$ rpki-client -vvf rpki.apnic.net/member_repository/A9115C2E/38D1401C834811EAA7C47576C4F9AE02/E35939C2261711EC9990A750C4F9AE02.roa File: E35939C2261711EC9990A750C4F9AE02.roa (raw, json) Hash identifier: DzSac6j8MZfa9oP61oFslZ4Gy+B8YE6Crs7TqBZ64po= Subject key identifier: 4B:46:2C:34:7C:63:82:94:A5:80:A5:A6:FD:E8:53:45:A4:07:7E:98 Certificate issuer: /CN=A9115C2E/serialNumber=392FC227EECC5A621572FADAAC651A3CEBB2163C Certificate serial: 08E9 Authority key identifier: 39:2F:C2:27:EE:CC:5A:62:15:72:FA:DA:AC:65:1A:3C:EB:B2:16:3C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OS_CJ-7MWmIVcvrarGUaPOuyFjw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9115C2E/38D1401C834811EAA7C47576C4F9AE02/E35939C2261711EC9990A750C4F9AE02.roa Signing time: Mon 04 Mar 2024 21:19:42 +0000 ROA not before: Mon 04 Mar 2024 21:19:42 +0000 ROA not after: Thu 01 May 2025 00:00:00 +0000 asID: 45267 IP address blocks: 43.247.172.0/22 maxlen: 24 45.117.36.0/22 maxlen: 24 103.254.132.0/22 maxlen: 24 114.134.0.0/20 maxlen: 24 116.90.76.0/22 maxlen: 24 124.248.128.0/20 maxlen: 21 124.248.141.0/24 maxlen: 24 163.47.240.0/22 maxlen: 24 202.36.75.0/24 maxlen: 24 202.37.168.0/24 maxlen: 24 202.49.36.0/24 maxlen: 24 2400:bd00::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9115C2E/38D1401C834811EAA7C47576C4F9AE02/OS_CJ-7MWmIVcvrarGUaPOuyFjw.crl rsync://rpki.apnic.net/member_repository/A9115C2E/38D1401C834811EAA7C47576C4F9AE02/OS_CJ-7MWmIVcvrarGUaPOuyFjw.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OS_CJ-7MWmIVcvrarGUaPOuyFjw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 04 Jun 2024 21:27:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2281 (0x8e9) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9115C2E/serialNumber=392FC227EECC5A621572FADAAC651A3CEBB2163C Validity Not Before: Mar 4 21:19:42 2024 GMT Not After : May 1 00:00:00 2025 GMT Subject: CN=65e63aee-d88e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:af:c1:82:ef:f3:1e:81:e4:e7:ac:04:72:e6: 8a:5e:a7:80:b0:0a:75:6a:94:37:66:8e:52:59:cf: c9:ee:e8:14:ce:86:d7:8b:ba:9d:23:11:ca:c9:42: 90:1b:bd:35:0a:76:64:e5:2c:f5:53:30:51:08:28: e0:b5:86:61:5e:2e:24:c6:e2:35:41:ef:02:12:1b: 0c:c0:b4:5a:53:a8:07:2e:5c:5c:19:3e:da:23:12: 44:35:e5:b6:ee:34:7c:3c:23:3e:b9:f5:51:e4:36: 1b:bb:00:1b:1e:c7:11:b3:95:58:d7:b9:66:87:63: b7:23:74:f6:c8:e5:1c:ad:36:70:7f:5d:52:16:b7: ca:64:16:2a:a9:10:60:61:75:68:b5:18:44:c4:f8: f4:ab:6f:28:a3:fa:16:c9:20:a3:71:a0:e0:82:31: 74:dc:32:ae:00:11:47:f1:ee:e4:c9:32:8c:e5:91: 8f:a6:8a:10:ec:33:92:b4:4d:07:79:1c:3d:b8:97: d4:26:27:63:89:47:40:19:3b:a3:97:ad:30:b3:3f: 9c:f5:9e:e1:50:5c:7b:da:e7:bf:00:9a:f3:21:9f: 93:1e:90:06:11:7a:4c:6c:38:11:93:b2:e6:53:47: d4:12:5f:1b:e4:27:dd:4e:0d:9d:26:bf:af:22:6e: c2:99 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4B:46:2C:34:7C:63:82:94:A5:80:A5:A6:FD:E8:53:45:A4:07:7E:98 X509v3 Authority Key Identifier: keyid:39:2F:C2:27:EE:CC:5A:62:15:72:FA:DA:AC:65:1A:3C:EB:B2:16:3C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9115C2E/38D1401C834811EAA7C47576C4F9AE02/OS_CJ-7MWmIVcvrarGUaPOuyFjw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OS_CJ-7MWmIVcvrarGUaPOuyFjw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9115C2E/38D1401C834811EAA7C47576C4F9AE02/E35939C2261711EC9990A750C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.247.172.0/22 45.117.36.0/22 103.254.132.0/22 114.134.0.0/20 116.90.76.0/22 124.248.128.0/20 163.47.240.0/22 202.36.75.0/24 202.37.168.0/24 202.49.36.0/24 IPv6: 2400:bd00::/32 Signature Algorithm: sha256WithRSAEncryption 8e:41:2d:e1:c4:46:76:05:2c:29:81:b3:e0:e6:77:d9:73:2f: 0f:62:53:57:ae:8d:2d:b6:02:8e:cd:b1:d9:cf:11:61:3e:14: 18:cd:15:75:8f:f2:61:49:1a:1e:1b:3f:fc:e4:10:ad:f3:04: e8:35:19:cc:7b:47:f6:d9:80:0c:5a:cb:09:7e:04:7f:9b:49: 92:39:42:eb:7f:2d:30:ff:0b:77:8e:55:8c:f8:6d:55:5a:22: 8f:a3:df:a2:96:2a:70:e8:f9:e8:bc:0c:5f:52:fe:9e:ec:ff: 28:b9:2b:5f:8d:60:5b:a3:d4:3c:4a:c8:a0:d2:66:b5:81:23: cd:33:53:8b:ed:e4:4c:4f:5b:40:ff:2d:e1:a2:35:37:85:0c: 78:3a:5f:16:a0:81:64:02:db:40:e9:de:06:0f:70:de:06:e1: fc:d0:ac:8a:0f:10:63:2b:aa:d0:36:fb:62:43:54:77:1d:8c: cc:73:37:92:d6:51:5e:f0:6a:72:69:8f:68:9f:f8:37:2b:9c: c1:0c:0c:f1:19:b9:56:fb:c7:fd:86:c3:3b:c9:8e:a5:0d:b7: b3:01:a6:24:e3:da:dd:80:45:fa:00:a6:dc:fa:d2:16:05:a9: 7f:2d:a1:22:e2:43:df:25:3f:be:da:04:b0:b8:8f:e4:71:05: b1:e9:35:f1 -----BEGIN CERTIFICATE----- MIIFtjCCBJ6gAwIBAgICCOkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MTVDMkUxMTAvBgNVBAUTKDM5MkZDMjI3RUVDQzVBNjIxNTcyRkFEQUFDNjUxQTND RUJCMjE2M0MwHhcNMjQwMzA0MjExOTQyWhcNMjUwNTAxMDAwMDAwWjAYMRYwFAYD VQQDEw02NWU2M2FlZS1kODhlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAyK/Bgu/zHoHk56wEcuaKXqeAsAp1apQ3Zo5SWc/J7ugUzobXi7qdIxHKyUKQ G701CnZk5Sz1UzBRCCjgtYZhXi4kxuI1Qe8CEhsMwLRaU6gHLlxcGT7aIxJENeW2 7jR8PCM+ufVR5DYbuwAbHscRs5VY17lmh2O3I3T2yOUcrTZwf11SFrfKZBYqqRBg YXVotRhExPj0q28oo/oWySCjcaDggjF03DKuABFH8e7kyTKM5ZGPpooQ7DOStE0H eRw9uJfUJidjiUdAGTujl60wsz+c9Z7hUFx72ue/AJrzIZ+THpAGEXpMbDgRk7Lm U0fUEl8b5CfdTg2dJr+vIm7CmQIDAQABo4IC2jCCAtYwHQYDVR0OBBYEFEtGLDR8 Y4KUpYClpv3oU0WkB36YMB8GA1UdIwQYMBaAFDkvwifuzFpiFXL62qxlGjzrshY8 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExNUMyRS8zOEQxNDAxQzgz NDgxMUVBQTdDNDc1NzZDNEY5QUUwMi9PU19DSi03TVdtSVZjdnJhckdVYVBPdXlG ancuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL09TX0NKLTdNV21JVmN2cmFyR1VhUE91eUZqdy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MTVDMkUvMzhEMTQwMUM4MzQ4MTFFQUE3QzQ3NTc2QzRGOUFFMDIvRTM1OTM5QzIy NjE3MTFFQzk5OTBBNzUwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwZAYIKwYBBQUHAQcBAf8E VTBTMEIEAgABMDwDBAIr96wDBAItdSQDBAJn/oQDBARyhgADBAJ0WkwDBAR8+IAD BAKjL/ADBADKJEsDBADKJagDBADKMSQwDQQCAAIwBwMFACQAvQAwDQYJKoZIhvcN AQELBQADggEBAI5BLeHERnYFLCmBs+Dmd9lzLw9iU1eujS22Ao7NsdnPEWE+FBjN FXWP8mFJGh4bP/zkEK3zBOg1Gcx7R/bZgAxaywl+BH+bSZI5Qut/LTD/C3eOVYz4 bVVaIo+j36KWKnDo+ei8DF9S/p7s/yi5K1+NYFuj1DxKyKDSZrWBI80zU4vt5ExP W0D/LeGiNTeFDHg6XxaggWQC20Dp3gYPcN4G4fzQrIoPEGMrqtA2+2JDVHcdjMxz N5LWUV7wanJpj2if+DcrnMEMDPEZuVb7x/2GwzvJjqUNt7MBpiTj2t2ARfoAptz6 0hYFqX8toSLiQ98lP77aBLC4j+RxBbHpNfE= -----END CERTIFICATE-----Generated at Tue May 28 22:51:15 2024 by rpki-client on console-ams.rpki-client.org