$ rpki-client -vvf rpki.apnic.net/member_repository/A9120AC1/48017D38309711ECB285A64BC4F9AE02/EDB1F68E3C8811EC889B9D78C4F9AE02.roa File: EDB1F68E3C8811EC889B9D78C4F9AE02.roa (raw, json) Hash identifier: M28GSpsob0GcZZ2QTl/qwtN101CbqZ2q8yG6EV5VT+A= Subject key identifier: 11:71:04:AB:2C:18:2C:C7:12:6D:DE:38:D9:25:E5:0C:B2:43:13:51 Certificate issuer: /CN=A9120AC1/serialNumber=8F2BD4C12636F0059B408D0716AF32C8F54069A5 Certificate serial: 03B8 Authority key identifier: 8F:2B:D4:C1:26:36:F0:05:9B:40:8D:07:16:AF:32:C8:F5:40:69:A5 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/jyvUwSY28AWbQI0HFq8yyPVAaaU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9120AC1/48017D38309711ECB285A64BC4F9AE02/EDB1F68E3C8811EC889B9D78C4F9AE02.roa Signing time: Wed 17 Jan 2024 02:03:55 +0000 ROA not before: Wed 17 Jan 2024 02:03:55 +0000 ROA not after: Mon 31 Mar 2025 00:00:00 +0000 asID: 45753 IP address blocks: 43.225.196.0/22 maxlen: 22 43.225.196.0/24 maxlen: 24 43.225.197.0/24 maxlen: 24 43.225.198.0/24 maxlen: 24 43.225.199.0/24 maxlen: 24 103.44.160.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9120AC1/48017D38309711ECB285A64BC4F9AE02/jyvUwSY28AWbQI0HFq8yyPVAaaU.crl rsync://rpki.apnic.net/member_repository/A9120AC1/48017D38309711ECB285A64BC4F9AE02/jyvUwSY28AWbQI0HFq8yyPVAaaU.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/jyvUwSY28AWbQI0HFq8yyPVAaaU.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 15 May 2024 02:42:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 952 (0x3b8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9120AC1/serialNumber=8F2BD4C12636F0059B408D0716AF32C8F54069A5 Validity Not Before: Jan 17 02:03:55 2024 GMT Not After : Mar 31 00:00:00 2025 GMT Subject: CN=65a7358a-8f1a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:bb:a4:03:88:2c:c6:6e:47:aa:01:25:3a:c1: d5:82:1d:c6:90:8a:f2:25:c3:bb:eb:f3:c7:bd:04: d5:1e:d9:a0:94:9d:68:41:d3:b0:bd:a6:ec:db:3a: a7:18:55:5c:dc:da:39:24:41:bf:53:f2:92:25:b2: 0c:84:e9:91:73:f0:d4:f8:01:61:cd:fa:e3:22:66: ce:30:44:11:b2:33:94:48:32:ad:32:c3:46:ce:96: 48:72:23:b0:44:be:dd:21:4a:c4:d6:7c:fe:26:c2: 94:d0:40:b5:12:1e:c7:02:a9:1c:a6:47:ae:6b:fe: a1:0a:fd:78:8a:05:8e:00:fd:d0:3e:50:50:35:9d: 07:ee:ec:b7:93:4a:17:08:a9:e2:92:01:4e:99:9e: cb:89:59:d1:dd:a4:3c:76:0c:59:b6:91:73:ad:b2: fd:43:32:1a:25:7f:2e:e8:5a:29:31:b0:39:9d:77: 15:35:46:93:fa:04:fe:30:6d:95:d0:6e:aa:4a:ad: 71:c6:71:cb:51:50:aa:7d:85:9c:0c:51:8c:89:47: 8d:0c:1a:52:74:cc:4f:fe:1c:ce:b4:d0:5d:72:15: e0:4b:1b:10:27:29:15:7d:6d:26:ca:ee:e2:dd:a2: 95:25:90:ff:ec:19:c0:43:40:f1:62:85:01:77:6b: 58:a1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 11:71:04:AB:2C:18:2C:C7:12:6D:DE:38:D9:25:E5:0C:B2:43:13:51 X509v3 Authority Key Identifier: keyid:8F:2B:D4:C1:26:36:F0:05:9B:40:8D:07:16:AF:32:C8:F5:40:69:A5 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9120AC1/48017D38309711ECB285A64BC4F9AE02/jyvUwSY28AWbQI0HFq8yyPVAaaU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/jyvUwSY28AWbQI0HFq8yyPVAaaU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9120AC1/48017D38309711ECB285A64BC4F9AE02/EDB1F68E3C8811EC889B9D78C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.225.196.0/22 103.44.160.0/22 Signature Algorithm: sha256WithRSAEncryption 42:b4:8c:b9:ac:dc:f0:d5:f7:ce:8b:80:3e:6a:f8:30:89:79: 9d:52:e3:e5:ca:df:34:5b:0c:fe:9b:e6:ee:b9:ba:0e:53:2b: 70:fd:de:ed:71:c2:77:60:09:75:85:c1:0f:51:73:33:04:68: 22:a1:5c:ea:46:ec:aa:73:6c:a3:31:e9:b1:77:d9:51:bb:2d: 31:e0:8c:10:0c:17:cd:e9:8f:27:83:09:5c:05:de:4d:9f:6b: e5:05:74:1d:0d:c5:a9:c9:eb:10:10:82:89:90:f3:05:ed:c5: 97:82:1a:d5:0d:fc:66:d8:70:8c:bd:86:f7:4c:a2:42:18:13: 67:fe:95:e1:2d:68:d2:8e:ef:42:35:68:19:6b:59:18:51:b6: c4:58:6b:bf:83:42:98:c1:61:0a:22:92:c3:7f:7d:90:15:7e: ac:f0:14:3e:ed:79:aa:70:d2:60:39:b7:11:0f:46:fd:a2:b3: f2:f3:24:ca:34:8d:9e:fc:80:c6:c9:18:70:3c:01:03:8d:9e: eb:30:5f:c9:02:ba:cd:5f:5b:ce:40:ab:b4:f0:52:88:dd:d6: 78:04:21:be:1c:66:84:50:9a:ab:37:50:28:26:ab:c3:1c:72: 2d:b7:5f:83:a9:cb:8a:ea:52:f6:b6:75:be:76:c3:a6:e0:c1: 13:23:96:93 -----BEGIN CERTIFICATE----- MIIFdzCCBF+gAwIBAgICA7gwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MjBBQzExMTAvBgNVBAUTKDhGMkJENEMxMjYzNkYwMDU5QjQwOEQwNzE2QUYzMkM4 RjU0MDY5QTUwHhcNMjQwMTE3MDIwMzU1WhcNMjUwMzMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NWE3MzU4YS04ZjFhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAurukA4gsxm5HqgElOsHVgh3GkIryJcO76/PHvQTVHtmglJ1oQdOwvabs2zqn GFVc3No5JEG/U/KSJbIMhOmRc/DU+AFhzfrjImbOMEQRsjOUSDKtMsNGzpZIciOw RL7dIUrE1nz+JsKU0EC1Eh7HAqkcpkeua/6hCv14igWOAP3QPlBQNZ0H7uy3k0oX CKnikgFOmZ7LiVnR3aQ8dgxZtpFzrbL9QzIaJX8u6FopMbA5nXcVNUaT+gT+MG2V 0G6qSq1xxnHLUVCqfYWcDFGMiUeNDBpSdMxP/hzOtNBdchXgSxsQJykVfW0myu7i 3aKVJZD/7BnAQ0DxYoUBd2tYoQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFBFxBKss GCzHEm3eONkl5QyyQxNRMB8GA1UdIwQYMBaAFI8r1MEmNvAFm0CNBxavMsj1QGml MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyMEFDMS80ODAxN0QzODMw OTcxMUVDQjI4NUE2NEJDNEY5QUUwMi9qeXZVd1NZMjhBV2JRSTBIRnE4eXlQVkFh YVUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2p5dlV3U1kyOEFXYlFJMEhGcTh5eVBWQWFhVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MjBBQzEvNDgwMTdEMzgzMDk3MTFFQ0IyODVBNjRCQzRGOUFFMDIvRURCMUY2OEUz Qzg4MTFFQzg4OUI5RDc4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E FjAUMBIEAgABMAwDBAIr4cQDBAJnLKAwDQYJKoZIhvcNAQELBQADggEBAEK0jLms 3PDV986LgD5q+DCJeZ1S4+XK3zRbDP6b5u65ug5TK3D93u1xwndgCXWFwQ9RczME aCKhXOpG7KpzbKMx6bF32VG7LTHgjBAMF83pjyeDCVwF3k2fa+UFdB0NxanJ6xAQ gomQ8wXtxZeCGtUN/GbYcIy9hvdMokIYE2f+leEtaNKO70I1aBlrWRhRtsRYa7+D QpjBYQoiksN/fZAVfqzwFD7teapw0mA5txEPRv2is/LzJMo0jZ78gMbJGHA8AQON nuswX8kCus1fW85Aq7TwUojd1ngEIb4cZoRQmqs3UCgmq8Mcci23X4Opy4rqUva2 db52w6bgwRMjlpM= -----END CERTIFICATE-----Generated at Sat May 11 03:57:05 2024 by rpki-client on console-fra.rpki-client.org