$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/BDF57710436811EF94339D5FC4F9AE02.roa File: BDF57710436811EF94339D5FC4F9AE02.roa (raw, json) Hash identifier: byTX0hAsfs3AasZTOziWT6ZuHW0aCgZ/Vg/eScFjqzM= Subject key identifier: B0:AC:40:85:C5:DA:D2:98:E0:2F:72:F8:9F:3C:77:B0:B6:89:09:83 Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Certificate serial: 94BD Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/BDF57710436811EF94339D5FC4F9AE02.roa Signing time: Tue 16 Jul 2024 11:44:22 +0000 ROA not before: Tue 16 Jul 2024 11:44:22 +0000 ROA not after: Tue 01 Jul 2025 00:00:00 +0000 asID: 17747 IP address blocks: 45.249.84.0/22 maxlen: 24 103.84.164.0/24 maxlen: 24 103.171.100.0/23 maxlen: 24 103.172.46.0/24 maxlen: 24 103.172.47.0/24 maxlen: 24 103.184.74.0/23 maxlen: 24 103.217.244.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Nov 2024 06:14:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 38077 (0x94bd) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Validity Not Before: Jul 16 11:44:22 2024 GMT Not After : Jul 1 00:00:00 2025 GMT Subject: CN=66965d15-0145 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:e3:89:37:12:10:ea:b3:03:cb:b1:68:16:a1: a8:3d:86:86:42:ca:83:b4:0b:33:17:d9:fe:16:12: fa:7d:75:ad:74:15:64:f7:91:70:b4:5b:73:da:aa: dc:46:52:54:54:8b:c3:97:f4:c0:90:24:fe:f1:b5: 29:61:6a:af:2c:89:4d:8a:42:b6:e4:b3:62:a4:bc: 0b:72:13:b1:fe:cd:2a:bf:75:c6:83:f2:27:58:c5: 68:78:08:a0:78:c1:a5:d0:ec:a1:a0:33:e8:70:11: 85:7d:7c:b0:12:c1:1c:36:14:eb:5a:43:6d:6d:90: 6c:31:2a:50:77:51:a8:3c:7b:8a:b2:32:93:37:8b: 10:a2:61:55:81:bd:d2:29:dd:a3:fa:6c:28:87:d5: 0d:4e:4d:da:aa:2f:5a:69:c0:72:33:6d:ab:6a:c3: 66:45:7f:1d:2f:e5:de:64:58:0d:50:7f:1e:85:c5: dd:54:de:b3:62:88:55:c1:7a:31:ba:4d:e0:e6:1d: fd:e9:9c:3b:9e:1d:36:fa:21:b0:3c:3a:e4:c3:13: a0:70:d1:10:ae:88:02:df:32:9a:03:d5:c1:99:e5: 51:29:69:1e:a4:cd:57:42:4a:1f:47:33:39:f8:7c: 50:f9:37:8d:03:27:c1:40:4d:5b:5b:75:f6:12:4d: 6b:25 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B0:AC:40:85:C5:DA:D2:98:E0:2F:72:F8:9F:3C:77:B0:B6:89:09:83 X509v3 Authority Key Identifier: keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/BDF57710436811EF94339D5FC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 45.249.84.0/22 103.84.164.0/24 103.171.100.0/23 103.172.46.0/23 103.184.74.0/23 103.217.244.0/22 Signature Algorithm: sha256WithRSAEncryption 55:7b:ba:64:0c:0e:11:f5:f1:9a:9c:59:c6:e7:fa:aa:5c:df: 81:d5:57:85:1a:5f:42:5f:75:4f:4b:9b:24:69:8f:af:00:3e: 8e:53:f0:4e:7b:3d:07:cf:60:53:5f:b4:4f:ef:e2:99:f4:7b: 88:ff:cb:39:ed:e9:34:12:73:ac:5d:04:0a:d5:f3:90:fb:6b: 7e:67:e9:d0:4e:56:bf:b4:d7:ce:2d:09:68:8d:14:54:76:f4: cb:56:83:93:d6:e2:bd:b2:ad:55:46:87:70:04:dc:1b:b8:14: 19:56:71:72:16:31:39:07:f5:ff:9e:f2:ce:18:4b:24:3c:2e: b8:de:85:2d:d1:b3:aa:78:d8:fb:02:2f:bc:c7:3d:d6:93:dc: 61:3d:0b:89:ef:7b:14:88:bf:2f:db:7e:08:96:bd:25:58:1e: 11:5c:03:8d:50:24:83:45:22:99:dc:f5:03:02:c6:11:7f:0b: c1:1b:92:2f:82:af:cd:67:52:19:6c:7f:6e:cf:8b:06:7e:f5: b6:da:f3:d7:49:60:f3:99:64:06:b6:68:fa:91:49:3e:54:9d: be:81:ad:58:f7:44:d7:ed:0a:55:26:26:55:2d:d7:78:83:c5: 5e:94:91:be:82:24:8a:ce:a9:72:e8:64:50:a9:c6:3f:15:b8: ec:24:4f:40 -----BEGIN CERTIFICATE----- MIIFkDCCBHigAwIBAgIDAJS9MA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5 MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4 M0UzQUJDODIzMB4XDTI0MDcxNjExNDQyMloXDTI1MDcwMTAwMDAwMFowGDEWMBQG A1UEAxMNNjY5NjVkMTUtMDE0NTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAM7jiTcSEOqzA8uxaBahqD2GhkLKg7QLMxfZ/hYS+n11rXQVZPeRcLRbc9qq 3EZSVFSLw5f0wJAk/vG1KWFqryyJTYpCtuSzYqS8C3ITsf7NKr91xoPyJ1jFaHgI oHjBpdDsoaAz6HARhX18sBLBHDYU61pDbW2QbDEqUHdRqDx7irIykzeLEKJhVYG9 0indo/psKIfVDU5N2qovWmnAcjNtq2rDZkV/HS/l3mRYDVB/HoXF3VTes2KIVcF6 MbpN4OYd/emcO54dNvohsDw65MMToHDREK6IAt8ymgPVwZnlUSlpHqTNV0JKH0cz Ofh8UPk3jQMnwUBNW1t19hJNayUCAwEAAaOCArMwggKvMB0GA1UdDgQWBBSwrECF xdrSmOAvcvifPHewtokJgzAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3 MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3 MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB /wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5 MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwL0JERjU3NzEw NDM2ODExRUY5NDMzOUQ1RkM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6 Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMD0GCCsGAQUFBwEHAQH/ BC4wLDAqBAIAATAkAwQCLflUAwQAZ1SkAwQBZ6tkAwQBZ6wuAwQBZ7hKAwQCZ9n0 MA0GCSqGSIb3DQEBCwUAA4IBAQBVe7pkDA4R9fGanFnG5/qqXN+B1VeFGl9CX3VP S5skaY+vAD6OU/BOez0Hz2BTX7RP7+KZ9HuI/8s57ek0EnOsXQQK1fOQ+2t+Z+nQ Tla/tNfOLQlojRRUdvTLVoOT1uK9sq1VRodwBNwbuBQZVnFyFjE5B/X/nvLOGEsk PC643oUt0bOqeNj7Ai+8xz3Wk9xhPQuJ73sUiL8v234Ilr0lWB4RXAONUCSDRSKZ 3PUDAsYRfwvBG5Ivgq/NZ1IZbH9uz4sGfvW22vPXSWDzmWQGtmj6kUk+VJ2+ga1Y 90TX7QpVJiZVLdd4g8VelJG+giSKzqly6GRQqcY/FbjsJE9A -----END CERTIFICATE-----Generated at Fri Nov 22 11:17:50 2024 by rpki-client on console-fra.rpki-client.org