$ rpki-client -vvf rpki.apnic.net/member_repository/A917B4BF/B8CC693C855C11EC8E3CBB51C4F9AE02/21ECD84A856011EC924B3E58C4F9AE02.roa File: 21ECD84A856011EC924B3E58C4F9AE02.roa (raw, json) Hash identifier: ZX3EFF6YPYsvFLMNAm4Da6miOiuOSCWVNa70Njpa5XM= Subject key identifier: 32:3F:B3:05:53:EE:14:7D:B2:E8:6A:58:29:4F:CF:CC:F6:73:58:86 Certificate issuer: /CN=A917B4BF/serialNumber=8035090A057327E1200593C20C88C519A45C9ECB Certificate serial: 032F Authority key identifier: 80:35:09:0A:05:73:27:E1:20:05:93:C2:0C:88:C5:19:A4:5C:9E:CB Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gDUJCgVzJ-EgBZPCDIjFGaRcnss.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917B4BF/B8CC693C855C11EC8E3CBB51C4F9AE02/21ECD84A856011EC924B3E58C4F9AE02.roa Signing time: Thu 21 Mar 2024 02:45:19 +0000 ROA not before: Thu 21 Mar 2024 02:45:19 +0000 ROA not after: Wed 28 May 2025 00:00:00 +0000 asID: 38008 IP address blocks: 103.181.44.0/23 maxlen: 24 2400:58a0::/32 maxlen: 32 2400:58a0:100::/44 maxlen: 48 2400:58a0:f000::/36 maxlen: 36 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917B4BF/B8CC693C855C11EC8E3CBB51C4F9AE02/gDUJCgVzJ-EgBZPCDIjFGaRcnss.crl rsync://rpki.apnic.net/member_repository/A917B4BF/B8CC693C855C11EC8E3CBB51C4F9AE02/gDUJCgVzJ-EgBZPCDIjFGaRcnss.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gDUJCgVzJ-EgBZPCDIjFGaRcnss.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 12 May 2024 02:50:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 815 (0x32f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917B4BF/serialNumber=8035090A057327E1200593C20C88C519A45C9ECB Validity Not Before: Mar 21 02:45:19 2024 GMT Not After : May 28 00:00:00 2025 GMT Subject: CN=65fb9f3e-db19 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:18:ea:2e:0b:a3:51:48:73:27:b3:97:9c:9c: 3b:6a:2c:4e:5f:60:15:e8:a5:3e:1a:f5:f7:46:ec: ce:00:fe:2b:46:43:fb:de:3e:02:17:6e:d7:2e:0d: b1:24:f1:5f:fa:09:0a:57:ac:ac:08:f5:15:76:2f: da:ef:48:49:f4:9e:da:fc:dd:99:0e:c6:c7:2a:27: fa:86:95:ff:b5:47:4a:54:2d:64:e8:68:f5:43:6f: 00:5e:b3:bf:ce:15:ad:9c:f0:13:3b:b0:e2:64:21: ce:93:24:4d:11:c7:3b:21:4c:5c:2d:0e:84:80:3c: 18:48:b9:ba:fa:b0:f2:a6:81:ef:41:dd:a5:b2:05: f6:f8:40:de:77:79:15:83:4f:aa:df:27:0b:7b:3b: 16:ec:a8:25:6f:38:56:44:31:bf:86:f7:c5:27:e8: 82:16:e5:e0:82:80:39:36:e7:99:a3:72:31:f7:d7: 2d:8e:35:7a:0e:ec:86:ee:9e:06:2a:75:83:94:fa: 98:e8:ca:8c:c4:4e:9a:af:75:b2:6f:fe:b2:75:42: 5e:b0:91:cd:19:fc:25:f6:87:65:39:87:57:64:e3: e5:3c:dd:a6:22:30:fe:6e:e7:92:78:05:94:ef:f9: 0d:59:dd:90:28:3a:c7:75:cc:17:d8:41:d0:f7:84: 54:af Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 32:3F:B3:05:53:EE:14:7D:B2:E8:6A:58:29:4F:CF:CC:F6:73:58:86 X509v3 Authority Key Identifier: keyid:80:35:09:0A:05:73:27:E1:20:05:93:C2:0C:88:C5:19:A4:5C:9E:CB X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917B4BF/B8CC693C855C11EC8E3CBB51C4F9AE02/gDUJCgVzJ-EgBZPCDIjFGaRcnss.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gDUJCgVzJ-EgBZPCDIjFGaRcnss.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917B4BF/B8CC693C855C11EC8E3CBB51C4F9AE02/21ECD84A856011EC924B3E58C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.181.44.0/23 IPv6: 2400:58a0::/32 Signature Algorithm: sha256WithRSAEncryption 17:a0:65:62:1d:e7:a6:06:de:09:3c:4f:57:9a:53:8b:3d:d0: fa:6c:af:9f:aa:b7:c0:cf:10:0a:79:df:42:b5:97:48:40:99: 6f:01:66:3a:76:8c:0c:e0:46:f8:bb:2f:1e:36:92:f4:b9:78: b8:82:23:fc:d4:65:93:d2:f7:6e:2c:af:5c:5b:63:24:07:80: 5a:4e:f6:09:8d:64:55:70:d2:4f:df:b3:34:eb:f4:99:68:de: b7:05:13:22:de:fa:5e:c7:26:2f:53:21:ba:77:14:fb:c8:70: ad:23:58:f5:d0:f8:30:d1:35:66:e8:a2:a9:b9:29:b2:af:57: 4a:fb:f4:57:6b:73:70:76:c0:33:14:89:11:e8:18:ba:cb:76: 39:38:ee:b0:ca:30:cd:d5:01:42:52:81:95:02:94:a7:f4:6d: 07:9f:06:00:f7:bc:3e:1f:bd:2e:fb:76:04:b6:6b:6f:f3:22: d0:a8:d0:d2:b7:cb:14:b7:54:b8:84:1b:c3:d7:66:0d:68:29: 67:ce:e3:1c:22:ea:c6:8c:27:29:1f:8f:71:44:21:ae:36:2f: f0:97:40:ec:5c:1d:de:2d:c5:79:78:b7:5f:55:bc:bf:2a:af: 6f:1a:6b:29:8f:91:26:32:1a:cc:8c:31:de:f9:f3:93:33:02: 2e:c4:c1:2b -----BEGIN CERTIFICATE----- MIIFgDCCBGigAwIBAgICAy8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0I0QkYxMTAvBgNVBAUTKDgwMzUwOTBBMDU3MzI3RTEyMDA1OTNDMjBDODhDNTE5 QTQ1QzlFQ0IwHhcNMjQwMzIxMDI0NTE5WhcNMjUwNTI4MDAwMDAwWjAYMRYwFAYD VQQDEw02NWZiOWYzZS1kYjE5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA0xjqLgujUUhzJ7OXnJw7aixOX2AV6KU+GvX3RuzOAP4rRkP73j4CF27XLg2x JPFf+gkKV6ysCPUVdi/a70hJ9J7a/N2ZDsbHKif6hpX/tUdKVC1k6Gj1Q28AXrO/ zhWtnPATO7DiZCHOkyRNEcc7IUxcLQ6EgDwYSLm6+rDypoHvQd2lsgX2+EDed3kV g0+q3ycLezsW7KglbzhWRDG/hvfFJ+iCFuXggoA5NueZo3Ix99ctjjV6DuyG7p4G KnWDlPqY6MqMxE6ar3Wyb/6ydUJesJHNGfwl9odlOYdXZOPlPN2mIjD+bueSeAWU 7/kNWd2QKDrHdcwX2EHQ94RUrwIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFDI/swVT 7hR9suhqWClPz8z2c1iGMB8GA1UdIwQYMBaAFIA1CQoFcyfhIAWTwgyIxRmkXJ7L MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3QjRCRi9COENDNjkzQzg1 NUMxMUVDOEUzQ0JCNTFDNEY5QUUwMi9nRFVKQ2dWekotRWdCWlBDRElqRkdhUmNu c3MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2dEVUpDZ1Z6Si1FZ0JaUENESWpGR2FSY25zcy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx N0I0QkYvQjhDQzY5M0M4NTVDMTFFQzhFM0NCQjUxQzRGOUFFMDIvMjFFQ0Q4NEE4 NTYwMTFFQzkyNEIzRTU4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E HzAdMAwEAgABMAYDBAFntSwwDQQCAAIwBwMFACQAWKAwDQYJKoZIhvcNAQELBQAD ggEBABegZWId56YG3gk8T1eaU4s90Ppsr5+qt8DPEAp530K1l0hAmW8BZjp2jAzg Rvi7Lx42kvS5eLiCI/zUZZPS924sr1xbYyQHgFpO9gmNZFVw0k/fszTr9Jlo3rcF EyLe+l7HJi9TIbp3FPvIcK0jWPXQ+DDRNWbooqm5KbKvV0r79Fdrc3B2wDMUiRHo GLrLdjk47rDKMM3VAUJSgZUClKf0bQefBgD3vD4fvS77dgS2a2/zItCo0NK3yxS3 VLiEG8PXZg1oKWfO4xwi6saMJykfj3FEIa42L/CXQOxcHd4txXl4t19VvL8qr28a aymPkSYyGsyMMd7585MzAi7EwSs= -----END CERTIFICATE-----Generated at Sun May 5 03:47:46 2024 by rpki-client on console-fra.rpki-client.org