$ rpki-client -vvf rpki.apnic.net/member_repository/A911C6E1/A57D86D8E7DE11EC8D8C5C5DC4F9AE02/43CEF64C5E7111EDAD328E21C4F9AE02.roa File: 43CEF64C5E7111EDAD328E21C4F9AE02.roa (raw, json) Hash identifier: CMs488Hhl5oLPF4YmVkuRaqJu0RzsjH0FTfUHm+gkes= Subject key identifier: 09:D9:14:48:DB:BD:81:F2:01:5D:5E:5A:77:72:53:E7:A4:6C:45:F3 Certificate issuer: /CN=A911C6E1/serialNumber=E34B28542056CE9E0650FEFC0AB124216CB5F9C1 Certificate serial: 0280 Authority key identifier: E3:4B:28:54:20:56:CE:9E:06:50:FE:FC:0A:B1:24:21:6C:B5:F9:C1 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/40soVCBWzp4GUP78CrEkIWy1-cE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A911C6E1/A57D86D8E7DE11EC8D8C5C5DC4F9AE02/43CEF64C5E7111EDAD328E21C4F9AE02.roa Signing time: Wed 13 Nov 2024 01:04:32 +0000 ROA not before: Wed 13 Nov 2024 01:04:32 +0000 ROA not after: Sat 31 Jan 2026 00:00:00 +0000 asID: 55002 IP address blocks: 43.230.60.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A911C6E1/A57D86D8E7DE11EC8D8C5C5DC4F9AE02/40soVCBWzp4GUP78CrEkIWy1-cE.crl rsync://rpki.apnic.net/member_repository/A911C6E1/A57D86D8E7DE11EC8D8C5C5DC4F9AE02/40soVCBWzp4GUP78CrEkIWy1-cE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/40soVCBWzp4GUP78CrEkIWy1-cE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 21 Feb 2025 05:15:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 640 (0x280) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A911C6E1 Validity Not Before: Nov 13 01:04:32 2024 GMT Not After : Jan 31 00:00:00 2026 GMT Subject: CN=6733fb20-4d0b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:cf:d7:54:69:a3:a1:27:c5:ec:0d:ac:ab:7d: b0:21:28:c2:d5:c5:2c:1d:be:86:5f:95:bb:1c:56: 9f:25:19:7f:5f:7b:b5:ea:3c:fd:8a:45:95:af:a0: d1:81:52:6e:f6:b2:cf:65:3c:f3:29:3d:1b:a6:19: 75:24:8b:4d:dd:04:7e:88:89:0f:51:47:2a:03:ec: 1c:57:5d:1e:4a:ba:e7:8b:de:65:55:05:3a:c4:71: 2c:1a:93:c8:06:e4:cb:57:26:f9:6b:12:75:58:9f: cf:da:85:ec:52:b8:be:6a:69:7d:73:47:c3:68:d6: d5:dc:55:6f:79:5b:81:b3:81:dc:75:34:92:ba:00: 3b:48:16:cf:0d:40:e2:67:9b:0f:b2:aa:23:51:b2: 9b:6c:ac:ee:de:a0:4b:30:be:10:c6:b9:20:62:9d: 33:92:0d:38:96:68:b6:3c:eb:6e:8d:26:66:c6:a8: f1:bb:e3:0c:d8:3b:b7:a7:31:47:81:d2:cd:ec:55: 2b:dd:1e:80:1e:79:36:92:d2:87:e2:7a:80:24:5b: 0b:9f:4c:f5:c4:f9:04:ba:89:5b:86:dc:79:ee:5a: 53:13:eb:44:f8:f1:a3:14:1e:26:21:03:f1:7d:1e: 83:c0:30:32:95:ac:95:77:ef:25:90:ff:91:08:45: f2:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 09:D9:14:48:DB:BD:81:F2:01:5D:5E:5A:77:72:53:E7:A4:6C:45:F3 X509v3 Authority Key Identifier: keyid:E3:4B:28:54:20:56:CE:9E:06:50:FE:FC:0A:B1:24:21:6C:B5:F9:C1 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A911C6E1/A57D86D8E7DE11EC8D8C5C5DC4F9AE02/40soVCBWzp4GUP78CrEkIWy1-cE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/40soVCBWzp4GUP78CrEkIWy1-cE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911C6E1/A57D86D8E7DE11EC8D8C5C5DC4F9AE02/43CEF64C5E7111EDAD328E21C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.230.60.0/22 Signature Algorithm: sha256WithRSAEncryption 62:c5:df:46:a9:ce:e8:cf:67:73:f1:8b:21:04:fc:b5:17:fe: 27:8b:c7:47:94:18:6a:ef:52:36:10:00:8d:ef:8d:1d:21:20: 7c:90:0f:eb:87:2d:cf:7b:9e:fa:ab:3a:07:7c:be:f3:b0:5b: 2c:86:6b:31:5a:8c:51:99:6b:67:93:e5:40:08:b9:88:44:85: cc:e8:12:28:3b:9b:93:bf:6c:65:ce:df:dc:bd:c0:c9:aa:ff: b1:09:b8:7f:cb:03:7e:78:f4:18:42:81:63:21:72:e9:58:f8: f7:db:65:53:6e:58:1a:e3:fc:47:5e:0a:62:5e:39:09:8b:0e: 51:99:f8:6c:f7:01:51:77:3c:97:65:1a:97:b1:06:f0:3b:80: 62:06:ae:76:bb:6b:23:ea:22:73:63:ab:ca:a6:94:41:c3:01: ab:9c:3c:97:37:65:cb:c1:d9:6e:a2:f8:97:78:f6:36:0b:c3: 7b:36:8d:d6:26:70:f6:29:49:75:61:59:66:82:95:ec:e1:c9: 35:5b:85:34:a6:1c:e1:d2:89:e3:34:78:f9:e5:d5:d8:94:78: dc:5c:19:83:33:6b:8f:44:8b:6d:f2:39:40:ce:6e:b8:b2:ec: 89:2c:46:bb:10:f3:70:62:25:1e:41:62:b2:0c:4e:e4:87:cb: da:9a:62:98 -----BEGIN CERTIFICATE----- MIIFcTCCBFmgAwIBAgICAoAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MUM2RTExMTAvBgNVBAUTKEUzNEIyODU0MjA1NkNFOUUwNjUwRkVGQzBBQjEyNDIx NkNCNUY5QzEwHhcNMjQxMTEzMDEwNDMyWhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NzMzZmIyMC00ZDBiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAss/XVGmjoSfF7A2sq32wISjC1cUsHb6GX5W7HFafJRl/X3u16jz9ikWVr6DR gVJu9rLPZTzzKT0bphl1JItN3QR+iIkPUUcqA+wcV10eSrrni95lVQU6xHEsGpPI BuTLVyb5axJ1WJ/P2oXsUri+aml9c0fDaNbV3FVveVuBs4HcdTSSugA7SBbPDUDi Z5sPsqojUbKbbKzu3qBLML4QxrkgYp0zkg04lmi2POtujSZmxqjxu+MM2Du3pzFH gdLN7FUr3R6AHnk2ktKH4nqAJFsLn0z1xPkEuolbhtx57lpTE+tE+PGjFB4mIQPx fR6DwDAylayVd+8lkP+RCEXyKwIDAQABo4IClTCCApEwHQYDVR0OBBYEFAnZFEjb vYHyAV1eWndyU+ekbEXzMB8GA1UdIwQYMBaAFONLKFQgVs6eBlD+/AqxJCFstfnB MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQzZFMS9BNTdEODZEOEU3 REUxMUVDOEQ4QzVDNURDNEY5QUUwMi80MHNvVkNCV3pwNEdVUDc4Q3JFa0lXeTEt Y0UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzQwc29WQ0JXenA0R1VQNzhDckVrSVd5MS1jRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MUM2RTEvQTU3RDg2RDhFN0RFMTFFQzhEOEM1QzVEQzRGOUFFMDIvNDNDRUY2NEM1 RTcxMTFFREFEMzI4RTIxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E EDAOMAwEAgABMAYDBAIr5jwwDQYJKoZIhvcNAQELBQADggEBAGLF30apzujPZ3Px iyEE/LUX/ieLx0eUGGrvUjYQAI3vjR0hIHyQD+uHLc97nvqrOgd8vvOwWyyGazFa jFGZa2eT5UAIuYhEhczoEig7m5O/bGXO39y9wMmq/7EJuH/LA3549BhCgWMhculY +PfbZVNuWBrj/EdeCmJeOQmLDlGZ+Gz3AVF3PJdlGpexBvA7gGIGrna7ayPqInNj q8qmlEHDAaucPJc3ZcvB2W6i+Jd49jYLw3s2jdYmcPYpSXVhWWaClezhyTVbhTSm HOHSieM0ePnl1diUeNxcGYMza49Ei23yOUDObriy7IksRrsQ83BiJR5BYrIMTuSH y9qaYpg= -----END CERTIFICATE-----Generated at Sun Feb 16 15:03:47 2025 by rpki-client