD:0F:FD:E2:7F:AE:69:EE:D5:A0:96:58:CB:73:1F:87:76:6D X509v3 Authority Key Identifier: keyid:0D:E2:B6:A6:2E:54:A0:A6:1B:CF:31:4B:6E:2E:FB:8F:3A:1E:3A:7A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A916F8DB/6C8BB86254BC11EEB8DB114AC4F9AE02/DeK2pi5UoKYbzzFLbi77jzoeOno.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DeK2pi5UoKYbzzFLbi77jzoeOno.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916F8DB/6C8BB86254BC11EEB8DB114AC4F9AE02/65A459FE54BD11EE8C958973C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.248.248.0/22 103.243.164.0/22 IPv6: 2402:c940::/32 Signature Algorithm: sha256WithRSAEncryption 98:58:98:fd:c4:ad:93:63:52:e2:b1:82:b4:b9:ce:7d:ce:51: 01:8e:b9:51:e6:66:65:c2:80:20:8d:0a:f3:2c:65:40:0f:4d: a6:a4:e7:9e:04:f8:40:6b:79:f0:5e:98:94:dd:c8:68:61:8c: 85:e9:b3:e3:e9:9c:0d:b5:e2:74:f5:13:d5:a0:e2:b6:ba:6d: dc:e4:93:07:bf:32:31:8b:78:e9:71:0c:03:97:f5:8e:b4:e4: 68:33:27:94:4c:e5:f7:ef:a5:67:b8:c2:1d:77:ae:09:87:27: df:69:9c:d5:21:37:0e:c7:c9:fc:5d:9c:51:1a:e1:70:f4:ca: 65:ce:b8:0d:bb:96:1b:05:ad:66:7e:8f:f0:db:92:30:22:ce: 52:3e:5c:22:32:af:fb:99:13:e8:2f:14:7d:b6:33:66:d1:26: cb:8d:a0:5c:c1:d9:2d:07:a3:1d:5b:10:b1:f8:69:ec:1c:fb: c3:5e:0b:72:fe:1e:c2:e5:33:24:b6:19:b7:e5:f1:a0:13:f0: 77:15:9d:65:38:30:d1:c8:a6:d0:27:3c:32:d6:6a:e0:d9:99: 16:7d:4b:fd:f8:d0:db:e6:86:6d:9a:c1:77:da:cb:51:39:1f: 73:85:9f:c5:f3:db:5c:a3:e2:69:06:e6:db:d5:9f:78:8b:17: 5d:8f:c5:ef -----BEGIN CERTIFICATE----- MIIFhTCCBG2gAwIBAgIBKjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE2 RjhEQjExMC8GA1UEBRMoMERFMkI2QTYyRTU0QTBBNjFCQ0YzMTRCNkUyRUZCOEYz QTFFM0E3QTAeFw0yMzEyMDEwNzE3NTdaFw0yNTAxMzEwMDAwMDBaMBgxFjAUBgNV BAMTDTY1Njk4OGE0LTU2MTcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDZz6jDyMfT/3hAlNocnf3uYllPd1mdvxnusTefJ9o5sun6AHqPo83flTWRNer3 zmAWgmWNU01T//TkgsqqYuDmG89efMK9TQvk44Y1TVzaXplLQ8Qbk/hx/oZsKaQU RlJ3dNIvsyJwoKlOrAMZ7XrRn3Fmqyv1+tkMgOkRLO6m+8Fd/SgbX01XRxZdbPtN GBOLOuAbF2p+iRW32KQU0LlhNypXiRa4efqOYbusFwh5u/1u6c1lcxvAub8dn6mK HciNO8MZaFSIZhjE7bqBCjSLUcYKUpMXDsZxEeKg5/IC18l2flZbqaPV9c2JsLTV /mXAGKw694MkfDRpepx1WhzRAgMBAAGjggKqMIICpjAdBgNVHQ4EFgQUFCXdD/3i f65p7tWglljLcx+Hdm0wHwYDVR0jBBgwFoAUDeK2pi5UoKYbzzFLbi77jzoeOnow DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTZGOERCLzZDOEJCODYyNTRC QzExRUVCOERCMTE0QUM0RjlBRTAyL0RlSzJwaTVVb0tZYnp6RkxiaTc3anpvZU9u by5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvRGVLMnBpNVVvS1lienpGTGJpNzdqem9lT25vLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2 RjhEQi82QzhCQjg2MjU0QkMxMUVFQjhEQjExNEFDNEY5QUUwMi82NUE0NTlGRTU0 QkQxMUVFOEM5NTg5NzNDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDA0BggrBgEFBQcBBwEB/wQl MCMwEgQCAAEwDAMEAiv4+AMEAmfzpDANBAIAAjAHAwUAJALJQDANBgkqhkiG9w0B AQsFAAOCAQEAmFiY/cStk2NS4rGCtLnOfc5RAY65UeZmZcKAII0K8yxlQA9NpqTn ngT4QGt58F6YlN3IaGGMhemz4+mcDbXidPUT1aDitrpt3OSTB78yMYt46XEMA5f1 jrTkaDMnlEzl9++lZ7jCHXeuCYcn32mc1SE3DsfJ/F2cURrhcPTKZc64DbuWGwWt Zn6P8NuSMCLOUj5cIjKv+5kT6C8UfbYzZtEmy42gXMHZLQejHVsQsfhp7Bz7w14L cv4ewuUzJLYZt+XxoBPwdxWdZTgw0cim0Cc8MtZq4NmZFn1L/fjQ2+aGbZrBd9rL UTkfc4WfxfPbXKPiaQbm29WfeIsXXY/F7w== -----END CERTIFICATE-----Generated at Sat Jun 1 09:10:33 2024 by rpki-client on console-fra.rpki-client.org