$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/CCD8FB7E28BB11EB95E05040C4F9AE02.roa File: CCD8FB7E28BB11EB95E05040C4F9AE02.roa (raw, json) Hash identifier: 9zQobPuPr1U/CrY8/t69zwkgDVkUrlnxO5y5BcS9wQY= Subject key identifier: 4A:3C:EA:5B:2F:05:66:D3:D1:8E:5D:45:C4:04:66:0D:C2:5C:1A:28 Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Certificate serial: 8AC2 Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/CCD8FB7E28BB11EB95E05040C4F9AE02.roa Signing time: Thu 30 May 2024 16:04:20 +0000 ROA not before: Thu 30 May 2024 16:04:20 +0000 ROA not after: Tue 01 Jul 2025 00:00:00 +0000 asID: 135873 IP address blocks: 14.102.42.0/24 maxlen: 24 14.102.59.0/24 maxlen: 24 103.74.220.0/22 maxlen: 24 2406:c540::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Nov 2024 06:14:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 35522 (0x8ac2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Validity Not Before: May 30 16:04:20 2024 GMT Not After : Jul 1 00:00:00 2025 GMT Subject: CN=6658a384-4528 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:d3:64:a6:fe:5b:ac:75:47:94:84:fc:41:4d: f4:4c:ce:00:cd:c8:4c:e7:76:0a:6d:d0:f0:ec:f2: 1f:98:d0:66:79:b7:d3:90:3c:8f:78:41:95:cd:b3: e0:13:2f:a3:54:af:bf:07:9d:5e:12:40:5c:a4:e2: c2:51:6a:3d:79:01:a9:d4:8d:ba:6a:87:03:56:2c: 13:1d:bf:ad:37:74:85:de:be:40:1d:69:26:23:20: 0b:46:5c:09:40:32:8f:d0:02:75:7d:f5:76:e9:f8: e8:fe:c1:fc:b3:be:90:d5:df:0d:1a:97:99:88:a6: 3f:96:7a:bf:e9:54:1e:ef:36:1d:cf:f2:ed:0c:6e: 7b:fd:b7:73:61:2d:31:59:80:1b:18:b7:1a:b2:9d: 4b:64:d5:70:2a:7d:62:77:5c:50:7d:32:1b:1b:e6: 89:81:bc:f2:5e:60:f0:65:86:ac:a9:9e:ae:ca:61: 4f:d4:db:f2:94:c2:0f:f7:49:e9:37:7d:3b:5c:82: 6b:f6:16:a3:6d:d3:93:bf:86:12:8b:69:ff:52:ce: 59:00:2c:0e:ac:38:eb:70:32:b5:44:80:65:bf:d5: c7:4e:d3:7c:f9:ef:f6:ad:d3:a8:a2:f6:b2:3c:e9: f6:dc:4f:e3:98:cb:11:e2:8c:ae:7d:bb:c1:e8:fa: a2:6d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4A:3C:EA:5B:2F:05:66:D3:D1:8E:5D:45:C4:04:66:0D:C2:5C:1A:28 X509v3 Authority Key Identifier: keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/CCD8FB7E28BB11EB95E05040C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 14.102.42.0/24 14.102.59.0/24 103.74.220.0/22 IPv6: 2406:c540::/32 Signature Algorithm: sha256WithRSAEncryption 38:f3:f4:9d:4c:43:2f:25:57:e4:9f:6c:f4:89:07:6c:d5:63: 56:10:81:4e:52:8f:85:6b:2b:3b:e6:b7:94:6d:7b:e4:08:ed: 70:46:0e:56:42:24:e9:57:b9:92:a3:c4:d2:86:12:0b:d4:c9: 9c:55:f5:bd:b7:29:ce:b8:9d:3f:ca:a8:b8:78:3a:0d:f0:44: 57:00:84:d1:62:5d:9d:a6:23:77:ed:fe:44:eb:0d:7f:dc:66: 18:fb:99:df:ab:3d:af:49:06:23:a4:91:11:83:c5:0c:38:d9: ed:09:b7:fd:57:da:66:6f:dd:05:85:e4:61:d7:33:3d:b1:24: ee:f6:d0:81:50:16:d9:33:3c:59:a7:5f:8e:40:23:1d:e0:f4: 94:eb:ad:0c:d2:1c:06:bd:c8:e9:83:31:3f:37:e2:05:21:bf: 3f:d5:53:4a:f8:a8:65:cb:65:69:e5:da:58:1f:9a:04:9c:16: d2:d0:10:9c:30:f4:48:a8:22:c1:53:c0:8b:d6:59:17:03:0a: 9c:cf:a5:63:fd:3c:e1:eb:da:f3:a0:68:79:8a:f2:a4:f8:79: c5:84:d7:49:18:e7:b1:40:da:62:c6:25:08:a2:66:d3:c4:f3: 5c:0f:2a:97:60:f6:0b:7f:f5:cf:07:02:44:27:2f:13:65:1f: 13:18:f9:e2 -----BEGIN CERTIFICATE----- MIIFjTCCBHWgAwIBAgIDAIrCMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5 MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4 M0UzQUJDODIzMB4XDTI0MDUzMDE2MDQyMFoXDTI1MDcwMTAwMDAwMFowGDEWMBQG A1UEAxMNNjY1OGEzODQtNDUyODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMHTZKb+W6x1R5SE/EFN9EzOAM3ITOd2Cm3Q8OzyH5jQZnm305A8j3hBlc2z 4BMvo1SvvwedXhJAXKTiwlFqPXkBqdSNumqHA1YsEx2/rTd0hd6+QB1pJiMgC0Zc CUAyj9ACdX31dun46P7B/LO+kNXfDRqXmYimP5Z6v+lUHu82Hc/y7Qxue/23c2Et MVmAGxi3GrKdS2TVcCp9YndcUH0yGxvmiYG88l5g8GWGrKmersphT9Tb8pTCD/dJ 6Td9O1yCa/YWo23Tk7+GEotp/1LOWQAsDqw463AytUSAZb/Vx07TfPnv9q3TqKL2 sjzp9txP45jLEeKMrn27wej6om0CAwEAAaOCArAwggKsMB0GA1UdDgQWBBRKPOpb LwVm09GOXUXEBGYNwlwaKDAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3 MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3 MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB /wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5 MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwL0NDRDhGQjdF MjhCQjExRUI5NUUwNTA0MEM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6 Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMDoGCCsGAQUFBwEHAQH/ BCswKTAYBAIAATASAwQADmYqAwQADmY7AwQCZ0rcMA0EAgACMAcDBQAkBsVAMA0G CSqGSIb3DQEBCwUAA4IBAQA48/SdTEMvJVfkn2z0iQds1WNWEIFOUo+Fays75reU bXvkCO1wRg5WQiTpV7mSo8TShhIL1MmcVfW9tynOuJ0/yqi4eDoN8ERXAITRYl2d piN37f5E6w1/3GYY+5nfqz2vSQYjpJERg8UMONntCbf9V9pmb90FheRh1zM9sSTu 9tCBUBbZMzxZp1+OQCMd4PSU660M0hwGvcjpgzE/N+IFIb8/1VNK+Khly2Vp5dpY H5oEnBbS0BCcMPRIqCLBU8CL1lkXAwqcz6Vj/Tzh69rzoGh5ivKk+HnFhNdJGOex QNpixiUIombTxPNcDyqXYPYLf/XPBwJEJy8TZR8TGPni -----END CERTIFICATE-----Generated at Fri Nov 22 11:17:51 2024 by rpki-client on console-fra.rpki-client.org