$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/68BA11A82CE411EDAC1EA366C4F9AE02.roa File: 68BA11A82CE411EDAC1EA366C4F9AE02.roa (raw, json) Hash identifier: yAJaQ2Cy6MqvZqIA2DF1RjMEMwH6cIhvj/hNwiPoAG8= Subject key identifier: C5:E7:50:DE:FB:5B:4E:ED:09:CD:1B:BC:C5:DA:19:F5:6A:41:1A:14 Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Certificate serial: 8895 Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/68BA11A82CE411EDAC1EA366C4F9AE02.roa Signing time: Thu 30 May 2024 15:55:11 +0000 ROA not before: Thu 30 May 2024 15:55:11 +0000 ROA not after: Tue 01 Jul 2025 00:00:00 +0000 asID: 132945 IP address blocks: 45.65.52.0/22 maxlen: 24 103.252.148.0/22 maxlen: 24 2001:df2:2800::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 02 Dec 2024 10:54:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 34965 (0x8895) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Validity Not Before: May 30 15:55:11 2024 GMT Not After : Jul 1 00:00:00 2025 GMT Subject: CN=6658a15f-75a4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:3e:3d:5f:12:af:67:04:1e:2c:65:2b:8d:f0: 00:a3:0c:62:56:0e:f6:95:81:6d:4e:49:f5:29:b4: 87:e3:0c:c3:d1:0c:70:ef:e6:c1:7d:0d:18:96:52: 32:1b:df:88:93:cc:e0:7d:d6:62:81:44:b7:da:58: 15:af:c5:c1:dd:ee:49:2e:af:41:35:6d:a4:81:58: fd:22:a4:d6:53:4f:bd:aa:03:13:cb:97:0f:d7:f8: 88:fa:46:a2:fe:a4:e3:ef:3a:18:1a:d0:c6:eb:87: 8e:8a:a5:6a:9d:6a:3f:eb:31:1a:0b:2f:dd:0b:cc: 5a:e9:b2:3d:35:4f:c6:99:1b:54:88:3a:7f:93:ed: 11:76:c0:fe:00:a9:00:03:4b:45:1c:15:c1:ce:97: ad:de:0e:51:64:e2:12:17:a6:9f:5a:8a:d0:7c:04: 5f:20:24:82:f4:e6:9b:63:83:c5:93:15:eb:9b:60: bb:ec:f1:fd:28:11:4f:cc:69:eb:36:c2:01:f4:cb: a1:b7:4d:ed:9e:d1:69:3e:e3:1b:4a:e7:ff:94:66: 06:81:0a:dd:65:8c:58:85:d0:ab:cf:dd:c5:25:83: f8:5a:36:cd:40:e4:75:8c:62:c5:cb:f6:04:c0:34: d1:75:e0:64:fe:e4:ac:61:c5:37:0b:50:b6:b4:01: e8:e9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C5:E7:50:DE:FB:5B:4E:ED:09:CD:1B:BC:C5:DA:19:F5:6A:41:1A:14 X509v3 Authority Key Identifier: keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/68BA11A82CE411EDAC1EA366C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 45.65.52.0/22 103.252.148.0/22 IPv6: 2001:df2:2800::/48 Signature Algorithm: sha256WithRSAEncryption b9:02:f1:f5:a3:9f:ac:33:27:75:a5:8f:6f:19:e8:79:ff:ce: e8:b4:a1:ad:93:3f:d6:44:a3:99:ec:f8:bc:60:c3:1d:fb:29: b1:72:01:f4:c1:43:35:1f:51:40:c7:bf:ba:10:a9:4d:be:56: d5:fa:6e:54:24:78:1a:19:d4:e7:bf:9a:47:f9:a0:76:37:ba: 09:4d:cc:2c:e1:a9:56:60:a6:a8:64:7d:e9:b2:bb:38:64:e8: b0:1a:46:bf:6a:34:72:c5:34:15:6a:94:c1:a0:3e:e7:82:21: 09:71:6f:39:b7:46:83:73:ab:07:56:78:5c:88:13:e6:06:f6: c4:60:60:39:c4:80:66:4b:9e:ed:db:8b:a2:91:36:52:ea:e8: b7:af:5e:b3:6a:b2:c6:9f:69:20:0b:48:9c:16:c2:6d:c1:2b: d3:23:a5:98:41:9a:b6:39:e4:ea:97:03:ca:2b:14:50:cf:e8: 56:2c:2b:7d:6f:11:21:06:fb:18:71:24:08:c8:c0:b6:06:02: a4:26:a1:ac:14:fb:cf:cc:bb:76:fc:b3:8a:04:c2:d3:15:97: 88:6b:12:b3:cd:52:99:39:aa:70:f9:d3:90:fe:17:ce:d5:96: 05:f5:39:8d:78:6d:41:1a:5b:79:a9:7d:7b:85:9d:70:b5:a0: c1:67:f2:46 -----BEGIN CERTIFICATE----- MIIFiTCCBHGgAwIBAgIDAIiVMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5 MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4 M0UzQUJDODIzMB4XDTI0MDUzMDE1NTUxMVoXDTI1MDcwMTAwMDAwMFowGDEWMBQG A1UEAxMNNjY1OGExNWYtNzVhNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMg+PV8Sr2cEHixlK43wAKMMYlYO9pWBbU5J9Sm0h+MMw9EMcO/mwX0NGJZS MhvfiJPM4H3WYoFEt9pYFa/Fwd3uSS6vQTVtpIFY/SKk1lNPvaoDE8uXD9f4iPpG ov6k4+86GBrQxuuHjoqlap1qP+sxGgsv3QvMWumyPTVPxpkbVIg6f5PtEXbA/gCp AANLRRwVwc6Xrd4OUWTiEhemn1qK0HwEXyAkgvTmm2ODxZMV65tgu+zx/SgRT8xp 6zbCAfTLobdN7Z7RaT7jG0rn/5RmBoEK3WWMWIXQq8/dxSWD+Fo2zUDkdYxixcv2 BMA00XXgZP7krGHFNwtQtrQB6OkCAwEAAaOCAqwwggKoMB0GA1UdDgQWBBTF51De +1tO7QnNG7zF2hn1akEaFDAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3 MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3 MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB /wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5 MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzY4QkExMUE4 MkNFNDExRURBQzFFQTM2NkM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6 Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMDYGCCsGAQUFBwEHAQH/ BCcwJTASBAIAATAMAwQCLUE0AwQCZ/yUMA8EAgACMAkDBwAgAQ3yKAAwDQYJKoZI hvcNAQELBQADggEBALkC8fWjn6wzJ3Wlj28Z6Hn/zui0oa2TP9ZEo5ns+Lxgwx37 KbFyAfTBQzUfUUDHv7oQqU2+VtX6blQkeBoZ1Oe/mkf5oHY3uglNzCzhqVZgpqhk femyuzhk6LAaRr9qNHLFNBVqlMGgPueCIQlxbzm3RoNzqwdWeFyIE+YG9sRgYDnE gGZLnu3bi6KRNlLq6LevXrNqssafaSALSJwWwm3BK9MjpZhBmrY55OqXA8orFFDP 6FYsK31vESEG+xhxJAjIwLYGAqQmoawU+8/Mu3b8s4oEwtMVl4hrErPNUpk5qnD5 05D+F87VlgX1OY14bUEaW3mpfXuFnXC1oMFn8kY= -----END CERTIFICATE-----Generated at Mon Nov 25 13:04:58 2024 by rpki-client on console-fra.rpki-client.org