$ rpki-client -vvf rpki.apnic.net/member_repository/A9186D83/149747BE062A11EA8C9A7444C4F9AE02/8BA504FCB27911EB978CE10AC4F9AE02.roa File: 8BA504FCB27911EB978CE10AC4F9AE02.roa (raw, json) Hash identifier: I8Ss/Oj3Q9umSrFxZnObaXQe/cu017hGcC027pv/vs8= Subject key identifier: DA:5D:59:35:4E:21:4B:90:9F:23:52:27:F2:98:62:86:9D:BB:22:97 Certificate issuer: /CN=A9186D83/serialNumber=BBE29490446D6870765B4E61D7EB9B22C6004638 Certificate serial: 0BD3 Authority key identifier: BB:E2:94:90:44:6D:68:70:76:5B:4E:61:D7:EB:9B:22:C6:00:46:38 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/u-KUkERtaHB2W05h1-ubIsYARjg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9186D83/149747BE062A11EA8C9A7444C4F9AE02/8BA504FCB27911EB978CE10AC4F9AE02.roa Signing time: Tue 30 Jul 2024 19:16:42 +0000 ROA not before: Tue 30 Jul 2024 19:16:42 +0000 ROA not after: Tue 30 Sep 2025 00:00:00 +0000 asID: 136908 IP address blocks: 45.121.32.0/22 maxlen: 24 103.96.244.0/22 maxlen: 24 2401:7f40::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9186D83/149747BE062A11EA8C9A7444C4F9AE02/u-KUkERtaHB2W05h1-ubIsYARjg.crl rsync://rpki.apnic.net/member_repository/A9186D83/149747BE062A11EA8C9A7444C4F9AE02/u-KUkERtaHB2W05h1-ubIsYARjg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/u-KUkERtaHB2W05h1-ubIsYARjg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Nov 2024 18:28:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3027 (0xbd3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9186D83/serialNumber=BBE29490446D6870765B4E61D7EB9B22C6004638 Validity Not Before: Jul 30 19:16:42 2024 GMT Not After : Sep 30 00:00:00 2025 GMT Subject: CN=66a93c19-b149 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:8a:b7:c1:f4:ed:17:b5:7d:24:43:22:29:d0: 08:b3:fd:fe:84:69:28:3f:33:22:a1:75:0c:18:74: 1c:ea:6b:11:eb:b8:f9:dd:31:72:81:ef:c5:13:5f: 5b:ac:b8:c7:7f:29:ec:ae:ee:cf:43:58:d5:7a:ff: 3d:7b:9d:b1:be:f7:3c:0a:19:b5:98:39:f7:32:dc: 16:6f:3b:fe:2b:e2:7f:8b:cc:df:b8:b0:d5:d1:5f: 82:ed:94:99:82:ca:18:0c:97:23:6c:47:3f:38:49: 1c:58:15:85:62:25:5e:74:da:87:aa:e9:35:c6:b8: 3f:fb:d7:ff:aa:09:37:62:b5:a9:e7:0c:f2:92:4b: 61:fc:b9:02:d5:8f:38:64:2f:0b:e7:42:9d:5a:28: ac:4d:7c:b6:a6:a4:13:05:30:06:e0:d7:32:96:72: 37:ab:b5:46:70:6d:36:7d:e2:b7:b4:62:04:48:9a: 78:12:26:6d:e7:02:f4:0b:ef:eb:78:1f:a1:1f:e9: 01:93:a5:b6:4f:4f:23:40:34:ae:eb:20:82:ac:50: 36:8e:87:bc:20:88:f5:4a:5f:50:82:12:f3:4a:ad: 17:4e:b1:04:fe:3f:af:a9:3e:9f:1d:6b:89:11:71: e0:c0:be:b3:01:cf:c0:b2:29:10:85:f5:45:48:42: 74:d3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DA:5D:59:35:4E:21:4B:90:9F:23:52:27:F2:98:62:86:9D:BB:22:97 X509v3 Authority Key Identifier: keyid:BB:E2:94:90:44:6D:68:70:76:5B:4E:61:D7:EB:9B:22:C6:00:46:38 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9186D83/149747BE062A11EA8C9A7444C4F9AE02/u-KUkERtaHB2W05h1-ubIsYARjg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/u-KUkERtaHB2W05h1-ubIsYARjg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9186D83/149747BE062A11EA8C9A7444C4F9AE02/8BA504FCB27911EB978CE10AC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 45.121.32.0/22 103.96.244.0/22 IPv6: 2401:7f40::/32 Signature Algorithm: sha256WithRSAEncryption da:ac:0c:1a:cf:d9:cc:30:cf:59:3d:40:93:b7:ff:15:41:bf: 48:c8:03:93:1c:e6:6b:62:3c:01:83:ab:1b:b8:3f:e2:f3:e1: 7b:f8:4d:b5:e9:49:17:fe:26:83:ec:80:72:ae:32:4c:11:76: 54:c1:17:60:34:e1:49:8a:d3:f5:79:3d:43:23:00:1f:83:97: 8b:e2:53:35:9a:16:cd:4d:cf:b9:e8:cd:69:06:96:e5:6f:06: 6c:5b:8c:99:eb:42:e1:ec:af:ee:87:ba:a4:3d:ae:de:46:a0: d0:d2:a6:44:e3:4c:4e:ff:03:16:b9:59:7b:29:25:8c:dd:1b: f4:84:31:3e:77:17:0d:b6:a4:66:87:31:e6:5d:23:20:9d:49: f8:27:36:3e:61:80:89:40:be:88:9f:32:cf:b5:7c:1c:aa:ea: 4d:c9:f1:ef:af:c3:39:5e:67:8b:8a:11:90:73:67:6b:ba:1d: 1b:c2:80:53:3c:a4:39:b9:45:19:74:08:6e:69:10:80:21:52: 43:5e:02:86:9b:35:fb:f9:3b:68:bd:f7:62:31:8b:ed:13:4b: ec:48:cb:9f:1e:b9:9d:1b:ce:91:33:d6:83:1a:69:8a:3a:a3: f6:8b:6b:f3:e9:fe:48:d1:55:ef:f5:42:28:aa:d5:6b:7f:8b: 32:a3:d1:39 -----BEGIN CERTIFICATE----- MIIFhjCCBG6gAwIBAgICC9MwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx ODZEODMxMTAvBgNVBAUTKEJCRTI5NDkwNDQ2RDY4NzA3NjVCNEU2MUQ3RUI5QjIy QzYwMDQ2MzgwHhcNMjQwNzMwMTkxNjQyWhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD VQQDEw02NmE5M2MxOS1iMTQ5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAzYq3wfTtF7V9JEMiKdAIs/3+hGkoPzMioXUMGHQc6msR67j53TFyge/FE19b rLjHfynsru7PQ1jVev89e52xvvc8Chm1mDn3MtwWbzv+K+J/i8zfuLDV0V+C7ZSZ gsoYDJcjbEc/OEkcWBWFYiVedNqHquk1xrg/+9f/qgk3YrWp5wzykkth/LkC1Y84 ZC8L50KdWiisTXy2pqQTBTAG4NcylnI3q7VGcG02feK3tGIESJp4EiZt5wL0C+/r eB+hH+kBk6W2T08jQDSu6yCCrFA2joe8IIj1Sl9QghLzSq0XTrEE/j+vqT6fHWuJ EXHgwL6zAc/AsikQhfVFSEJ00wIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFNpdWTVO IUuQnyNSJ/KYYoaduyKXMB8GA1UdIwQYMBaAFLvilJBEbWhwdltOYdfrmyLGAEY4 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4NkQ4My8xNDk3NDdCRTA2 MkExMUVBOEM5QTc0NDRDNEY5QUUwMi91LUtVa0VSdGFIQjJXMDVoMS11YklzWUFS amcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3UtS1VrRVJ0YUhCMlcwNWgxLXViSXNZQVJqZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx ODZEODMvMTQ5NzQ3QkUwNjJBMTFFQThDOUE3NDQ0QzRGOUFFMDIvOEJBNTA0RkNC Mjc5MTFFQjk3OENFMTBBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E JTAjMBIEAgABMAwDBAIteSADBAJnYPQwDQQCAAIwBwMFACQBf0AwDQYJKoZIhvcN AQELBQADggEBANqsDBrP2cwwz1k9QJO3/xVBv0jIA5Mc5mtiPAGDqxu4P+Lz4Xv4 TbXpSRf+JoPsgHKuMkwRdlTBF2A04UmK0/V5PUMjAB+Dl4viUzWaFs1Nz7nozWkG luVvBmxbjJnrQuHsr+6HuqQ9rt5GoNDSpkTjTE7/Axa5WXspJYzdG/SEMT53Fw22 pGaHMeZdIyCdSfgnNj5hgIlAvoifMs+1fByq6k3J8e+vwzleZ4uKEZBzZ2u6HRvC gFM8pDm5RRl0CG5pEIAhUkNeAoabNfv5O2i992Ixi+0TS+xIy58euZ0bzpEz1oMa aYo6o/aLa/Pp/kjRVe/1Qiiq1Wt/izKj0Tk= -----END CERTIFICATE-----Generated at Fri Nov 22 19:45:00 2024 by rpki-client on console-fra.rpki-client.org